Bug#689158: unblock: tomcat7/7.0.28-3
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Dear Release Maintainers:
Please unblock package tomcat7.
The upload of tomcat7-7.0.28-3 addresses bug #688936 (tomcat7 modifies
conffile /etc/logrotate.d/tomcat7 in postinst). The unblock request
for wheezy is because the bug is a policy violation.
The debdiff between this version and the package currently in wheezy is
attached. Thank you for your consideration.
Regards,
tony
unblock tomcat7/7.0.28-3
diff -Nru tomcat7-7.0.28/debian/changelog tomcat7-7.0.28/debian/changelog
--- tomcat7-7.0.28/debian/changelog 2012-07-10 22:13:47.000000000 -0700
+++ tomcat7-7.0.28/debian/changelog 2012-09-27 14:16:09.000000000 -0700
@@ -1,3 +1,14 @@
+tomcat7 (7.0.28-3) unstable; urgency=low
+
+ [ Miguel Landaeta ]
+ * Fix small typo in README.Debian.
+
+ [ tony mancill ]
+ * Use ucf and a template for /etc/logrotate.d/tomcat6 file to avoid
+ updating the shipped conffile. (Closes: #688936)
+
+ -- tony mancill <tmancill@debian.org> Thu, 27 Sep 2012 10:55:35 -0700
+
tomcat7 (7.0.28-2) unstable; urgency=low
[ Jakub Adam ]
diff -Nru tomcat7-7.0.28/debian/logrotate tomcat7-7.0.28/debian/logrotate
--- tomcat7-7.0.28/debian/logrotate 2012-07-10 22:13:47.000000000 -0700
+++ tomcat7-7.0.28/debian/logrotate 1969-12-31 16:00:00.000000000 -0800
@@ -1,8 +0,0 @@
-/var/log/tomcat7/catalina.out {
- copytruncate
- weekly
- rotate 52
- compress
- missingok
- create 640 @@@TOMCAT7USER@@@ adm
-}
diff -Nru tomcat7-7.0.28/debian/logrotate.md5sum tomcat7-7.0.28/debian/logrotate.md5sum
--- tomcat7-7.0.28/debian/logrotate.md5sum 1969-12-31 16:00:00.000000000 -0800
+++ tomcat7-7.0.28/debian/logrotate.md5sum 2012-09-27 14:16:09.000000000 -0700
@@ -0,0 +1 @@
+9e56464a7cc25288a994171d0e303ba6 logrotate.template
diff -Nru tomcat7-7.0.28/debian/logrotate.template tomcat7-7.0.28/debian/logrotate.template
--- tomcat7-7.0.28/debian/logrotate.template 1969-12-31 16:00:00.000000000 -0800
+++ tomcat7-7.0.28/debian/logrotate.template 2012-09-27 14:16:09.000000000 -0700
@@ -0,0 +1,8 @@
+/var/log/tomcat7/catalina.out {
+ copytruncate
+ weekly
+ rotate 52
+ compress
+ missingok
+ create 640 tomcat7 adm
+}
diff -Nru tomcat7-7.0.28/debian/README.Debian tomcat7-7.0.28/debian/README.Debian
--- tomcat7-7.0.28/debian/README.Debian 2012-07-10 22:13:47.000000000 -0700
+++ tomcat7-7.0.28/debian/README.Debian 2012-09-27 14:16:09.000000000 -0700
@@ -28,7 +28,7 @@
Deviations from upstream's tomcat7:
* In order to prevent library duplication, this version of tomcat
- does provide tomcat-dbcp.jar. Instead, it uses commons-dbcp.jar
+ does not provide tomcat-dbcp.jar. Instead, it uses commons-dbcp.jar
from the libcommons-dbcp-java package. This also means that
libtomcat7-java does not provide the tomcat-dbcp.pom for the
local maven-repo. For more information and rationale, see:
diff -Nru tomcat7-7.0.28/debian/rules tomcat7-7.0.28/debian/rules
--- tomcat7-7.0.28/debian/rules 2012-07-10 22:13:47.000000000 -0700
+++ tomcat7-7.0.28/debian/rules 2012-09-27 14:16:09.000000000 -0700
@@ -85,7 +85,6 @@
dh_testroot
dh_prep
dh_installdirs
- cp debian/logrotate debian/tomcat7/etc/logrotate.d/tomcat7
binary-indep: build install
dh_testdir
diff -Nru tomcat7-7.0.28/debian/tomcat7.install tomcat7-7.0.28/debian/tomcat7.install
--- tomcat7-7.0.28/debian/tomcat7.install 2012-07-10 22:13:47.000000000 -0700
+++ tomcat7-7.0.28/debian/tomcat7.install 2012-09-27 14:16:09.000000000 -0700
@@ -5,3 +5,5 @@
debian/default_root /usr/share/tomcat7-root/
debian/defaults.template /usr/share/tomcat7/
debian/defaults.md5sum /usr/share/tomcat7/
+debian/logrotate.template /usr/share/tomcat7/
+debian/logrotate.md5sum /usr/share/tomcat7/
diff -Nru tomcat7-7.0.28/debian/tomcat7.postinst tomcat7-7.0.28/debian/tomcat7.postinst
--- tomcat7-7.0.28/debian/tomcat7.postinst 2012-07-10 22:13:47.000000000 -0700
+++ tomcat7-7.0.28/debian/tomcat7.postinst 2012-09-27 14:16:09.000000000 -0700
@@ -4,6 +4,8 @@
. /usr/share/debconf/confmodule
TEMPLATE="/usr/share/tomcat7/defaults.template"
CONFFILE="/etc/default/tomcat7"
+LR_TEMPLATE="/usr/share/tomcat7/logrotate.template"
+LR_CONFFILE="/etc/logrotate.d/tomcat7"
JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC"
case "$1" in
@@ -36,11 +38,12 @@
chown -R $TOMCAT7_USER:adm /var/log/tomcat7 /var/cache/tomcat7
chmod 750 /var/log/tomcat7 /var/cache/tomcat7
- # replace the TOMCAT7USER token in /etc/logrotate.d/tomcat7
- LOGROTATE_TOKEN="@@@TOMCAT7USER@@@"
- if grep -q "$LOGROTATE_TOKEN" /etc/logrotate.d/tomcat7 ; then
- sed --in-place "s/$LOGROTATE_TOKEN/$TOMCAT7_USER/" /etc/logrotate.d/tomcat7
- fi
+ # populate /etc/logrotate.d/tomcat7
+ tmpfile=`mktemp /tmp/tomcat7.XXXXXXXXXX`
+ chmod 644 $tmpfile
+ cat $LR_TEMPLATE | sed "s%create 640 tomcat7 adm%create 640 $TOMCAT7_USER adm%" >> $tmpfile
+ ucf --debconf-ok --sum-file /usr/share/tomcat7/logrotate.md5sum $tmpfile $LR_CONFFILE
+ rm -f $tmpfile
# configuration files should not be modifiable by tomcat7 user, as this can be a security issue
# (an attacker may insert code in a webapp and have access to all tomcat configuration)
diff -Nru tomcat7-7.0.28/debian/tomcat7.postrm.in tomcat7-7.0.28/debian/tomcat7.postrm.in
--- tomcat7-7.0.28/debian/tomcat7.postrm.in 2012-07-10 22:13:47.000000000 -0700
+++ tomcat7-7.0.28/debian/tomcat7.postrm.in 2012-09-27 14:16:09.000000000 -0700
@@ -4,6 +4,7 @@
#DEBHELPER#
CONFFILE=/etc/default/tomcat7
+LR_CONFFILE=/etc/logrotate.d/tomcat7
# Remove cached files and auto-generated catalina.policy
rm -rf /var/cache/tomcat7/*
@@ -47,8 +48,9 @@
set +e
if [ -x "/usr/bin/ucf" ]; then
ucf --purge $CONFFILE
+ ucf --purge $LR_CONFFILE
fi
- rm -rf /var/log/tomcat7 /var/lib/tomcat7/temp $CONFFILE
+ rm -rf /var/log/tomcat7 /var/lib/tomcat7/temp $CONFFILE $LR_CONFFILE
if [ -d "/var/lib/tomcat7" ] ; then
rmdir --ignore-fail-on-non-empty /var/lib/tomcat7
fi
[The following lists of changes regard files as different if they have
different names, permissions or owners.]
Files in second .changes but not in first
-----------------------------------------
-rw-r--r-- root/root /usr/share/tomcat7/logrotate.md5sum
-rw-r--r-- root/root /usr/share/tomcat7/logrotate.template
Files in first .changes but not in second
-----------------------------------------
-rw-r--r-- root/root /etc/logrotate.d/tomcat7
Control files of package libservlet3.0-java: lines which differ (wdiff format)
------------------------------------------------------------------------------
Version: [-7.0.28-2-] {+7.0.28-3+}
Control files of package libservlet3.0-java-doc: lines which differ (wdiff format)
----------------------------------------------------------------------------------
Suggests: libservlet3.0-java (>= [-7.0.28-2)-] {+7.0.28-3)+}
Version: [-7.0.28-2-] {+7.0.28-3+}
Control files of package libtomcat7-java: lines which differ (wdiff format)
---------------------------------------------------------------------------
Depends: libecj-java, libcommons-pool-java, libcommons-dbcp-java, libservlet3.0-java (>= [-7.0.28-2)-] {+7.0.28-3)+}
Suggests: tomcat7 (>= [-7.0.28-2)-] {+7.0.28-3)+}
Version: [-7.0.28-2-] {+7.0.28-3+}
Control files of package tomcat7: lines which differ (wdiff format)
-------------------------------------------------------------------
Depends: tomcat7-common (>= [-7.0.28-2),-] {+7.0.28-3),+} ucf, adduser, debconf (>= 0.5) | debconf-2.0
Suggests: tomcat7-docs (>= [-7.0.28-2),-] {+7.0.28-3),+} tomcat7-admin (>= [-7.0.28-2),-] {+7.0.28-3),+} tomcat7-examples (>= [-7.0.28-2),-] {+7.0.28-3),+} tomcat7-user (>= [-7.0.28-2),-] {+7.0.28-3),+} libtcnative-1
Version: [-7.0.28-2-] {+7.0.28-3+}
Control files of package tomcat7-admin: lines which differ (wdiff format)
-------------------------------------------------------------------------
Depends: tomcat7-common (>= [-7.0.28-2)-] {+7.0.28-3)+}
Version: [-7.0.28-2-] {+7.0.28-3+}
Control files of package tomcat7-common: lines which differ (wdiff format)
--------------------------------------------------------------------------
Depends: libtomcat7-java (>= [-7.0.28-2),-] {+7.0.28-3),+} default-jre-headless | java6-runtime-headless | java6-runtime | java-6-runtime
Installed-Size: [-135-] {+136+}
Version: [-7.0.28-2-] {+7.0.28-3+}
Control files of package tomcat7-docs: lines which differ (wdiff format)
------------------------------------------------------------------------
Depends: tomcat7-common (>= [-7.0.28-2)-] {+7.0.28-3)+}
Version: [-7.0.28-2-] {+7.0.28-3+}
Control files of package tomcat7-examples: lines which differ (wdiff format)
----------------------------------------------------------------------------
Depends: tomcat7-common (>= [-7.0.28-2),-] {+7.0.28-3),+} libjstl1.1-java, libjakarta-taglibs-standard-java
Installed-Size: [-1076-] {+1077+}
Version: [-7.0.28-2-] {+7.0.28-3+}
Control files of package tomcat7-user: lines which differ (wdiff format)
------------------------------------------------------------------------
Depends: tomcat7-common (>= [-7.0.28-2),-] {+7.0.28-3),+} netcat
Suggests: tomcat7-docs (>= [-7.0.28-2),-] {+7.0.28-3),+} tomcat7-admin (>= [-7.0.28-2),-] {+7.0.28-3),+} tomcat7-examples (>= [-7.0.28-2),-] {+7.0.28-3),+} tomcat7 (>= [-7.0.28-2)-] {+7.0.28-3)+}
Version: [-7.0.28-2-] {+7.0.28-3+}
Reply to: