From cee7beed0a207ae3e82b9ee9bb31df300b86b760 Mon Sep 17 00:00:00 2001 From: Ivan Afonichev Date: Wed, 26 Mar 2014 03:34:21 +0400 Subject: [PATCH] Updated to 7.0.52 - Rewrite jsvc implementation, resolves: rhbz#1051743 - Switch to java-headless R, resolves: rhbz#1068566 - Create and own %{_localstatedir}/lib/tomcats, resolves: rhbz#1026741 - Add pom for tomcat-jdbc, resolves: rhbz#1011003 --- sources | 2 +- tomcat-7.0-jsvc.service | 8 ++- tomcat-7.0-jsvc.wrapper | 83 -------------------------- tomcat-7.0-tomcat-jsvc-sysd | 113 ------------------------------------ tomcat-functions | 42 ++++++++++++++ tomcat-preamble | 8 +-- tomcat.spec | 35 +++++++---- 7 files changed, 72 insertions(+), 219 deletions(-) delete mode 100644 tomcat-7.0-jsvc.wrapper delete mode 100644 tomcat-7.0-tomcat-jsvc-sysd create mode 100644 tomcat-functions diff --git a/sources b/sources index 2bb650f..7b1d1be 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -4ee89bfd85f6afb31c7675b05f0469cb apache-tomcat-7.0.47-src.tar.gz +1b85c08721ab9d891b72ca35cd4a0e2d apache-tomcat-7.0.52-src.tar.gz diff --git a/tomcat-7.0-jsvc.service b/tomcat-7.0-jsvc.service index 3792cef..8275796 100644 --- a/tomcat-7.0-jsvc.service +++ b/tomcat-7.0-jsvc.service @@ -11,9 +11,11 @@ Description=Apache Tomcat Web Application Container JSVC wrapper After=syslog.target network.target [Service] -Type=forking -ExecStart=/usr/sbin/tomcat-jsvc-sysd start -ExecStop=/usr/sbin/tomcat-jsvc-sysd stop +Type=simple +EnvironmentFile=/etc/tomcat/tomcat.conf +Environment="NAME=" "USE_JSVC=true" +ExecStart=/usr/libexec/tomcat/server start +ExecStop=/usr/libexec/tomcat/server stop [Install] WantedBy=multi-user.target diff --git a/tomcat-7.0-jsvc.wrapper b/tomcat-7.0-jsvc.wrapper deleted file mode 100644 index 56fcc09..0000000 --- a/tomcat-7.0-jsvc.wrapper +++ /dev/null @@ -1,83 +0,0 @@ -#!/bin/bash - -if [ -r /usr/share/java-utils/java-functions ]; then - . /usr/share/java-utils/java-functions -else - echo "Can't read Java functions library, aborting" - exit 1 -fi - -# Get the tomcat config (use this for environment specific settings) -#if [ -z "${TOMCAT_CFG}" ]; then -# TOMCAT_CFG="/etc/tomcat/tomcat.conf" -#fi - -#if [ -r "$TOMCAT_CFG" ]; then -# . $TOMCAT_CFG -#fi - -set_javacmd - -# CLASSPATH munging -if [ -n "$JSSE_HOME" ]; then - CLASSPATH="${CLASSPATH}:$(build-classpath jcert jnet jsse 2>/dev/null)" -fi -CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/bin/bootstrap.jar" -CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/bin/tomcat-juli.jar" -CLASSPATH="${CLASSPATH}:$(build-classpath commons-daemon 2>/dev/null)" - -# if jsvc installed and USE_JSVC=true -# then use jsvc instead of calling java directly -if [ -x /usr/bin/jsvc ]; then - JAVACMD="/usr/bin/jsvc -nodetach -user ${TOMCAT_USER} -outfile ${CATALINA_BASE}/logs/catalina.out -errfile ${CATALINA_BASE}/logs/catalina.out" - if [ "$1" = "stop" ]; then - JAVACMD="${JAVACMD} -stop" - fi -fi - -if [ "$1" = "start" ]; then - ${JAVACMD} $JAVA_OPTS $CATALINA_OPTS \ - -classpath "$CLASSPATH" \ - -Dcatalina.base="$CATALINA_BASE" \ - -Dcatalina.home="$CATALINA_HOME" \ - -Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" \ - -Djava.io.tmpdir="$CATALINA_TMPDIR" \ - -Djava.util.logging.config.file="${CATALINA_BASE}/conf/logging.properties" \ - -Djava.util.logging.manager="org.apache.juli.ClassLoaderLogManager" \ - org.apache.catalina.startup.Bootstrap start \ - >> ${CATALINA_BASE}/logs/catalina.out 2>&1 & - if [ ! -z "$CATALINA_PID" ]; then - echo $! > $CATALINA_PID - fi -elif [ "$1" = "start-security" ]; then - ${JAVACMD} $JAVA_OPTS $CATALINA_OPTS \ - -classpath "$CLASSPATH" \ - -Dcatalina.base="$CATALINA_BASE" \ - -Dcatalina.home="$CATALINA_HOME" \ - -Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" \ - -Djava.io.tmpdir="$CATALINA_TMPDIR" \ - -Djava.security.manager \ - -Djava.security.policy=="${CATALINA_BASE}/conf/catalina.policy" \ - -Djava.util.logging.config.file="${CATALINA_BASE}/conf/logging.properties" \ - -Djava.util.logging.manager="org.apache.juli.ClassLoaderLogManager" \ - org.apache.catalina.startup.Bootstrap start \ - >> ${CATALINA_BASE}/logs/catalina.out 2>&1 & - if [ ! -z "$CATALINA_PID" ]; then - echo $! > $CATALINA_PID - fi -elif [ "$1" = "stop" ]; then - ${JAVACMD} $JAVA_OPTS \ - -classpath "$CLASSPATH" \ - -Dcatalina.base="$CATALINA_BASE" \ - -Dcatalina.home="$CATALINA_HOME" \ - -Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" \ - -Djava.io.tmpdir="$CATALINA_TMPDIR" \ - org.apache.catalina.startup.Bootstrap stop \ - >> ${CATALINA_BASE}/logs/catalina.out 2>&1 -elif [ "$1" = "version" ]; then - ${JAVACMD} -classpath ${CATALINA_HOME}/lib/catalina.jar \ - org.apache.catalina.util.ServerInfo -else - echo "Usage: $0 {start|start-security|stop|version}" - exit 1 -fi diff --git a/tomcat-7.0-tomcat-jsvc-sysd b/tomcat-7.0-tomcat-jsvc-sysd deleted file mode 100644 index 9134d5b..0000000 --- a/tomcat-7.0-tomcat-jsvc-sysd +++ /dev/null @@ -1,113 +0,0 @@ -#!/bin/bash -# -# This script provides systemd activation of the tomcat service -# To create clones of this service: -# 1) SERVICE_NAME must be defined before calling this script -# 2) Create /etc/sysconfig/${SERVICE_NAME} from /etc/sysconfig/tomcat -# to override tomcat defaults - -# SERVICE_NAME is a required value only if the service name is -# different from 'tomcat' -# -NAME="${SERVICE_NAME:-tomcat}" - -#I'll bet this isn't required. -# unset ISBOOT - -# For SELinux we need to use 'runuser' not 'su' -if [ -x "/sbin/runuser" ]; then - SU="/sbin/runuser -s /bin/sh" -else - SU="/bin/su -s /bin/sh" -fi - -# Path to the tomcat launch script -TOMCAT_SCRIPT="/usr/sbin/tomcat-jsvc" - -# Define the tomcat username -TOMCAT_USER="${TOMCAT_USER:-tomcat}" - -# TOMCAT_LOG should be different from catalina.out. -# Usually the below config is all that is necessary -TOMCAT_LOG=/var/log/${NAME}/${NAME}-sysd.log - -# Get the tomcat config (use this for environment specific settings) -TOMCAT_CFG="/etc/tomcat/tomcat.conf" -if [ -r "$TOMCAT_CFG" ]; then - . $TOMCAT_CFG -fi - -# Get instance specific config file -if [ -r "/etc/sysconfig/${NAME}" ]; then - . /etc/sysconfig/${NAME} -fi - -function parseOptions() { - options="" - options="$options $( - awk '!/^#/ && !/^$/ { ORS=" "; print "export ", $0, ";" }' \ - $TOMCAT_CFG - )" - if [ -r "/etc/sysconfig/${NAME}" ]; then - options="$options $( - awk '!/^#/ && !/^$/ { ORS=" "; - print "export ", $0, ";" }' \ - /etc/sysconfig/${NAME} - )" - fi - TOMCAT_SCRIPT="$options ${TOMCAT_SCRIPT}" -} - -# See how we were called. -function start() { - # fix permissions on the log and pid files - export CATALINA_PID="/var/run/${NAME}.pid" - touch $CATALINA_PID 2>&1 - if [ "$?" -eq "0" ]; then - chown ${TOMCAT_USER}:${TOMCAT_USER} $CATALINA_PID - fi - - touch $TOMCAT_LOG 2>&1 - if [ "$?" -eq "0" ]; then - chown ${TOMCAT_USER}:${TOMCAT_USER} $TOMCAT_LOG - fi - - # if jsvc installed and USE_JSVC=true - # then start as root and use jsvc to drop privileges - if [ -x /usr/bin/jsvc ]; then - TOMCAT_USER="root" - fi - - parseOptions - if [ "$SECURITY_MANAGER" = "true" ]; then - $SU - $TOMCAT_USER -c "${TOMCAT_SCRIPT} start-security" >> $TOMCAT_LOG 2>&1 - else - $SU - $TOMCAT_USER -c "${TOMCAT_SCRIPT} start" >> $TOMCAT_LOG 2>&1 - fi -} - -function stop() { - # if jsvc installed and USE_JSVC=true - # then start as root and use jsvc to drop privileges - if [ -x /usr/bin/jsvc ]; then - TOMCAT_USER="root" - fi - - parseOptions - $SU - $TOMCAT_USER -c "${TOMCAT_SCRIPT} stop" >> $TOMCAT_LOG 2>&1 -} - -# See how we were called. -case "$1" in - start) - start - ;; - stop) - stop - ;; - restart) - stop - start - ;; -esac - diff --git a/tomcat-functions b/tomcat-functions new file mode 100644 index 0000000..6f03951 --- /dev/null +++ b/tomcat-functions @@ -0,0 +1,42 @@ +#!/bin/bash + +if [ -r /usr/share/java-utils/java-functions ]; then + . /usr/share/java-utils/java-functions +else + echo "Can't read Java functions library, aborting" + exit 1 +fi + +_save_function() { + local ORIG_FUNC=$(declare -f $1) + local NEWNAME_FUNC="$2${ORIG_FUNC#$1}" + eval "$NEWNAME_FUNC" +} + +run_jsvc(){ + if [ -x /usr/bin/jsvc ]; then + TOMCAT_USER="tomcat" + JSVC="/usr/bin/jsvc" + + JSVC_OPTS="-nodetach -pidfile /var/run/jsvc-tomcat${NAME}.pid -user ${TOMCAT_USER} -outfile ${CATALINA_BASE}/logs/catalina.out -errfile ${CATALINA_BASE}/logs/catalina.out" + if [ "$1" = "stop" ]; then + JSVC_OPTS="${JSVC_OPTS} -stop" + fi + + exec "${JSVC}" ${JSVC_OPTS} ${FLAGS} -classpath "${CLASSPATH}" ${OPTIONS} "${MAIN_CLASS}" "${@}" + else + echo "Can't find /usr/bin/jsvc executable" + fi + +} + +_save_function run run_java + +run() { + if [ "${USE_JSVC}" = "true" ] ; then + run_jsvc $@ + else + run_java $@ + fi +} + diff --git a/tomcat-preamble b/tomcat-preamble index 9627522..0079a8c 100644 --- a/tomcat-preamble +++ b/tomcat-preamble @@ -1,11 +1,6 @@ #!/bin/bash -if [ -r /usr/share/java-utils/java-functions ]; then - . /usr/share/java-utils/java-functions -else - echo "Can't read Java functions library, aborting" - exit 1 -fi +. /usr/libexec/tomcat/functions # Get the tomcat config (use this for environment specific settings) @@ -26,7 +21,6 @@ if [ -z "$CATALINA_BASE" ]; then CATALINA_BASE="${CATALINA_HOME}" fi fi - VERBOSE=1 set_javacmd cd ${CATALINA_HOME} diff --git a/tomcat.spec b/tomcat.spec index fb9ef77..03d6e53 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -31,7 +31,7 @@ %global jspspec 2.2 %global major_version 7 %global minor_version 0 -%global micro_version 47 +%global micro_version 52 %global packdname apache-tomcat-%{version}-src %global servletspec 3.0 %global elspec 2.2 @@ -54,7 +54,7 @@ Name: tomcat Epoch: 0 Version: %{major_version}.%{minor_version}.%{micro_version} -Release: 3%{?dist} +Release: 1%{?dist} Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API Group: System Environment/Daemons @@ -76,9 +76,8 @@ Source13: jasper-el-OSGi-MANIFEST.MF Source14: jasper-OSGi-MANIFEST.MF Source15: tomcat-api-OSGi-MANIFEST.MF Source16: tomcat-juli-OSGi-MANIFEST.MF -Source18: %{name}-%{major_version}.%{minor_version}-tomcat-jsvc-sysd -Source19: %{name}-%{major_version}.%{minor_version}-jsvc.wrapper Source20: %{name}-%{major_version}.%{minor_version}-jsvc.service +Source21: tomcat-functions Source30: tomcat-preamble Source31: tomcat-server Source32: tomcat-named.service @@ -108,7 +107,7 @@ Requires: apache-commons-logging Requires: apache-commons-collections Requires: apache-commons-dbcp Requires: apache-commons-pool -Requires: java >= 1:1.6.0 +Requires: java-headless >= 1:1.6.0 Requires: jpackage-utils Requires: procps Requires: %{name}-lib = %{epoch}:%{version}-%{release} @@ -160,7 +159,7 @@ Requires: %{name} = %{epoch}:%{version}-%{release} Requires: apache-commons-daemon-jsvc %description jsvc -Systemd service and wrapper scripts to start tomcat with jsvc, +Systemd service to start tomcat with jsvc, which allows tomcat to perform some privileged operations (e.g. bind to a port < 1024) and then switch identity to a non-privileged user. @@ -263,6 +262,7 @@ export OPT_JAR_LIST="xalan-j2-serializer" -Dno.build.dbcp=true \ -Dversion="%{version}" \ -Dversion.build="%{micro_version}" \ + -Djava.7.home=%{java_home} \ deploy dist-prepare dist-source javadoc # remove some jars that we'll replace with symlinks later @@ -321,6 +321,7 @@ zip -u output/build/bin/tomcat-juli.jar META-INF/MANIFEST.MF %{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{logdir} /bin/touch ${RPM_BUILD_ROOT}%{logdir}/catalina.out %{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{_localstatedir}/run +%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{_localstatedir}/lib/tomcats /bin/touch ${RPM_BUILD_ROOT}%{_localstatedir}/run/%{name}.pid /bin/echo "%{name}-%{major_version}.%{minor_version}.%{micro_version} RPM installed" >> ${RPM_BUILD_ROOT}%{logdir}/catalina.out %{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{homedir} @@ -353,12 +354,8 @@ popd ${RPM_BUILD_ROOT}%{_sbindir}/%{name} %{__install} -m 0644 %{SOURCE11} \ ${RPM_BUILD_ROOT}%{_unitdir}/%{name}.service -%{__install} -m 0644 %{SOURCE19} \ - ${RPM_BUILD_ROOT}%{_sbindir}/%{name}-jsvc %{__install} -m 0644 %{SOURCE20} \ ${RPM_BUILD_ROOT}%{_unitdir}/%{name}-jsvc.service -%{__install} -m 0644 %{SOURCE18} \ - ${RPM_BUILD_ROOT}%{_sbindir}/%{name}-jsvc-sysd %{__sed} -e "s|\@\@\@TCLOG\@\@\@|%{logdir}|g" %{SOURCE5} \ > ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/%{name} %{__sed} -e "s|\@\@\@TCHOME\@\@\@|%{homedir}|g" \ @@ -370,6 +367,8 @@ popd -e "s|\@\@\@LIBDIR\@\@\@|%{_libdir}|g" %{SOURCE7} \ > ${RPM_BUILD_ROOT}%{_bindir}/%{name}-tool-wrapper +%{__install} -m 0644 %{SOURCE21} \ + ${RPM_BUILD_ROOT}%{_libexecdir}/%{name}/functions %{__install} -m 0755 %{SOURCE30} \ ${RPM_BUILD_ROOT}%{_libexecdir}/%{name}/preamble %{__install} -m 0755 %{SOURCE31} \ @@ -487,6 +486,9 @@ done %{__cp} -a tomcat-util.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-tomcat-util.pom %add_maven_depmap JPP.%{name}-tomcat-util.pom %{name}/tomcat-util.jar +%{__cp} -a tomcat-jdbc.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-tomcat-jdbc.pom +%add_maven_depmap JPP.%{name}-tomcat-jdbc.pom %{name}/tomcat-jdbc.jar + mkdir -p ${RPM_BUILD_ROOT}%{_prefix}/lib/tmpfiles.d cat > ${RPM_BUILD_ROOT}%{_prefix}/lib/tmpfiles.d/%{name}.conf < 0:7.0.52-1 +- Updated to 7.0.52 +- Rewrite jsvc implementation, resolves: rhbz#1051743 +- Switch to java-headless R, resolves: rhbz#1068566 +- Create and own %{_localstatedir}/lib/tomcats, resolves: rhbz#1026741 +- Add pom for tomcat-jdbc, resolves: rhbz#1011003 + * Tue Jan 21 2014 Mikolaj Izdebski - 0:7.0.47-3 - Fix installation of Maven metadata for tomcat-juli.jar - Resolves: rhbz#1033664