Compare commits

..

No commits in common. "c8-stream-10.6" and "c9s" have entirely different histories.

26 changed files with 1252 additions and 94 deletions

4
.gitignore vendored
View File

@ -0,0 +1,4 @@
apache-tomcat-*-src.tar.gz
*tomcat-*-src*
*.src.rpm
results_pki-servlet-engine

View File

@ -0,0 +1,32 @@
From 6cfbaebf60aa4410501ea6c94e65d3df195b2d56 Mon Sep 17 00:00:00 2001
From: Alexander Scheel <ascheel@redhat.com>
Date: Thu, 25 Feb 2021 08:35:51 -0500
Subject: [PATCH] Update to JDK Version 11
Signed-off-by: Alexander Scheel <ascheel@redhat.com>
---
build.xml | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/build.xml b/build.xml
index 37710fd..6664b7a 100644
--- a/build.xml
+++ b/build.xml
@@ -90,10 +90,10 @@
<property name="tomcat.pool" value="${tomcat.output}/jdbc-pool"/>
<!-- Servlet 4.0 spec requires Java 8+ -->
- <property name="compile.source" value="8"/>
- <property name="compile.target" value="8"/>
- <property name="compile.release" value="8"/>
- <property name="min.java.version" value="8"/>
+ <property name="compile.source" value="11"/>
+ <property name="compile.target" value="11"/>
+ <property name="compile.release" value="11"/>
+ <property name="min.java.version" value="11"/>
<!-- Locations to create the JAR artifacts -->
<!-- Standard JARs -->
--
2.29.2

View File

@ -1,94 +0,0 @@
# Copyright (c) 2000-2008, JPackage Project
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
#
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the
# distribution.
# 3. Neither the name of the JPackage Project nor the names of its
# contributors may be used to endorse or promote products derived
# from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
Name: pki-servlet-engine
Epoch: 1
Version: 9.0.62
Release: 1%{?dist}
Summary: Servlet Engine for PKI
Group: System Environment/Daemons
License: ASL 2.0
URL: http://tomcat.apache.org
BuildArch: noarch
Requires: tomcat
Obsoletes: pki-servlet-container < %{epoch}:%{version}-%{release}
Obsoletes: pki-servlet-4.0-api < %{epoch}:%{version}-%{release}
Provides: pki-servlet-4.0-api = %{epoch}:%{version}-%{release}
%description
The pki-servlet-engine package has been replaced by the tomcat package.
This package is provided for backward compatibility only, so it contains
no files and will be removed in the future. Please use the tomcat package
directly instead.
%files
%changelog
* Mon Feb 05 2024 Red Hat PKI Team <rhcs-maint@redhat.com> - 1:9.0.62-1
- Convert pki-servlet-engine into an alias for tomcat
* Fri Jun 11 2021 Coty Sutherland <csutherl@redhat.com> - 1:9.0.30-3
- Reverts: rhbz#1969366 as it causes other issues
* Tue Jun 08 2021 Coty Sutherland <csutherl@redhat.com> - 1:9.0.30-2
- Resolves: rhbz#1969366 CA instance installation fails with error message
* Thu Apr 23 2020 Coty Sutherland <csutherl@redhat.com> - 1:9.0.30-1
- Resolves: rhbz#1721684 Rebase pki-servlet-engine to 9.0.30
- Update to JWS 5.3.0 distribution
- Remove new dependencies that PKI doesn't need (and are not provided by RHEL 8)
* Fri May 31 2019 Endi S. Dewata <edewata@redhat.com> - 1:9.0.7-16
- Obsoleted pki-servlet-container
* Tue Apr 23 2019 Endi S. Dewata <edewata@redhat.com> - 1:9.0.7-15
- Rename pki-servlet-container into pki-servlet-engine
* Mon Mar 04 2019 Coty Sutherland <csutherl@redhat.com> - 1:9.0.7-14
- Update to JWS 5.0.2 distribution
- Resolves: rhbz#1658846 CVE-2018-8034 pki-servlet-container: tomcat: host name verification missing in WebSocket client
- Resolves: rhbz#1579614 CVE-2018-8014 pki-servlet-container: tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins
- Resolves: rhbz#1619232 - CVE-2018-8037 pki-servlet-container: tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up
- Resolves: rhbz#1641874 - CVE-2018-11784 pki-servlet-container: tomcat: Open redirect in default servlet
* Fri Aug 03 2018 Fraser Tweedale <ftweedal@redhat.com> - 1:9.0.7-13
- Reinstate Maven artifacts and fix maven-metadata JAR path
* Fri Jul 20 2018 Jean-Frederic Clere <jclere@redhat.com> - 1:9.0.7-12
- Add missing BuildRequires: systemd-units
* Fri Jun 22 2018 Coty Sutherland <csutherl@redhat.com> - 1:9.0.7-11
- Resolves: rhbz#1594139 Cleanup Provides and Requires
* Thu Jun 07 2018 Coty Sutherland <csutherl@redhat.com> - 1:9.0.7-10
- Create packages for FreeIPA that wrap the JWS distribution of Tomcat

208
exclude-OSGi-metadata.patch Normal file
View File

@ -0,0 +1,208 @@
diff -up ./build.xml.orig ./build.xml
--- ./build.xml.orig 2021-12-09 13:29:38.000000000 -0500
+++ ./build.xml 2022-03-04 08:56:31.987572758 -0500
@@ -1032,7 +1032,7 @@
filesDir="${tomcat.classes}"
filesId="files.annotations-api"
manifest="${tomcat.manifests}/annotations-api.jar.manifest"
- addOSGi="true" />
+ addOSGi="false" />
<!-- Servlet Implementation JAR File -->
<jarIt jarfile="${servlet-api.jar}"
@@ -1041,41 +1041,41 @@
manifest="${tomcat.manifests}/servlet-api.jar.manifest"
notice="${tomcat.manifests}/servlet-api.jar.notice"
license="${tomcat.manifests}/servlet-api.jar.license"
- addOSGi="true" />
+ addOSGi="false" />
<!-- EL Implementation JAR File -->
<jarIt jarfile="${el-api.jar}"
filesDir="${tomcat.classes}"
filesId="files.el-api"
manifest="${tomcat.manifests}/el-api.jar.manifest"
- addOSGi="true" />
+ addOSGi="false" />
<!-- JSP Implementation JAR File -->
<jarIt jarfile="${jsp-api.jar}"
filesDir="${tomcat.classes}"
filesId="files.jsp-api"
manifest="${tomcat.manifests}/jsp-api.jar.manifest"
- addOSGi="true" />
+ addOSGi="false" />
<!-- WebSocket API JAR File -->
<jarIt jarfile="${websocket-api.jar}"
filesDir="${tomcat.classes}"
filesId="files.websocket-api"
manifest="${tomcat.manifests}/websocket-api.jar.manifest"
- addOSGi="true" />
+ addOSGi="false" />
<!-- JASPIC API JAR File -->
<jarIt jarfile="${jaspic-api.jar}"
filesDir="${tomcat.classes}"
filesId="files.jaspic-api"
manifest="${tomcat.manifests}/jaspic-api.jar.manifest"
- addOSGi="true" />
+ addOSGi="false" />
<!-- Tomcat-juli JAR File -->
<jarIt jarfile="${tomcat-juli.jar}"
filesDir="${tomcat.classes}"
filesId="files.tomcat-juli"
- addOSGi="true" />
+ addOSGi="false" />
<!-- Bootstrap JAR File -->
<jarIt jarfile="${bootstrap.jar}"
@@ -1087,61 +1087,61 @@
<jarIt jarfile="${tomcat-util.jar}"
filesDir="${tomcat.classes}"
filesId="files.tomcat-util"
- addOSGi="true" />
+ addOSGi="false" />
<!-- Tomcat API JAR File -->
<jarIt jarfile="${tomcat-api.jar}"
filesDir="${tomcat.classes}"
filesId="files.tomcat-api"
- addOSGi="true" />
+ addOSGi="false" />
<!-- Tomcat Util Scan JAR File -->
<jarIt jarfile="${tomcat-util-scan.jar}"
filesDir="${tomcat.classes}"
filesId="files.tomcat-util-scan"
- addOSGi="true" />
+ addOSGi="false" />
<jarIt jarfile="${tomcat-jni.jar}"
filesDir="${tomcat.classes}"
filesId="files.tomcat-jni"
- addOSGi="true" />
+ addOSGi="false" />
<!-- Protocol handlers - Coyote -->
<jarIt jarfile="${tomcat-coyote.jar}"
filesDir="${tomcat.classes}"
filesId="files.tomcat-coyote"
- addOSGi="true" />
+ addOSGi="false" />
<!-- WebSocket implementation JAR File -->
<jarIt jarfile="${tomcat-websocket.jar}"
filesDir="${tomcat.classes}"
filesId="files.tomcat-websocket"
meta-inf="${tomcat.manifests}/tomcat-websocket.jar"
- addOSGi="true" />
+ addOSGi="false" />
<!-- Catalina GroupCom/Tribes JAR File -->
<jarIt jarfile="${catalina-tribes.jar}"
filesDir="${tomcat.classes}"
filesId="files.catalina-tribes"
- addOSGi="true" />
+ addOSGi="false" />
<!-- Catalina Main JAR File -->
<jarIt jarfile="${catalina.jar}"
filesDir="${tomcat.classes}"
filesId="files.catalina"
- addOSGi="true" />
+ addOSGi="false" />
<!-- Catalina Cluster/HA JAR File -->
<jarIt jarfile="${catalina-ha.jar}"
filesDir="${tomcat.classes}"
filesId="files.catalina-ha"
- addOSGi="true" />
+ addOSGi="false" />
<!-- Server-Side Includes (SSI) -->
<jarIt jarfile="${catalina-ssi.jar}"
filesDir="${tomcat.classes}"
filesId="files.catalina-ssi"
- addOSGi="true" />
+ addOSGi="false" />
<!-- Catalina Ant Tasks JAR File -->
<jarIt jarfile="${catalina-ant.jar}"
@@ -1152,27 +1152,27 @@
<jarIt jarfile="${catalina-storeconfig.jar}"
filesDir="${tomcat.classes}"
filesId="files.catalina-storeconfig"
- addOSGi="true" />
+ addOSGi="false" />
<!-- Jasper EL Implementation JAR File -->
<jarIt jarfile="${jasper-el.jar}"
filesDir="${tomcat.classes}"
filesId="files.jasper-el"
meta-inf="${tomcat.manifests}/jasper-el.jar"
- addOSGi="true" />
+ addOSGi="false" />
<!-- Jasper Implementation JAR File -->
<jarIt jarfile="${jasper.jar}"
filesDir="${tomcat.classes}"
filesId="files.jasper"
meta-inf="${tomcat.manifests}/jasper.jar"
- addOSGi="true" />
+ addOSGi="false" />
<!-- Re-packaged Apache Commons DBCP 2-->
<jarIt jarfile="${tomcat-dbcp.jar}"
filesDir="${tomcat.classes}"
filesId="files.tomcat-dbcp"
- addOSGi="true" />
+ addOSGi="false" />
<!-- i18n JARs -->
<jar jarfile="${tomcat.build}/lib/tomcat-i18n-cs.jar"
@@ -1635,7 +1635,7 @@
filesId="files.tomcat-embed-core"
notice="${tomcat.manifests}/servlet-api.jar.notice"
license="${tomcat.manifests}/servlet-api.jar.license"
- addOSGi="true"
+ addOSGi="false"
addGraal="true"
graalPrefix="org.apache.tomcat.embed/tomcat-embed-core"
graalFiles="res/graal/tomcat-embed-core/native-image"
@@ -1643,7 +1643,7 @@
<jarIt jarfile="${tomcat-embed-el.jar}"
filesDir="${tomcat.classes}"
filesId="files.tomcat-embed-el"
- addOSGi="true"
+ addOSGi="false"
addGraal="true"
graalPrefix="org.apache.tomcat.embed/tomcat-embed-el"
graalFiles="res/graal/tomcat-embed-el/native-image"
@@ -1652,7 +1652,7 @@
filesDir="${tomcat.classes}"
filesId="files.tomcat-embed-jasper"
meta-inf="${tomcat.manifests}/jasper.jar"
- addOSGi="true"
+ addOSGi="false"
addGraal="true"
graalPrefix="org.apache.tomcat.embed/tomcat-embed-jasper"
graalFiles="res/graal/tomcat-embed-jasper/native-image"
@@ -1661,7 +1661,7 @@
filesDir="${tomcat.classes}"
filesId="files.tomcat-embed-websocket"
meta-inf="${tomcat.manifests}/tomcat-websocket.jar"
- addOSGi="true"
+ addOSGi="false"
addGraal="true"
graalPrefix="org.apache.tomcat.embed/tomcat-embed-websocket"
graalFiles="res/graal/tomcat-embed-websocket/native-image"
@@ -3716,6 +3716,7 @@ Read the Building page on the Apache Tom
<!-- Add bnd tasks to project -->
<path id="bnd.classpath">
<fileset file="${bnd.jar}" />
+ <fileset file="${bndannotation.jar}" />
</path>
<taskdef resource="aQute/bnd/ant/taskdef.properties" classpathref="bnd.classpath" />

7
gating.yaml Normal file
View File

@ -0,0 +1,7 @@
# recipients: rhcs-team
--- !Policy
product_versions:
- rhel-9
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}

444
pki-servlet-engine.spec Normal file
View File

@ -0,0 +1,444 @@
# Copyright (c) 2000-2008, JPackage Project
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
#
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the
# distribution.
# 3. Neither the name of the JPackage Project nor the names of its
# contributors may be used to endorse or promote products derived
# from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
%global major_version 9
%global minor_version 0
%global micro_version 50
%global redhat_version 00006
%global packdname apache-tomcat-%{version}.redhat-%{redhat_version}-src
# Specification versions
%global servletspec 4.0
%global jspspec 2.3
%global elspec 3.0
%global tcuid 91
# FHS 2.3 compliant tree structure - http://www.pathname.com/fhs/2.3/
%global basedir %{_var}/lib/tomcat
%global appdir %{basedir}/webapps
%global homedir %{_datadir}/tomcat
%global bindir %{homedir}/bin
%global confdir %{_sysconfdir}/tomcat
%global libdir %{_javadir}/tomcat
%global logdir %{_var}/log/tomcat
%global cachedir %{_var}/cache/tomcat
%global tempdir %{cachedir}/temp
%global workdir %{cachedir}/work
%global _initrddir %{_sysconfdir}/init.d
%global _systemddir /lib/systemd/system
Name: pki-servlet-engine
Epoch: 1
Version: %{major_version}.%{minor_version}.%{micro_version}
Release: 1%{?dist}
Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API
Group: System Environment/Daemons
License: ASL 2.0
URL: http://tomcat.apache.org/
#Source0: http://www.apache.org/dist/tomcat/tomcat-%%{major_version}/v%%{version}/src/%%{packdname}.tar.gz
Source0: tomcat-%{version}.redhat-%{redhat_version}-src.zip
Source1: tomcat-%{major_version}.%{minor_version}.conf
Source3: tomcat-%{major_version}.%{minor_version}.sysconfig
Source4: tomcat-%{major_version}.%{minor_version}.wrapper
Source6: tomcat-%{major_version}.%{minor_version}-digest.script
Source7: tomcat-%{major_version}.%{minor_version}-tool-wrapper.script
Source8: tomcat-%{major_version}.%{minor_version}.service
Source21: tomcat-functions
Source30: tomcat-preamble
Source31: tomcat-server
Source32: tomcat-named.service
Patch0: tomcat-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch
Patch1: tomcat-%{major_version}.%{minor_version}-tomcat-users-webapp.patch
Patch2: tomcat-%{major_version}.%{minor_version}-catalina-policy.patch
Patch3: exclude-OSGi-metadata.patch
BuildArch: noarch
BuildRequires: ant
BuildRequires: findutils
BuildRequires: java-11-devel
BuildRequires: javapackages-tools
BuildRequires: javapackages-local
BuildRequires: systemd
BuildRequires: systemd-rpm-macros
BuildRequires: aqute-bnd
BuildRequires: aqute-bndlib
Requires: ant
Requires: java-11-devel
Requires: javapackages-tools
Requires: procps
Requires(pre): shadow-utils
Requires(post): chkconfig
Requires(postun): chkconfig
Requires(preun): chkconfig
Requires(post): systemd
Requires(preun): systemd
Requires(postun): systemd
Requires(preun): coreutils
Requires: pki-servlet-%{servletspec}-api = %{epoch}:%{version}-%{release}
# Add bundled so that everyone knows this is Tomcat.
Provides: bundled(tomcat) = %{version}.redhat-%{redhat_version}
Obsoletes: pki-servlet-container <= 9.0.7
%description
Tomcat is the servlet engine that is used in the official Reference
Implementation for the Java Servlet and JavaServer Pages technologies.
The Java Servlet and JavaServer Pages specifications are developed by
Sun under the Java Community Process.
Tomcat is developed in an open and participatory environment and
released under the Apache Software License version 2.0. Tomcat is intended
to be a collaboration of the best-of-breed developers from around the world.
%package -n pki-servlet-%{servletspec}-api
Group: Development/Libraries
Summary: Apache Tomcat Java Servlet v%{servletspec} API Implementation Classes
Requires(post): chkconfig
Requires(postun): chkconfig
%description -n pki-servlet-%{servletspec}-api
Apache Tomcat Servlet API Implementation Classes.
%prep
%setup -q -n %{packdname}
# remove pre-built binaries and windows files
find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name "*.gz" -o \
-name "*.jar" -o -name "*.war" -o -name "*.zip" \) -delete
%patch0 -p0
%patch1 -p0
%patch2 -p0
%patch3 -p0
# Since we don't support ECJ in RHEL anymore, remove the class that requires it
%{__rm} -f java/org/apache/jasper/compiler/JDTCompiler.java
# Also remove webservices naming factory as it's unused and causes unnecessary dependencies to be required
%{__rm} -rf java/org/apache/naming/factory/webservices
# Configure maven files
%mvn_package ":tomcat-servlet-api" tomcat-servlet-api
%build
export OPT_JAR_LIST="xalan-j2-serializer"
# Create a dummy file for later removal
touch HACK
# who needs a build.properties file anyway
%{ant} -Dbase.path="." \
-Dbuild.compiler="modern" \
-Dcommons-daemon.jar="HACK" \
-Dcommons-daemon.native.src.tgz="HACK" \
-Djdt.jar="HACK" \
-Dtomcat-native.tar.gz="HACK" \
-Dtomcat-native.home="." \
-Dcommons-daemon.native.win.mgr.exe="HACK" \
-Dnsis.exe="HACK" \
-Dbnd.jar="$(build-classpath aqute-bnd/biz.aQute.bnd)" \
-Dbndlib.jar="$(build-classpath aqute-bnd/biz.aQute.bndlib)" \
-Dbndlibg.jar="$(build-classpath aqute-bnd/aQute.libg)" \
-Dbndannotation.jar="$(build-classpath aqute-bnd/biz.aQute.bnd.annotation)" \
-Dosgi-annotations.jar="$(build-classpath aqute-bnd/biz.aQute.bnd.annotation)" \
-Dosgi-cmpn.jar="$(build-classpath osgi-compendium/osgi.cmpn)" \
deploy dist-prepare dist-source
# remove some jars that we don't need
#%%{__rm} output/build/bin/commons-daemon.jar
%install
# build initial path structure
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_bindir}
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_sbindir}
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_initrddir}
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_systemddir}
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{appdir}
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{bindir}
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{confdir}
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{confdir}/Catalina/localhost
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{confdir}/conf.d
/bin/echo "Place your custom *.conf files here. Shell expansion is supported." > ${RPM_BUILD_ROOT}%{confdir}/conf.d/README
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{libdir}
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{logdir}
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{_localstatedir}/lib/tomcats
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{homedir}
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{tempdir}
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{workdir}
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_unitdir}
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_libexecdir}/tomcat
# move things into place
# First copy supporting libs to tomcat lib
pushd output/build
%{__cp} -a bin/*.{jar,xml} ${RPM_BUILD_ROOT}%{bindir}
%{__cp} -a conf/*.{policy,properties,xml,xsd} ${RPM_BUILD_ROOT}%{confdir}
%{__cp} -a lib/*.jar ${RPM_BUILD_ROOT}%{libdir}
popd
%{__sed} -e "s|\@\@\@TCHOME\@\@\@|%{homedir}|g" \
-e "s|\@\@\@TCTEMP\@\@\@|%{tempdir}|g" \
-e "s|\@\@\@LIBDIR\@\@\@|%{_libdir}|g" %{SOURCE1} \
> ${RPM_BUILD_ROOT}%{confdir}/tomcat.conf
%{__sed} -e "s|\@\@\@TCHOME\@\@\@|%{homedir}|g" \
-e "s|\@\@\@TCTEMP\@\@\@|%{tempdir}|g" \
-e "s|\@\@\@LIBDIR\@\@\@|%{_libdir}|g" %{SOURCE3} \
> ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig/tomcat
%{__install} -m 0644 %{SOURCE4} \
${RPM_BUILD_ROOT}%{_sbindir}/tomcat
%{__install} -m 0644 %{SOURCE8} \
${RPM_BUILD_ROOT}%{_unitdir}/tomcat.service
%{__sed} -e "s|\@\@\@TCHOME\@\@\@|%{homedir}|g" \
-e "s|\@\@\@TCTEMP\@\@\@|%{tempdir}|g" \
-e "s|\@\@\@LIBDIR\@\@\@|%{_libdir}|g" %{SOURCE6} \
> ${RPM_BUILD_ROOT}%{_bindir}/tomcat-digest
%{__sed} -e "s|\@\@\@TCHOME\@\@\@|%{homedir}|g" \
-e "s|\@\@\@TCTEMP\@\@\@|%{tempdir}|g" \
-e "s|\@\@\@LIBDIR\@\@\@|%{_libdir}|g" %{SOURCE7} \
> ${RPM_BUILD_ROOT}%{_bindir}/tomcat-tool-wrapper
%{__install} -m 0644 %{SOURCE21} \
${RPM_BUILD_ROOT}%{_libexecdir}/tomcat/functions
%{__install} -m 0755 %{SOURCE30} \
${RPM_BUILD_ROOT}%{_libexecdir}/tomcat/preamble
%{__install} -m 0755 %{SOURCE31} \
${RPM_BUILD_ROOT}%{_libexecdir}/tomcat/server
%{__install} -m 0644 %{SOURCE32} \
${RPM_BUILD_ROOT}%{_unitdir}/tomcat@.service
# Substitute libnames in catalina-tasks.xml
sed -i \
"s,el-api.jar,tomcat-el-%{elspec}-api.jar,;
s,servlet-api.jar,tomcat-servlet-%{servletspec}-api.jar,;
s,jsp-api.jar,tomcat-jsp-%{jspspec}-api.jar,;" \
${RPM_BUILD_ROOT}%{bindir}/catalina-tasks.xml
# create jsp and servlet API symlinks
pushd ${RPM_BUILD_ROOT}%{_javadir}
%{__mv} tomcat/jsp-api.jar tomcat-jsp-%{jspspec}-api.jar
%{__ln_s} tomcat-jsp-%{jspspec}-api.jar tomcat-jsp-api.jar
%{__mv} tomcat/servlet-api.jar tomcat-servlet-%{servletspec}-api.jar
%{__ln_s} tomcat-servlet-%{servletspec}-api.jar tomcat-servlet-api.jar
%{__mv} tomcat/el-api.jar tomcat-el-%{elspec}-api.jar
%{__ln_s} tomcat-el-%{elspec}-api.jar tomcat-el-api.jar
popd
pushd ${RPM_BUILD_ROOT}%{libdir}
# symlink JSP and servlet API jars
%{__ln_s} ../../java/tomcat-jsp-%{jspspec}-api.jar .
%{__ln_s} ../../java/tomcat-servlet-%{servletspec}-api.jar .
%{__ln_s} ../../java/tomcat-el-%{elspec}-api.jar .
popd
# symlink to the FHS locations where we've installed things
pushd ${RPM_BUILD_ROOT}%{homedir}
%{__ln_s} %{appdir} webapps
%{__ln_s} %{confdir} conf
%{__ln_s} %{libdir} lib
%{__ln_s} %{logdir} logs
%{__ln_s} %{tempdir} temp
%{__ln_s} %{workdir} work
popd
# Install the maven metadata
pushd res/maven
for pom in *.pom; do
# fix-up version in all pom files
sed -i 's/@MAVEN.DEPLOY.VERSION@/%{version}/g' $pom
done
popd
%mvn_artifact res/maven/tomcat-servlet-api.pom output/build/lib/servlet-api.jar
%mvn_install
%pre
# add the tomcat user and group
%{_sbindir}/groupadd -g %{tcuid} -r tomcat 2>/dev/null || :
%{_sbindir}/useradd -c "Apache Tomcat" -u %{tcuid} -g tomcat \
-s /sbin/nologin -r -d %{homedir} tomcat 2>/dev/null || :
%post
# install but don't activate
%systemd_post tomcat.service
# Collapse all of the alternatives installations into one
%{_sbindir}/update-alternatives --install %{_javadir}/jsp.jar jsp \
%{_javadir}/tomcat-jsp-%{jspspec}-api.jar 20200
%{_sbindir}/update-alternatives --install %{_javadir}/servlet.jar servlet \
%{_javadir}/tomcat-servlet-%{servletspec}-api.jar 30000
%{_sbindir}/update-alternatives --install %{_javadir}/elspec.jar elspec \
%{_javadir}/tomcat-el-%{elspec}-api.jar 20300
%preun
# clean tempdir and workdir on removal or upgrade
%{__rm} -rf %{workdir}/* %{tempdir}/*
%systemd_preun tomcat.service
%postun
%systemd_postun_with_restart tomcat.service
# Collapse all of the alternatives removals into one
if [ "$1" = "0" ]; then
%{_sbindir}/update-alternatives --remove jsp \
%{_javadir}/tomcat-jsp-%{jspspec}-api.jar
%{_sbindir}/update-alternatives --remove servlet \
%{_javadir}/tomcat-servlet-%{servletspec}-api.jar
%{_sbindir}/update-alternatives --remove elspec \
%{_javadir}/tomcat-el-%{elspec}-api.jar
fi
%files
%defattr(0664,root,tomcat,0755)
%doc {LICENSE,NOTICE,RELEASE*}
%attr(0755,root,root) %{_bindir}/tomcat-digest
%attr(0755,root,root) %{_bindir}/tomcat-tool-wrapper
%attr(0755,root,root) %{_sbindir}/tomcat
%attr(0644,root,root) %{_unitdir}/tomcat.service
%attr(0644,root,root) %{_unitdir}/tomcat@.service
%attr(0755,root,root) %dir %{_libexecdir}/tomcat
%attr(0755,root,root) %dir %{_localstatedir}/lib/tomcats
%attr(0644,root,root) %{_libexecdir}/tomcat/functions
%attr(0755,root,root) %{_libexecdir}/tomcat/preamble
%attr(0755,root,root) %{_libexecdir}/tomcat/server
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/tomcat
%attr(0755,root,tomcat) %dir %{basedir}
%attr(0755,root,tomcat) %dir %{confdir}
%defattr(0664,tomcat,root,0770)
%attr(0770,tomcat,root) %dir %{logdir}
%defattr(0664,root,tomcat,0770)
%attr(0770,root,tomcat) %dir %{cachedir}
%attr(0770,root,tomcat) %dir %{tempdir}
%attr(0770,root,tomcat) %dir %{workdir}
%defattr(0644,root,tomcat,0775)
%attr(0775,root,tomcat) %dir %{appdir}
%attr(0775,root,tomcat) %dir %{confdir}/Catalina
%attr(0775,root,tomcat) %dir %{confdir}/Catalina/localhost
%attr(0755,root,tomcat) %dir %{confdir}/conf.d
%{confdir}/conf.d/README
%config(noreplace) %{confdir}/tomcat.conf
%config(noreplace) %{confdir}/*.policy
%config(noreplace) %{confdir}/*.properties
%config(noreplace) %{confdir}/context.xml
%config(noreplace) %{confdir}/server.xml
%attr(0640,root,tomcat) %config(noreplace) %{confdir}/tomcat-users.xml
%attr(0664,root,tomcat) %{confdir}/tomcat-users.xsd
%attr(0664,root,tomcat) %config(noreplace) %{confdir}/jaspic-providers.xml
%attr(0664,root,tomcat) %{confdir}/jaspic-providers.xsd
%config(noreplace) %{confdir}/web.xml
%dir %{homedir}
%{bindir}/bootstrap.jar
%{bindir}/catalina-tasks.xml
%{homedir}/lib
%{homedir}/temp
%{homedir}/webapps
%{homedir}/work
%{homedir}/logs
%{homedir}/conf
%defattr(-,root,root,-)
%dir %{libdir}
%{libdir}/*.jar
%{_javadir}/*.jar
%{bindir}/tomcat-juli.jar
%exclude %{_javadir}/tomcat-servlet-%{servletspec}*.jar
%files -n pki-servlet-%{servletspec}-api -f .mfiles-tomcat-servlet-api
%defattr(-,root,root,-)
%doc LICENSE
%{_javadir}/tomcat-servlet-%{servletspec}*.jar
%changelog
* Thu Feb 24 2022 Chris Kelley <ckelley@redhat.com> - 1:9.0.50-1
- Update to JWS 5.6.1
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1:9.0.43-4
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Tue Jul 13 2021 Coty Sutherland <csutherl@redhat.com> - 1:9.0.43-3
- Add back ant runtime dependency to allow compilation of JSPs at runtime (no ECJ support)
* Fri Jul 09 2021 Coty Sutherland <csutherl@redhat.com> - 1:9.0.43-2
- Related: rhbz#1977948 Cleanup unused tomcat-juli.jar copy now that the maven artifacts have been removed
* Thu Jul 08 2021 Coty Sutherland <csutherl@redhat.com> - 1:9.0.43-1
- Update to JWS 5.5, and drop jakarta-saaj dependency
- Updates to javapackages-local removed %%add_maven_depmap which broke the build,
so I removed most of the maven artifacts as they aren't very useful anyway
- Cleaned up a few unnecessary patches
* Tue Jun 08 2021 Coty Sutherland <csutherl@redhat.com> - 1:9.0.30-3
- Resolves: rhbz#1963851 CA instance installation fails with error message
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1:9.0.30-2
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Wed Feb 03 2021 Alexander Scheel <ascheel@redhat.com> - 1:9.0.30-2
- Rebuild for RHEL 9
* Thu Apr 23 2020 Coty Sutherland <csutherl@redhat.com> - 1:9.0.30-1
- Resolves: rhbz#1721684 Rebase pki-servlet-engine to 9.0.30
- Update to JWS 5.3.0 distribution
- Remove new dependencies that PKI doesn't need (and are not provided by RHEL 8)
* Fri May 31 2019 Endi S. Dewata <edewata@redhat.com> - 1:9.0.7-16
- Obsoleted pki-servlet-container
* Tue Apr 23 2019 Endi S. Dewata <edewata@redhat.com> - 1:9.0.7-15
- Rename pki-servlet-container into pki-servlet-engine
* Mon Mar 04 2019 Coty Sutherland <csutherl@redhat.com> - 1:9.0.7-14
- Update to JWS 5.0.2 distribution
- Resolves: rhbz#1658846 CVE-2018-8034 pki-servlet-container: tomcat: host name verification missing in WebSocket client
- Resolves: rhbz#1579614 CVE-2018-8014 pki-servlet-container: tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins
- Resolves: rhbz#1619232 - CVE-2018-8037 pki-servlet-container: tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up
- Resolves: rhbz#1641874 - CVE-2018-11784 pki-servlet-container: tomcat: Open redirect in default servlet
* Fri Aug 03 2018 Fraser Tweedale <ftweedal@redhat.com> - 1:9.0.7-13
- Reinstate Maven artifacts and fix maven-metadata JAR path
* Fri Jul 20 2018 Jean-Frederic Clere <jclere@redhat.com> - 1:9.0.7-12
- Add missing BuildRequires: systemd-units
* Fri Jun 22 2018 Coty Sutherland <csutherl@redhat.com> - 1:9.0.7-11
- Resolves: rhbz#1594139 Cleanup Provides and Requires
* Thu Jun 07 2018 Coty Sutherland <csutherl@redhat.com> - 1:9.0.7-10
- Create packages for FreeIPA that wrap the JWS distribution of Tomcat

1
sources Normal file
View File

@ -0,0 +1 @@
SHA512 (tomcat-9.0.50.redhat-00006-src.zip) = 15492c8102a4e21e413e92264e05939cd38e4832a84ad842459e4f3d0b0abb3a9e9eeb3b39fcaff3ebac9098eb882692f8fa3ea20f2471c65d90040ff277dfe9

View File

@ -0,0 +1,25 @@
[DEFAULT]
pki_server_database_password=Secret.123
[CA]
pki_admin_email=caadmin@example.com
pki_admin_name=caadmin
pki_admin_nickname=caadmin
pki_admin_password=Secret.123
pki_admin_uid=caadmin
pki_client_database_password=Secret.123
pki_client_database_purge=False
pki_client_pkcs12_password=Secret.123
pki_ds_base_dn=dc=ca,dc=pki,dc=example,dc=com
pki_ds_database=ca
pki_ds_password=Secret.123
pki_security_domain_name=EXAMPLE
pki_ca_signing_nickname=ca_signing
pki_ocsp_signing_nickname=ca_ocsp_signing
pki_audit_signing_nickname=ca_audit_signing
pki_sslserver_nickname=sslserver
pki_subsystem_nickname=subsystem

View File

@ -0,0 +1,24 @@
#!/bin/bash -ex
# This command needs to be executed as it pulls the machine name
# dynamically.
dscreate create-template /tmp/test_dir/ds.inf
sed -i \
-e "s/;instance_name = .*/instance_name = localhost/g" \
-e "s/;root_password = .*/root_password = Secret.123/g" \
-e "s/;suffix = .*/suffix = dc=example,dc=com/g" \
-e "s/;self_sign_cert = .*/self_sign_cert = False/g" \
/tmp/test_dir/ds.inf
dscreate from-file /tmp/test_dir/ds.inf
ldapadd -h $HOSTNAME -x -D "cn=Directory Manager" -w Secret.123 << EOF
dn: dc=example,dc=com
objectClass: domain
dc: example
dn: dc=pki,dc=example,dc=com
objectClass: domain
dc: pki
EOF

View File

@ -0,0 +1,27 @@
[DEFAULT]
pki_server_database_password=Secret.123
[KRA]
pki_admin_email=kraadmin@example.com
pki_admin_name=kraadmin
pki_admin_nickname=kraadmin
pki_admin_password=Secret.123
pki_admin_uid=kraadmin
pki_client_database_password=Secret.123
pki_client_database_purge=False
pki_client_pkcs12_password=Secret.123
pki_ds_base_dn=dc=kra,dc=pki,dc=example,dc=com
pki_ds_database=kra
pki_ds_password=Secret.123
pki_security_domain_name=EXAMPLE
pki_security_domain_user=caadmin
pki_security_domain_password=Secret.123
pki_storage_nickname=kra_storage
pki_transport_nickname=kra_transport
pki_audit_signing_nickname=kra_audit_signing
pki_sslserver_nickname=sslserver
pki_subsystem_nickname=subsystem

View File

@ -0,0 +1,26 @@
---
- name: Install resteasy packages
dnf:
name: >
pki-resteasy-client, pki-resteasy-core, pki-resteasy-jackson2-provider, pki-resteasy-jaxb-provider
- name: Install required packages
dnf:
name: >
389-ds-base, pki-ca, pki-kra
- name: Creates directory
file: path=/tmp/test_files state=directory
- name: Copying templates to /tmp folder
copy : src=. dest=/tmp/test_dir
- name: Setup DS Service
shell: sh /tmp/test_dir/ds-create.sh
- name: Install CA subsystem
shell: pkispawn -f /tmp/test_dir/ca.cfg -s CA -v
- name: Install KRA subsystem
shell: pkispawn -f /tmp/test_dir/kra.cfg -s KRA -v

29
tests/tests.yml Normal file
View File

@ -0,0 +1,29 @@
- hosts: localhost
remote_user: root
tags:
- classic
roles:
- role: Test_Setup
- role: standard-test-basic
tests:
- verify_spawn_ca:
dir: .
run: "curl http://localhost:8080/ca/admin/ca/getStatus | grep '<Status>running</Status>'"
- verify_spawn_kra:
dir: .
run: "curl http://localhost:8080/kra/admin/kra/getStatus | grep '<Status>running</Status>'"
- destroy_kra:
dir: .
run: "pkidestroy -i pki-tomcat -s KRA && sleep 5"
- verify_destroy_kra:
dir: .
run: "curl http://localhost:8080/kra/admin/kra/getStatus | grep 'HTTP Status 404'"
- destroy_ca:
dir: .
run: "pkidestroy -i pki-tomcat -s CA"
- verify_destroy_ca:
dir: .
run: "curl http://localhost:8080/ca/admin/ca/getStatus &> testfile.log || true && grep 'Connection refused' testfile.log"
required_packages:
- pki-ca
- pki-kra

View File

@ -0,0 +1,9 @@
--- res/META-INF/bootstrap.jar.manifest.orig 2010-04-06 10:11:09.000000000 -0600
+++ res/META-INF/bootstrap.jar.manifest 2010-04-06 10:45:56.000000000 -0600
@@ -1,6 +1,5 @@
Manifest-Version: 1.0
Main-Class: org.apache.catalina.startup.Bootstrap
-Class-Path: commons-daemon.jar
Specification-Title: Apache Tomcat Bootstrap
Specification-Version: @VERSION_MAJOR_MINOR@
Specification-Vendor: Apache Software Foundation

View File

@ -0,0 +1,40 @@
diff -up ./conf/catalina.policy.orig ./conf/catalina.policy
--- ./conf/catalina.policy.orig 2022-03-04 08:49:08.246538215 -0500
+++ ./conf/catalina.policy 2022-03-04 08:50:31.842356329 -0500
@@ -56,6 +56,36 @@ grant codeBase "file:${java.home}/lib/ex
// permission java.security.AllPermission;
//};
+// This permission is required when using javac to compile JSPs on Java 9
+// onwards
+grant codeBase "jrt:/jdk.compiler" {
+ permission java.security.AllPermission;
+};
+
+// ========== RHEL SPECIFIC CODE PERMISSIONS =======================================
+
+// Allowing everything in /usr/share/java allows too many unknowns to be permitted
+// Specifying the individual jars that tomcat needs to function with the security manager
+// is the safest way forward.
+grant codeBase "file:/usr/share/java/tomcat-servlet-4.0-api.jar" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:/usr/share/java/tomcat-jsp-2.3-api.jar" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:/usr/share/java/tomcat-el-3.0-api.jar" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:/usr/share/java/ant.jar" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:/usr/share/java/ant-launcher.jar" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:/usr/lib/jvm/java/lib/tools.jar" {
+ permission java.security.AllPermission;
+};
+
// ========== CATALINA CODE PERMISSIONS =======================================

49
tomcat-9.0-digest.script Normal file
View File

@ -0,0 +1,49 @@
#!/bin/sh
#
# tomcat-digest script
# JPackage Project <http://www.jpackage.org/>
# Source functions library
if [ -f /usr/share/java-utils/java-functions ] ; then
. /usr/share/java-utils/java-functions
else
echo "Can't find functions library, aborting"
exit 1
fi
# Get the tomcat config (use this for environment specific settings)
if [ -z "${TOMCAT_CFG}" ]; then
TOMCAT_CFG="/etc/tomcat/tomcat.conf"
fi
if [ -r "$TOMCAT_CFG" ]; then
. $TOMCAT_CFG
fi
set_javacmd
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/bin/bootstrap.jar"
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/bin/tomcat-juli.jar"
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/lib/tomcat-api.jar"
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/lib/tomcat-util.jar"
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/lib/tomcat-util-scan.jar"
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/lib/tomcat-coyote.jar"
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/lib/catalina.jar"
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/lib/servlet-api.jar"
export CLASSPATH
# Configuration
MAIN_CLASS="org.apache.catalina.startup.Tool"
BASE_FLAGS="-Dcatalina.home=\"$CATALINA_HOME\""
BASE_OPTIONS=""
#BASE_JARS="tomcat/tomcat-util tomcat/tomcat-util-scan"
#BASE_JARS="${BASE_JARS} tomcat/tomcat-coyote tomcat/catalina"
#BASE_JARS="${BASE_JARS} tomcat/servlet-api"
# Set parameters
#set_classpath $BASE_JARS
set_flags $BASE_FLAGS
set_options $BASE_OPTIONS
# Let's start
run -server org.apache.catalina.realm.RealmBase "$@"

View File

@ -0,0 +1,11 @@
log4j.rootLogger=debug, R
log4j.appender.R=org.apache.log4j.RollingFileAppender
log4j.appender.R.File=${catalina.base}/logs/tomcat.log
log4j.appender.R.MaxFileSize=10MB
log4j.appender.R.MaxBackupIndex=10
log4j.appender.R.layout=org.apache.log4j.PatternLayout
log4j.appender.R.layout.ConversionPattern=%p %t %c - %m%n
log4j.logger.org.apache.catalina=DEBUG, R
log4j.logger.org.apache.catalina.core.ContainerBase.[Catalina].[localhost]=DEBUG, R
log4j.logger.org.apache.catalina.core=DEBUG, R
log4j.logger.org.apache.catalina.session=DEBUG, R

View File

@ -0,0 +1,17 @@
--- conf/tomcat-users.xml~ 2008-01-28 17:41:06.000000000 -0500
+++ conf/tomcat-users.xml 2008-03-07 19:40:07.000000000 -0500
@@ -23,4 +23,14 @@
<user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
<user username="role1" password="<must-be-changed>" roles="role1"/>
-->
+
+<!-- <role rolename="admin"/> -->
+<!-- <role rolename="admin-gui"/> -->
+<!-- <role rolename="admin-script"/> -->
+<!-- <role rolename="manager"/> -->
+<!-- <role rolename="manager-gui"/> -->
+<!-- <role rolename="manager-script"/> -->
+<!-- <role rolename="manager-jmx"/> -->
+<!-- <role rolename="manager-status"/> -->
+<!-- <user name="admin" password="<must-be-changed>" roles="admin,manager,admin-gui,admin-script,manager-gui,manager-script,manager-jmx,manager-status" /> -->
</tomcat-users>

View File

@ -0,0 +1,49 @@
#!/bin/sh
#
# tomcat-digest script
# JPackage Project <http://www.jpackage.org/>
# Source functions library
if [ -f /usr/share/java-utils/java-functions ] ; then
. /usr/share/java-utils/java-functions
else
echo "Can't find functions library, aborting"
exit 1
fi
# Get the tomcat config (use this for environment specific settings)
if [ -z "${TOMCAT_CFG}" ]; then
TOMCAT_CFG="/etc/tomcat/tomcat.conf"
fi
if [ -r "$TOMCAT_CFG" ]; then
. $TOMCAT_CFG
fi
set_javacmd
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/bin/bootstrap.jar"
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/bin/tomcat-juli.jar"
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/lib/tomcat-api.jar"
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/lib/tomcat-util.jar"
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/lib/tomcat-util-scan.jar"
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/lib/tomcat-coyote.jar"
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/lib/catalina.jar"
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/lib/servlet-api.jar"
export CLASSPATH
# Configuration
MAIN_CLASS="org.apache.catalina.startup.Tool"
BASE_OPTIONS=""
BASE_FLAGS="-Dcatalina.home=\"$CATALINA_HOME\""
#BASE_JARS="tomcat/tomcat-util tomcat/tomcat-util-scan"
#BASE_JARS="${BASE_JARS} tomcat/tomcat-coyote tomcat/catalina"
#BASE_JARS="${BASE_JARS} tomcat/servlet-api"
# Set parameters
#set_classpath $BASE_JARS
set_flags $BASE_FLAGS
set_options $BASE_OPTIONS
# Let's start
run "$@"

61
tomcat-9.0.conf Normal file
View File

@ -0,0 +1,61 @@
# This will be loaded by systemd as an environment file,
# so please keep the syntax. For shell expansion support
# place your custom files as /etc/tomcat/conf.d/*.conf.
#
# There are 2 "classes" of startup behavior in this package.
# The old one, the default service named tomcat.service.
# The new named instances are called tomcat@instance.service.
#
# Use this file to change default values for all services.
# Change the service specific ones to affect only one service.
# For tomcat.service it's /etc/sysconfig/tomcat, for
# tomcat@instance it's /etc/sysconfig/tomcat@instance.
# This variable is used to figure out if config is loaded or not.
TOMCAT_CFG_LOADED="1"
# Where your java installation lives
#JAVA_HOME="/usr/lib/jvm/java"
# Where your tomcat installation lives
CATALINA_BASE="@@@TCHOME@@@"
CATALINA_HOME="@@@TCHOME@@@"
CATALINA_TMPDIR="@@@TCTEMP@@@"
# You can pass some parameters to java here if you wish to
#JAVA_OPTS="-Xminf0.1 -Xmaxf0.3"
# You can change your tomcat locale here
#LANG="en_US"
# Run tomcat under the Java Security Manager
SECURITY_MANAGER="false"
# DEPRECATED VARIABLES
#
# TOMCAT_USER has been deprecated. To update the tomcat process owner,
# please see User in tomcat.service.
#
# TOMCAT_GROUP has been deprecated. To update the tomcat process group,
# please see Group in tomcat.service.
#
# SHUTDOWN_WAIT has been deprecated. To change the shutdown wait time, set
# TimeoutStopSec in tomcat.service.
#
# SHUTDOWN_VERBOSE has been deprecated. There is no replacement for this behavior.
#
# CATALINA_PID has been deprecated. A replacement for this behavior is to set
# PIDFile in tomcat.service.
#
# CONNECTOR_PORT has been deprecated. There is no replacement for this behavior.
# Set init script output file
#
# TOMCAT_LOG has been deprecated. Output from start/stop/status operations are
# logged to the system's journal.
#
# LOGGING_CONFIG has been deprecated. To update the logging properties in use, use:
# LOGGING_PROPERTIES="${CATALINA_HOME}/lib/log4j.properties"
# If you wish to further customize your tomcat environment,
# put your own definitions here
# (i.e. LD_LIBRARY_PATH for some jdbc drivers)

21
tomcat-9.0.service Normal file
View File

@ -0,0 +1,21 @@
# Systemd unit file for default tomcat
#
# To create clones of this service:
# DO NOTHING, use tomcat@.service instead.
[Unit]
Description=Apache Tomcat Web Application Container
After=syslog.target network.target
[Service]
Type=simple
EnvironmentFile=/etc/tomcat/tomcat.conf
Environment="NAME="
EnvironmentFile=-/etc/sysconfig/tomcat
ExecStart=/usr/libexec/tomcat/server start
SuccessExitStatus=143
User=tomcat
UMask=027
[Install]
WantedBy=multi-user.target

11
tomcat-9.0.sysconfig Normal file
View File

@ -0,0 +1,11 @@
# Service-specific configuration file for tomcat. This will be sourced by
# systemd for the default service (tomcat.service)
# If you want to customize named instance, make a similar file
# and name it tomcat@instancename.
# You will not need to set this, usually. For default service it equals
# CATALINA_HOME. For named service, it equals ${TOMCATS_BASE}${NAME}
#CATALINA_BASE="@@@TCHOME@@@"
# Please take a look at /etc/tomcat/tomcat.conf to have an idea
# what you can override.

24
tomcat-9.0.wrapper Normal file
View File

@ -0,0 +1,24 @@
#!/bin/bash
if [ "$1" = "version" ]; then
. /usr/libexec/tomcat/preamble
exec ${JAVACMD} -classpath ${CATALINA_HOME}/lib/catalina.jar \
org.apache.catalina.util.ServerInfo
fi
SRV="tomcat"
if [ -n "$2" ]; then
SRV="tomcat@$2"
fi
if [ "$1" = "start" ]; then
systemctl start ${SRV}.service
elif [ "$1" = "stop" ]; then
systemctl stop ${SRV}.service
elif [ "$1" = "version" ]; then
${JAVACMD} -classpath ${CATALINA_HOME}/lib/catalina.jar \
org.apache.catalina.util.ServerInfo
else
echo "Usage: $0 {start|stop|version} [server-id]"
exit 1
fi

26
tomcat-functions Normal file
View File

@ -0,0 +1,26 @@
#!/bin/bash
if [ -r /usr/share/java-utils/java-functions ]; then
. /usr/share/java-utils/java-functions
else
echo "Can't read Java functions library, aborting"
exit 1
fi
_save_function() {
local ORIG_FUNC=$(declare -f $1)
local NEWNAME_FUNC="$2${ORIG_FUNC#$1}"
eval "$NEWNAME_FUNC"
}
_save_function run run_java
run() {
if [ "${USE_JSVC}" = "true" ] ; then
echo "JSVC support is not available with this Tomcat package."
exit 1
else
run_java $@
fi
}

26
tomcat-named.service Normal file
View File

@ -0,0 +1,26 @@
# Systemd unit file for tomcat instances.
#
# To create clones of this service:
# 0. systemctl enable tomcat@name.service
# 1. create catalina.base directory structure in
# /var/lib/tomcats/name
# 2. profit.
[Unit]
Description=Apache Tomcat Web Application Container
After=syslog.target network.target
[Service]
Type=simple
EnvironmentFile=/etc/tomcat/tomcat.conf
Environment="NAME=%I"
EnvironmentFile=-/etc/sysconfig/tomcat@%I
ExecStart=/usr/libexec/tomcat/server start
ExecStop=/usr/libexec/tomcat/server stop
SuccessExitStatus=143
User=tomcat
UMask=027
[Install]
WantedBy=multi-user.target

56
tomcat-preamble Normal file
View File

@ -0,0 +1,56 @@
#!/bin/bash
. /usr/libexec/tomcat/functions
# Get the tomcat config (use this for environment specific settings)
if [ -z "${TOMCAT_CFG_LOADED}" ]; then
if [ -z "${TOMCAT_CFG}" ]; then
TOMCAT_CFG="/etc/tomcat/tomcat.conf"
fi
. $TOMCAT_CFG
fi
if [ -d "${TOMCAT_CONFD=/etc/tomcat/conf.d}" ]; then
for file in ${TOMCAT_CONFD}/*.conf ; do
if [ -f "$file" ] ; then
. "$file"
fi
done
fi
if [ -z "$CATALINA_BASE" ]; then
if [ -n "$NAME" ]; then
if [ -z "$TOMCATS_BASE" ]; then
TOMCATS_BASE="/var/lib/tomcats/"
fi
CATALINA_BASE="${TOMCATS_BASE}${NAME}"
else
CATALINA_BASE="${CATALINA_HOME}"
fi
fi
VERBOSE=1
set_javacmd
cd ${CATALINA_HOME}
# CLASSPATH munging
if [ ! -z "$CLASSPATH" ] ; then
CLASSPATH="$CLASSPATH":
fi
if [ -n "$JSSE_HOME" ]; then
CLASSPATH="${CLASSPATH}$(build-classpath jcert jnet jsse 2>/dev/null):"
fi
CLASSPATH="${CLASSPATH}${CATALINA_HOME}/bin/bootstrap.jar"
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/bin/tomcat-juli.jar"
# Since ECJ is no longer available, add ant, ant-launcher, and tools jars to the
# classpath so that runtime compilation of JSPs still works.
CLASSPATH="${CLASSPATH}:/usr/share/java/ant.jar:/usr/share/java/ant-launcher.jar"
CLASSPATH="${CLASSPATH}:/usr/lib/jvm/java/lib/tools.jar"
if [ -z "$LOGGING_PROPERTIES" ] ; then
LOGGING_PROPERTIES="${CATALINA_BASE}/conf/logging.properties"
if [ ! -f "${LOGGING_PROPERTIES}" ] ; then
LOGGING_PROPERTIES="${CATALINA_HOME}/conf/logging.properties"
fi
fi

25
tomcat-server Normal file
View File

@ -0,0 +1,25 @@
#!/bin/bash
. /usr/libexec/tomcat/preamble
MAIN_CLASS=org.apache.catalina.startup.Bootstrap
FLAGS="$JAVA_OPTS"
OPTIONS="-Dcatalina.base=$CATALINA_BASE \
-Dcatalina.home=$CATALINA_HOME \
-Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS \
-Djava.io.tmpdir=$CATALINA_TMPDIR \
-Djava.util.logging.config.file=${LOGGING_PROPERTIES} \
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager"
if [ "$1" = "start" ] ; then
FLAGS="${FLAGS} $CATALINA_OPTS"
if [ "${SECURITY_MANAGER}" = "true" ] ; then
OPTIONS="${OPTIONS} \
-Djava.security.manager \
-Djava.security.policy==${CATALINA_BASE}/conf/catalina.policy"
fi
run start
elif [ "$1" = "stop" ] ; then
run stop
fi