mirabilos pushed to branch master at Debian Java Maintainers / tomcat9
Commits: 325b37d5 by mirabilos at 2019-04-01T14:25:09Z drop -XX:+UseG1GC from standard JAVA_OPTS (Closes: #925928) rationale: the JRE chooses a suitable GC automatically anyway, and some VMs (notably Zero) don’t support this flag and then refuse to start; but suggest Java 8 users to add it back, from https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925928#22 - - - - - bb8ea718 by mirabilos at 2019-04-01T14:28:11Z fix /var/log/tomcat9 to belong to group adm, chmod 2750 (Closes: #925929) rationale: Debian commonplace allows users in the group adm to read logs also add missing RequiresMountsFor for systemd; related fixes From: Felipe Sateler <[email protected]> - - - - - 7463f744 by mirabilos at 2019-04-01T15:16:29Z prepare for upload - - - - - 6 changed files: - debian/changelog - debian/default.template - debian/setenv.sh - debian/tomcat9.postinst - debian/tomcat9.service - + debian/tomcat9.tmpfile Changes: ===================================== debian/changelog ===================================== @@ -1,4 +1,4 @@ -tomcat9 (9.0.16-4) UNRELEASED; urgency=medium +tomcat9 (9.0.16-4) unstable; urgency=medium * Team upload. * debian/logging.properties: Add commented-out non-systemd configuration @@ -9,8 +9,12 @@ tomcat9 (9.0.16-4) UNRELEASED; urgency=medium * debian/libexec/tomcat-locate-java.sh: Remove shebang and make not executable as this is only ever sourced (makes no sense otherwise) * Make the systemd startup script honour the (renamed) $SECURITY_MANAGER + * Remove -XX:+UseG1GC from standard JAVA_OPTS; the JRE chooses + a suitable GC automatically anyway (Closes: #925928) + * Correct the ownership and permissions on the log directory: + group adm and setgid (Closes: #925929) - -- Thorsten Glaser <[email protected]> Mon, 01 Apr 2019 15:42:02 +0200 + -- Thorsten Glaser <[email protected]> Mon, 01 Apr 2019 17:16:06 +0200 tomcat9 (9.0.16-3) unstable; urgency=medium ===================================== debian/default.template ===================================== @@ -3,9 +3,10 @@ # OpenJDK and the Oracle JDK are tried. #JAVA_HOME=/usr/lib/jvm/java-8-openjdk -# You may pass JVM startup parameters to Java here. If unset, the default -# options will be: -Djava.awt.headless=true -XX:+UseG1GC -JAVA_OPTS="-Djava.awt.headless=true -XX:+UseG1GC" +# You may pass JVM startup parameters to Java here. If you run Tomcat with +# Java 8 instead of 9 or newer, add "-XX:+UseG1GC" to select a suitable GC. +# If unset, the default options will be: -Djava.awt.headless=true +JAVA_OPTS="-Djava.awt.headless=true" # To enable remote debugging uncomment the following line. # You will then be able to use a Java debugger on port 8000. ===================================== debian/setenv.sh ===================================== @@ -8,5 +8,5 @@ CATALINA_HOME=/usr/share/tomcat9 # Default Java options if [ -z "$JAVA_OPTS" ]; then - JAVA_OPTS="-Djava.awt.headless=true -XX:+UseG1GC" + JAVA_OPTS="-Djava.awt.headless=true" fi ===================================== debian/tomcat9.postinst ===================================== @@ -74,8 +74,10 @@ case "$1" in chmod 775 /var/lib/tomcat9/webapps # Grant read/write access to tomcat to the log and cache directories - chown -Rh $TOMCAT_USER:$TOMCAT_GROUP /var/log/tomcat9/ /var/cache/tomcat9/ - chmod 750 /var/log/tomcat9/ /var/cache/tomcat9/ + chown -Rh $TOMCAT_USER:adm /var/log/tomcat9/ + chmod 2750 /var/log/tomcat9/ + chown -Rh $TOMCAT_USER:$TOMCAT_GROUP /var/cache/tomcat9/ + chmod 750 /var/cache/tomcat9/ ;; esac ===================================== debian/tomcat9.service ===================================== @@ -32,13 +32,13 @@ Group=tomcat PrivateTmp=yes AmbientCapabilities=CAP_NET_BIND_SERVICE NoNewPrivileges=true -LogsDirectory=tomcat9 -LogsDirectoryMode=750 CacheDirectory=tomcat9 CacheDirectoryMode=750 ProtectSystem=strict ReadWritePaths=/etc/tomcat9/Catalina/ ReadWritePaths=/var/lib/tomcat9/webapps/ +ReadWritePaths=/var/log/tomcat9/ +RequiresMountsFor=/var/log/tomcat9 /var/lib/tomcat9 [Install] WantedBy=multi-user.target ===================================== debian/tomcat9.tmpfile ===================================== @@ -0,0 +1,3 @@ +# type path mode uid gid age arg(symlink target) + +d /var/log/tomcat9 2750 tomcat adm - View it on GitLab: https://salsa.debian.org/java-team/tomcat9/compare/3bdb691dcbe4b0cc46e28adf6d175ff6c647a94f...7463f744a126301b2d28bc8fe4a322e15c3c73b8 -- View it on GitLab: https://salsa.debian.org/java-team/tomcat9/compare/3bdb691dcbe4b0cc46e28adf6d175ff6c647a94f...7463f744a126301b2d28bc8fe4a322e15c3c73b8 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ pkg-java-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-java-commits
