2017-11-24 15:53 GMT+03:00 Rune Rustand <run...@gmail.com>: > Apache Tomcat 8.5.23 > Redhat Enterprise Linux 7.4 (3.10.0-693.1.1.el7.x86_64) > > > > Binary distributions tar archive > > We are upgrading our servers from Tomcat 8.0 to Tomcat 8.5, and are using > the core archive. The process is done by running a puppet script that > extracts the tar archive on all the servers (many). > > Are there any reasons why the file and directory permissions differ from > the tar archive and the zip archive? > When I unpack the tar archive the permissions on files and directories are > not set for all users. > > I unpack the archive like this: > tar zxvpf apache-tomcat-8.5.23.tar.gz > > examples of file and directories permissons are: > [runrus@nemesis apache-tomcat-8.5.23]$ ls -l > total 96 > drwxr-x---. 2 runrus runrus 4096 Nov 24 08:46 bin > drwx------. 2 runrus runrus 4096 Sep 28 12:31 conf > drwxr-x---. 2 runrus runrus 4096 Nov 24 08:46 lib > -rw-r-----. 1 runrus runrus 57092 Sep 28 12:31 LICENSE > drwxr-x---. 2 runrus runrus 6 Sep 28 12:30 logs > -rw-r-----. 1 runrus runrus 1723 Sep 28 12:31 NOTICE > -rw-r-----. 1 runrus runrus 7064 Sep 28 12:31 RELEASE-NOTES > -rw-r-----. 1 runrus runrus 15946 Sep 28 12:31 RUNNING.txt > drwxr-x---. 2 runrus runrus 29 Nov 24 08:46 temp > drwxr-x---. 7 runrus runrus 76 Sep 28 12:30 webapps > drwxr-x---. 2 runrus runrus 6 Sep 28 12:30 work
[...] > For the zip file: > unzip apache-tomcat-8.5.23.zip > > [runrus@nemesis apache-tomcat-8.5.23]$ ls -l > total 104 > drwxr-xr-x. 2 runrus runrus 4096 Sep 28 11:31 bin > drwxr-xr-x. 2 runrus runrus 4096 Sep 28 11:31 conf > drwxr-xr-x. 2 runrus runrus 4096 Sep 28 11:31 lib > -rw-r--r--. 1 runrus runrus 58153 Sep 28 11:31 LICENSE > drwxr-xr-x. 2 runrus runrus 6 Sep 28 11:30 logs > -rw-r--r--. 1 runrus runrus 1774 Sep 28 11:31 NOTICE > -rw-r--r--. 1 runrus runrus 7241 Sep 28 11:31 RELEASE-NOTES > -rw-r--r--. 1 runrus runrus 16416 Sep 28 11:31 RUNNING.txt > drwxr-xr-x. 2 runrus runrus 29 Sep 28 11:31 temp > drwxr-xr-x. 7 runrus runrus 76 Sep 28 11:31 webapps > drwxr-xr-x. 2 runrus runrus 6 Sep 28 11:30 work Set `umask 0027` before unzipping. The 'conf' directory, the logs, and serialized sessions in 'work' are likely to contain confidential data and should not be world-readable. http://tomcat.apache.org/tomcat-8.5-doc/security-howto.html#Non-Tomcat_settings Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
