Author: ttx-guest
Date: 2010-05-21 11:55:42 +0000 (Fri, 21 May 2010)
New Revision: 12475
Modified:
trunk/tomcat6/debian/changelog
trunk/tomcat6/debian/tomcat6.postinst
trunk/tomcat6/debian/tomcat6.prerm
Log:
debian/tomcat6.{postinst,prerm}: Respect TOMCAT6_USER and TOMCAT6_GROUP
as defined in /etc/default/tomcat6 when setting directory permissions and
authbind configuration (Closes: #581018, LP: #557300)
Modified: trunk/tomcat6/debian/changelog
===================================================================
--- trunk/tomcat6/debian/changelog 2010-05-21 08:13:55 UTC (rev 12474)
+++ trunk/tomcat6/debian/changelog 2010-05-21 11:55:42 UTC (rev 12475)
@@ -1,3 +1,11 @@
+tomcat6 (6.0.26-2) UNRELEASED; urgency=low
+
+ * debian/tomcat6.{postinst,prerm}: Respect TOMCAT6_USER and TOMCAT6_GROUP
+ as defined in /etc/default/tomcat6 when setting directory permissions and
+ authbind configuration (Closes: #581018, LP: #557300)
+
+ -- Thierry Carrez <thierry.car...@ubuntu.com> Fri, 21 May 2010 13:51:15 +0200
+
tomcat6 (6.0.26-1) unstable; urgency=low
* New upstream version
Modified: trunk/tomcat6/debian/tomcat6.postinst
===================================================================
--- trunk/tomcat6/debian/tomcat6.postinst 2010-05-21 08:13:55 UTC (rev
12474)
+++ trunk/tomcat6/debian/tomcat6.postinst 2010-05-21 11:55:42 UTC (rev
12475)
@@ -3,24 +3,28 @@
case "$1" in
configure)
- if ! id tomcat6 > /dev/null 2>&1 ; then
+ [ -f /etc/default/tomcat6 ] && . /etc/default/tomcat6
+ [ -z "$TOMCAT6_USER" ] && TOMCAT6_USER="tomcat6"
+ [ -z "$TOMCAT6_GROUP" ] && TOMCAT6_GROUP="tomcat6"
+ addgroup --system "$TOMCAT6_GROUP" --quiet
+ if ! id $TOMCAT6_USER > /dev/null 2>&1 ; then
adduser --system --home /usr/share/tomcat6 --no-create-home \
- --group --disabled-password --shell /bin/false \
- tomcat6
+ --ingroup "$TOMCAT6_GROUP" --disabled-password --shell
/bin/false \
+ "$TOMCAT6_USER"
fi
- chown -R tomcat6:adm /var/log/tomcat6 /var/cache/tomcat6
+ chown -R $TOMCAT6_USER:adm /var/log/tomcat6 /var/cache/tomcat6
chmod 750 /var/log/tomcat6 /var/cache/tomcat6
# configuration files should not be modifiable by tomcat6 user, as this
can be a security issue
# (an attacker may insert code in a webapp and have access to all
tomcat configuration)
# but those files should be readable by tomcat6, so we set the group to
tomcat6
- chown -Rh root:tomcat6 /etc/tomcat6/*
+ chown -Rh root:$TOMCAT6_GROUP /etc/tomcat6/*
chmod 640 /etc/tomcat6/tomcat-users.xml
- chown -Rh tomcat6:adm /var/lib/tomcat6/webapps /var/lib/tomcat6/common
/var/lib/tomcat6/server /var/lib/tomcat6/shared
+ chown -Rh $TOMCAT6_USER:adm /var/lib/tomcat6/webapps
/var/lib/tomcat6/common /var/lib/tomcat6/server /var/lib/tomcat6/shared
chmod 775 /var/lib/tomcat6/webapps
chmod 775 /etc/tomcat6/Catalina /etc/tomcat6/Catalina/localhost
# Authorize user tomcat6 to open privileged ports via authbind.
- TOMCAT_UID="`id -u tomcat6`"
+ TOMCAT_UID="`id -u $TOMCAT6_USER`"
if [ ! -f "/etc/authbind/byuid/$TOMCAT_UID" ]; then
if [ ! -d "/etc/authbind/byuid" ]; then
mkdir -p /etc/authbind/byuid
@@ -28,7 +32,7 @@
chmod 755 /etc/authbind/byuid
fi
echo '0.0.0.0/32:1,1023' >/etc/authbind/byuid/$TOMCAT_UID
- chown tomcat6:tomcat6 /etc/authbind/byuid/$TOMCAT_UID
+ chown $TOMCAT6_USER:$TOMCAT6_GROUP
/etc/authbind/byuid/$TOMCAT_UID
chmod 700 /etc/authbind/byuid/$TOMCAT_UID
fi
;;
Modified: trunk/tomcat6/debian/tomcat6.prerm
===================================================================
--- trunk/tomcat6/debian/tomcat6.prerm 2010-05-21 08:13:55 UTC (rev 12474)
+++ trunk/tomcat6/debian/tomcat6.prerm 2010-05-21 11:55:42 UTC (rev 12475)
@@ -3,8 +3,10 @@
case "$1" in
remove)
+ [ -f /etc/default/tomcat6 ] && . /etc/default/tomcat6
+ [ -z "$TOMCAT6_USER" ] && TOMCAT6_USER="tomcat6"
# Remove auth for tomcat6 to open privileged ports via authbind.
- TOMCAT_UID="`id -u tomcat6`"
+ TOMCAT_UID="`id -u $TOMCAT6_USER`"
if [ -f "/etc/authbind/byuid/$TOMCAT_UID" ]; then
rm -f /etc/authbind/byuid/$TOMCAT_UID
fi
_______________________________________________
pkg-java-commits mailing list
pkg-java-comm...@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/pkg-java-commits
