Thanks !
I have verified and it is ok, i can close my bug report.
Best regards,
Université de Lille
*Mathieu HETRU*
Responsable du bureau missions transversales
Université de Lille - Campus Cité Scientifique
Direction des Systèmes d'Information
Service Intégration / Exploitation
Cellule missions transversales
Bureau 47 - Bâtiment A3
Domaine universitaire de la Cité Scientifique
Avenue Carl Von Limé
BP 90179 59653 Villeneuve d'Ascq
Tél. :+33 (0)3 62 26 83 81 (numéro interne : 68381)
mathieu.he...@univ-lille.fr <mailto:mathieu.he...@univ-lille.fr> *|*
www.univ-lille.fr <http://www.univ-lille.fr>
Le 24/11/2020 à 08:56, Emmanuel Bourg a écrit :
Hi Mathieu,
Le 18/05/2020 à 15:26, Mathieu HETRU a écrit :
So each virtualhost in server.xml got one webapps directory under
catalina_home (/var/lib/tomcat9).
But tomcat9 cannot deploy war files (applications) because the unix user
"tomcat" cannot have access read-write under /var/lib/tomcat9.
The tomcat user isn't allowed to write to /var/lib/tomcat9 because we
want to prevent a malicious or compromised web application from altering
the Tomcat configuration. So you have to customize the systemd
configuration for the tomcat9 service as you've figured out.
I have found the solution with adding this line :
ReadWritePaths=/var/lib/tomcat9/
in the systemctl file service of tomcat9
/usr/lib/systemd/system/tomcat9.service
and systemctl daemon-reload
But, when an update of debian occured on tomcat9 package, i lost my
modification.
/usr/lib/systemd/system/tomcat9.service belongs to the package and
should not be modified. Custom settings go to a conf file under
/etc/systemd/system/tomcat9.service.d/, you can look at the
README.Debian file for an example.
Emmanuel Bourg
