upgrade in this context means: "apt update && apt upgrade", so just a regular security update, not from any older distribution
/etc/init.d/tomcat7 sources /etc/default/tomcat7 (line 111-114) so TOMCAT7_SECURITY is read from their.
The conffile will be created from postinst in tomcat7_7.0.68-1ubuntu0.3_all.deb
If someone installs the last version from xenial-security and activate the security manager with the conffile -> he is getting a broken setup
I've checked the files from the deb-File:
/etc/init.d/tomcat7 creates the policy file at every start
at:
POLICY_CACHE="$CATALINA_BASE/policy/catalina.policy"
but /usr/share/tomcat7/bin/catalina.sh is looking up in the old place ($CATALINA_BASE/work/catalina.policy)
so i think there is no symlink magic necessary. Please patch /etc/init.d/tomcat7 or /usr/share/tomcat7/bin/catalina.sh so booth uses the place.
upgrade in this context means: "apt update && apt upgrade", so just a regular security update, not from any older distribution
/etc/init.d/tomcat7 sources /etc/default/ tomcat7 (line 111-114) so TOMCAT7_SECURITY is read from their. 7.0.68- 1ubuntu0. 3_all.deb
The conffile will be created from postinst in tomcat7_
If someone installs the last version from xenial-security and activate the security manager with the conffile -> he is getting a broken setup
I've checked the files from the deb-File:
/etc/init.d/tomcat7 creates the policy file at every start CACHE=" $CATALINA_ BASE/policy/ catalina. policy"
at:
POLICY_
but /usr/share/ tomcat7/ bin/catalina. sh is looking up in the old place ($CATALINA_ BASE/work/ catalina. policy)
so i think there is no symlink magic necessary. Please patch /etc/init.d/tomcat7 or /usr/share/ tomcat7/ bin/catalina. sh so booth uses the place.