Re: binary distribution - how to upgrade ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mark, On 6/20/13 3:47 PM, Mark Thomas wrote: > On 20/06/2013 19:22, Christopher Schultz wrote: >> Once you have set up the environment for >> CATALINA_HOME/CATALINA_BASE, it's fairly simple to upgrade to a >> new version of Tomcat: >> >> 1. Install the new version for example into >> /opt/apache-tomcat-x.y.z 2. Re-customize >> /opt/apache-tomcat-x.y.z/conf/server.xml to include any >> customizations you have made (usually just elements, >> perhaps clustering, etc.) > > Um, no. server.xml should be in $CATALINA_BASE/conf Yes, thanks for the proofreading ;) It's always good to re-diff your CATALINA_BASE/conf/server.xml against the one newly-installed in /opt/apache-tomcat-x.y.z/conf/server.xml just to make sure that nothing new has been added (i.e. that the diff still looks like your original diff). - -chris -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJRw2UFAAoJEBzwKT+lPKRYkdoP/3oBBqtax7suHFq+ITRTRE0p vyQechDcvqkdZzEJDbqyGPkTfYLyklKQ6Zj7R9DeGeSgJGrS0MiiaC6WSCGSpLkD ikU2K476piDC2Gk61dyNzppNrhyFMR6wau2QV4N4kIC0yceg+N4wI9Pc0U36Vk08 JKh9f3stAwoXzYursbWHLHKFXq5+7C9EkE3p1j3M2hNO24sN02olv/fnXTwxwY5v fgW48kHr5TVcBlFxd9Ce46R0pS9vPDd8pI8Jnq52IsT0D1NvH7I2rYyfR32enJdu 2MTDe9D971XPB00YJIQNZePoy0GPAhvC8XC60jG4dpm9B04GuoaklMYwCsJkywlI 7+ERX4Q6nQwS2fsX0zNqiMtjruEirPx0XVKVIUuEFgT9hHdSD56nMPE8IY+ZarKv uBpCNmtK13c27+mnCeNqWxBSbWRQS/CHeGQqh8YiOb62zHhFaYDfDv48VhjGhsB1 HEXqHkCjz19BXg5/yqO0rQnNKlxhzeveVPvUhSLeFs/B/xmk7z0NKZVaTUFG2Pfc +K+5gPxlxzomu1e44PLoxFp8G8Gbn8LGl+1Gam2Eg6XhNJB5Ru1PbBACJalnunWw fA3u1riJkbVzFROv2nJkaB60Wn1PR4Gjo/IcNNT7mvd3RP2N/LrlTbkHfAS6Bt/f kvtnePQ8+xpXIcep8qbg =x6UW -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: binary distribution - how to upgrade ?
Hi Bernd, Am 20.06.2013 18:45, schrieb Lentes, Bernd: Hi, i'm fairly new to tomcat. We have a SLES 10 SP4 64bit host, running Tomcat 5.5, which was provided as a rpm from the distributor. Our developers need now a more current version, 6 or prefered 7. I didn't find rpm's for these versions for my OS. So i have to install the binary version from the tomcat web page. As a side note: general support for SLES10 ends with july 2013. If you don't want to buy extended support you should switch to SLES11 as soon as possible. This includes tomcat6 instead of tomcat5. SUSE uses version 6.0.18 but backports security patches. Though I would still recommend the official tomcat binaries from the apache website. It's much easier to support a well known state that your developers can also install on their workstation. - Stefan - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: binary distribution - how to upgrade ?
On 20/06/2013 19:22, Christopher Schultz wrote: > Bernd, > > On 6/20/13 12:45 PM, Lentes, Bernd wrote: >> i'm fairly new to tomcat. We have a SLES 10 SP4 64bit host, running >> Tomcat 5.5, which was provided as a rpm from the distributor. Our >> developers need now a more current version, 6 or prefered 7. I >> didn't find rpm's for these versions for my OS. So i have to >> install the binary version from the tomcat web page. > > You should complain to RedHat. It's embarrassing that so many > distributions are still holding on to Tomcat 5.5 and not supporting > newer versions. > > There's no really good reason to upgrade to Tomcat 6. Going from Tomcat > 5.5 -> 7.0 should not represent too much of a challenge. > >> I read that patches concerning security vulnerabilities are not >> provided for the binary version. > > The Apache Tomcat team does not release patches at all... instead, new > versions are released with the patches included. This includes both > source and binary bundles. > >> My question: what do i have to do if i read that version x.x has a >> security vulnerability which is closed by version x.y ? > > Upgrade, if you need to. Some vulnerabilities are only present under > certain configurations, etc. > >> Just install the new version over the old one ? > > I would not recommend installing a new version "on top of" an old one. > See below. > >> Uninstalling the old one before ? What is about my webapps ? Are >> they gone with the installation of the new version ? > > Since you are going through this process, I highly recommend that you > start thinking about using a "split install" where Tomcat itself is > installed one place and your webapp is installed elsewhere. To do > this, you set the CATALINA_HOME environment variable to point to your > Tomcat installation, and set CATALINA_BASE to where your webapp is > installed. See the RUNNING.txt file in the root of Tomcat's > installation for details -- you are looking for the section titled > "Advanced Configuration - Multiple Tomcat Instances". > > Once you have set up the environment for CATALINA_HOME/CATALINA_BASE, > it's fairly simple to upgrade to a new version of Tomcat: > > 1. Install the new version for example into /opt/apache-tomcat-x.y.z > 2. Re-customize /opt/apache-tomcat-x.y.z/conf/server.xml to include > any customizations you have made (usually just elements, > perhaps clustering, etc.) Um, no. server.xml should be in $CATALINA_BASE/conf Mark > 3. Change CATALINA_HOME to /opt/apache-x.y.z > 4. Re-start Tomcat > > If you are upgrading from x.y.z -> x.y.w (that is, a point-release), > you may be able to replace step #2 above with simply copying the > existing server.xml to the new CATALINA_HOME. YOU MUST NOT DO THIS > BETWEEN MAJOR RELEASES: server.xml changes significantly (mostly class > names) between major releases. You need to start from scratch with > each one. > > One of the many advantages of the above technique (i.e. using > CATALINA_BASE) is that rolling-back to a previous Tomcat version is > trivial: simply change CATALINA_HOME to point to the old release and > restart Tomcat. You'll be back where you started. > > -chris > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: binary distribution - how to upgrade ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Bernd, On 6/20/13 12:45 PM, Lentes, Bernd wrote: > i'm fairly new to tomcat. We have a SLES 10 SP4 64bit host, running > Tomcat 5.5, which was provided as a rpm from the distributor. Our > developers need now a more current version, 6 or prefered 7. I > didn't find rpm's for these versions for my OS. So i have to > install the binary version from the tomcat web page. You should complain to RedHat. It's embarrassing that so many distributions are still holding on to Tomcat 5.5 and not supporting newer versions. There's no really good reason to upgrade to Tomcat 6. Going from Tomcat 5.5 -> 7.0 should not represent too much of a challenge. > I read that patches concerning security vulnerabilities are not > provided for the binary version. The Apache Tomcat team does not release patches at all... instead, new versions are released with the patches included. This includes both source and binary bundles. > My question: what do i have to do if i read that version x.x has a > security vulnerability which is closed by version x.y ? Upgrade, if you need to. Some vulnerabilities are only present under certain configurations, etc. > Just install the new version over the old one ? I would not recommend installing a new version "on top of" an old one. See below. > Uninstalling the old one before ? What is about my webapps ? Are > they gone with the installation of the new version ? Since you are going through this process, I highly recommend that you start thinking about using a "split install" where Tomcat itself is installed one place and your webapp is installed elsewhere. To do this, you set the CATALINA_HOME environment variable to point to your Tomcat installation, and set CATALINA_BASE to where your webapp is installed. See the RUNNING.txt file in the root of Tomcat's installation for details -- you are looking for the section titled "Advanced Configuration - Multiple Tomcat Instances". Once you have set up the environment for CATALINA_HOME/CATALINA_BASE, it's fairly simple to upgrade to a new version of Tomcat: 1. Install the new version for example into /opt/apache-tomcat-x.y.z 2. Re-customize /opt/apache-tomcat-x.y.z/conf/server.xml to include any customizations you have made (usually just elements, perhaps clustering, etc.) 3. Change CATALINA_HOME to /opt/apache-x.y.z 4. Re-start Tomcat If you are upgrading from x.y.z -> x.y.w (that is, a point-release), you may be able to replace step #2 above with simply copying the existing server.xml to the new CATALINA_HOME. YOU MUST NOT DO THIS BETWEEN MAJOR RELEASES: server.xml changes significantly (mostly class names) between major releases. You need to start from scratch with each one. One of the many advantages of the above technique (i.e. using CATALINA_BASE) is that rolling-back to a previous Tomcat version is trivial: simply change CATALINA_HOME to point to the old release and restart Tomcat. You'll be back where you started. - -chris -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJRw0hdAAoJEBzwKT+lPKRYEw4P/iYzprGZZt9C+kMSOjOW2pYC b2xB7IgS1KhY+6ayQkkjyL3ByJFhrCVIXLbkKuQbGNmk+76R4aFxoueLxkT5m0+u yMFbwrnlAPx/+3UdCRmw9dVRROakQrdevYzm0bJskw1gu6Vneq2Bxq9zJCi4bKF4 B8EwzcjAdo6oX4UZX7U3um9g+yxGFAC6kM2n6t/MVbhF/stq+R6r0JY4Kmz9LP77 uC9WDr73op33spHXkxX2oMkhksuyUtgl3ZmCwxe6VUU1c0BloGfTy5hBrB5WMBAS F/KryJMiTeMexnKv4QcDE8qz0w3BgzHGI6XSuhvK2FUbeCe6OyD1JdOzFSHRA0M0 aPdLJyDdsnzjjS88rorv4dfBYl7KJelx2N/51H7GUeX1ipVsrq4vgYNafjLbMUpl J/yu1OJ9cBhKntuDuMrEIduoZ/WsKcl8hSK6hy/87+dkyw6eKfHj76Io8cP7/uPh mLiuhmatQ6AT5eFg8BYltxImAVfXpbuUO6d428awy4EWa9tWARokhghsmfmlJmg2 Z1zp1gwxMAdiShaAaxRmFF/Kw18rWPvMoZ6M8pdykGqFw8YZk1FEvQ1pYzoTzcv0 XeiZU3qPUd9rBYkhvzgOEfS9XvZuL/46/4jNTDDh78DoVz2ZAEFBKX6CrZGrPF0u N+uMi9itiRrdD6BcVmbv =m+/N -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: binary distribution - how to upgrade ?
Hi Bernd, I think, that the best solution is to 'install' Tomcat manually from binaries available on Tomcat project. I do not use repositories on my CentOS/Debian machines, because Tomcat versions available there are a bit outdated (I need 7.X while in official repos you will not find such). In addition, read this before upgrade: http://tomcat.apache.org/migration.html . Best Regards --- Piotr Pawłowski System Administrator T: +48 58 732 77 71 M: +48 698 794 378 E: piotr.pawlow...@goyello.com S: piotr.goyello.com W: blog.goyello.com Goyello Sp. z o.o. Olivia Gate Al. Grunwaldzka 472 80-309 Gdańsk www.goyello.com CONFIDENTIALITY. This e-mail and any attachments are confidential and may also be privileged. If received in error, please do not disclose the contents to anyone, but notify the sender by return e-mail and delete this e-mail (and any attachments) from your system. Goyello accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages. Spółka zarejestrowana w Sądzie Rejonowym Gdańsk - Północ w Gdańsku, VII Wydział Gospodarczy KRS pod nr 269183, NIP 584-259-98-62, kapitał zakładowy 50.000 zł From: Lentes, Bernd [bernd.len...@helmholtz-muenchen.de] Sent: Thursday, June 20, 2013 18:45 To: 'Tomcat Users List' Subject: binary distribution - how to upgrade ? Hi, i'm fairly new to tomcat. We have a SLES 10 SP4 64bit host, running Tomcat 5.5, which was provided as a rpm from the distributor. Our developers need now a more current version, 6 or prefered 7. I didn't find rpm's for these versions for my OS. So i have to install the binary version from the tomcat web page. I read that patches concerning security vulnerabilities are not provided for the binary version. My question: what do i have to do if i read that version x.x has a security vulnerability which is closed by version x.y ? Just install the new version over the old one ? Uninstalling the old one before ? What is about my webapps ? Are they gone with the installation of the new version ? Thanks in advance. Bernd -- Bernd Lentes Systemadministration Institut für Entwicklungsgenetik Gebäude 35.34 - Raum 208 HelmholtzZentrum münchen bernd.len...@helmholtz-muenchen.de phone: +49 89 3187 1241 fax: +49 89 3187 2294 http://www.helmholtz-muenchen.de/idg Wer nichts verdient außer Geld verdient nichts außer Geld Helmholtz Zentrum München Deutsches Forschungszentrum für Gesundheit und Umwelt (GmbH) Ingolstädter Landstr. 1 85764 Neuherberg www.helmholtz-muenchen.de Aufsichtsratsvorsitzende: MinDir´in Bärbel Brumme-Bothe Geschäftsführer: Prof. Dr. Günther Wess Dr. Nikolaus Blum Dr. Alfons Enhsen Registergericht: Amtsgericht München HRB 6466 USt-IdNr: DE 129521671 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
binary distribution - how to upgrade ?
Hi, i'm fairly new to tomcat. We have a SLES 10 SP4 64bit host, running Tomcat 5.5, which was provided as a rpm from the distributor. Our developers need now a more current version, 6 or prefered 7. I didn't find rpm's for these versions for my OS. So i have to install the binary version from the tomcat web page. I read that patches concerning security vulnerabilities are not provided for the binary version. My question: what do i have to do if i read that version x.x has a security vulnerability which is closed by version x.y ? Just install the new version over the old one ? Uninstalling the old one before ? What is about my webapps ? Are they gone with the installation of the new version ? Thanks in advance. Bernd -- Bernd Lentes Systemadministration Institut für Entwicklungsgenetik Gebäude 35.34 - Raum 208 HelmholtzZentrum münchen bernd.len...@helmholtz-muenchen.de phone: +49 89 3187 1241 fax: +49 89 3187 2294 http://www.helmholtz-muenchen.de/idg Wer nichts verdient außer Geld verdient nichts außer Geld Helmholtz Zentrum München Deutsches Forschungszentrum für Gesundheit und Umwelt (GmbH) Ingolstädter Landstr. 1 85764 Neuherberg www.helmholtz-muenchen.de Aufsichtsratsvorsitzende: MinDir´in Bärbel Brumme-Bothe Geschäftsführer: Prof. Dr. Günther Wess Dr. Nikolaus Blum Dr. Alfons Enhsen Registergericht: Amtsgericht München HRB 6466 USt-IdNr: DE 129521671 - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
