rpms/tomcat
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

merge into: rpms:rawhide
Branches Tags
rpms:rawhide
rpms:main
rpms:f43
rpms:f41
rpms:f42
rpms:f40
rpms:f39
rpms:f38
rpms:f37
rpms:epel9
rpms:epel8
rpms:f36
rpms:f35
rpms:f34
rpms:f33
rpms:f32
rpms:f31
rpms:el6
rpms:f30
rpms:stream-tomcat-201908
rpms:epel7
rpms:f29
rpms:f28
rpms:f27
rpms:f26
rpms:f25
rpms:f24
rpms:f23
rpms:f22
rpms:f21
rpms:f20
rpms:f19
rpms:f18
rpms:f17
rpms:f16
rpms:f15
rpms:f14
rpms:9.0
...
pull from: rpms:el6
Branches Tags
rpms:main
rpms:rawhide
rpms:f43
rpms:f41
rpms:f42
rpms:f40
rpms:f39
rpms:f38
rpms:f37
rpms:epel9
rpms:epel8
rpms:f36
rpms:f35
rpms:f34
rpms:f33
rpms:f32
rpms:f31
rpms:el6
rpms:f30
rpms:stream-tomcat-201908
rpms:epel7
rpms:f29
rpms:f28
rpms:f27
rpms:f26
rpms:f25
rpms:f24
rpms:f23
rpms:f22
rpms:f21
rpms:f20
rpms:f19
rpms:f18
rpms:f17
rpms:f16
rpms:f15
rpms:f14
rpms:9.0
Sign in to create a new pull request.

83 commits
rawhide ... el6

Author SHA1 Message Date
Hui Wang
a174585603 Update to 7.0.106 2020-10-28 18:40:15 +08:00
Hui Wang
9563f11b9e Update to 7.0.105 2020-07-15 18:27:04 +08:00
Hui Wang
4ac0942113 Re-create tomcat-7.0.104-RemoveCompilerOptions.patch 2020-06-08 14:48:38 +08:00
Hui Wang
208522a9f2 Update tomcat-RemoveCompilerOptions.patch 2020-06-08 14:08:44 +08:00
Hui Wang
3509fc4b4b Fix the changelog and version parts 2020-06-04 17:36:59 +08:00
Hui Wang
0e6b8f1b04 Update to 7.0.104 2020-06-04 17:11:34 +08:00
Coty Sutherland
2f8bca3680 Tweak the default changes for CVE-2020-1938 so the patch applies cleanly 2020-04-22 15:46:02 -04:00
Coty Sutherland
3ab821b1f1 Update to 7.0.103 2020-04-22 14:21:43 -04:00
Coty Sutherland
4f8faf67f2 Related: rhbz#1806398 Undo changes in defaults for AJP connector (CVE-2020-1938) to prevent breakage, please update your configuration 2020-03-12 14:29:24 -04:00
Coty Sutherland
bee90cc445 Update to 7.0.100 
Resolves: rhbz#1806805 - CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability
 2020-03-05 15:10:18 -05:00
Coty Sutherland
53af7d2339 Remove SAAJ API addition (not necessary) and javac release attributes (not yet supported) 2020-02-06 14:38:45 -05:00
Coty Sutherland
b3f5333fe2 Update to 7.0.99 2020-02-06 13:15:28 -05:00
Coty Sutherland
90835a7334 Update to 7.0.96 2019-09-26 12:35:29 -04:00
Coty Sutherland
5ac49193ad Resolves: rhbz#1466026 JVM options are duplicated after service restart 2019-09-26 12:00:56 -04:00
Coty Sutherland
3d2693a555 Drop some outdated deps and use zip instead of zip -u 2019-06-18 15:26:48 -04:00
Coty Sutherland
86ec90907e Update to 7.0.94 
Resolves: rhbz#1713280 - CVE-2019-0221 tomcat: XSS in SSI printenv
 2019-06-18 10:54:41 -04:00
Coty Sutherland
05293ee2a3 Add changelog entries for CVEs to update notes 2018-12-13 11:48:15 -05:00
Coty Sutherland
5d15171717 Update to 7.0.92 2018-12-13 11:45:59 -05:00
Coty Sutherland
69c429d628 Related: Update to 7.0.90 Fix patch files so that they apply correctly 2018-07-31 17:01:08 -04:00
Coty Sutherland
715415eccc Update to 7.0.90 2018-07-31 16:17:53 -04:00
Coty Sutherland
6ddb487a2a Update to 7.0.86 2018-05-01 09:56:53 -04:00
Coty Sutherland
4b33f22df6 Forgot to add changelog entires for the CVEs 2018-03-16 11:27:13 -04:00
Coty Sutherland
ddf0b328a1 Update to 7.0.85 2018-03-16 11:16:34 -04:00
Coty Sutherland
b2405bc450 Update CompilerOptions patch to remove Java 1.9 version 2018-02-01 10:18:53 -05:00
Coty Sutherland
04ebf2cc89 The tomcat-native binary is no longer copied to bin. See http://svn.apache.org/r1818186 for more details 2018-02-01 10:10:44 -05:00
Coty Sutherland
ac5e3ee050 Update to 7.0.84 2018-02-01 08:56:29 -05:00
Coty Sutherland
1e5a896367 Update to 7.0.82 
Resolves: rhbz#1497681 CVE-2017-12617 tomcat: Remote Code Execution bypass for CVE-2017-12615
 2017-10-04 09:05:46 -04:00
Coty Sutherland
49ac0f639e Updating sources with fedpkg instead of rhpkg... 2017-08-21 10:32:14 -04:00
Coty Sutherland
4b8fa750e7 Resolves: rhbz#1480621 CVE-2017-7674 tomcat: Cache Poisoning 2017-08-21 10:26:03 -04:00
Coty Sutherland
e12e1e78e7 Updated wrong source tar...this time it's right for sure 2017-06-09 15:54:14 -04:00
Coty Sutherland
db12ab1d5e Updated sources with rhpkg instead of fedpkg accidentally. Fixing that 2017-06-09 15:47:27 -04:00
Coty Sutherland
0e797f55f0 Resolves: rhbz#1459161 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism 2017-06-09 15:33:46 -04:00
Coty Sutherland
cd0ac4a1ff Update to 7.0.77 2017-04-11 09:06:43 -04:00
Coty Sutherland
bfc4824563 Update to 7.0.76 2017-03-31 09:24:17 -04:00
Coty Sutherland
7ea089f878 Resolves: rhbz#1372789 init script status command gives incorrect result 2017-02-17 15:14:12 -05:00
Coty Sutherland
e84a075a5a Resolves: rhbz#1420223 CVE-2016-6325 tomcat: tomcat writable config files allow privilege escalation 2017-02-17 14:23:24 -05:00
Coty Sutherland
e7435cfab3 Update to 7.0.75 2017-02-16 16:07:32 -05:00
Coty Sutherland
449935b9ad Resolves: rhbz#1397495 CVE-2016-6816 CVE-2016-8735 tomcat: various flaws 2016-11-30 09:52:02 -05:00
Coty Sutherland
99a8151268 Resolves: rhbz#1379170 jsvc script is broken 2016-09-25 14:30:39 -04:00
Coty Sutherland
53a0501e50 Updating changelog version 2016-09-23 17:00:13 -04:00
Coty Sutherland
2d519e3c75 Resolves: rhbz#1376718 CVE-2016-1240 tomcat: Local privilege escalation via unsafe file handling in the Tomcat init script 2016-09-23 16:59:38 -04:00
Coty Sutherland
25759ac67c Resolves: rhbz#1375582 CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header 2016-09-23 16:32:11 -04:00
Coty Sutherland
5a42e79227 Resolves: rhbz#1170797 remove tomcat6 dependency on redhat-lsb (and any other unnecessary ones) 2016-08-17 16:06:51 -04:00
Coty Sutherland
35e239433c Related: rhbz#1314177 Had to fix a minor syntax issue that caused it to improperly eval. Bumping release to rebuild 2016-08-05 15:21:26 -04:00
Coty Sutherland
36a3e9ffec Related: rhbz#1314177 Had to fix a minor syntax issue that caused it to improperly eval 2016-08-05 15:17:10 -04:00
Coty Sutherland
79044f754b Updating the release to 1 for the first build of 7.0.70 2016-08-05 11:23:57 -04:00
Coty Sutherland
817844a3cd Apparently my attention to detail caused a problem here. Whitespace cleaned up in my patch files caused them to fail to apply :( 2016-08-05 11:17:22 -04:00
Coty Sutherland
7cac3fa020 Resolves: rhbz#1352009 tomcat: multiple security vulnerabilities (updates to 7.0.70) 
This patch also removed the references to jaxrpc since the jar file is emtpy anyway. It was causing the javadoc phase to crash, so removing it resolves the build failure.
 2016-08-05 10:33:31 -04:00
Coty Sutherland
8c1e26a724 Resolves: rhbz#1311499 Updating package causes tomcat to not start on boot 2016-08-05 10:28:43 -04:00
Coty Sutherland
109dad6dbb Resolves: rhbz#1364068 The command tomcat-digest doesn't work 2016-08-05 10:17:32 -04:00
Coty Sutherland
bac4255793 Resolves: rhbz#1364067 The tomcat-tool-wrapper script is broken 2016-08-05 10:13:20 -04:00
Coty Sutherland
694a006876 Resolves: rhbz#1104704 /usr/sbin/tomcat overrides settings specified in /etc/sysconfig/${NAME} 2016-08-05 10:11:00 -04:00
Coty Sutherland
bbe9e2eb9c Resolves: rhbz#1104708 Tomcat init script does not respect setting of CATALINA_PID in /etc/sysconfig/tomcat 2016-08-05 10:06:53 -04:00
Coty Sutherland
93f643e335 Resolves: rhbz#1312280 Unable to overwrite the TOMCAT_SCRIPT variable 2016-08-05 10:02:54 -04:00
Coty Sutherland
56cc1dee84 Related: rhbz#1314177 Forgot to commit to init change... 2016-08-05 09:57:40 -04:00
Coty Sutherland
8e804f0efd Resolved: rhbz#1314177 Tomcat init script reports wrong status when one instance of several is stopped 2016-08-05 09:56:41 -04:00
Coty Sutherland
24b2b7a82d Resolves: rhbz#1327327 rpm -V tomcat fails on /var/log/tomcat/catalina.out 2016-08-05 09:49:28 -04:00
Coty Sutherland
aa5454a96d Related: rhbz#1347838 I noticed an erroneous block in the policy patch. Removed it. 2016-08-05 09:46:24 -04:00
Coty Sutherland
b225805ced Resolves: rhbz#1347838 The security manager doesn't work correctly (JSPs cannot be compiled) 2016-08-05 09:43:24 -04:00
Coty Sutherland
da5404f2d4 Resolves: rhbz#1352120 The javadoc package is useless; it contains one index.html 2016-08-05 09:32:22 -04:00
Coty Sutherland
f277685a28 Adding back the ppc64 exclusion because java7 doesn't exist on ppc64. 2016-01-04 16:16:07 -05:00
Ivan Afonichev
7e95d02801 Merge branch 'tomcat-7.0.65-attempt' of github.com:csutherl/fedora-tomcat-epel into el6 2015-12-30 19:26:21 +03:00
Coty Sutherland
cecdb36d07 Updated to 7.0.65 2015-12-21 13:23:50 -05:00
Ivan Afonichev
6ed748d8f6 Merge branch 'tomcat-7.0.65-attempt' of github.com:csutherl/fedora-tomcat-epel into el6 2015-12-21 17:50:54 +03:00
Coty Sutherland
5eb026baf5 Updated to 7.0.65 2015-12-11 07:33:28 -05:00
Coty Sutherland
ae0ef248d6 Updated to 7.0.65 2015-11-19 15:17:56 -05:00
Vlad Selpukhin
9661f8da0d fixed bug 1080195 2014-05-01 00:11:18 +04:00
Vlad Slepukhin
a6c97575bf changing ExclusiveArch to ExcludeArch because of bug 2014-02-26 14:24:03 +04:00
Vlad Slepukhin
c091d4485f added platform restriction due to obligatory java >=1.6 2014-02-25 10:45:01 +04:00
Vlad Slepukhin
0e914b1053 Typo in date fixed 2014-02-20 10:28:35 +04:00
Ivan Afonichev
7dc9c669e5 Merge branch 'f19' of https://github.com/ka2m/tomcat-centos into el6 2014-02-18 21:48:17 +04:00
Vlad Slepukhin
2f93af69c5 Typo in Source0 fixed 2014-02-18 11:17:37 +03:00
Ivan Afonichev
2147fa0d4a Merge branch 'f19' of https://github.com/ka2m/tomcat-centos into el6 
Conflicts:
	tomcat.spec
 2014-02-17 23:43:25 +04:00
Ivan Afonichev
be363bfbe6 F20 changes reverted 2014-02-17 23:36:40 +04:00
Vlad Slepukhin
1054595cbf Fixing typo in spec file 2014-02-14 08:38:11 +03:00
Vlad Slepukhin
5e8d8f6599 minor versioning fixes 2014-02-12 07:32:16 +03:00
Vlad Slepukhin
181e718899 residual lines removal 2014-02-11 15:55:57 +04:00
Vlad Slepukhin
c16cb96349 Some security fixes, systemd stuff removal and changelog update 2014-02-10 13:27:08 +04:00
Vlad Slepukhin
84f3874ac9 Fixing SOURCE numeration 2014-02-07 17:29:13 +04:00
Vlad Slepukhin
2a1fbf0f3d Tomcat 7.0.33 for CentOS 6.x 2014-02-07 16:55:17 +04:00
Ivan Afonichev
fb74d36077 Updated to 7.0.47 
Conflicts:
	tomcat.spec
 2013-11-04 01:16:25 +04:00
Ivan Afonichev
a0886b4640 Fix sources 2013-07-12 02:09:26 +04:00
squallsama
f5590977b9 update to 7.0.42 
Conflicts:
	tomcat.spec
 2013-07-12 01:17:58 +04:00
23 changed files with 1295 additions and 502 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.gitignore vendored
View file

@ -1,2 +1,4 @@
apache-tomcat-*-src.tar.gz
apache-tomcat-*-src
results_tomcat/
tomcat*src.rpm

29
add_parent_logger_getter.patch
View file

@ -1,29 +0,0 @@
--- modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/DataSourceProxy.java.sav 2012-01-17 13:55:44.000000000 +0400
+++ modules/jdbc-pool/src/main/java/org/apache/tomcat/jdbc/pool/DataSourceProxy.java 2012-01-22 00:44:22.299789107 +0400
@@ -19,9 +19,11 @@ package org.apache.tomcat.jdbc.pool;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.SQLException;
+import java.sql.SQLFeatureNotSupportedException;
import java.util.Iterator;
import java.util.Properties;
import java.util.concurrent.Future;
+import java.util.logging.Logger;
import javax.sql.XAConnection;
@@ -534,6 +536,14 @@ public class DataSourceProxy implements
}
/**
+ * no-op
+ * {@link javax.sql.DataSource#getParentLogger}
+ */
+ public Logger getParentLogger() throws SQLFeatureNotSupportedException {
+ throw new SQLFeatureNotSupportedException();
+ }
+
+ /**
* no-op
* {@link javax.sql.DataSource#getLogWriter}
*/

222
change-defaults-for-CVE-2020-1938.patch Normal file
View file

@ -0,0 +1,222 @@
diff -up ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java.orig ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java
--- ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java.orig 2020-03-16 04:41:13.000000000 -0400
+++ ./java/org/apache/coyote/ajp/AbstractAjpProtocol.java 2020-04-22 15:42:50.544106513 -0400
@@ -134,7 +134,7 @@ public abstract class AbstractAjpProtoco
}
- private boolean secretRequired = true;
+ private boolean secretRequired = false;
public void setSecretRequired(boolean secretRequired) {
this.secretRequired = secretRequired;
}
diff -up ./java/org/apache/coyote/ajp/AjpAprProtocol.java.orig ./java/org/apache/coyote/ajp/AjpAprProtocol.java
--- ./java/org/apache/coyote/ajp/AjpAprProtocol.java.orig 2020-03-16 04:41:13.000000000 -0400
+++ ./java/org/apache/coyote/ajp/AjpAprProtocol.java 2020-04-22 15:42:50.544106513 -0400
@@ -20,7 +20,6 @@ import org.apache.coyote.AbstractProtoco
import org.apache.coyote.Processor;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
-import org.apache.tomcat.util.compat.JreCompat;
import org.apache.tomcat.util.net.AbstractEndpoint;
import org.apache.tomcat.util.net.AprEndpoint;
import org.apache.tomcat.util.net.AprEndpoint.Handler;
@@ -62,7 +61,6 @@ public class AjpAprProtocol extends Abst
public AjpAprProtocol() {
endpoint = new AprEndpoint();
- endpoint.setAddress(JreCompat.getInstance().getLoopbackAddress());
cHandler = new AjpConnectionHandler(this);
((AprEndpoint) endpoint).setHandler(cHandler);
setSoLinger(Constants.DEFAULT_CONNECTION_LINGER);
diff -up ./java/org/apache/coyote/ajp/AjpNioProtocol.java.orig ./java/org/apache/coyote/ajp/AjpNioProtocol.java
--- ./java/org/apache/coyote/ajp/AjpNioProtocol.java.orig 2020-03-16 04:41:13.000000000 -0400
+++ ./java/org/apache/coyote/ajp/AjpNioProtocol.java 2020-04-22 15:42:50.545106511 -0400
@@ -23,7 +23,6 @@ import org.apache.coyote.AbstractProtoco
import org.apache.coyote.Processor;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
-import org.apache.tomcat.util.compat.JreCompat;
import org.apache.tomcat.util.net.AbstractEndpoint;
import org.apache.tomcat.util.net.NioChannel;
import org.apache.tomcat.util.net.NioEndpoint;
@@ -57,7 +56,6 @@ public class AjpNioProtocol extends Abst
public AjpNioProtocol() {
endpoint = new NioEndpoint();
- endpoint.setAddress(JreCompat.getInstance().getLoopbackAddress());
cHandler = new AjpConnectionHandler(this);
((NioEndpoint) endpoint).setHandler(cHandler);
setSoLinger(Constants.DEFAULT_CONNECTION_LINGER);
diff -up ./java/org/apache/coyote/ajp/AjpProtocol.java.orig ./java/org/apache/coyote/ajp/AjpProtocol.java
--- ./java/org/apache/coyote/ajp/AjpProtocol.java.orig 2020-03-16 04:41:13.000000000 -0400
+++ ./java/org/apache/coyote/ajp/AjpProtocol.java 2020-04-22 15:42:50.545106511 -0400
@@ -22,7 +22,6 @@ import org.apache.coyote.AbstractProtoco
import org.apache.coyote.Processor;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
-import org.apache.tomcat.util.compat.JreCompat;
import org.apache.tomcat.util.net.AbstractEndpoint;
import org.apache.tomcat.util.net.JIoEndpoint;
import org.apache.tomcat.util.net.JIoEndpoint.Handler;
@@ -58,7 +57,6 @@ public class AjpProtocol extends Abstrac
public AjpProtocol() {
endpoint = new JIoEndpoint();
- endpoint.setAddress(JreCompat.getInstance().getLoopbackAddress());
cHandler = new AjpConnectionHandler(this);
((JIoEndpoint) endpoint).setHandler(cHandler);
setSoLinger(Constants.DEFAULT_CONNECTION_LINGER);
diff -up ./java/org/apache/tomcat/util/compat/Jre7Compat.java.orig ./java/org/apache/tomcat/util/compat/Jre7Compat.java
--- ./java/org/apache/tomcat/util/compat/Jre7Compat.java.orig 2020-03-16 04:41:15.000000000 -0400
+++ ./java/org/apache/tomcat/util/compat/Jre7Compat.java 2020-04-22 15:42:50.546106509 -0400
@@ -20,7 +20,6 @@ import java.io.OutputStream;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
-import java.net.InetAddress;
import java.sql.CallableStatement;
import java.sql.Connection;
import java.sql.DatabaseMetaData;
@@ -57,7 +56,6 @@ class Jre7Compat extends JreCompat {
private static final Method resultSetGetObjectName;
private static final Method statementCloseOnCompletion;
private static final Method statementIsCloseOnCompletion;
- private static final Method getLoopbackAddress;
static {
Method m1 = null;
@@ -74,7 +72,6 @@ class Jre7Compat extends JreCompat {
Method m12 = null;
Method m13 = null;
Method m14 = null;
- Method m15 = null;
Constructor<GZIPOutputStream> c = null;
try {
// Order is important for the error handling below.
@@ -94,7 +91,6 @@ class Jre7Compat extends JreCompat {
m12 = ResultSet.class.getMethod("getObject", String.class, Class.class);
m13 = Statement.class.getMethod("closeOnCompletion");
m14 = Statement.class.getMethod("isCloseOnCompletion");
- m15 = InetAddress.class.getMethod("getLoopbackAddress");
} catch (SecurityException e) {
// Should never happen
log.error(sm.getString("jre7Compat.unexpected"), e);
@@ -122,7 +118,6 @@ class Jre7Compat extends JreCompat {
resultSetGetObjectName = m12;
statementCloseOnCompletion = m13;
statementIsCloseOnCompletion = m14;
- getLoopbackAddress = m15;
}
@@ -357,20 +352,6 @@ class Jre7Compat extends JreCompat {
}
}
-
- @Override
- public InetAddress getLoopbackAddress() {
- try {
- return (InetAddress) getLoopbackAddress.invoke(null);
- } catch (IllegalArgumentException e) {
- throw new UnsupportedOperationException(e);
- } catch (IllegalAccessException e) {
- throw new UnsupportedOperationException(e);
- } catch (InvocationTargetException e) {
- throw new UnsupportedOperationException(e);
- }
- }
-
// Java 9 methods
diff -up ./java/org/apache/tomcat/util/compat/JreCompat.java.orig ./java/org/apache/tomcat/util/compat/JreCompat.java
--- ./java/org/apache/tomcat/util/compat/JreCompat.java.orig 2020-03-16 04:41:15.000000000 -0400
+++ ./java/org/apache/tomcat/util/compat/JreCompat.java 2020-04-22 15:42:50.547106507 -0400
@@ -21,10 +21,8 @@ import java.io.IOException;
import java.io.OutputStream;
import java.lang.reflect.AccessibleObject;
import java.lang.reflect.Method;
-import java.net.InetAddress;
import java.net.URL;
import java.net.URLConnection;
-import java.net.UnknownHostException;
import java.sql.CallableStatement;
import java.sql.Connection;
import java.sql.DatabaseMetaData;
@@ -234,32 +232,6 @@ public class JreCompat {
}
- public InetAddress getLoopbackAddress() {
- // Javadoc for getByName() states that calling with null will return one
- // of the loopback addresses
- InetAddress result = null;
- try {
- result = InetAddress.getByName(null);
- } catch (UnknownHostException e) {
- // This would be unusual but ignore it in this case.
- }
- if (result == null) {
- // Fallback to default IPv4 loopback address.
- // Not perfect but good enough and if the address is not valid the
- // bind will fail later with an appropriate error message
- try {
- result = InetAddress.getByName("127.0.0.1");
- } catch (UnknownHostException e) {
- // Unreachable.
- // For text representations of IP addresses only the format is
- // checked.
- }
- }
-
- return result;
- }
-
-
// Java 6 implementation of Java 8 methods
public static boolean isJre8Available() {
diff -up ./webapps/docs/changelog.xml.orig ./webapps/docs/changelog.xml
--- ./webapps/docs/changelog.xml.orig 2020-03-16 04:41:18.000000000 -0400
+++ ./webapps/docs/changelog.xml 2020-04-22 15:42:50.554106492 -0400
@@ -260,14 +260,10 @@
Disable (comment out in server.xml) the AJP/1.3 connector by default.
(markt)
</update>
- <update>
- Change the default bind address for the AJP/1.3 connector to be the
- loopback address. (markt)
- </update>
<add>
Rename the <code>requiredSecret</code> attribute of the AJP/1.3
Connector to <code>secret</code> and add a new attribute
- <code>secretRequired</code> that defaults to <code>true</code>. When
+ <code>secretRequired</code> that defaults to <code>false</code>. When
<code>secretRequired</code> is <code>true</code> the AJP/1.3 Connector
will not start unless the <code>secret</code> attribute is configured to
a non-null, non-zero length String. (markt)
diff -up ./webapps/docs/config/ajp.xml.orig ./webapps/docs/config/ajp.xml
--- ./webapps/docs/config/ajp.xml.orig 2020-04-22 15:42:50.557106486 -0400
+++ ./webapps/docs/config/ajp.xml 2020-04-22 15:44:54.425843527 -0400
@@ -306,7 +306,9 @@
<attribute name="address" required="false">
<p>For servers with more than one IP address, this attribute specifies
which address will be used for listening on the specified port. By
- default, the connector will listen on the loopback address. Unless the JVM
+ default, this port will be used on all IP addresses associated with the
+ server. A value of <code>127.0.0.1</code> indicates that the Connector
+ will only listen on the loopback interface. Unless the JVM
is configured otherwise using system properties, the Java based connectors
(BIO, NIO) will listen on both IPv4 and IPv6 addresses when configured
with either <code>0.0.0.0</code> or <code>::</code>. The APR/native
@@ -483,7 +485,7 @@
the <strong>secret</strong> attribute is required to be specified for the
AJP Connector to start. It <strong>does not</strong> control whether
workers are required to provide the secret. The default value is
- <code>true</code>. This attribute should only be set to <code>false</code>
+ <code>false</code>. This attribute should only be set to <code>false</code>
when the Connector is used on a trusted network.</p>
</attribute>

2
sources
View file

@ -1 +1 @@
4ee89bfd85f6afb31c7675b05f0469cb apache-tomcat-7.0.47-src.tar.gz
SHA512 (apache-tomcat-7.0.106-src.tar.gz) = 5ce5a5af93c58e69c4758c2c0dedeadeceb6be920421b9d3b3d071d32fc8eb59ba8312c98d037b8434fe43d57a9f720ad8790de29a26ed2959f6c761fe1fd573

37
tomcat-7.0-catalina-policy.patch Normal file
View file

@ -0,0 +1,37 @@
--- conf/catalina.policy.orig 2016-08-05 11:13:17.192398668 -0400
+++ conf/catalina.policy 2016-08-05 11:13:40.855396127 -0400
@@ -51,6 +51,34 @@
};
+// ========== RHEL SPECIFIC CODE PERMISSIONS =======================================
+
+// Allowing everything in /usr/share/java allows too many unknowns to be permitted
+// Specifying the individual jars that tomcat needs to function with the security manager
+// is the safest way forward.
+grant codeBase "file:/usr/share/java/tomcat-el-2.2-api.jar" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:/usr/share/java/tomcat-jsp-2.2-api.jar" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:/usr/share/java/tomcat-servlet-3.0-api.jar" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:/usr/share/java/jakarta-commons-collections.jar" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:/usr/share/java/jakarta-commons-dbcp.jar" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:/usr/share/java/ecj.jar" {
+ permission java.security.AllPermission;
+};
+grant codeBase "file:/usr/share/java/log4j.jar" {
+ permission java.security.AllPermission;
+};
+
+
// ========== CATALINA CODE PERMISSIONS =======================================

2
tomcat-7.0-digest.script
View file

@ -34,7 +34,7 @@ export CLASSPATH
MAIN_CLASS="org.apache.catalina.startup.Tool"
BASE_FLAGS="-Dcatalina.home=\"$CATALINA_HOME\""
BASE_OPTIONS=""
BASE_JARS="commons-daemon tomcat/catalina servlet"
BASE_JARS="commons-daemon tomcat/catalina servlet tomcat/tomcat-util tomcat/tomcat-coyote"
# Set parameters
set_classpath $BASE_JARS

19
tomcat-7.0-jsvc.service
View file

@ -1,19 +0,0 @@
# Systemd unit file for tomcat
#
# To create clones of this service:
# 1) By default SERVICE_NAME=tomcat. When cloned, the value must be defined
# before tomcat-sysd is called.
# 2) Create /etc/sysconfig/${SERVICE_NAME} from /etc/sysconfig/tomcat
# to override tomcat defaults
[Unit]
Description=Apache Tomcat Web Application Container JSVC wrapper
After=syslog.target network.target
[Service]
Type=forking
ExecStart=/usr/sbin/tomcat-jsvc-sysd start
ExecStop=/usr/sbin/tomcat-jsvc-sysd stop
[Install]
WantedBy=multi-user.target

20
tomcat-7.0-jsvc.wrapper
View file

@ -8,13 +8,16 @@ else
fi
# Get the tomcat config (use this for environment specific settings)
#if [ -z "${TOMCAT_CFG}" ]; then
# TOMCAT_CFG="/etc/tomcat/tomcat.conf"
#fi
# if $TOMCAT_CFG wasn't already loaded
if [ -z "${TOMCAT_CFG_LOADED}" ]; then
if [ -z "${TOMCAT_CFG}" ]; then
TOMCAT_CFG="/etc/tomcat/tomcat.conf"
fi
#if [ -r "$TOMCAT_CFG" ]; then
# . $TOMCAT_CFG
#fi
if [ -r "$TOMCAT_CFG" ]; then
. $TOMCAT_CFG
fi
fi
set_javacmd
@ -29,6 +32,9 @@ CLASSPATH="${CLASSPATH}:$(build-classpath commons-daemon 2>/dev/null)"
# if jsvc installed and USE_JSVC=true
# then use jsvc instead of calling java directly
if [ -x /usr/bin/jsvc ]; then
# Command to use for version so it doesn't use jsvc
VER_JAVACMD=$JAVACMD
JAVACMD="/usr/bin/jsvc -nodetach -user ${TOMCAT_USER} -outfile ${CATALINA_BASE}/logs/catalina.out -errfile ${CATALINA_BASE}/logs/catalina.out"
if [ "$1" = "stop" ]; then
JAVACMD="${JAVACMD} -stop"
@ -75,7 +81,7 @@ elif [ "$1" = "stop" ]; then
org.apache.catalina.startup.Bootstrap stop \
>> ${CATALINA_BASE}/logs/catalina.out 2>&1
elif [ "$1" = "version" ]; then
${JAVACMD} -classpath ${CATALINA_HOME}/lib/catalina.jar \
${VER_JAVACMD} -classpath ${CATALINA_HOME}/lib/catalina.jar \
org.apache.catalina.util.ServerInfo
else
echo "Usage: $0 {start|start-security|stop|version}"

2
tomcat-7.0-log4j.properties
View file

@ -1,6 +1,6 @@
log4j.rootLogger=debug, R
log4j.appender.R=org.apache.log4j.RollingFileAppender
log4j.appender.R.File=${catalina.base}/logs/tomcat.log
log4j.appender.R.File=${catalina.home}/logs/tomcat.log
log4j.appender.R.MaxFileSize=10MB
log4j.appender.R.MaxBackupIndex=10
log4j.appender.R.layout=org.apache.log4j.PatternLayout

113
tomcat-7.0-tomcat-jsvc-sysd
View file

@ -1,113 +0,0 @@
#!/bin/bash
#
# This script provides systemd activation of the tomcat service
# To create clones of this service:
# 1) SERVICE_NAME must be defined before calling this script
# 2) Create /etc/sysconfig/${SERVICE_NAME} from /etc/sysconfig/tomcat
# to override tomcat defaults
# SERVICE_NAME is a required value only if the service name is
# different from 'tomcat'
#
NAME="${SERVICE_NAME:-tomcat}"
#I'll bet this isn't required.
# unset ISBOOT
# For SELinux we need to use 'runuser' not 'su'
if [ -x "/sbin/runuser" ]; then
SU="/sbin/runuser -s /bin/sh"
else
SU="/bin/su -s /bin/sh"
fi
# Path to the tomcat launch script
TOMCAT_SCRIPT="/usr/sbin/tomcat-jsvc"
# Define the tomcat username
TOMCAT_USER="${TOMCAT_USER:-tomcat}"
# TOMCAT_LOG should be different from catalina.out.
# Usually the below config is all that is necessary
TOMCAT_LOG=/var/log/${NAME}/${NAME}-sysd.log
# Get the tomcat config (use this for environment specific settings)
TOMCAT_CFG="/etc/tomcat/tomcat.conf"
if [ -r "$TOMCAT_CFG" ]; then
. $TOMCAT_CFG
fi
# Get instance specific config file
if [ -r "/etc/sysconfig/${NAME}" ]; then
. /etc/sysconfig/${NAME}
fi
function parseOptions() {
options=""
options="$options $(
awk '!/^#/ && !/^$/ { ORS=" "; print "export ", $0, ";" }' \
$TOMCAT_CFG
)"
if [ -r "/etc/sysconfig/${NAME}" ]; then
options="$options $(
awk '!/^#/ && !/^$/ { ORS=" ";
print "export ", $0, ";" }' \
/etc/sysconfig/${NAME}
)"
fi
TOMCAT_SCRIPT="$options ${TOMCAT_SCRIPT}"
}
# See how we were called.
function start() {
# fix permissions on the log and pid files
export CATALINA_PID="/var/run/${NAME}.pid"
touch $CATALINA_PID 2>&1
if [ "$?" -eq "0" ]; then
chown ${TOMCAT_USER}:${TOMCAT_USER} $CATALINA_PID
fi
touch $TOMCAT_LOG 2>&1
if [ "$?" -eq "0" ]; then
chown ${TOMCAT_USER}:${TOMCAT_USER} $TOMCAT_LOG
fi
# if jsvc installed and USE_JSVC=true
# then start as root and use jsvc to drop privileges
if [ -x /usr/bin/jsvc ]; then
TOMCAT_USER="root"
fi
parseOptions
if [ "$SECURITY_MANAGER" = "true" ]; then
$SU - $TOMCAT_USER -c "${TOMCAT_SCRIPT} start-security" >> $TOMCAT_LOG 2>&1
else
$SU - $TOMCAT_USER -c "${TOMCAT_SCRIPT} start" >> $TOMCAT_LOG 2>&1
fi
}
function stop() {
# if jsvc installed and USE_JSVC=true
# then start as root and use jsvc to drop privileges
if [ -x /usr/bin/jsvc ]; then
TOMCAT_USER="root"
fi
parseOptions
$SU - $TOMCAT_USER -c "${TOMCAT_SCRIPT} stop" >> $TOMCAT_LOG 2>&1
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
esac

6
tomcat-7.0-tomcat-users-webapp.patch
View file

@ -1,8 +1,8 @@
--- conf/tomcat-users.xml~ 2008-01-28 17:41:06.000000000 -0500
+++ conf/tomcat-users.xml 2008-03-07 19:40:07.000000000 -0500
@@ -23,4 +23,14 @@
<user username="both" password="tomcat" roles="tomcat,role1"/>
<user username="role1" password="tomcat" roles="role1"/>
<user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
<user username="role1" password="<must-be-changed>" roles="role1"/>
-->
+
+<!-- <role rolename="admin"/> -->
@ -13,5 +13,5 @@
+<!-- <role rolename="manager-script"/> -->
+<!-- <role rolename="manager-jmx"/> -->
+<!-- <role rolename="manager-status"/> -->
+<!-- <user name="admin" password="adminadmin" roles="admin,manager,admin-gui,admin-script,manager-gui,manager-script,manager-jmx,manager-status" /> -->
+<!-- <user name="admin" password="<must-be-changed>" roles="admin,manager,admin-gui,admin-script,manager-gui,manager-script,manager-jmx,manager-status" /> -->
</tomcat-users>

2
tomcat-7.0-tool-wrapper.script
View file

@ -34,7 +34,7 @@ export CLASSPATH
MAIN_CLASS="org.apache.catalina.startup.Tool"
BASE_OPTIONS=""
BASE_FLAGS="-Dcatalina.home=\"$CATALINA_HOME\""
BASE_JARS="commons-daemon tomcat/catalina servlet"
BASE_JARS="commons-daemon tomcat/catalina servlet tomcat/tomcat-util tomcat/tomcat-coyote"
# Set parameters
set_classpath $BASE_JARS

184
tomcat-7.0.104-RemoveCompilerOptions.patch Normal file
View file

@ -0,0 +1,184 @@
--- java/org/apache/jasper/compiler/JDTCompiler.java.orig 2020-06-08 14:28:56.745393437 +0800
+++ java/org/apache/jasper/compiler/JDTCompiler.java 2020-06-08 14:33:16.421538658 +0800
@@ -95,7 +95,6 @@
/**
* Compile the servlet from .java file to .class file
*/
- @Override
protected void generateClass(String[] smap) throws FileNotFoundException, JasperException, Exception {
long t1 = 0;
@@ -122,12 +121,10 @@
this.sourceFile = sourceFile;
}
- @Override
public char[] getFileName() {
return sourceFile.toCharArray();
}
- @Override
public char[] getContents() {
char[] result = null;
FileInputStream is = null;
@@ -167,7 +164,6 @@
return result;
}
- @Override
public char[] getMainTypeName() {
int dot = className.lastIndexOf('.');
if (dot > 0) {
@@ -176,7 +172,6 @@
return className.toCharArray();
}
- @Override
public char[][] getPackageName() {
StringTokenizer izer = new StringTokenizer(className, ".");
char[][] result = new char[izer.countTokens()-1][];
@@ -187,7 +182,6 @@
return result;
}
- @Override
public boolean ignoreOptionalProblems() {
return false;
}
@@ -195,7 +189,6 @@
final INameEnvironment env = new INameEnvironment() {
- @Override
public NameEnvironmentAnswer
findType(char[][] compoundTypeName) {
StringBuilder result = new StringBuilder();
@@ -208,7 +201,6 @@
return findType(result.toString());
}
- @Override
public NameEnvironmentAnswer findType(char[] typeName, char[][] packageName) {
StringBuilder result = new StringBuilder();
String sep = "";
@@ -281,7 +273,6 @@
}
}
- @Override
public boolean isPackage(char[][] parentPackageName, char[] packageName) {
StringBuilder result = new StringBuilder();
String sep = "";
@@ -302,7 +293,6 @@
return isPackage(result.toString());
}
- @Override
public void cleanup() {
}
@@ -350,43 +340,6 @@
} else if(opt.equals("1.7")) {
settings.put(CompilerOptions.OPTION_Source,
CompilerOptions.VERSION_1_7);
- } else if(opt.equals("1.8")) {
- settings.put(CompilerOptions.OPTION_Source,
- CompilerOptions.VERSION_1_8);
- // Support old format that was used in EA implementation as well
- } else if(opt.equals("9") || opt.equals("1.9")) {
- settings.put(CompilerOptions.OPTION_Source,
- JDT_JAVA_9_VERSION);
- } else if(opt.equals("10")) {
- // Constant not available in latest ECJ version that runs on
- // Java 6.
- // This is checked against the actual version below.
- settings.put(CompilerOptions.OPTION_Source, "10");
- } else if(opt.equals("11")) {
- // Constant not available in latest ECJ version that runs on
- // Java 6.
- // This is checked against the actual version below.
- settings.put(CompilerOptions.OPTION_Source, "11");
- } else if(opt.equals("12")) {
- // Constant not available in latest ECJ version that runs on
- // Java 6.
- // This is checked against the actual version below.
- settings.put(CompilerOptions.OPTION_Source, "12");
- } else if(opt.equals("13")) {
- // Constant not available in latest available ECJ version.
- // May be supported in a snapshot build.
- // This is checked against the actual version below.
- settings.put(CompilerOptions.OPTION_Source, "13");
- } else if(opt.equals("14")) {
- // Constant not available in latest available ECJ version.
- // May be supported in a snapshot build.
- // This is checked against the actual version below.
- settings.put(CompilerOptions.OPTION_Source, "14");
- } else if(opt.equals("15")) {
- // Constant not available in latest available ECJ version.
- // May be supported in a snapshot build.
- // This is checked against the actual version below.
- settings.put(CompilerOptions.OPTION_Source, "15");
} else {
log.warn(Localizer.getMessage("jsp.warning.unknown.sourceVM", opt));
settings.put(CompilerOptions.OPTION_Source,
@@ -428,52 +381,6 @@
CompilerOptions.VERSION_1_7);
settings.put(CompilerOptions.OPTION_Compliance,
CompilerOptions.VERSION_1_7);
- } else if(opt.equals("1.8")) {
- settings.put(CompilerOptions.OPTION_TargetPlatform,
- CompilerOptions.VERSION_1_8);
- settings.put(CompilerOptions.OPTION_Compliance,
- CompilerOptions.VERSION_1_8);
- } else if(opt.equals("9") || opt.equals("1.9")) {
- settings.put(CompilerOptions.OPTION_TargetPlatform,
- JDT_JAVA_9_VERSION);
- settings.put(CompilerOptions.OPTION_Compliance,
- JDT_JAVA_9_VERSION);
- } else if(opt.equals("10")) {
- // Constant not available in latest ECJ version that runs on
- // Java 6.
- // This is checked against the actual version below.
- settings.put(CompilerOptions.OPTION_TargetPlatform, "10");
- settings.put(CompilerOptions.OPTION_Compliance, "10");
- } else if(opt.equals("11")) {
- // Constant not available in latest ECJ version that runs on
- // Java 6.
- // This is checked against the actual version below.
- settings.put(CompilerOptions.OPTION_TargetPlatform, "11");
- settings.put(CompilerOptions.OPTION_Compliance, "11");
- } else if(opt.equals("12")) {
- // Constant not available in latest ECJ version that runs on
- // Java 6.
- // This is checked against the actual version below.
- settings.put(CompilerOptions.OPTION_TargetPlatform, "12");
- settings.put(CompilerOptions.OPTION_Compliance, "12");
- } else if(opt.equals("13")) {
- // Constant not available in latest available ECJ version.
- // May be supported in a snapshot build.
- // This is checked against the actual version below.
- settings.put(CompilerOptions.OPTION_TargetPlatform, "13");
- settings.put(CompilerOptions.OPTION_Compliance, "13");
- } else if(opt.equals("14")) {
- // Constant not available in latest ECJ version shipped with
- // Tomcat. May be supported in a snapshot build.
- // This is checked against the actual version below.
- settings.put(CompilerOptions.OPTION_TargetPlatform, "14");
- settings.put(CompilerOptions.OPTION_Compliance, "14");
- } else if(opt.equals("15")) {
- // Constant not available in latest ECJ version shipped with
- // Tomcat. May be supported in a snapshot build.
- // This is checked against the actual version below.
- settings.put(CompilerOptions.OPTION_TargetPlatform, "15");
- settings.put(CompilerOptions.OPTION_Compliance, "15");
} else {
log.warn(Localizer.getMessage("jsp.warning.unknown.targetVM", opt));
settings.put(CompilerOptions.OPTION_TargetPlatform,
@@ -491,7 +398,6 @@
new DefaultProblemFactory(Locale.getDefault());
final ICompilerRequestor requestor = new ICompilerRequestor() {
- @Override
public void acceptResult(CompilationResult result) {
try {
if (result.hasProblems()) {

130
tomcat-7.0.99-build.patch Normal file
View file

@ -0,0 +1,130 @@
--- build.xml.orig 2019-12-11 08:21:52.000000000 -0500
+++ build.xml 2020-02-06 14:32:03.578329367 -0500
@@ -222,7 +222,6 @@
<!-- Classpaths -->
<path id="compile.classpath">
<pathelement location="${jdt.jar}"/>
- <pathelement location="${saaj-api.jar}"/>
</path>
<path id="tomcat.classpath">
@@ -244,7 +243,7 @@
<path id="tomcat.webservices.classpath">
<path refid="tomcat.classpath" />
<fileset dir="${tomcat.extras}/webservices">
- <include name="jaxrpc.jar"/>
+ <!--<include name="jaxrpc.jar"/>-->
<include name="wsdl4j.jar"/>
</fileset>
</path>
@@ -636,7 +635,6 @@
deprecation="${compile.deprecation}"
source="${compile.source}"
target="${compile.target}"
- release="${compile.release}"
encoding="ISO-8859-1"
includeAntRuntime="true" >
<compilerarg value="-Xlint:unchecked"/>
@@ -1141,12 +1139,11 @@
</copy>
<!-- Delete all other versions of Eclipse JDT Compiler and copy the current one -->
- <local name="jdt.jar.filename" />
- <basename property="jdt.jar.filename" file="${jdt.jar}"/>
+ <basename property="deploy.jdt.jar.filename" file="${jdt.jar}"/>
<delete verbose="true">
<fileset dir="${tomcat.build}/lib">
<include name="ecj-*.jar"/>
- <exclude name="${jdt.jar.filename}"/>
+ <exclude name="${deploy.jdt.jar.filename}"/>
</fileset>
</delete>
<copy file="${jdt.jar}" todir="${tomcat.build}/lib"/>
@@ -1177,7 +1174,6 @@
debug="${compile.debug}" deprecation="${compile.deprecation}"
source="${compile.source}"
target="${compile.target}"
- release="${compile.release}"
classpath="${tomcat.classes}"
encoding="ISO-8859-1"
includeantruntime="false">
@@ -1189,7 +1185,6 @@
debug="${compile.debug}" deprecation="${compile.deprecation}"
source="${compile.source}"
target="${compile.target}"
- release="${compile.release}"
classpath="${tomcat.classes}"
encoding="ISO-8859-1"
includeantruntime="false">
@@ -1416,7 +1411,6 @@
deprecation="${compile.deprecation}"
source="${compile.source}"
target="${compile.target}"
- release="${compile.release}"
encoding="ISO-8859-1"
includeantruntime="true">
<classpath refid="tomcat.test.classpath" />
@@ -1859,8 +1853,8 @@
<param name="checksum.value" value="${wsdl4j-lib.checksum.value}"/>
</antcall>
- <copy file="${jaxrpc-lib.jar}"
- tofile="${tomcat.extras}/webservices/jaxrpc.jar" />
+ <!--<copy file="${jaxrpc-lib.jar}"
+ tofile="${tomcat.extras}/webservices/jaxrpc.jar" />-->
<copy file="${wsdl4j-lib.jar}"
tofile="${tomcat.extras}/webservices/wsdl4j.jar" />
</target>
@@ -2912,16 +2906,6 @@ skip.installer property in build.propert
<param name="checksum.value" value="${jdt.checksum.value}"/>
</antcall>
- <!-- Download SAAJ API -->
- <antcall target="downloadfile">
- <param name="sourcefile" value="${saaj-api.loc}"/>
- <param name="destfile" value="${saaj-api.jar}"/>
- <param name="destdir" value="${saaj-api.home}"/>
- <param name="checksum.enabled" value="${saaj-api.checksum.enabled}"/>
- <param name="checksum.algorithm" value="${saaj-api.checksum.algorithm}"/>
- <param name="checksum.value" value="${saaj-api.checksum.value}"/>
- </antcall>
-
</target>
<target name="download-test-compile"
@@ -3151,7 +3135,7 @@ skip.installer property in build.propert
<local name="temp.file"/>
<mkdir dir="${base.path}"/>
<tempfile property="temp.file" destdir="${base.path}" prefix="download-"/>
- <get src="${sourcefile}" httpusecaches="${trydownload.httpusecaches}" dest="${temp.file}.tar.gz" />
+ <get src="${sourcefile}" dest="${temp.file}.tar.gz" />
<verifyChecksum
enabled="${checksum.enabled}"
algorithm="${checksum.algorithm}" value="${checksum.value}"
@@ -3193,7 +3177,7 @@ skip.installer property in build.propert
<local name="temp.file"/>
<mkdir dir="${base.path}"/>
<tempfile property="temp.file" destdir="${base.path}" prefix="download-" suffix=".zip"/>
- <get src="${sourcefile}" httpusecaches="${trydownload.httpusecaches}" dest="${temp.file}"/>
+ <get src="${sourcefile}" dest="${temp.file}"/>
<verifyChecksum
enabled="${checksum.enabled}"
algorithm="${checksum.algorithm}" value="${checksum.value}"
@@ -3233,7 +3217,7 @@ skip.installer property in build.propert
<local name="temp.file"/>
<mkdir dir="${base.path}"/>
<tempfile property="temp.file" destdir="${base.path}" prefix="download-" suffix=".tmp"/>
- <get src="${sourcefile}" httpusecaches="${trydownload.httpusecaches}" dest="${temp.file}"/>
+ <get src="${sourcefile}" dest="${temp.file}"/>
<verifyChecksum
enabled="${checksum.enabled}"
algorithm="${checksum.algorithm}" value="${checksum.value}"
@@ -3284,7 +3268,7 @@ skip.installer property in build.propert
<target name="trydownload" if="trydownload.run" depends="trydownload.check">
<!-- Downloads a file if not yet downloaded and the source URL is available -->
- <get src="${sourcefile}" httpusecaches="${trydownload.httpusecaches}" dest="${destfile}" />
+ <get src="${sourcefile}" dest="${destfile}" />
</target>
<!-- ============================ IDE Support ============================ -->

43
tomcat-7.0.conf
View file

@ -1,37 +1,33 @@
# System-wide configuration file for tomcat services
# This will be loaded by systemd as an environment file,
# so please keep the syntax.
# This will be sourced by tomcat and any secondary service
# Values will be overridden by service-specific configuration
# files in /etc/sysconfig
#
# There are 2 "classes" of startup behavior in this package.
# The old one, the default service named tomcat.service.
# The new named instances are called tomcat@instance.service.
# Use this one to change default values for all services
# Change the service specific ones to affect only one service
# (see, for instance, /etc/sysconfig/tomcat)
#
# Use this file to change default values for all services.
# Change the service specific ones to affect only one service.
# For tomcat.service it's /etc/sysconfig/tomcat, for
# tomcat@instance it's /etc/sysconfig/tomcat@instance.
# This variable is used to figure out if config is loaded or not.
TOMCAT_CFG_LOADED="1"
# In new-style instances, if CATALINA_BASE isn't specified, it will
# be constructed by joining TOMCATS_BASE and NAME.
TOMCATS_BASE="/var/lib/tomcats/"
# Where your java installation lives
JAVA_HOME="/usr/lib/jvm/jre"
# Where your tomcat installation lives
CATALINA_BASE="@@@TCHOME@@@"
CATALINA_HOME="@@@TCHOME@@@"
# System-wide tmp
CATALINA_TMPDIR="/var/cache/tomcat/temp"
JASPER_HOME="@@@TCHOME@@@"
CATALINA_TMPDIR="@@@TCTEMP@@@"
# You can pass some parameters to java here if you wish to
#JAVA_OPTS="-Xminf0.1 -Xmaxf0.3"
# Use JAVA_OPTS to set java.library.path for libtcnative.so
#JAVA_OPTS="-Djava.library.path=/usr/lib"
#JAVA_OPTS="-Djava.library.path=@@@LIBDIR@@@"
# What user should run tomcat
TOMCAT_USER="tomcat"
# You can change your tomcat locale here
#LANG="en_US"
@ -40,9 +36,18 @@ CATALINA_TMPDIR="/var/cache/tomcat/temp"
SECURITY_MANAGER="false"
# Time to wait in seconds, before killing process
# TODO(stingray): does nothing, fix.
# SHUTDOWN_WAIT="30"
SHUTDOWN_WAIT="30"
# Whether to annoy the user with "attempting to shut down" messages or not
SHUTDOWN_VERBOSE="false"
# Set the TOMCAT_PID location
CATALINA_PID="/var/run/tomcat.pid"
# Connector port is 8080 for this tomcat instance
#CONNECTOR_PORT="8080"
# If you wish to further customize your tomcat environment,
# put your own definitions here
# (i.e. LD_LIBRARY_PATH for some jdbc drivers)

331
tomcat-7.0.init Normal file
View file

@ -0,0 +1,331 @@
#!/bin/bash
#
# tomcat This shell script takes care of starting and stopping Tomcat
#
# chkconfig: - 80 20
#
### BEGIN INIT INFO
# Provides: tomcat
# Required-Start: $network $syslog
# Required-Stop: $network $syslog
# Default-Start:
# Default-Stop:
# Description: Release implementation for Servlet 3.0 and JSP 2.2
# Short-Description: start and stop tomcat
### END INIT INFO
#
# - originally written by Henri Gomez, Keith Irwin, and Nicolas Mailhot
# - heavily rewritten by Deepak Bhole and Jason Corley
#
## Source function library.
#. /etc/rc.d/init.d/functions
# Source LSB function library.
if [ -r /lib/lsb/init-functions ]; then
. /lib/lsb/init-functions
else
exit 1
fi
DISTRIB_ID=`lsb_release -i -s 2>/dev/null`
NAME="$(basename $0)"
unset ISBOOT
if [ "${NAME:0:1}" = "S" -o "${NAME:0:1}" = "K" ]; then
NAME="${NAME:3}"
ISBOOT="1"
fi
# For SELinux we need to use 'runuser' not 'su'
if [ -x "/sbin/runuser" ]; then
SU="/sbin/runuser -s /bin/sh"
else
SU="/bin/su -s /bin/sh"
fi
# Get the tomcat config (use this for environment specific settings)
TOMCAT_CFG="/etc/tomcat/tomcat.conf"
if [ -r "$TOMCAT_CFG" ]; then
. $TOMCAT_CFG
fi
# Get instance specific config file
if [ -r "/etc/sysconfig/${NAME}" ]; then
. /etc/sysconfig/${NAME}
fi
# Define which connector port to use
CONNECTOR_PORT="${CONNECTOR_PORT:-8080}"
# Path to the tomcat launch script
TOMCAT_SCRIPT="${TOMCAT_SCRIPT:-/usr/sbin/tomcat}"
# Tomcat program name
TOMCAT_PROG="${NAME}"
# Define the tomcat username
TOMCAT_USER="${TOMCAT_USER:-tomcat}"
# Define the tomcat group
TOMCAT_GROUP="${TOMCAT_GROUP:-`id -gn $TOMCAT_USER`}"
# Define the tomcat log file
TOMCAT_LOG="${TOMCAT_LOG:-${CATALINA_HOME}/logs/${NAME}-initd.log}"
# Define the tomcat pid file
CATALINA_PID="${CATALINA_PID:-/var/run/${NAME}.pid}"
# Variable to keep parseOptions status
OPTIONS_PARSED="0"
RETVAL="0"
# Look for open ports, as the function name might imply
function findFreePorts() {
local isSet1="false"
local isSet2="false"
local isSet3="false"
local lower="8000"
randomPort1="0"
randomPort2="0"
randomPort3="0"
local -a listeners="( $(
netstat -ntl | \
awk '/^tcp/ {gsub("(.)*:", "", $4); print $4}'
) )"
while [ "$isSet1" = "false" ] || \
[ "$isSet2" = "false" ] || \
[ "$isSet3" = "false" ]; do
let port="${lower}+${RANDOM:0:4}"
if [ -z `expr " ${listeners[*]} " : ".*\( $port \).*"` ]; then
if [ "$isSet1" = "false" ]; then
export randomPort1="$port"
isSet1="true"
elif [ "$isSet2" = "false" ]; then
export randomPort2="$port"
isSet2="true"
elif [ "$isSet3" = "false" ]; then
export randomPort3="$port"
isSet3="true"
fi
fi
done
}
function makeHomeDir() {
if [ ! -d "$CATALINA_HOME" ]; then
echo "$CATALINA_HOME does not exist, creating"
if [ ! -d "/usr/share/${NAME}" ]; then
mkdir /usr/share/${NAME}
cp -pLR /usr/share/tomcat/* /usr/share/${NAME}
fi
mkdir -p /var/log/${NAME} \
/var/cache/${NAME} \
/var/tmp/${NAME}
ln -fs /var/cache/${NAME} ${CATALINA_HOME}/work
ln -fs /var/tmp/${NAME} ${CATALINA_HOME}/temp
cp -pLR /usr/share/${NAME}/bin $CATALINA_HOME
cp -pLR /usr/share/${NAME}/conf $CATALINA_HOME
ln -fs /usr/share/java/tomcat ${CATALINA_HOME}/lib
ln -fs /usr/share/tomcat/webapps ${CATALINA_HOME}/webapps
install -o ${TOMCAT_USER} -g ${TOMCAT_GROUP} -d -m 0770 /var/log/${NAME}
fi
}
function parseOptions() {
options=""
options="$options $(
awk '!/^#/ && !/^$/ { ORS=" "; print "export ", $0, ";" }' \
$TOMCAT_CFG
)"
if [ -r "/etc/sysconfig/${NAME}" ]; then
options="$options $(
awk '!/^#/ && !/^$/ { ORS=" ";
print "export ", $0, ";" }' \
/etc/sysconfig/${NAME}
)"
fi
if [ "$OPTIONS_PARSED" -eq 0 ]; then
TOMCAT_SCRIPT="$options ${TOMCAT_SCRIPT}"
OPTIONS_PARSED=1
fi
}
# See how we were called.
function start() {
echo -n "Starting ${TOMCAT_PROG}: "
if [ "$RETVAL" != "0" ]; then
log_failure_msg
return
fi
if [ -f "/var/lock/subsys/${NAME}" ]; then
if [ -s "$CATALINA_PID" ]; then
read kpid < $CATALINA_PID
# if checkpid $kpid 2>&1; then
if [ -d "/proc/${kpid}" ]; then
log_success_msg
if [ "$DISTRIB_ID" = "MandrivaLinux" ]; then
echo
fi
return 0
fi
fi
fi
# fix permissions on the log and pid files
touch $CATALINA_PID 2>&1 || RETVAL="4"
if [ "$RETVAL" -eq "0" -a "$?" -eq "0" ]; then
install -o ${TOMCAT_USER} -g ${TOMCAT_GROUP} -m 644 /dev/null "${CATALINA_PID}"
fi
[ "$RETVAL" -eq "0" ] && touch $TOMCAT_LOG 2>&1 || RETVAL="4"
if [ "$RETVAL" -eq "0" -a "$?" -eq "0" ]; then
if [ ! -f "${TOMCAT_LOG}" ]; then
install -o ${TOMCAT_USER} -g ${TOMCAT_GROUP} -m 644 /dev/null "${TOMCAT_LOG}"
fi
fi
if [ "$CATALINA_HOME" != "/usr/share/tomcat" -a "$RETVAL" -eq "0" ]; then
# Create a tomcat directory if it doesn't exist
makeHomeDir
# If CATALINA_HOME doesn't exist modify port number so that
# multiple instances don't interfere with each other
findFreePorts
sed -i -e "s/8005/${randomPort1}/g" -e "s/8080/${CONNECTOR_PORT}/g" \
-e "s/8009/${randomPort2}/g" -e "s/8443/${randomPort3}/g" \
${CATALINA_HOME}/conf/server.xml
fi
parseOptions
if [ "$RETVAL" -eq "0" -a "$SECURITY_MANAGER" = "true" ]; then
$SU - $TOMCAT_USER -c "${TOMCAT_SCRIPT} start-security" \
>> ${TOMCAT_LOG} 2>&1 || RETVAL="4"
else
[ "$RETVAL" -eq "0" ] && $SU - $TOMCAT_USER -c "${TOMCAT_SCRIPT} start" >> ${TOMCAT_LOG} 2>&1 || RETVAL="4"
fi
if [ "$RETVAL" -eq "0" ]; then
log_success_msg
touch /var/lock/subsys/${NAME}
else
log_failure_msg "Error code ${RETVAL}"
fi
if [ "$DISTRIB_ID" = "MandrivaLinux" ]; then
echo
fi
}
function stop() {
echo -n "Stopping ${TOMCAT_PROG}: "
if [ -f "/var/lock/subsys/${NAME}" ]; then
parseOptions
if [ "$RETVAL" -eq "0" ]; then
touch /var/lock/subsys/${NAME} 2>&1 || RETVAL="4"
[ "$RETVAL" -eq "0" ] && $SU - $TOMCAT_USER -c "${TOMCAT_SCRIPT} stop" >> ${TOMCAT_LOG} 2>&1 || RETVAL="4"
fi
if [ "$RETVAL" -eq "0" ]; then
count="0"
if [ -s "$CATALINA_PID" ]; then
read kpid < $CATALINA_PID
until [ "$(ps --pid $kpid | grep -c $kpid)" -eq "0" ] || \
[ "$count" -gt "$SHUTDOWN_WAIT" ]; do
if [ "$SHUTDOWN_VERBOSE" = "true" ]; then
echo "waiting for processes $kpid to exit"
fi
sleep 1
let count="${count}+1"
done
if [ "$count" -gt "$SHUTDOWN_WAIT" ]; then
if [ "$SHUTDOWN_VERBOSE" = "true" ]; then
log_warning_msg "killing processes which did not stop after ${SHUTDOWN_WAIT} seconds"
fi
kill -9 $kpid
fi
log_success_msg
fi
rm -f /var/lock/subsys/${NAME} $CATALINA_PID
else
log_failure_msg
RETVAL="4"
fi
else
log_success_msg
RETVAL="0"
fi
if [ "$DISTRIB_ID" = "MandrivaLinux" ]; then
echo
fi
}
function usage()
{
echo "Usage: $0 {start|stop|restart|condrestart|try-restart|reload|force-reload|status|version}"
RETVAL="2"
}
# See how we were called.
RETVAL="0"
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
condrestart|try-restart)
if [ -s "$CATALINA_PID" ]; then
stop
start
fi
;;
reload)
RETVAL="3"
;;
force-reload)
if [ -s "$CATALINA_PID" ]; then
stop
start
fi
;;
status)
if [ -s "$CATALINA_PID" ]; then
read kpid < $CATALINA_PID
if [ -d "/proc/${kpid}" ]; then
log_success_msg "${NAME} (pid ${kpid}) is running..."
RETVAL="0"
else
# The pid file exists but the process is not running
log_warning_msg "PID file exists, but process is not running"
RETVAL="1"
fi
else
pid="$(/usr/bin/pgrep -d , -u ${TOMCAT_USER} -G ${TOMCAT_USER} -f "catalina\.base=${CATALINA_BASE}[ $]")"
if [ -z "$pid" ]; then
# status ${NAME}
# RETVAL="$?"
log_success_msg "${NAME} is stopped"
RETVAL="3"
else
log_success_msg "${NAME} (pid $pid) is running..."
RETVAL="0"
fi
fi
if [ -f /var/lock/subsys/${NAME} ]; then
pid="$(/usr/bin/pgrep -d , -u ${TOMCAT_USER} -G ${TOMCAT_USER} -f "catalina\.base=${CATALINA_BASE}[ $]")"
# The lockfile exists but the process is not running
if [ -z "$pid" ]; then
log_failure_msg "${NAME} lockfile exists but process is not running"
RETVAL="2"
fi
fi
;;
version)
${TOMCAT_SCRIPT} version
;;
*)
usage
;;
esac
exit $RETVAL

23
tomcat-7.0.service
View file

@ -1,23 +0,0 @@
# Systemd unit file for default tomcat
#
# To create clones of this service:
# DO NOTHING, use tomcat@.service instead.
[Unit]
Description=Apache Tomcat Web Application Container
After=syslog.target network.target
[Service]
Type=simple
EnvironmentFile=/etc/tomcat/tomcat.conf
Environment="NAME="
EnvironmentFile=-/etc/sysconfig/tomcat
ExecStart=/usr/libexec/tomcat/server start
ExecStop=/usr/libexec/tomcat/server stop
SuccessExitStatus=143
User=tomcat
Group=tomcat
[Install]
WantedBy=multi-user.target

59
tomcat-7.0.sysconfig
View file

@ -1,11 +1,56 @@
# Service-specific configuration file for tomcat. This will be sourced by
# systemd for the default service (tomcat.service)
# If you want to customize named instance, make a similar file
# and name it tomcat@instancename.
# the SysV init script after the global configuration file
# /etc/tomcat/tomcat.conf, thus allowing values to be overridden in
# a per-service manner.
#
# NEVER change the init script itself. To change values for all services make
# your changes in /etc/tomcat/tomcat.conf
#
# To change values for a specific service make your edits here.
# To create a new service create a link from /etc/init.d/<your new service> to
# /etc/init.d/tomcat (do not copy the init script) and make a copy of the
# /etc/sysconfig/tomcat file to /etc/sysconfig/<your new service> and change
# the property values so the two services won't conflict. Register the new
# service in the system as usual (see chkconfig and similars).
#
# You will not need to set this, usually. For default service it equals
# CATALINA_HOME. For named service, it equals ${TOMCATS_BASE}${NAME}
# Where your java installation lives
#JAVA_HOME="/usr/lib/jvm/java"
# Where your tomcat installation lives
#CATALINA_BASE="@@@TCHOME@@@"
#CATALINA_HOME="@@@TCHOME@@@"
#JASPER_HOME="@@@TCHOME@@@"
#CATALINA_TMPDIR="@@@TCTEMP@@@"
# You can pass some parameters to java here if you wish to
#JAVA_OPTS="-Xminf0.1 -Xmaxf0.3"
# Use JAVA_OPTS to set java.library.path for libtcnative.so
#JAVA_OPTS="-Djava.library.path=@@@LIBDIR@@@"
# What user should run tomcat
#TOMCAT_USER="tomcat"
# You can change your tomcat locale here
#LANG="en_US"
# Run tomcat under the Java Security Manager
#SECURITY_MANAGER="false"
# Time to wait in seconds, before killing process
#SHUTDOWN_WAIT="30"
# Whether to annoy the user with "attempting to shut down" messages or not
#SHUTDOWN_VERBOSE="false"
# Set the TOMCAT_PID location
#CATALINA_PID="/var/run/tomcat.pid"
# Connector port is 8080 for this tomcat instance
#CONNECTOR_PORT="8080"
# If you wish to further customize your tomcat environment,
# put your own definitions here
# (i.e. LD_LIBRARY_PATH for some jdbc drivers)
# Please take a look at /etc/tomcat/tomcat.conf to have an idea what you
# can override.

72
tomcat-7.0.wrapper
View file

@ -1,24 +1,76 @@
#!/bin/bash
if [ "$1" = "version" ]; then
. /usr/libexec/tomcat/preamble
exec ${JAVACMD} -classpath ${CATALINA_HOME}/lib/catalina.jar \
org.apache.catalina.util.ServerInfo
if [ -r /usr/share/java-utils/java-functions ]; then
. /usr/share/java-utils/java-functions
else
echo "Can't read Java functions library, aborting"
exit 1
fi
SRV="tomcat"
if [ -n "$2" ]; then
SRV="tomcat@$2"
# Get the tomcat config (use this for environment specific settings)
# if $TOMCAT_CFG wasn't already loaded
if [ -z "${TOMCAT_CFG_LOADED}" ]; then
if [ -z "${TOMCAT_CFG}" ]; then
TOMCAT_CFG="/etc/tomcat/tomcat.conf"
fi
if [ -r "$TOMCAT_CFG" ]; then
. $TOMCAT_CFG
fi
fi
set_javacmd
# CLASSPATH munging
if [ -n "$JSSE_HOME" ]; then
CLASSPATH="${CLASSPATH}:$(build-classpath jcert jnet jsse 2>/dev/null)"
fi
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/bin/bootstrap.jar"
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/bin/tomcat-juli.jar"
CLASSPATH="${CLASSPATH}:$(build-classpath commons-daemon 2>/dev/null)"
if [ "$1" = "start" ]; then
systemctl start ${SRV}.service
${JAVACMD} $JAVA_OPTS $CATALINA_OPTS \
-classpath "$CLASSPATH" \
-Dcatalina.base="$CATALINA_BASE" \
-Dcatalina.home="$CATALINA_HOME" \
-Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" \
-Djava.io.tmpdir="$CATALINA_TMPDIR" \
-Djava.util.logging.config.file="${CATALINA_BASE}/conf/logging.properties" \
-Djava.util.logging.manager="org.apache.juli.ClassLoaderLogManager" \
org.apache.catalina.startup.Bootstrap start \
>> ${CATALINA_BASE}/logs/catalina.out 2>&1 &
if [ ! -z "$CATALINA_PID" ]; then
echo $! > $CATALINA_PID
fi
elif [ "$1" = "start-security" ]; then
${JAVACMD} $JAVA_OPTS $CATALINA_OPTS \
-classpath "$CLASSPATH" \
-Dcatalina.base="$CATALINA_BASE" \
-Dcatalina.home="$CATALINA_HOME" \
-Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" \
-Djava.io.tmpdir="$CATALINA_TMPDIR" \
-Djava.security.manager \
-Djava.security.policy=="${CATALINA_BASE}/conf/catalina.policy" \
-Djava.util.logging.config.file="${CATALINA_BASE}/conf/logging.properties" \
-Djava.util.logging.manager="org.apache.juli.ClassLoaderLogManager" \
org.apache.catalina.startup.Bootstrap start \
>> ${CATALINA_BASE}/logs/catalina.out 2>&1 &
if [ ! -z "$CATALINA_PID" ]; then
echo $! > $CATALINA_PID
fi
elif [ "$1" = "stop" ]; then
systemctl stop ${SRV}.service
${JAVACMD} $JAVA_OPTS \
-classpath "$CLASSPATH" \
-Dcatalina.base="$CATALINA_BASE" \
-Dcatalina.home="$CATALINA_HOME" \
-Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" \
-Djava.io.tmpdir="$CATALINA_TMPDIR" \
org.apache.catalina.startup.Bootstrap stop \
>> ${CATALINA_BASE}/logs/catalina.out 2>&1
elif [ "$1" = "version" ]; then
${JAVACMD} -classpath ${CATALINA_HOME}/lib/catalina.jar \
org.apache.catalina.util.ServerInfo
else
echo "Usage: $0 {start|stop|version} [server-id]"
echo "Usage: $0 {start|start-security|stop|version}"
exit 1
fi

26
tomcat-named.service
View file

@ -1,26 +0,0 @@
# Systemd unit file for tomcat instances.
#
# To create clones of this service:
# 0. systemctl enable tomcat@name.service
# 1. create catalina.base directory structure in
# /var/lib/tomcats/name
# 2. profit.
[Unit]
Description=Apache Tomcat Web Application Container
After=syslog.target network.target
[Service]
Type=simple
EnvironmentFile=/etc/tomcat/tomcat.conf
Environment="NAME=%I"
EnvironmentFile=-/etc/sysconfig/tomcat@%I
ExecStart=/usr/libexec/tomcat/server start
ExecStop=/usr/libexec/tomcat/server stop
SuccessExitStatus=143
User=tomcat
Group=tomcat
[Install]
WantedBy=multi-user.target

50
tomcat-preamble
View file

@ -1,50 +0,0 @@
#!/bin/bash
if [ -r /usr/share/java-utils/java-functions ]; then
. /usr/share/java-utils/java-functions
else
echo "Can't read Java functions library, aborting"
exit 1
fi
# Get the tomcat config (use this for environment specific settings)
if [ -z "${TOMCAT_CFG_LOADED}" ]; then
if [ -z "${TOMCAT_CFG}" ]; then
TOMCAT_CFG="/etc/tomcat/tomcat.conf"
fi
. $TOMCAT_CFG
fi
if [ -z "$CATALINA_BASE" ]; then
if [ -n "$NAME" ]; then
if [ -z "$TOMCATS_BASE" ]; then
TOMCATS_BASE="/var/lib/tomcats/"
fi
CATALINA_BASE="${TOMCATS_BASE}${NAME}"
else
CATALINA_BASE="${CATALINA_HOME}"
fi
fi
VERBOSE=1
set_javacmd
cd ${CATALINA_HOME}
# CLASSPATH munging
if [ ! -z "$CLASSPATH" ] ; then
CLASSPATH="$CLASSPATH":
fi
if [ -n "$JSSE_HOME" ]; then
CLASSPATH="${CLASSPATH}$(build-classpath jcert jnet jsse 2>/dev/null):"
fi
CLASSPATH="${CLASSPATH}${CATALINA_HOME}/bin/bootstrap.jar"
CLASSPATH="${CLASSPATH}:${CATALINA_HOME}/bin/tomcat-juli.jar"
CLASSPATH="${CLASSPATH}:$(build-classpath commons-daemon 2>/dev/null)"
if [ -z "$LOGGING_PROPERTIES" ] ; then
LOGGING_PROPERTIES="${CATALINA_BASE}/conf/logging.properties"
if [ ! -f "${LOGGING_PROPERTIES}" ] ; then
LOGGING_PROPERTIES="${CATALINA_HOME}/conf/logging.properties"
fi
fi

24
tomcat-server
View file

@ -1,24 +0,0 @@
#!/bin/bash
. /usr/libexec/tomcat/preamble
MAIN_CLASS=org.apache.catalina.startup.Bootstrap
FLAGS="$JAVA_OPTS $CATALINA_OPTS"
OPTIONS="-Dcatalina.base=$CATALINA_BASE \
-Dcatalina.home=$CATALINA_HOME \
-Djava.endorsed.dirs=$JAVA_ENDORSED_DIRS \
-Djava.io.tmpdir=$CATALINA_TMPDIR \
-Djava.util.logging.config.file=${LOGGING_PROPERTIES} \
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager"
if [ "$1" = "start" ] ; then
if [ "${SECURITY_MANAGER}" = "true" ] ; then
OPTIONS="${OPTIONS} \
-Djava.security.manager \
-Djava.security.policy==${CATALINA_BASE}/conf/catalina.policy"
fi
run start
elif [ "$1" = "stop" ] ; then
run stop
fi

397
tomcat.spec
View file

@ -31,7 +31,7 @@
%global jspspec 2.2
%global major_version 7
%global minor_version 0
%global micro_version 47
%global micro_version 106
%global packdname apache-tomcat-%{version}-src
%global servletspec 3.0
%global elspec 2.2
@ -49,19 +49,20 @@
%global tempdir %{cachedir}/temp
%global workdir %{cachedir}/work
%global _initrddir %{_sysconfdir}/init.d
%global _systemddir /lib/systemd/system
Name: tomcat
Epoch: 0
Version: %{major_version}.%{minor_version}.%{micro_version}
Release: 3%{?dist}
Release: 1%{?dist}
Summary: Apache Servlet/JSP Engine, RI for Servlet %{servletspec}/JSP %{jspspec} API
Group: System Environment/Daemons
License: ASL 2.0
URL: http://tomcat.apache.org/
Source0: http://www.apache.org/dist/tomcat/tomcat-%{major_version}/v%{version}/src/%{packdname}.tar.gz
Source1: %{name}-%{major_version}.%{minor_version}.conf
Source2: %{name}-%{major_version}.%{minor_version}.init
Source3: %{name}-%{major_version}.%{minor_version}.sysconfig
Source4: %{name}-%{major_version}.%{minor_version}.wrapper
Source5: %{name}-%{major_version}.%{minor_version}.logrotate
@ -70,54 +71,48 @@ Source7: %{name}-%{major_version}.%{minor_version}-tool-wrapper.script
Source8: servlet-api-OSGi-MANIFEST.MF
Source9: jsp-api-OSGi-MANIFEST.MF
Source10: %{name}-%{major_version}.%{minor_version}-log4j.properties
Source11: %{name}-%{major_version}.%{minor_version}.service
Source12: el-api-OSGi-MANIFEST.MF
Source13: jasper-el-OSGi-MANIFEST.MF
Source14: jasper-OSGi-MANIFEST.MF
Source15: tomcat-api-OSGi-MANIFEST.MF
Source16: tomcat-juli-OSGi-MANIFEST.MF
Source18: %{name}-%{major_version}.%{minor_version}-tomcat-jsvc-sysd
Source19: %{name}-%{major_version}.%{minor_version}-jsvc.wrapper
Source20: %{name}-%{major_version}.%{minor_version}-jsvc.service
Source30: tomcat-preamble
Source31: tomcat-server
Source32: tomcat-named.service
Source11: el-api-OSGi-MANIFEST.MF
Source12: jasper-el-OSGi-MANIFEST.MF
Source13: jasper-OSGi-MANIFEST.MF
Source14: tomcat-api-OSGi-MANIFEST.MF
Source15: tomcat-juli-OSGi-MANIFEST.MF
Source16: %{name}-%{major_version}.%{minor_version}-jsvc.wrapper
Patch0: %{name}-%{major_version}.%{minor_version}-bootstrap-MANIFEST.MF.patch
Patch1: %{name}-%{major_version}.%{minor_version}-tomcat-users-webapp.patch
# Adding patch to remove java 1.8 compiler options due to outdated ecj version in el6
Patch2: %{name}-7.0.104-RemoveCompilerOptions.patch
# Adding patch to remove unsupport ant tasks/attributes
Patch3: %{name}-7.0.99-build.patch
Patch4: %{name}-7.0-catalina-policy.patch
Patch5: change-defaults-for-CVE-2020-1938.patch
BuildArch: noarch
ExcludeArch: ppc64
BuildRequires: ant
BuildRequires: ecj >= 1:4.2.1
BuildRequires: ant-nodeps
BuildRequires: ant-trax
BuildRequires: ecj
BuildRequires: findutils
BuildRequires: apache-commons-collections
BuildRequires: apache-commons-daemon
BuildRequires: apache-commons-dbcp
BuildRequires: apache-commons-pool
BuildRequires: jakarta-commons-daemon
BuildRequires: jakarta-taglibs-standard
BuildRequires: java-devel >= 1:1.6.0
BuildRequires: java7-devel >= 1:1.7.0
BuildRequires: jpackage-utils >= 0:1.7.0
BuildRequires: junit
BuildRequires: log4j
BuildRequires: geronimo-jaxrpc
BuildRequires: wsdl4j
BuildRequires: systemd-units
Requires: apache-commons-daemon
Requires: apache-commons-logging
Requires: apache-commons-collections
Requires: apache-commons-dbcp
Requires: apache-commons-pool
Requires: jakarta-commons-daemon
Requires: java >= 1:1.6.0
Requires: jpackage-utils
Requires: procps
Requires: %{name}-lib = %{epoch}:%{version}-%{release}
Requires(pre): shadow-utils
Requires(post): chkconfig
Requires(preun): chkconfig
Requires(post): systemd-units
Requires(preun): systemd-units
Requires(postun): systemd-units
Requires(post): /lib/lsb/init-functions
Requires(preun): /lib/lsb/init-functions
%description
Tomcat is the servlet container that is used in the official Reference
@ -157,7 +152,7 @@ Javadoc generated documentation for Apache Tomcat.
Group: System Environment/Daemons
Summary: Apache jsvc wrapper for Apache Tomcat as separate service
Requires: %{name} = %{epoch}:%{version}-%{release}
Requires: apache-commons-daemon-jsvc
Requires: jakarta-commons-daemon-jsvc
%description jsvc
Systemd service and wrapper scripts to start tomcat with jsvc,
@ -170,6 +165,7 @@ Summary: Apache Tomcat JSP API implementation classes
Provides: jsp = %{jspspec}
Provides: jsp22
Requires: %{name}-servlet-%{servletspec}-api = %{epoch}:%{version}-%{release}
Requires: %{name}-el-%{elspec}-api = %{epoch}:%{version}-%{release}
Requires(post): chkconfig
Requires(postun): chkconfig
@ -183,10 +179,7 @@ Summary: Libraries needed to run the Tomcat Web container
Requires: %{name}-jsp-%{jspspec}-api = %{epoch}:%{version}-%{release}
Requires: %{name}-servlet-%{servletspec}-api = %{epoch}:%{version}-%{release}
Requires: %{name}-el-%{elspec}-api = %{epoch}:%{version}-%{release}
Requires: ecj >= 1:4.2.1
Requires: apache-commons-collections
Requires: apache-commons-dbcp
Requires: apache-commons-pool
Requires: ecj
Requires(preun): coreutils
%description lib
@ -232,46 +225,40 @@ find . -type f \( -name "*.bat" -o -name "*.class" -o -name Thumbs.db -o -name "
%patch0 -p0
%patch1 -p0
%patch2 -p0
%patch3 -p0
%patch4 -p0
%patch5 -p0
%{__ln_s} $(build-classpath jakarta-taglibs-core) webapps/examples/WEB-INF/lib/jstl.jar
%{__ln_s} $(build-classpath jakarta-taglibs-standard) webapps/examples/WEB-INF/lib/standard.jar
%build
export OPT_JAR_LIST="xalan-j2-serializer"
# we don't care about the tarballs and we're going to replace
# tomcat-dbcp.jar with apache-commons-{collections,dbcp,pool}-tomcat5.jar
# so just create a dummy file for later removal
export OPT_JAR_LIST="ant/ant-trax ant/ant-nodeps xalan-j2-serializer"
touch HACK
%{__mkdir_p} HACKDIR
touch HACKDIR/build.xml
# who needs a build.properties file anyway
%{ant} -Dbase.path="." \
-Dbuild.compiler="modern" \
-Dcommons-collections.jar="$(build-classpath apache-commons-collections)" \
-Dcommons-daemon.jar="$(build-classpath apache-commons-daemon)" \
-Dcommons-daemon.jar="$(build-classpath jakarta-commons-daemon)" \
-Dcommons-daemon.native.src.tgz="HACK" \
-Djasper-jdt.jar="$(build-classpath ecj)" \
-Djdt.jar="$(build-classpath ecj)" \
-Dtomcat-dbcp.jar="$(build-classpath apache-commons-dbcp)" \
-Dtomcat-native.tar.gz="HACK" \
-Dtomcat-native.home="." \
-Dcommons-daemon.native.win.mgr.exe="HACK" \
-Dnsis.exe="HACK" \
-Djaxrpc-lib.jar="$(build-classpath jaxrpc)" \
-Djaxrpc-lib.jar="HACK" \
-Dwsdl4j-lib.jar="$(build-classpath wsdl4j)" \
-Dcommons-pool.home="HACKDIR" \
-Dcommons-dbcp.home="HACKDIR" \
-Dno.build.dbcp=true \
-Dversion="%{version}" \
-Dversion.build="%{micro_version}" \
-Djava.7.home=%{java_home} \
deploy dist-prepare dist-source javadoc
# remove some jars that we'll replace with symlinks later
%{__rm} output/build/bin/commons-daemon.jar \
output/build/lib/ecj.jar \
output/build/lib/apache-commons-dbcp.jar
output/build/lib/ecj.jar
# remove the cruft we created
%{__rm} output/build/bin/tomcat-native.tar.gz
pushd output/dist/src/webapps/docs/appdev/sample/src
%{__mkdir_p} ../web/WEB-INF/classes
%{javac} -cp ../../../../../../../../output/build/lib/servlet-api.jar -d ../web/WEB-INF/classes mypackage/Hello.java
@ -284,25 +271,25 @@ popd
mkdir -p META-INF
cp -p %{SOURCE8} META-INF/MANIFEST.MF
touch META-INF/MANIFEST.MF
zip -u output/build/lib/servlet-api.jar META-INF/MANIFEST.MF
zip output/build/lib/servlet-api.jar META-INF/MANIFEST.MF
cp -p %{SOURCE9} META-INF/MANIFEST.MF
touch META-INF/MANIFEST.MF
zip -u output/build/lib/jsp-api.jar META-INF/MANIFEST.MF
zip output/build/lib/jsp-api.jar META-INF/MANIFEST.MF
cp -p %{SOURCE11} META-INF/MANIFEST.MF
touch META-INF/MANIFEST.MF
zip output/build/lib/el-api.jar META-INF/MANIFEST.MF
cp -p %{SOURCE12} META-INF/MANIFEST.MF
touch META-INF/MANIFEST.MF
zip -u output/build/lib/el-api.jar META-INF/MANIFEST.MF
zip output/build/lib/jasper-el.jar META-INF/MANIFEST.MF
cp -p %{SOURCE13} META-INF/MANIFEST.MF
touch META-INF/MANIFEST.MF
zip -u output/build/lib/jasper-el.jar META-INF/MANIFEST.MF
zip output/build/lib/jasper.jar META-INF/MANIFEST.MF
cp -p %{SOURCE14} META-INF/MANIFEST.MF
touch META-INF/MANIFEST.MF
zip -u output/build/lib/jasper.jar META-INF/MANIFEST.MF
zip output/build/lib/tomcat-api.jar META-INF/MANIFEST.MF
cp -p %{SOURCE15} META-INF/MANIFEST.MF
touch META-INF/MANIFEST.MF
zip -u output/build/lib/tomcat-api.jar META-INF/MANIFEST.MF
cp -p %{SOURCE16} META-INF/MANIFEST.MF
touch META-INF/MANIFEST.MF
zip -u output/build/bin/tomcat-juli.jar META-INF/MANIFEST.MF
zip output/build/bin/tomcat-juli.jar META-INF/MANIFEST.MF
%install
# build initial path structure
@ -310,7 +297,6 @@ zip -u output/build/bin/tomcat-juli.jar META-INF/MANIFEST.MF
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_sbindir}
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_javadocdir}/%{name}
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_initrddir}
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_systemddir}
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{appdir}
@ -326,8 +312,6 @@ zip -u output/build/bin/tomcat-juli.jar META-INF/MANIFEST.MF
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{homedir}
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{tempdir}
%{__install} -d -m 0775 ${RPM_BUILD_ROOT}%{workdir}
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_unitdir}
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_libexecdir}/%{name}
# move things into place
# First copy supporting libs to tomcat lib
@ -349,16 +333,13 @@ popd
-e "s|\@\@\@TCTEMP\@\@\@|%{tempdir}|g" \
-e "s|\@\@\@LIBDIR\@\@\@|%{_libdir}|g" %{SOURCE3} \
> ${RPM_BUILD_ROOT}%{_sysconfdir}/sysconfig/%{name}
%{__install} -m 0644 %{SOURCE2} \
${RPM_BUILD_ROOT}%{_initrddir}/%{name}
%{__install} -m 0644 %{SOURCE4} \
${RPM_BUILD_ROOT}%{_sbindir}/%{name}
%{__install} -m 0644 %{SOURCE11} \
${RPM_BUILD_ROOT}%{_unitdir}/%{name}.service
%{__install} -m 0644 %{SOURCE19} \
%{__install} -m 0644 %{SOURCE16} \
${RPM_BUILD_ROOT}%{_sbindir}/%{name}-jsvc
%{__install} -m 0644 %{SOURCE20} \
${RPM_BUILD_ROOT}%{_unitdir}/%{name}-jsvc.service
%{__install} -m 0644 %{SOURCE18} \
${RPM_BUILD_ROOT}%{_sbindir}/%{name}-jsvc-sysd
%{__ln_s} %{name} ${RPM_BUILD_ROOT}%{_sbindir}/d%{name}
%{__sed} -e "s|\@\@\@TCLOG\@\@\@|%{logdir}|g" %{SOURCE5} \
> ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/%{name}
%{__sed} -e "s|\@\@\@TCHOME\@\@\@|%{homedir}|g" \
@ -369,14 +350,6 @@ popd
-e "s|\@\@\@TCTEMP\@\@\@|%{tempdir}|g" \
-e "s|\@\@\@LIBDIR\@\@\@|%{_libdir}|g" %{SOURCE7} \
> ${RPM_BUILD_ROOT}%{_bindir}/%{name}-tool-wrapper
%{__install} -m 0755 %{SOURCE30} \
${RPM_BUILD_ROOT}%{_libexecdir}/%{name}/preamble
%{__install} -m 0755 %{SOURCE31} \
${RPM_BUILD_ROOT}%{_libexecdir}/%{name}/server
%{__install} -m 0644 %{SOURCE32} \
${RPM_BUILD_ROOT}%{_unitdir}/%{name}@.service
# create jsp and servlet API symlinks
pushd ${RPM_BUILD_ROOT}%{_javadir}
%{__mv} %{name}/jsp-api.jar %{name}-jsp-%{jspspec}-api.jar
@ -388,8 +361,7 @@ pushd ${RPM_BUILD_ROOT}%{_javadir}
popd
pushd output/build
%{_bindir}/build-jar-repository lib apache-commons-collections \
apache-commons-dbcp apache-commons-pool ecj 2>&1
%{_bindir}/build-jar-repository lib ecj 2>&1
# need to use -p here with b-j-r otherwise the examples webapp fails to
# load with a java.io.IOException
%{_bindir}/build-jar-repository -p webapps/examples/WEB-INF/lib \
@ -401,9 +373,6 @@ pushd ${RPM_BUILD_ROOT}%{libdir}
%{__ln_s} ../%{name}-jsp-%{jspspec}-api.jar .
%{__ln_s} ../%{name}-servlet-%{servletspec}-api.jar .
%{__ln_s} ../%{name}-el-%{elspec}-api.jar .
%{__ln_s} $(build-classpath apache-commons-collections) commons-collections.jar
%{__ln_s} $(build-classpath apache-commons-dbcp) commons-dbcp.jar
%{__ln_s} $(build-classpath apache-commons-pool) commons-pool.jar
%{__ln_s} $(build-classpath log4j) log4j.jar
%{__ln_s} $(build-classpath ecj) jasper-jdt.jar
@ -440,52 +409,47 @@ pushd ${RPM_BUILD_ROOT}%{appdir}/examples/WEB-INF/lib
%{__ln_s} -f $(build-classpath jakarta-taglibs-standard) standard.jar
popd
%add_to_maven_depmap javax.servlet servlet-api %{servletspec} JPP %{name}-servlet-%{servletspec}-api
%add_to_maven_depmap org.mortbay.jetty servlet-api %{servletspec} JPP %{name}-servlet-%{servletspec}-api
mv %{buildroot}%{_mavendepmapfragdir}/%{name} %{buildroot}%{_mavendepmapfragdir}/%{name}-servlet-api
# Install the maven metadata
%{__install} -d -m 0755 ${RPM_BUILD_ROOT}%{_mavenpomdir}
pushd output/dist/src/res/maven
for pom in *.pom; do
# fix-up version in all pom files
sed -i 's/@MAVEN.DEPLOY.VERSION@/%{version}/g' $pom
done
# we won't install dbcp, juli-adapters and juli-extras pom files
for libname in annotations-api catalina jasper-el jasper catalina-ha; do
%{__cp} -a %{name}-$libname.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-$libname.pom
%add_maven_depmap JPP.%{name}-$libname.pom %{name}/$libname.jar
#we won't install dhcp, juli-adapters and juli-extras pom files
for pom in tomcat-annotations-api.pom tomcat-catalina.pom tomcat-jasper-el.pom tomcat-jasper.pom \
tomcat-catalina-ha.pom tomcat-api.pom; do
%{__cp} -a $pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.$pom
base=`basename $pom .pom`
%add_to_maven_depmap org.apache.tomcat $base %{version} JPP $base
done
# servlet-api jsp-api and el-api are not in tomcat subdir, since they are widely re-used elsewhere
%{__cp} -a tomcat-jsp-api.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP-tomcat-jsp-api.pom
%add_maven_depmap JPP-tomcat-jsp-api.pom tomcat-jsp-api.jar -f "tomcat-jsp-api" -a "javax.servlet.jsp:javax.servlet.jsp-api,javax.servlet:jsp-api,org.eclipse.jetty.orbit:javax.servlet.jsp"
for pom in tomcat-jsp-api.pom tomcat-servlet-api.pom tomcat-el-api.pom; do
%{__cp} -a $pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP-$pom
base=`basename $pom .pom`
%add_to_maven_depmap org.apache.tomcat $base JPP %{name}-$base
%{__cp} -a $pom ${RPM_BUILD_ROOT}%{_mavendepmapfragdir}/$base
done
%{__cp} -a tomcat-el-api.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP-tomcat-el-api.pom
%add_maven_depmap JPP-tomcat-el-api.pom tomcat-el-api.jar -f "tomcat-el-api" -a "javax.el:javax.el-api,javax.el:el-api,org.eclipse.jetty.orbit:javax.el"
%{__cp} -a tomcat-servlet-api.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP-tomcat-servlet-api.pom
# Generate a depmap fragment javax.servlet:servlet-api pointing to
# tomcat-servlet-3.0-api for backwards compatibility
# also provide jetty depmap (originally in jetty package, but it's cleaner to have it here
%add_maven_depmap JPP-tomcat-servlet-api.pom tomcat-servlet-api.jar -f "tomcat-servlet-api" -a "javax.servlet:servlet-api,javax.servlet:javax.servlet-api,org.mortbay.jetty:servlet-api,org.eclipse.jetty.orbit:javax.servlet"
# replace temporary copy with link
%{__ln_s} -f $(abs2rel %{bindir}/tomcat-juli.jar %{libdir}) ${RPM_BUILD_ROOT}%{libdir}/
# two special pom where jar files have different names
%{__cp} -a tomcat-tribes.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-catalina-tribes.pom
%add_maven_depmap JPP.%{name}-catalina-tribes.pom %{name}/catalina-tribes.jar
%add_to_maven_depmap org.apache.tomcat tribes %{version} JPP/%{name} catalina-tribes
%{__cp} -a tomcat-coyote.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-tomcat-coyote.pom
%add_maven_depmap JPP.%{name}-tomcat-coyote.pom %{name}/tomcat-coyote.jar
%add_to_maven_depmap org.apache.tomcat coyote %{version} JPP/%{name} tomcat-coyote
%{__cp} -a tomcat-juli.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-tomcat-juli.pom
%add_maven_depmap JPP.%{name}-tomcat-juli.pom %{name}/tomcat-juli.jar
%{__cp} -a tomcat-api.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-tomcat-api.pom
%add_maven_depmap JPP.%{name}-tomcat-api.pom %{name}/tomcat-api.jar
%add_to_maven_depmap org.apache.tomcat juli %{version} JPP/%{name} tomcat-juli
%{__cp} -a tomcat-util.pom ${RPM_BUILD_ROOT}%{_mavenpomdir}/JPP.%{name}-tomcat-util.pom
%add_maven_depmap JPP.%{name}-tomcat-util.pom %{name}/tomcat-util.jar
%add_to_maven_depmap org.apache.tomcat util %{version} JPP/%{name} tomcat-util
# replace temporary copy with link
%{__ln_s} -f %{bindir}/tomcat-juli.jar ${RPM_BUILD_ROOT}%{libdir}/
mkdir -p ${RPM_BUILD_ROOT}%{_prefix}/lib/tmpfiles.d
cat > ${RPM_BUILD_ROOT}%{_prefix}/lib/tmpfiles.d/%{name}.conf <<EOF
@ -499,9 +463,8 @@ EOF
%{_sbindir}/useradd -c "Apache Tomcat" -u %{tcuid} -g tomcat \
-s /bin/nologin -r -d %{homedir} tomcat 2>/dev/null || :
%post
# install but don't activate
%systemd_post %{name}.service
%post
/sbin/chkconfig --add %{name}
%post jsp-%{jspspec}-api
%{_sbindir}/update-alternatives --install %{_javadir}/jsp.jar jsp \
@ -515,13 +478,14 @@ EOF
%{_sbindir}/update-alternatives --install %{_javadir}/elspec.jar elspec \
%{_javadir}/%{name}-el-%{elspec}-api.jar 20300
%preun
# clean tempdir and workdir on removal or upgrade
%{__rm} -rf %{workdir}/* %{tempdir}/*
%systemd_preun %{name}.service
%postun
%systemd_postun_with_restart %{name}.service
if [ "$1" = "0" ]; then
%{_initrddir}/%{name} stop >/dev/null 2>&1
/sbin/chkconfig --del %{name}
fi
%postun jsp-%{jspspec}-api
if [ "$1" = "0" ]; then
@ -541,46 +505,41 @@ if [ "$1" = "0" ]; then
%{_javadir}/%{name}-el-%{elspec}-api.jar
fi
%triggerun -- tomcat < 0:7.0.22-2
/usr/bin/systemd-sysv-convert -- save tomcat > /dev/null 2>&1 || :
# Run these becasue the SysV package being removed won't do them
/sbin/chkconfig --del tomcat > /dev/null 2>&1 || :
/bin/systemctl try-restart tomcat.service > /dev/null 2>&1 || :
%files
%defattr(0664,root,tomcat,0755)
%doc {LICENSE,NOTICE,RELEASE*}
%attr(0755,root,root) %{_bindir}/%{name}-digest
%attr(0755,root,root) %{_bindir}/%{name}-tool-wrapper
%attr(0755,root,root) %{_sbindir}/d%{name}
%attr(0755,root,root) %{_sbindir}/%{name}
%attr(0644,root,root) %{_unitdir}/%{name}.service
%attr(0644,root,root) %{_unitdir}/%{name}@.service
%attr(0755,root,root) %dir %{_libexecdir}/%{name}
%attr(0755,root,root) %{_libexecdir}/%{name}/preamble
%attr(0755,root,root) %{_libexecdir}/%{name}/server
%attr(0755,root,root) %{_initrddir}/%{name}
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
%config(noreplace) %{_sysconfdir}/sysconfig/%{name}
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/%{name}
%attr(0755,root,tomcat) %dir %{basedir}
%attr(0755,root,tomcat) %dir %{confdir}
%defattr(0664,tomcat,root,0770)
%attr(0770,tomcat,root) %dir %{logdir}
%defattr(0664,root,tomcat,0770)
%attr(0660,tomcat,tomcat) %{logdir}/catalina.out
%attr(0644,tomcat,tomcat) %{_localstatedir}/run/%{name}.pid
%attr(0660,tomcat,tomcat) %verify(not size md5 mtime) %{logdir}/catalina.out
%attr(0644,tomcat,tomcat) %verify(not size md5 mtime) %{_localstatedir}/run/%{name}.pid
%attr(0770,root,tomcat) %dir %{cachedir}
%attr(0770,root,tomcat) %dir %{tempdir}
%attr(0770,root,tomcat) %dir %{workdir}
%defattr(0664,root,tomcat,0775)
%defattr(0644,root,tomcat,0775)
%attr(0775,root,tomcat) %dir %{appdir}
%attr(0775,root,tomcat) %dir %{confdir}/Catalina
%attr(0775,root,tomcat) %dir %{confdir}/Catalina/localhost
%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/%{name}.conf
%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/*.policy
%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/*.properties
%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/context.xml
%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/server.xml
%attr(0660,tomcat,tomcat) %config(noreplace) %{confdir}/tomcat-users.xml
%attr(0664,tomcat,tomcat) %config(noreplace) %{confdir}/web.xml
%config(noreplace) %{confdir}/%{name}.conf
%config(noreplace) %{confdir}/*.policy
%config(noreplace) %{confdir}/*.properties
%config(noreplace) %{confdir}/context.xml
%config(noreplace) %{confdir}/server.xml
%attr(0640,root,tomcat) %config(noreplace) %{confdir}/tomcat-users.xml
%config(noreplace) %{confdir}/web.xml
%dir %{homedir}
%{_prefix}/lib/tmpfiles.d/%{name}.conf
%{bindir}/bootstrap.jar
@ -610,7 +569,7 @@ fi
%{_javadir}/%{name}-jsp-%{jspspec}*.jar
%{_javadir}/%{name}-jsp-api.jar
%{_mavenpomdir}/JPP-%{name}-jsp-api.pom
%{_mavendepmapfragdir}/%{name}-tomcat-jsp-api
%{_mavendepmapfragdir}/%{name}-jsp-api
%files lib
%defattr(-,root,root,-)
@ -623,7 +582,7 @@ fi
%{_mavenpomdir}/JPP.%{name}-catalina.pom
%{_mavenpomdir}/JPP.%{name}-jasper-el.pom
%{_mavenpomdir}/JPP.%{name}-jasper.pom
%{_mavenpomdir}/JPP.%{name}-tomcat-api.pom
%{_mavenpomdir}/JPP.%{name}-api.pom
%{_mavenpomdir}/JPP.%{name}-tomcat-juli.pom
%{_mavenpomdir}/JPP.%{name}-tomcat-coyote.pom
%{_mavenpomdir}/JPP.%{name}-tomcat-util.pom
@ -635,7 +594,7 @@ fi
%doc LICENSE
%{_javadir}/%{name}-servlet-%{servletspec}*.jar
%{_javadir}/%{name}-servlet-api.jar
%{_mavendepmapfragdir}/%{name}-tomcat-servlet-api
%{_mavendepmapfragdir}/%{name}-servlet-api
%{_mavenpomdir}/JPP-%{name}-servlet-api.pom
%files el-%{elspec}-api
@ -645,7 +604,7 @@ fi
%{_javadir}/%{name}-el-api.jar
%{libdir}/%{name}-el-%{elspec}-api.jar
%{_mavenpomdir}/JPP-%{name}-el-api.pom
%{_mavendepmapfragdir}/%{name}-tomcat-el-api
%{_mavendepmapfragdir}/%{name}-el-api
%files webapps
@ -657,41 +616,145 @@ fi
%files jsvc
%defattr(755,root,root,0755)
%{_sbindir}/%{name}-jsvc
%{_sbindir}/%{name}-jsvc-sysd
%attr(0644,root,root) %{_unitdir}/%{name}-jsvc.service
%changelog
* Tue Jan 21 2014 Mikolaj Izdebski <mizdebsk@redhat.com> - 0:7.0.47-3
- Fix installation of Maven metadata for tomcat-juli.jar
- Resolves: rhbz#1033664
* Wed Oct 28 2020 Hui Wang <huwang@redhat.com> - 1:7.0.106-1
- Update to 7.0.106
* Wed Jan 15 2014 Stanislav Ochotnicky <sochotnicky@redhat.com> - 0:7.0.47-2
- Rebuild for bug #1033664
* Wed Jul 15 2020 Hui Wang <huwang@redhat.com> - 1:7.0.105-1
- Update to 7.0.105
* Thu Jun 04 2020 Hui Wang <huwang@redhat.com> - 1:7.0.104-1
- Update to 7.0.104
* Wed Apr 22 2020 Coty Sutherland <csutherl@redhat.com> - 1:7.0.103-1
- Update to 7.0.103
* Thu Mar 12 2020 Coty Sutherland <csutherl@redhat.com> - 1:7.0.100-2
- Related: rhbz#1806398 Undo changes in defaults for AJP connector (CVE-2020-1938) to prevent breakage, please update your configuration
* Thu Mar 05 2020 Coty Sutherland <csutherl@redhat.com> - 1:7.0.100-1
- Update to 7.0.100
- Resolves: rhbz#1806805 - CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability
* Thu Feb 06 2020 Coty Sutherland <csutherl@redhat.com> - 1:7.0.99-1
- Update to 7.0.99
* Thu Sep 26 2019 Coty Sutherland <csutherl@redhat.com> - 1:7.0.96-1
- Update to 7.0.96
- Resolves: rhbz#1466026 JVM options are duplicated after service restart
* Tue Jun 18 2019 Coty Sutherland <csutherl@redhat.com> - 1:7.0.94-1
- Update to 7.0.94
- Resolves: rhbz#1713280 - CVE-2019-0221 tomcat: XSS in SSI printenv
* Thu Dec 13 2018 Coty Sutherland <csutherl@redhat.com> - 1:7.0.92-1
- Update to 7.0.92
- Resolves: rhbz#1636513 - CVE-2018-11784 tomcat: Open redirect in default servlet
* Tue Jul 31 2018 Coty Sutherland <csutherl@redhat.com> - 1:7.0.90-1
- Update to 7.0.90
- Resolves: rhbz#1607586 - CVE-2018-8034 tomcat: host name verification missing in WebSocket client
- Resolves: rhbz#1579612 - CVE-2018-8014 tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins
- Resolves: rhbz#1624929 - CVE-2018-1336 tomcat: A bug in the UTF-8 decoder can lead to DoS
* Tue May 01 2018 Coty Sutherland <csutherl@redhat.com> - 1:7.0.86-1
- Update to 7.0.86
* Fri Mar 16 2018 Coty Sutherland <csutherl@redhat.com> - 1:7.0.85-1
- Update to 7.0.85
- Resolves: rhbz#1548291 CVE-2018-1304 tomcat: Incorrect handling of empty string URL in security constraints can lead to unitended exposure of resources
- Resolves: rhbz#1548283 CVE-2018-1305 tomcat: Late application of security constraints can lead to resource exposure for unauthorised users
* Thu Feb 01 2018 Coty Sutherland <csutherl@redhat.com> - 0:7.0.84-1
- Update to 7.0.84
* Wed Oct 04 2017 Coty Sutherland <csutherl@redhat.com> - 0:7.0.82-1
- Update to 7.0.82
- Resolves: rhbz#1497681 CVE-2017-12617 tomcat: Remote Code Execution bypass for CVE-2017-12615
* Mon Aug 21 2017 Coty Sutherland <csutherl@redhat.com> - 0:7.0.81-1
- Update to 7.0.81
- Resolves: rhbz#1480621 CVE-2017-7674 tomcat: Cache Poisoning
* Fri Jun 09 2017 Coty Sutherland <csutherl@redhat.com> - 0:7.0.78-1
- Update to 7.0.78
- Resolves: rhbz#1459161 CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism
* Tue Apr 11 2017 Coty Sutherland <csutherl@redhat.com> - 0:7.0.77-1
- Update to 7.0.77
* Fri Mar 31 2017 Coty Sutherland <csutherl@redhat.com> - 0:7.0.76-1
- Update to 7.0.76
* Thu Feb 16 2017 Coty Sutherland <csutherl@redhat.com> - 0:7.0.75-1
- Update to 7.0.75
- Resolves: rhbz#1420223 CVE-2016-6325 tomcat: tomcat writable config files allow privilege escalation
- Resolves: rhbz#1372789 init script status command gives incorrect result
* Tue Nov 29 2016 Coty Sutherland <csutherl@redhat.com> - 0:7.0.73-1
- Update to 7.0.73
- Resolves: rhbz#1397495 CVE-2016-6816 CVE-2016-8735 tomcat: various flaws
* Fri Sep 23 2016 Coty Sutherland <csutherl@redhat.com> 0:7.0.72-1
- Resolves: rhbz#1375582 CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header
- Resolves: rhbz#1376718 CVE-2016-1240 tomcat: Local privilege escalation via unsafe file handling in the Tomcat init script
- Resolves: rhbz#1379170 jsvc script is broken
* Wed Aug 17 2016 Coty Sutherland <csutherl@redhat.com> 0:7.0.70-3
- Resolves: rhbz#1170797 remove tomcat6 dependency on redhat-lsb (and any other unnecessary ones)
* Fri Aug 05 2016 Coty Sutherland <csutherl@redhat.com> 0:7.0.70-2
- Related: rhbz#1314177 Had to fix a minor syntax issue that caused it to improperly eval
* Fri Aug 05 2016 Coty Sutherland <csutherl@redhat.com> 0:7.0.70-1
- Resolves: rhbz#1352120 The javadoc package is useless; it contains one index.html
- Resolves: rhbz#1347838 The security manager doesn't work correctly (JSPs cannot be compiled)
- Resolves: rhbz#1327327 rpm -V tomcat fails on /var/log/tomcat/catalina.out
- Resolves: rhbz#1314177 Tomcat init script reports wrong status when one instance of several is stopped
- Resolves: rhbz#1312280 Unable to overwrite the TOMCAT_SCRIPT variable
- Resolves: rhbz#1104708 Tomcat init script does not respect setting of CATALINA_PID in /etc/sysconfig/tomcat
- Resolves: rhbz#1104704 /usr/sbin/tomcat overrides settings specified in /etc/sysconfig/${NAME}
- Resolves: rhbz#1364067 The tomcat-tool-wrapper script is broken
- Resolves: rhbz#1364068 The command tomcat-digest doesn't work
- Resolves: rhbz#1311499 Updating package causes tomcat to not start on boot
- Resolves: rhbz#1352009 tomcat: multiple security vulnerabilities (updates to 7.0.70)
* Fri Nov 13 2015 Coty Sutherland <csutherl@redhat.com> 0:7.0.65-1
- Updated to 7.0.65
* Tue Apr 29 2014 Vlad Slepukhin <slp.vld@gmail.com> 0:7.0.33-4
- Fixed bug not allowing Tomcat to start properly connected with access privleges to the logging directory
- Removed residual systemd configuration from the wrapper
* Wed Feb 26 2014 Vlad Slepukhin <slp.vld@gmail.com> 0:7.0.33-3
- Changed ExclusiveArch to ExcludeArch due to bug appearing during build with this parameter
* Mon Feb 24 2014 Vlad Slepukhin <slp.vld@gmail.com> 0:7.0.33-2
- Restrctied to x86_64 and i686 platforms as now requires java 1.6 or later for building and running
* Thu Feb 20 2014 Vlad Slepukhin <slp.vld@gmail.com> 0:7.0.33-1
- Rebuilded for EL6 compatibility
- Removed systemd for compatibility
- As no systemd used, systemv moved back to tomcat package
- Build now requires ant-trax for compatibility (XSLT and JavaDoc)
- Build now requires redhat-lsb for LSB libraries on CentOS
- Removed geronimo-jaxrpc as no package found in EL6
- Renamed apache-* packages to jakarta-* ones for EL6
- %add_maven_depmap replaced with %add_to_maven_depmap as no such Maven script exists in EL6 maven packages
- Refactored and cleaned, removing unused code
- Removed unused files needed for systemd
- Corrected access attributes and rights management for safety purposes
* Sun Nov 03 2013 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.47-1
- Updated to 7.0.47
- Fix java.security.policy
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0:7.0.42-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Fri Jul 12 2013 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.42-2
- Remove jpackage-utils R
* Thu Jul 11 2013 Dmitry Tikhonov <squall.sama@gmail.com> 0:7.0.42-1
- Updated to 7.0.42
* Tue Jun 11 2013 Paul Komkoff <i@stingr.net> 0:7.0.40-3
- Dropped systemv inits. Bye-bye.
- Updated the systemd wrappers to allow running multiple instances.
Added wrapper scripts to do that, ported the original non-named
service file to work with the same wrappers, updated
/usr/sbin/tomcat to call systemctl.
* Sat May 11 2013 Ivan Afonichev <ivan.afonichev@gmail.com> 0:7.0.40-1
- Updated to 7.0.40
- Resolves: rhbz 956569 added missing commons-pool link
- Remove ant-nodeps BR
* Mon Mar 4 2013 Mikolaj Izdebski <mizdebsk@redhat.com> - 0:7.0.37-2
- Add depmaps for org.eclipse.jetty.orbit