Created attachment 401404 [details] Patch in unified diff to modify script tomcat6 (is tomcat6-6.0.wrapper in source rpm). Description of problem: The current Tomcat init scripts provide the ability to create additional instances of Tomcat by - creating a link with a new name to the standard Tomcat init script - create a config file in /etc/sysconfig/ See description in /etc/sysconfig/tomct6 (lines 10 ff). If you create an additional instance following these instructions, startup of the additional instance fails. Version-Release number of selected component (if applicable): tomcat6-60.20-2.fc13 Same is true for Fedora 12 and 11! How reproducible: Steps to Reproduce: 1. Install current tomcat binary package 2. created a link /etc/init.d/tomcat6-dev to etc/init.d/tomcat6 3. created /etc/sysconfig/tomcat6-dev and modify locations of program directories 4. created /usr/share/tomcat6-dev 5. created therein symlins conf, work, temp, webapps to resp. separate dirs 6. copied standard conf files to new dir (besides tomcat6.conf) 7. Edit all configuration files to use a separte port, separat directory locations, etc. Actual results: service tomcat6-dev start fails Expected results: service tomcat6-dev start should start an additional instance. Additional info: Malfunctioning is caused by the following lines (lines 13-19) in /usr/sbin/tomcat6 (invoked by the init script after setting all required environment variables): # Get the tomcat config (use this for environment specific settings) if [ -z "${TOMCAT_CFG}" ]; then echo -n "TOMCAT_CFG wird auf /etc/tomcat6/tomcat6.conf gesetzt." TOMCAT_CFG="/etc/tomcat6/tomcat6.conf" fi if [ -r "$TOMCAT_CFG" ]; then . $TOMCAT_CFG fi By sourcing the standard configuration file the parameters, prepared by /etc/init.d/tomcat6 to be passed in using environment variables, become inaccessible. Removed those lines and it flies. Upstream has comment out these lines in its newest version (jpp 6.0 - WIP) providing tomcat6-6.0.18-10.jpp6) (http://www.jpackage.org/browser/rpm.php?jppversion=6.0&id=6542) but not in its current version 5.0 providing tomcat6-6-0-26-1.jpp5 (http://www.jpackage.org/browser/rpm.php?jppversion=5.0-updates&id=8580)
*** Bug 615529 has been marked as a duplicate of this bug. ***
This bug has been open for 6 months. The fix is trivial. The suggested patch comments out the offending code, I think it might be better to just delete the 8 lines, your choice. It's critical to get this fixed, it's gating the deployment of some tomcat applications (e.g. pki-ca, pki-tks, pki-ocsp and pki-kra). Please push a fix out for F-12, F-13, F-14 (rawhide) as soon as possible. I suspect the same problem lurks in RHEL6, after verifying that I'll clone this bug against RHEL6 as well. Thanks!
Created attachment 449347 [details] Patch in unified diff to modify script tomcat6 for F12 (is tomcat6-6.0.wrapper in source rpm) As requested this patch is against the F12 version of tomcat6 and the offending lines are deleted, not commented out.
As requested I added a patch for tomcat6 in Fedora 12. I'll add a version for f13 soon and try to provide one for f14 as well (I've currently no installation at hand).
I checked F13 and F14 / rawhide: For F13 the files /usr/sbin/tomcat6 and the invoking file /etc/init.d/tomcat6 are identical with F12. So the same patch can be applied. For 14 the file /usr/sbin/tomcat6 is identical with F12. The invoking file /etc/init.d/tomcat6 is different. There are enhancement regarding logging and handling of orphaned pid files. The mechanism for invoking /usr/sbin/tomcat6 is unchanged according to my analyses. So the patch for F12 has to apply here as well.
patch applied and pushed from master to f14 and f13.
Will you be doing any builds soon?
From looking at the spec in git, it appears that you will still be shipping both /etc/sysconfig/tomcat6 and /etc/tomcat6/tomcat6.conf which is what bug 615529 was about, so I don't see that as fixed with this change.
I haven't merged it yet :)
Security fix CVE-2010-2777 is included as well as the relevant patch. dist-rawhide - tomcat6-6.0.26-10.fc15 http://koji.fedoraproject.org/koji/taskinfo?taskID=2514623 Note: using ant-nodeps 1.8.1-4.fc15 dist-f14-updates-candidate - tomcat6-6.0.26-11.fc14 http://koji.fedoraproject.org/koji/taskinfo?taskID=2515071 Note: using ant-nodeps 1.7.1-13.fc13 dist-f13-updates-candidate - tomcat6-6.0.26-10.fc13 http://koji.fedoraproject.org/koji/taskinfo?taskID=2515307 Using: ant-trax 1.7.1-13.fc13 ant-trax and ant-nodeps & ant-trax should be level-set to ant-nodeps 1.8. I'll open a new bugzilla to track it.
(In reply to comment #10) > Security fix CVE-2010-2777 is included as well as the relevant patch. > > dist-rawhide - tomcat6-6.0.26-10.fc15 > http://koji.fedoraproject.org/koji/taskinfo?taskID=2514623 > Note: using ant-nodeps 1.8.1-4.fc15 > > dist-f14-updates-candidate - tomcat6-6.0.26-11.fc14 > http://koji.fedoraproject.org/koji/taskinfo?taskID=2515071 > Note: using ant-nodeps 1.7.1-13.fc13 > > dist-f13-updates-candidate - tomcat6-6.0.26-10.fc13 > http://koji.fedoraproject.org/koji/taskinfo?taskID=2515307 > Using: ant-trax 1.7.1-13.fc13 > > ant-trax and ant-nodeps & ant-trax should be level-set to ant-nodeps 1.8. I'll > open a new bugzilla to track it. Sorry - spoke to quicky regarding dist-f13. tomcat6-6.0.26-10.fc13 can be found at http://koji.fedoraproject.org/koji/taskinfo?taskID=2515595
tomcat6-6.0.26-13.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/tomcat6-6.0.26-13.fc14
tomcat6-6.0.26-14.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/tomcat6-6.0.26-14.fc14
tomcat6-6.0.26-14.fc14 has been pushed to the Fedora 14 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update tomcat6'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/tomcat6-6.0.26-14.fc14
tomcat6-6.0.26-14.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report.