Package Details: tomcat9 9.0.8-1

Git Clone URL: https://aur.archlinux.org/tomcat9.git (read-only)
Package Base: tomcat9
Description: Open source implementation of the Java Servlet 4.0 and JavaServer Pages 2.3 technologies
Upstream URL: http://tomcat.apache.org/
Licenses: Apache
Submitter: coderkun
Maintainer: coderkun
Last Packager: coderkun
Votes: 4
Popularity: 0.388539
First Submitted: 2017-10-28 10:35
Last Updated: 2018-05-11 20:07

Latest Comments

coderkun commented on 2018-04-20 08:16

@frealgagu, I don’t think it is a clever idea to make the Tomcat configuration files readable by everyone since they may contain passwords (e. g. tomcat-users.xml) and other confidental information. IDEs usually provide their own set of configuration files (Eclipse does for instance).

frealgagu commented on 2018-04-16 15:08

The files in the folders should have the read permission for everything and not just the bin/ directory. I always need to manually add permissions to conf/ files to be readable in order to make my IDE works.

Magotchi commented on 2018-04-02 15:12

FYI for others running into this not running on Java 9 via the systemd service:

  • Arch's current version of java-jsvc is 1.0.15, which does not support Java 9, as support was added in 1.1.0.
  • The PKGBUILD for java-commons-daemon (split package which includes java-jsvc), can be edited to build 1.1.0, but it won't build on Java 9, as the upstream sources are set to build with Java 5 (1.5) compatibility, which Java 9 no longer supports. The final built package (using OpenJDK 8, at least) does work on Java 9, however.

Magotchi commented on 2018-04-02 14:12

Awesome. Thanks. I'm not sure on their rationale behind the new permissions scheme, but I don't see anything that should be a secret in that directory, either.

coderkun commented on 2018-04-01 18:12

@Magotchi, I would have preferred to rely on upstream but you are right that the file permissions (for the files in the “bin” directory) are not as expected/preferred. Thanks for mentioning it. With 9.0.6-2 I changed them to your suggestions. Let me know if you still have any issues or spot any other permissions that are wrong.

Magotchi commented on 2018-03-30 15:03

@tehnatural: The system-wide pacman keyring has nothing to do with PKGBUILD PGP signature verification in makepkg, which uses your user keyring. That's described at https://wiki.archlinux.org/index.php/makepkg#Signature_checking . In short, you probably want to import the key to your local keyring from a keyserver, with something like "gpg --recv-keys --keyserver hkp://pgp.mit.edu 6FB21E8933C60243".

Magotchi commented on 2018-03-30 14:57

@coderkun: Your permissions fix for the bin directory seems to have been to chmod it to 0755. That's a good start, but its contents are still only accessible to root.

In apache-tomcat-8.0.47.tar.gz, the files inside bin are world readable, and the ".sh" files inside bin are world executable. In apache-tomcat-9.0.6.tar.gz, none of them are world readable or executable. For my own purposes, I simply changed the permissions myself, but it seems reasonable to me that those files should be accessible in this package's permissions, especially for using Tomcat in a dev./IDE scenario where it doesn't run as root.

coderkun commented on 2018-03-25 14:29

@tehnatural, what is giving you an error? I don’t know what the package “archlinux-keyring” [core] has to do with this package.

tehnatural commented on 2018-03-24 20:43

Giving me a unkown public key error with most current keyring: archlinux-keyring-20180322-1

apache-tomcat-9.0.6.tar.gz ... FAILED (unknown public key 6FB21E8933C60243) ==> ERROR: One or more PGP signatures could not be verified!

springer commented on 2017-11-15 20:32

@coderkun I just tested your change. It doesn't work for me. Tomcat (user: tomcat9) needs read permissions on: /usr/share/tomcat9/bin/bootstrap.jar

Currently this file is owned by root:root and has 640 permission set (completely uninstalled tomcat9 package before installing again).

coderkun commented on 2017-11-12 17:17

@springer, thanks for testing and reporting. Looks like the file permissions for the “bin” directory inside the upstream tar archive are different than the ones for Tomcat 8 (which I have copied the PKDBUILD from). I have fixed that with version 9.0.1-2, please try again (you might need to uninstall the package first).

springer commented on 2017-11-11 23:32

Now, I'm encountering this error (even on new machine/clean install): java.io.FileNotFoundException: /usr/share/tomcat9/bin/bootstrap.jar (Permission denied). Again group readable but owned by root:root.

fyi: In case you want to use Java 9, you need a patched jsvc.

springer commented on 2017-11-11 19:11

@coderkun I modified the permissions manually. But before that everything under /usr/share/tomcat9/conf/ was root:root.

The conf folder is a symlink pointing to /etc/tomcat9 which again was 640 root:root not 640 root:tomcat9.

I'm using the systemd service to start tomcat9.

edit: Clean install on another machine works fine. Looks like it's my fault, sorry for the trouble.

coderkun commented on 2017-11-11 18:21

@springer, for me the web.xml file is assigned to the “tomcat9” group with read permissions and startup via systemd works fine. PKDBUILD:57 should take care of the correct permissions, right?

install -g ${_gid_tomcat} -m640 conf/* "${pkgdir}"/etc/${pkgname}

What is the output of “ls” for you?
$ ls -l /usr/share/tomcat9/conf/

How do you start Tomcat 9?

springer commented on 2017-11-11 17:38

Startup failed with: java.io.FileNotFoundException: /usr/share/tomcat9/conf/web.xml (Permission denied)

The conf folder (/usr/share/tomcat9/conf -> /etc/tomcat9) should at least be readable by tomcat9 user.

Maybe by giving root:tomcat9 ownership? It's already group readable.

Same for /usr/share/tomcat9/bin/bootstrap.jar