[Bug 557300] Re: tomcat6 package should fully support running as a different user

Thierry Carrez thierry.carrez at ubuntu.com
Fri May 21 11:17:27 BST 2010 

** Description changed:

  Binary package hint: tomcat6
  
  I run tomcat6 on Ubuntu 8.10, installed from the tomcat6 package.  I
  need to run tomcat as a different user to 'tomcat6' so have configured
  this via the TOMCAT6_USER variable in /etc/default/tomcat6.  I then
  manually changed the ownership of tomcat's various directories for this
  to work.  This has been fine for over a year and has survived updates to
  the tomcat6 package.  However, this morning I upgraded to
  6.0.18-0ubuntu3.3 and afterwards found that tomcat no longer ran.  After
  investigation, I found that the upgrade had chowned and chgrped tomcat's
  directories to the tomcat6 user/group.  This left tomcat unable to run
  as it couldn't read or write key directories.
  
  Looking at the tomcat6 package, this happens in the postinst script,
  during the configure stage.  The same also happens in the current
  tomcat6 package in Ubuntu 10.04.  I would suggest that these
  chowns/chgrps either be removed, or that they are made aware of the user
  that tomcat runs as.  Could this be done by passing options through
  debconf?
+ 
+ == SRU Report ==
+ Impact:
+ If the user sets TOMCAT6_USER (in /etc/default/tomcat6) to something else than "tomcat6", the system instance will not run. If the user fixes the directory permissions to make it work, those modifications will be lost at the next tomcat6 update.
+ 
+ Development branch fix:
+ We are trying to keep sync with Debian, fix was proposed to debian-java SVN and pending release.
+ 
+ Minimal patch:
+ See attached in comment
+ 
+ TEST CASE:
+ $ sudo apt-get install tomcat6
+ $ sudo service tomcat6 stop
+ Edit /etc/default/tomcat6 and set TOMCAT6_USER=foobar
+ $ sudo dpkg-reconfigure tomcat6
+ Affected version:
+ Tomcat fails to restart due to user 'fewbar' not found. If you manually create the user, restart still fails on permission denied over various directories.
+ Fixed version: 
+ Tomcat restarts successfully and works ok.
+ 
+ Regression potential:
+ The only thing changing for normal users (those who had TOMCAT6_USER=TOMCAT6_GROUP="tomcat6") is that the group is now created separately from the user.

** Attachment added: "Minimal SRU patch"
   http://launchpadlibrarian.net/48859377/user-patch

-- 
tomcat6 package should fully support running as a different user
https://bugs.launchpad.net/bugs/557300
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in ubuntu.

More information about the Ubuntu-server-bugs mailing list