Apache builds are pretty easy. The make install target leaves the existing configuration and data files in-tact. Unless you are moving from one major version to the next (e.g., 2.0 to 2.2), there is really nothing to do.
With Tomcat there are a few configuration files (web.xml, server.xml, etc.) you need to retain. I don't use the auto-deploy feature of Tomcat (on the Tomcat instances that use the Remedy api I disable the auto-deploy feature due to issues that arise with JNI and auto-deployments), but instead opt to place the mid-tier outside the Tomcat installation directory, then all I have to do is make sure I retain the deployment descriptor (arsys.xml and context.xml in my case). The inittab entries for all the above are stored in /etc/init.d, so no work to do there either. I generally create a versioned subdirectory (e.g., apache-2.2.24, tomcat-6.0.21) and then create a symlink without the version (e.g., apache, tomcat) in the place where the components are installed. This way the inittab entries and envvars continue to work, I can also easily switch between versions of the various components by repointing the symlink. I do the same with Java as well. It makes upgrading/patching painless. I always reference apache in /some/patch/to/apache and not /some/path/to/apache-2.2.24 in scripts, environment variables, etc. I can't speak to Windows though, as Windows like to bury things in it's registry in ways that I am not inclined to learn. Hope that helps. Axton Grams The opinions, statements, and/or suggested courses of action expressed in this E-mail do not necessarily reflect those of BMC Software, Inc. My voluntary participation in this forum is not intended to convey a role as a spokesperson, liaison or public relations representative for BMC Software, Inc. On Sat, Feb 19, 2011 at 2:21 PM, Patrick Zandi <[email protected]> wrote: > Yes sir, > I have built them with and without installer apache the separated > application. > However, have you took an installation with ssl and all tweaked, then > install a newer apache and take the files needed and plop them into that > onstage or apache. If so do you have an approach or steps to remind yourself > -- that you would share. I think it can be done fairly straight forwardly > but there might be a few issues along the way. > > Sent from my iPhone > > On Feb 19, 2011, at 1:57 PM, Axton <[email protected]> wrote: > > With all infrastructure components (Apache, Tomcat, etc.) that come bundled > with software stacks I suggest maintaining the infrastructure separate from > the actual applications. I look at the bundled components as a helper to > get things easily deployed (for the purposes of a reference implementation, > demos, etc.) but not as a production ready application stack. There are > some vendors that only support their software on the bundled Tomcat/JBoss, > etc., in my opinion, this is a horrible practice because they rarely (if > ever) keep up with security related issues with the bundled infrastructure > components. > > If you look at the midtier patches (historically) have you ever seen one > with patch files for the bundled Tomcat? If you look at the release cycle > of Tomcat, how many times a year are security fixes released > (search the pages for CVE)? > <http://tomcat.apache.org/tomcat-7.0-doc/changelog.html> > http://tomcat.apache.org/tomcat-7.0-doc/changelog.html > <http://tomcat.apache.org/tomcat-6.0-doc/changelog.html> > http://tomcat.apache.org/tomcat-6.0-doc/changelog.html > <http://tomcat.apache.org/tomcat-5.5-doc/changelog.html> > http://tomcat.apache.org/tomcat-5.5-doc/changelog.html > > Or for the short list: > <http://tomcat.apache.org/security-7.html> > http://tomcat.apache.org/security-7.html > <http://tomcat.apache.org/security-6.html> > http://tomcat.apache.org/security-6.html > <http://tomcat.apache.org/security-5.html> > http://tomcat.apache.org/security-5.html > > This is just my opinion based on my observations of common practices of > software vendors en masse. I'm sure there are software vendors that > maintain the full bundled application stack, but from my observations this > is the exception rather than the norm. > > Just out of curiosity, can people post the version (major, minor) of Tomcat > bundled with the mid-tier, esp. those that used the patch installer to build > their mid-tier servers? > > Axton Grams > > The opinions, statements, and/or suggested courses of action expressed in > this E-mail do not necessarily reflect those of BMC Software, Inc. My > voluntary participation in this forum is not intended to convey a role as a > spokesperson, liaison or public relations representative for BMC Software, > Inc. > > On Fri, Feb 18, 2011 at 11:45 AM, patrick zandi < <[email protected]> > [email protected]> wrote: > >> ** but I am also reading that the only fix action is going to the tomcat >> 7.08 or 6.0.32 ... only... >> Anyone worked on this one.. >> >> On Fri, Feb 18, 2011 at 12:42 PM, patrick zandi < <[email protected]> >> [email protected]> wrote: >> >>> Wait I see it is pointing to /examples Didn't BMC delete that? I think >>> they did.. so I guess it would not matter. >>> >>> >>> >>> On Fri, Feb 18, 2011 at 12:39 PM, patrick zandi < <[email protected]> >>> [email protected]> wrote: >>> >>>> <http://nvd.nist.gov/nvd.cfm?cvename=CAN-2002-0682> >>>> http://nvd.nist.gov/nvd.cfm?cvename=CAN-2002-0682 >>>> >>>> So this attach affects all tomcats 5, 6, 7 => does anyone know if it is >>>> affecting their midtiers? >>>> Also is BMC recommending this? or are they coming out with their own >>>> patch? >>>> >>>> <insert Dave's answer here> >>>> >>>> Just wondering.. >>>> -- >>>> Patrick Zandi >>>> >>> >>> >>> >>> -- >>> Patrick Zandi >>> >> >> >> >> -- >> Patrick Zandi >> _attend WWRUG11 <http://www.wwrug.com>www.wwrug.com ARSlist: "Where the >> Answers Are"_ >> > > _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: "Where the Answers Are"
