/var/lib/tomcat6/temp not writable by tomcat

Bug #287126 reported by Craig on 2008-10-21
18
This bug affects 2 people
Affects Status Importance Assigned to Milestone
tomcat6 (Ubuntu)
Critical
Thierry Carrez
Intrepid
Critical
Thierry Carrez

Bug Description

Binary package hint: tomcat6

In /etc/init.d/tomcat6, the temp directory is set to /var/lib/tomcat6/temp

However, when an application tries to use that directory, it is denied write access. During installation, that directory is set to:
drwxr-xr-x 2 root root 4096 2008-10-14 13:42 temp

I believe this should be:
drwxrwxr-x 2 root tomcat6 4096 2008-10-21 14:36 temp

Making that change allows tomcat6 applications to work.

Thierry Carrez (ttx) wrote :

This should definitively be fixed.

I'd rather propose to set the permissions to :
  drwxr-xr-x 2 tomcat6 root 4096 2008-10-14 13:42 temp
as there is no real reason to let members of the tomcat6 group write here, it's just the JVM tmpdir.

Changed in tomcat6:
assignee: nobody → tcarrez
importance: Undecided → Medium
status: New → In Progress
Thierry Carrez (ttx) wrote :

Proposed debdiff (also fixed bug 287447)

Regression potential is very slow as it is just relaxing two directories permissions, without any other change.

tomcat6 (6.0.18-0ubuntu3) intrepid; urgency=low

  * debian/tomcat6.postinst:
    - Make /var/lib/tomcat6/temp writeable by the tomcat6 user (LP: #287126)
    - Make /var/lib/tomcat6/webapps writeable by tomcat6 group (LP: #287447)

Mathias Gug (mathiaz) wrote :

ACK for sponsoring.

Subscribing ubuntu-release.

Steve Langasek (vorlon) wrote :

Ack for inclusion in intrepid post-RC; please upload.

BTW, shouldn't tomcat be using something other than /var/lib for a temp directory? This is an FHS violation, and is inconsistent with things like backup policies that try to avoid temp files. (But please don't change that for intrepid...)

Thierry Carrez (ttx) wrote :

Steve:
I replicated what was done on Tomcat 5.5 packages but I agree Tomcat should certainly use something more appropriate for "$CATALINA_BASE/temp". Tomcat in general doesn't play well with FHS as it expects to find everything in a single directory. However, as is done for the "$CATALINA_BASE/conf" or "$CATALINA_BASE/work" files, we could certainly symlink /var/lib/tomcat6/temp to something more FHS-compliant.

Will track that on bug 287452, as they are related.

Rick Clark (dendrobates) on 2008-10-23
Changed in tomcat6:
importance: Medium → Critical
Rick Clark (dendrobates) on 2008-10-23
Changed in tomcat6:
milestone: none → ubuntu-8.10
Thierry Carrez (ttx) wrote :

More complete debdiff that also fixes the status action returncodes, to avoid tomcat6-* unnecessary restarts that may fail.

Thierry Carrez (ttx) wrote :

The same with referenced bug number.

Martin Pitt (pitti) wrote :

ACK, please upload, so that it's readily available in the queue right after the RC release.

Mathias Gug (mathiaz) wrote :

Uploaded

Changed in tomcat6:
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package tomcat6 - 6.0.18-0ubuntu3

---------------
tomcat6 (6.0.18-0ubuntu3) intrepid; urgency=low

  * debian/tomcat6.postinst:
    - Make /var/lib/tomcat6/temp writeable by the tomcat6 user (LP: #287126)
    - Make /var/lib/tomcat6/webapps writeable by tomcat6 group (LP: #287447)
  * debian/tomcat6.init: make status return nonzero if tomcat6 is not running
    (fixes LP: #288218)

 -- Thierry Carrez <email address hidden> Thu, 23 Oct 2008 18:19:15 +0200

Changed in tomcat6:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Related questions