commit tomcat for openSUSE:Factory

h_root Mon, 22 Sep 2014 00:23:08 -0700

Hello community,

here is the log from the commit of package tomcat for openSUSE:Factory checked 
in at 2014-09-22 09:22:54
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/tomcat (Old)
 and      /work/SRC/openSUSE:Factory/.tomcat.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "tomcat"

Changes:
--------
--- /work/SRC/openSUSE:Factory/tomcat/tomcat.changes    2014-09-09 
06:21:27.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.tomcat.new/tomcat.changes       2014-09-22 
09:22:55.000000000 +0200
@@ -1,0 +2,25 @@
+Wed Sep 17 11:28:46 UTC 2014 - [email protected]
+
+- SLE12 has different path for the "rm" command than older versions.
+  To avoid possible clashes, the entire coreutils must be provided.
+  (bnc#894292)
+
+-------------------------------------------------------------------
+Tue Sep 16 16:09:59 UTC 2014 - [email protected]
+
+- Fixed Security Manager policies, which makes unable properly
+  run webapps by default. (bnc#891264)
+  Added: tomcat-7.0-sle.catalina.policy.patch
+
+-------------------------------------------------------------------
+Tue Sep 16 14:13:20 UTC 2014 - [email protected]
+
+- Missing security manager policy file prevents Tomcat to start
+  with systemd. (bnc#890995)
+
+-------------------------------------------------------------------
+Mon Sep 15 13:02:02 UTC 2014 - [email protected]
+
+- Tomcat 7.0.55 requires ecj 4.4.0
+
+-------------------------------------------------------------------

New:
----
  tomcat-7.0-sle.catalina.policy.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ tomcat.spec ++++++
--- /var/tmp/diff_new_pack.SnIE4y/_old  2014-09-22 09:22:56.000000000 +0200
+++ /var/tmp/diff_new_pack.SnIE4y/_new  2014-09-22 09:22:56.000000000 +0200
@@ -72,9 +72,11 @@
 Patch2:         tomcat-7.0.52-property-build.windows.patch
 # PATCH-FIX-UPSTREAM: https://issues.apache.org/bugzilla/show_bug.cgi?id=56373
 Patch3:         tomcat-7.0.53-JDTCompiler-java.patch
+# PATCH-FIX-SLE: Change security manager default policies bnc#891264
+Patch4:         tomcat-7.0-sle.catalina.policy.patch
 BuildRequires:  ant >= 1.8.1
 BuildRequires:  ant-antlr
-BuildRequires:  ecj >= 4.2.1
+BuildRequires:  ecj >= 4.4.0
 BuildRequires:  fdupes
 BuildRequires:  findutils
 BuildRequires:  geronimo-jaf-1_0_2-api
@@ -205,9 +207,9 @@
 Requires:       %{name}-el-%{elspec}-api = %{version}-%{release}
 Requires:       %{name}-jsp-%{jspspec}-api = %{version}-%{release}
 Requires:       %{name}-servlet-%{servletspec}-api = %{version}-%{release}
-Requires(post): ecj >= 4.2.1
+Requires(post): ecj >= 4.4
 Requires(post): jakarta-commons-pool-tomcat5
-Requires(preun): %{_bindir}/rm
+Requires(preun): coreutils
 Provides:       jakarta-commons-dbcp-tomcat5 = 1.4
 Obsoletes:      jakarta-commons-dbcp-tomcat5 < 1.4
 
@@ -249,6 +251,8 @@
 %patch1 -p1
 %patch2 -p1
 %patch3
+%patch4 -p1
+
 # remove date from docs
 sed -i -e '/build-date/ d' webapps/docs/tomcat-docs.xsl
 


++++++ tomcat-7.0-sle.catalina.policy.patch ++++++
diff -Naur apache-tomcat-7.0.55-src/conf/catalina.policy 
apache-tomcat-7.0.55-src.new/conf/catalina.policy
--- apache-tomcat-7.0.55-src/conf/catalina.policy       2014-07-18 
16:49:04.000000000 +0200
+++ apache-tomcat-7.0.55-src.new/conf/catalina.policy   2014-09-16 
17:49:07.963129705 +0200
@@ -95,6 +95,7 @@
         //  ${file.separator}classes${file.separator}logging.properties", 
"read";
 };
 
+
 // These permissions apply to the server startup code
 grant codeBase "file:${catalina.home}/bin/bootstrap.jar" {
         permission java.security.AllPermission;
@@ -107,7 +108,6 @@
         permission java.security.AllPermission;
 };
 
-
 // If using a per instance lib directory, i.e. ${catalina.base}/lib,
 // then the following permission will need to be uncommented
 // grant codeBase "file:${catalina.base}/lib/-" {
@@ -162,6 +162,9 @@
     permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.tomcat";
 
     // Precompiled JSPs need access to these packages.
+    permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.jasper";
+    permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.jasper.servlet";
+    permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.jasper.compiler";
     permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.jasper.el";
     permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.jasper.runtime";
     permission java.lang.RuntimePermission
@@ -214,6 +217,15 @@
     permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.catalina.util";
 };
 
+// Additional basic permissions for web applications.
+grant codeBase "file:/usr/share/java/tomcat-servlet-api.jar" {
+       permission java.security.AllPermission;
+};
+
+grant codeBase "file:/usr/share/java/tomcat-el-api.jar" {
+        permission java.security.AllPermission;
+};
+
 // You can assign additional permissions to particular web applications by
 // adding additional "grant" entries here, based on the code base for that
 // application, /WEB-INF/classes/, or /WEB-INF/lib/ jar files.
@@ -245,4 +257,3 @@
 // grant codeBase 
"jar:file:${catalina.base}/webapps/examples/WEB-INF/lib/scrape.jar!/-" {
 //      permission java.net.SocketPermission "*.noaa.gov:80", "connect";
 // };
-
++++++ tomcat-7.0-tomcat-sysd ++++++
--- /var/tmp/diff_new_pack.SnIE4y/_old  2014-09-22 09:22:56.000000000 +0200
+++ /var/tmp/diff_new_pack.SnIE4y/_new  2014-09-22 09:22:56.000000000 +0200
@@ -60,8 +60,10 @@
 
     if [[ "$SECURITY_MANAGER" = "true" ]]; then
         DSECURITY_MANAGER="-Djava.security.manager"
+        
DSECURITY_POLICY="-Djava.security.policy=${CATALINA_BASE}/conf/catalina.policy"
     else
         unset DSECURITY_MANAGER
+        unset DSECURITY_POLICY
     fi
 
     if ${USE_JSVC}; then
@@ -76,7 +78,7 @@
         -Dcatalina.base="$CATALINA_BASE" \
         -Dcatalina.home="$CATALINA_HOME" \
         -Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" \
-        -Djava.io.tmpdir="$CATALINA_TMPDIR" ${DSECURITY_MANAGER} \
+        -Djava.io.tmpdir="$CATALINA_TMPDIR" ${DSECURITY_MANAGER} 
${DSECURITY_POLICY} \
         
-Djava.util.logging.config.file="${CATALINA_BASE}/conf/logging.properties" \
         -Djava.util.logging.manager="org.apache.juli.ClassLoaderLogManager" \
         org.apache.catalina.startup.Bootstrap start

-- 
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

commit tomcat for openSUSE:Factory

Reply via email to