There are several solutions:
1/ Only set the permissions on original installation (do not modify on upgrades)
2/ Make installation/upgrades look into /etc/default/tomcat6 to get the user
name
3/ Make installation/upgrades respect dpkg-statoverride (do not change
permissions on upgrades if dpkg-statoverridden)
4/ Preseed the user you want tomcat6 to run under
I think we want to keep the possibility to improve permissions on future
upgrades, so solution (1) is not good. Solution (4) is technically the
best, but it's a new feature so it's too much for a SRU.
As far as a Lucid SRU is concerned, solution (2) or (3) are the smallest
change (they are not exclusive, btw). Both are slightly inconvenient
(one requires the /etc/default/tomcat6 file to be present before install
(or not purged from a previous install), while the other requires to run
a few dpkg-statoverride/user creation/ authbind configuration commands).
But they would survive upgrades perfectly. Let me know if that would be
acceptable.
NB: I would keep the "tomcat6" group as is.
** Changed in: tomcat6 (Ubuntu)
Status: Confirmed => Triaged
** Changed in: tomcat6 (Ubuntu)
Assignee: (unassigned) => Thierry Carrez (ttx)
--
tomcat6 package should fully support running as a different user
https://bugs.launchpad.net/bugs/557300
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in ubuntu.
--
Ubuntu-server-bugs mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
