Comment 4 for bug 1006064

Hi James,

I've performed a second review of your charm, works well under EC2, thanks for submitting!

I have a few bugs and comments below:

Bugs
*A few directories/files under /opt/liferay/liferay-portal-.../ have world read permissions but look like they contain sensitive data:
  *data - seems to contain application data
  *portal-ext.properties - contains DB username/password

Comments
*hooks/db-relation-changed contains initialisation routines for starting the server which look like they really belong in hooks/start. I think the better behaviour for the charm is hooks/start to always start the server. Adding a MySQL DB merely changes the server's config or resets the configuration wizard for the user to reconfigure with it.

*If you can, I'd use openjdk-7-jre-headless package over the standard openjdk-7-jdk one. The standard one pulls in all the X11 libraries etc. which aren't required on a server.

*As per Mark's comment, be quite nice if you could specify the port the charm ran on via a 'config.yaml' option. Alongside this, be great if you could specify JVM parameters (e.g. heap size) for tuning the deployment. If someone deploys Liferay to a larger machine, you want to take full advantage of this :)

Please fix the bugs and consider the comments, then reopen for another review.