commit tomcat for openSUSE:Factory

root Fri, 31 Jul 2020 06:59:00 -0700

Hello community,

here is the log from the commit of package tomcat for openSUSE:Factory checked 
in at 2020-07-31 15:55:04
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/tomcat (Old)
 and      /work/SRC/openSUSE:Factory/.tomcat.new.3592 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "tomcat"

Fri Jul 31 15:55:04 2020 rev:70 rq:823636 version:9.0.36

Changes:
--------
--- /work/SRC/openSUSE:Factory/tomcat/tomcat.changes    2020-06-26 
21:49:53.622686493 +0200
+++ /work/SRC/openSUSE:Factory/.tomcat.new.3592/tomcat.changes  2020-07-31 
15:58:46.356448400 +0200
@@ -1,0 +2,10 @@
+Wed Jul 29 20:48:14 UTC 2020 - Matei Albu <ma...@suse.com>
+
+- Don't give write permissions for the tomcat group on files and
+  directories where it's not needed (bsc#1172562)
+- Change tomcat.pid location from /var/run to /run (bsc#1173103)
+- Use the /sbin/nologin shell when creating the tomcat user
+- Use %tmpfiles_create macro in %post instead of calling
+  systemd-tmpfiles directly
+
+-------------------------------------------------------------------

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ tomcat.spec ++++++
--- /var/tmp/diff_new_pack.S1CdEq/_old  2020-07-31 15:58:54.180451087 +0200
+++ /var/tmp/diff_new_pack.S1CdEq/_new  2020-07-31 15:58:54.184451091 +0200
@@ -335,7 +335,6 @@
 install -d -m 0755 %{buildroot}%{_sbindir}
 install -d -m 0755 %{buildroot}%{_javadocdir}/%{name}
 install -d -m 0755 %{buildroot}%{_initddir}
-install -d -m 0755 %{buildroot}%{_systemddir}
 install -d -m 0755 %{buildroot}%{_sysconfdir}/logrotate.d
 install -d -m 0755 %{buildroot}%{_sysconfdir}/sysconfig
 install -d -m 0755 %{buildroot}%{appdir}
@@ -343,7 +342,7 @@
 install -d -m 0755 %{buildroot}%{bindir}
 install -d -m 0775 %{buildroot}%{confdir}
 install -d -m 0755 %{buildroot}%{cachedir}/Catalina/localhost
-install -d -m 0775 %{buildroot}%{confdir}/conf.d
+install -d -m 0755 %{buildroot}%{confdir}/conf.d
 /bin/echo "Place your custom *.conf files here. Shell expansion is supported." 
> %{buildroot}%{confdir}/conf.d/README
 install -d -m 0755 %{buildroot}%{libdir}
 install -d -m 0775 %{buildroot}%{logdir}
@@ -575,7 +574,7 @@
 
 mkdir -p %{buildroot}%{_tmpfilesdir}
 cat > %{buildroot}%{_tmpfilesdir}/%{name}.conf <<EOF
-f %{_localstatedir}/run/%{name}.pid 0644 tomcat tomcat -
+f /run/%{name}.pid 0644 tomcat tomcat -
 EOF
 
 # Install tool used to edit server.xml
@@ -589,13 +588,14 @@
 # add the tomcat user and group
 %{_sbindir}/groupadd -r tomcat 2>/dev/null || :
 %{_sbindir}/useradd -c "Apache Tomcat" -g tomcat \
-    -s /bin/sh -r -d %{homedir} tomcat 2>/dev/null || :
+    -s /sbin/nologin -r -d %{homedir} tomcat 2>/dev/null || :
 %service_add_pre %{name}.service
 
 %post
 %service_add_post %{name}.service
+%service_add_post %{name}@.service
 %{fillup_only %{name}}
-%{_bindir}/systemd-tmpfiles --create  >/dev/null 2>&1 || :
+%tmpfiles_create %_tmpfilesdir/%{name}.conf
 
 %preun
 %service_del_preun %{name}.service
@@ -684,7 +684,7 @@
 fi
 
 %files
-%defattr(0664,root,tomcat,0755)
+%defattr(-,root,root)
 %doc {LICENSE,NOTICE,RELEASE*}
 %attr(0755,root,root) %{_bindir}/%{name}-digest
 %attr(0755,root,root) %{_bindir}/%{name}-tool-wrapper
@@ -704,41 +704,43 @@
 %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
 %attr(0755,root,tomcat) %dir %{basedir}
 %attr(0755,root,tomcat) %dir %{confdir}
-%defattr(0664,tomcat,root,0770)
 %attr(0775,root,tomcat) %dir %{appdir}
-%attr(0770,tomcat,root) %{logdir}
+%attr(0770,tomcat,root) %dir %{logdir}
 %attr(0660,tomcat,tomcat) %{logdir}/catalina.out
-%attr(0770,root,tomcat) %{cachedir}
-%defattr(0664,root,tomcat,0770)
+%attr(0770,root,tomcat) %dir %{cachedir}
+%attr(0775,root,tomcat) %dir %{cachedir}/Catalina
+
+# tomcat group writtable dirs - bnc#625415
 %attr(0770,root,tomcat) %dir %{tempdir}
 %attr(0770,root,tomcat) %dir %{workdir}
 %attr(0775,root,tomcat) %dir %{tomcatappdir}
-# tomcat group writtable dirs - bnc#625415
-%defattr(0664,root,tomcat,0775)
+
 %{confdir}/Catalina
-%attr(0775,root,tomcat) %dir %{confdir}/conf.d
-%attr(0664,tomcat,tomcat) %{confdir}/conf.d/README
-%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/%{name}.conf
-%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/*.policy
-%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/*.properties
-%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/context.xml
-%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/server.xml
-%attr(0660,tomcat,tomcat) %config(noreplace) %{confdir}/tomcat-users.xml
-%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/web.xml
-%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/jaspic-providers.xml
-%dir %{homedir}
-%{_tmpfilesdir}/%{name}.conf
-%{bindir}/bootstrap.jar
-%{bindir}/catalina-tasks.xml
+%attr(0755,root,tomcat) %dir %{confdir}/conf.d
+%attr(0644,root,tomcat) %{confdir}/conf.d/README
+%attr(0644,root,tomcat) %config(noreplace) %{confdir}/%{name}.conf
+%attr(0644,root,tomcat) %config(noreplace) %{confdir}/*.policy
+%attr(0644,root,tomcat) %config(noreplace) %{confdir}/*.properties
+%attr(0644,root,tomcat) %config(noreplace) %{confdir}/context.xml
+%attr(0644,root,tomcat) %config(noreplace) %{confdir}/server.xml
+# keep tomcat-users.xml readable only by root and tomcat group
+%attr(0640,root,tomcat) %config(noreplace) %{confdir}/tomcat-users.xml
+%attr(0644,root,tomcat) %config(noreplace) %{confdir}/web.xml
+%attr(0644,root,tomcat) %config(noreplace) %{confdir}/jaspic-providers.xml
+%attr(0755,root,tomcat) %dir %{homedir}
+%attr(0644,root,tomcat) %{_tmpfilesdir}/%{name}.conf
+%attr(0644,root,tomcat) %{bindir}/bootstrap.jar
+%attr(0644,root,tomcat) %{bindir}/catalina-tasks.xml
 %{homedir}/lib
 %{homedir}/temp
 %{homedir}/webapps
 %{homedir}/work
 %{homedir}/logs
 %{homedir}/conf
-%{_fillupdir}/sysconfig.%{name}
+%attr(0644,root,tomcat) %{_fillupdir}/sysconfig.%{name}
 
 %files admin-webapps
+%defattr(0644,root,tomcat,0755)
 %{tomcatappdir}/host-manager
 %config(noreplace) %{tomcatappdir}/host-manager/META-INF/context.xml
 %{tomcatappdir}/manager
@@ -786,6 +788,7 @@
 %ghost %{_sysconfdir}/alternatives/servlet
 
 %files webapps
+%defattr(0644,tomcat,tomcat,0755)
 #bnc#520532
 %config(noreplace) %{tomcatappdir}/ROOT
 %{tomcatappdir}/examples


++++++ tomcat-9.0.init ++++++
--- /var/tmp/diff_new_pack.S1CdEq/_old  2020-07-31 15:58:54.296451197 +0200
+++ /var/tmp/diff_new_pack.S1CdEq/_new  2020-07-31 15:58:54.300451201 +0200
@@ -77,7 +77,7 @@
 # Define the tomcat log file
 TOMCAT_LOG="${TOMCAT_LOG:-${CATALINA_HOME}/logs/${NAME}-initd.log}"
 # Define the tomcat pid file
-export CATALINA_PID="/var/run/${NAME}.pid"
+export CATALINA_PID="/run/${NAME}.pid"
  
 RETVAL="0"
  
@@ -193,8 +193,8 @@
 function start() {
     echo -n "Starting Tomcat ($CATALINA_BASE)"
     if [ -f "/var/run/rc${NAME}" ] ; then
-        if [ -f "/var/run/${NAME}.pid" ]; then
-            read kpid < /var/run/${NAME}.pid
+        if [ -f "/run/${NAME}.pid" ]; then
+            read kpid < /run/${NAME}.pid
                 if checkpid $kpid 2>&1; then
                     echo "$NAME process already running"
                         rc_failed 0
@@ -205,7 +205,7 @@
         fi
     fi
     # fix permissions on the log and pid files
-    export CATALINA_PID="/var/run/${NAME}.pid"
+    export CATALINA_PID="/run/${NAME}.pid"
     touch $CATALINA_PID
     chown --no-dereference ${TOMCAT_USER}:${TOMCAT_USER} $CATALINA_PID
     touch $TOMCAT_LOG
@@ -249,8 +249,8 @@
 # NOTE: checkproc returns LSB compliant status values.
 function status() {
     echo -n "Checking for Tomcat ($CATALINA_BASE)"
-    if [ -f "/var/run/${NAME}.pid" ]; then
-        read kpid < /var/run/${NAME}.pid
+    if [ -f "/run/${NAME}.pid" ]; then
+        read kpid < /run/${NAME}.pid
         if checkpid $kpid 2>&1; then
             rc_failed 0
         else
@@ -278,8 +278,8 @@
         RETVAL="$?"
         if [ "$RETVAL" -eq "0" ]; then
             count="0"
-            if [ -f "/var/run/${NAME}.pid" ]; then
-                read kpid < /var/run/${NAME}.pid
+            if [ -f "/run/${NAME}.pid" ]; then
+                read kpid < /run/${NAME}.pid
                 until [ "$(ps --pid $kpid | grep -c $kpid)" -eq "0" ] || \
                       [ "$count" -gt "$SHUTDOWN_WAIT" ]; do
                     if [ "$SHUTDOWN_VERBOSE" = "true" ]; then
@@ -301,7 +301,7 @@
                     echo -n -e "\n"
                 fi
             fi
-            rm -f /var/run/rc${NAME} /var/run/${NAME}.pid
+            rm -f /var/run/rc${NAME} /run/${NAME}.pid
             if [ "${CLEAR_WORK}" = "true" ]; then
                 echo -n "Cleaning work directory: "
                 find ${CATALINA_HOME}/work/{Catalina,temp} -mindepth 2 -type d 
-print0 | xargs -0 rm -rf
@@ -350,7 +350,7 @@
     echo -n "Reload service Tomcat ($CATALINA_BASE)"
     ## if it supports it:
     #killproc -HUP $TOMCAT_BIN
-    #touch /var/run/FOO.pid
+    #touch /run/FOO.pid
     #rc_status -v
  
     ## Otherwise:
@@ -364,7 +364,7 @@
     # If it supports signalling:
     #echo -n "Reload service FOO"
     #killproc -HUP $TOMCAT_BIN
-    #touch /var/run/FOO.pid
+    #touch /run/FOO.pid
     #rc_status -v
      
     ## Otherwise if it does not support reload:

commit tomcat for openSUSE:Factory

Reply via email to