Package Details: tomcat9 9.0.13-1

Git Clone URL: https://aur.archlinux.org/tomcat9.git (read-only)
Package Base: tomcat9
Description: Open source implementation of the Java Servlet 4.0 and JavaServer Pages 2.3 technologies
Upstream URL: http://tomcat.apache.org/
Licenses: Apache
Submitter: coderkun
Maintainer: coderkun
Last Packager: coderkun
Votes: 5
Popularity: 0.083014
First Submitted: 2017-10-28 10:35
Last Updated: 2018-11-10 15:44

Latest Comments

1 2 Next › Last »

coderkun commented on 2018-08-27 07:23

@morealaz, similar to the configuration files I don’t think the files under “webapps” should be readable by “everyone”. Only because the Tomcat 8 files have certain permissions doesn’t mean the Tomcat 9 files should do the same. Add your user to the “tomcat9” group and you will have read access.

morealaz commented on 2018-08-27 05:46

/var/lib/tomcat9/webapps contents does not have read permission for others:

drwxr-x---  3 tomcat9 tomcat9 4096 Aug 24 12:05 ROOT
drwxr-x--- 14 tomcat9 tomcat9 4096 Aug 24 12:05 docs
drwxr-x---  6 tomcat9 tomcat9 4096 Aug 24 12:05 examples
drwxr-x---  5 tomcat9 tomcat9 4096 Aug 24 12:05 host-manager
drwxr-x---  5 tomcat9 tomcat9 4096 Aug 24 12:05 manager

please fix it. this is permissions for tomcat8 package:

drwxr-xr-x  3 tomcat8 tomcat8 4096 Aug 24 12:04 ROOT
drwxr-xr-x 14 tomcat8 tomcat8 4096 Aug 24 12:04 docs
drwxr-xr-x  6 tomcat8 tomcat8 4096 Aug 24 12:04 examples
drwxr-xr-x  5 tomcat8 tomcat8 4096 Aug 24 12:04 host-manager
drwxr-xr-x  5 tomcat8 tomcat8 4096 Aug 24 12:04 manager

coderkun commented on 2018-04-20 08:16

@frealgagu, I don’t think it is a clever idea to make the Tomcat configuration files readable by everyone since they may contain passwords (e. g. tomcat-users.xml) and other confidental information. IDEs usually provide their own set of configuration files (Eclipse does for instance).

frealgagu commented on 2018-04-16 15:08

The files in the folders should have the read permission for everything and not just the bin/ directory. I always need to manually add permissions to conf/ files to be readable in order to make my IDE works.

Magotchi commented on 2018-04-02 15:12

FYI for others running into this not running on Java 9 via the systemd service:

  • Arch's current version of java-jsvc is 1.0.15, which does not support Java 9, as support was added in 1.1.0.
  • The PKGBUILD for java-commons-daemon (split package which includes java-jsvc), can be edited to build 1.1.0, but it won't build on Java 9, as the upstream sources are set to build with Java 5 (1.5) compatibility, which Java 9 no longer supports. The final built package (using OpenJDK 8, at least) does work on Java 9, however.

Magotchi commented on 2018-04-02 14:12

Awesome. Thanks. I'm not sure on their rationale behind the new permissions scheme, but I don't see anything that should be a secret in that directory, either.

coderkun commented on 2018-04-01 18:12

@Magotchi, I would have preferred to rely on upstream but you are right that the file permissions (for the files in the “bin” directory) are not as expected/preferred. Thanks for mentioning it. With 9.0.6-2 I changed them to your suggestions. Let me know if you still have any issues or spot any other permissions that are wrong.

Magotchi commented on 2018-03-30 15:03

@tehnatural: The system-wide pacman keyring has nothing to do with PKGBUILD PGP signature verification in makepkg, which uses your user keyring. That's described at https://wiki.archlinux.org/index.php/makepkg#Signature_checking . In short, you probably want to import the key to your local keyring from a keyserver, with something like "gpg --recv-keys --keyserver hkp://pgp.mit.edu 6FB21E8933C60243".

Magotchi commented on 2018-03-30 14:57

@coderkun: Your permissions fix for the bin directory seems to have been to chmod it to 0755. That's a good start, but its contents are still only accessible to root.

In apache-tomcat-8.0.47.tar.gz, the files inside bin are world readable, and the ".sh" files inside bin are world executable. In apache-tomcat-9.0.6.tar.gz, none of them are world readable or executable. For my own purposes, I simply changed the permissions myself, but it seems reasonable to me that those files should be accessible in this package's permissions, especially for using Tomcat in a dev./IDE scenario where it doesn't run as root.

coderkun commented on 2018-03-25 14:29

@tehnatural, what is giving you an error? I don’t know what the package “archlinux-keyring” [core] has to do with this package.