Tomcat Web Application Manager does not copy context configuration
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tomcat8 (Debian) |
Fix Released
|
Unknown
|
|||
tomcat8 (Ubuntu) |
Incomplete
|
Undecided
|
Unassigned |
Bug Description
Deploying application through "Deploy directory or WAR file located on server" in tomcat manager
does not work anymore since 18.04 (it used to work until 16.04 and is working in regular tomcat)
Context configuration set in "XML Configuration file URL" is not copied anymore in /var/lib/
I have created a simple application to illustrate the issue.
- Copy attached hello.zip in /tmp and unzip it
- From tomcat web manager on the same machine
- in "Context Path (required)" put /hello
- in "XML Configuration file URL" set /tmp/hello.xml
- in "WAR or Directory URL" set /tmp/hello.war
Click deploy
Navigate to http://
In 16.04 you see "Everything is ok", but in 18.04 and 18.10 you see "You should not be able to read this"
The reason for that is this servlet displays value of an init param that is overridden through a context configuration. as Since 18.04 context is not copied anymore, the non-overridden value is displayed.
ProblemType: Bug
DistroRelease: Ubuntu 18.10
Package: tomcat8-admin (not installed)
ProcVersionSign
Uname: Linux 4.18.0-16-generic x86_64
NonfreeKernelMo
ApportVersion: 2.20.10-0ubuntu13.2
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Fri Mar 15 14:59:20 2019
InstallationDate: Installed on 2016-08-12 (945 days ago)
InstallationMedia: Ubuntu 16.04.1 LTS "Xenial Xerus" - Release amd64 (20160719)
SourcePackage: tomcat8
UpgradeStatus: Upgraded to cosmic on 2018-11-22 (113 days ago)
CVE References
Changed in tomcat8 (Debian): | |
status: | Unknown → Fix Released |
tags: | removed: server-next |
It seems that permission has been changed, in 16.04 localhost privileges are
drwxrwxr-x 2 root tomcat8 4096 Dec 22 10:22 localhost
In 18.04
drwxr-xr-x 2 root tomcat8 4096 Sep 9 19:47 localhost
so write privilege has been removed for tomcat8 group in 18.04. Has manager comes with tomcat8 it does not have permission to deploy application.
More generally I think my bug concern the whole tomcat8-admin package (where manager belongs to) which is not working.