I have some modifcations and suggestions for the tomcat ebuild... Some of which are sorely needed
Created attachment 9647 [details] Tomcat Init Script This is my tomcat Init script, it allows tomcat to be run as user tomcat or as root Running as non-root is much better secureity, so run as tomcat by default. Some users may want to bind tomcat to port 80, so they need to run it as root. This init script allows that. You may want to put the TOMCAT_USER variable somewhere else, like /etc/conf.d/tomcat, so people can find it.
Created attachment 9648 [details] Tomcat Init Script This is my tomcat Init script, it allows tomcat to be run as user tomcat or as root. Running as non-root is much better secureity, so run as tomcat by default. Some users may want to bind tomcat to port 80, so they need to run it as root. This init script allows that. You may want to put the TOMCAT_USER variable somewhere else, like /etc/conf.d/tomcat, so people can find it.
Created attachment 9649 [details] package.env This is my package.env, which belongs in /usr/share/tomcat. All of the files int /opt/jakarta/tomcat/common/libs should be in there, not just servlet.jar. Although, servlet.jar should be sufficient for almost everyone (except me) :-S Sorry about the double post. These two things should make tomcat much better. Oh, to enable tomcat to run as user tomcat, it needs permissions to the tomcat directory. This is my /etc/passwd entry for tomcat: "tomcat:x:1003:2:Tomcat Server:/opt/jakarta/tomcat/:/bin/bash" It needs bash...
This should close bug 7005.
Forgot to verify that it still works on reboot. (I hate rebooting=love linux) need to add an "export" infront of the JAVA_HOME variable in the init script. That is all...
Created attachment 9667 [details] /etc/init.d/tomcat Updated
Created attachment 9668 [details] /etc/init.d/tomcat I am terrible... one more try.
I had already been working on most of this, but from different angles. Just checked in is dev-java/tomcat-4.1.18-r1.ebuild. Read the ChangeLog for details. It should satisfy everything you're looking for. Please write back to this bug and let me know so I can close this out and unmask at some point. Cheers
err... not dev-java/ but net-www/. You know what I mean. :-/
Ok, here is my verbose review of what the tomcat-4.1.18-r1, needs to improve on. I like the over all direction you are going, not just getting a work, but doing it right. Your package.env and classpath are good, and correct. In the conf file, you make the user specify the path for JAVA_HOME, this is bad... my method works very well, I parse the environment out of the profile.env file. One reason why setting it statically here is bad, whenever you update or change jdks, you have to modify it in this file. You already have to use java-config to set it in profile.env. Here is the command sequence for you to use: JAVA_HOME="`/bin/grep -e "JAVA_HOME" /etc/profile.env | sed -e "s/^.*'\(.*\)'$/\1/"`" You should add "use mysql" to the startup script, because many people use mysql with tomcat (me for one) and it doesn't hurt to have it in there. All use does is makes sure it starts up before tomcat and if you restart mysql, it will restart tomcat... I noticed a mistake in the init script, "tomcat" should be "CATALINA_USER", otherwise the setting in conf.d/tomcat does nothing. You should also add a not in the conf file about having to run as root if they are trying to use a port below 1000, like port 80. Does the password for tomcat need to be set? I believe that it doesn't, and I didn't set it. There is no need to print out the environment everytime, in fact it is almost sloppy. You can easily apply a patch to catalin.sh to comment those four lines out, starting at line 86. If the server fails to fully start (java started successfully, but tomcat failed), the init thinks it is still running. I don't java an idea on this one. Thanks Dylan, I and I am sure others appreciate your work.
Checked in net-www/tomcat/4.1.24.ebuild... which addresses (most of) these concerns and also upgrades to the new version. One thing not mentioned in the ChangeLog: tomcat is now getting locked into uid/gid 265 long-term. This spares it from the auto-assigned range of 1000+ that useradd/groupadd use when you don't specify an id #. Test this new ebuild out and send me your feedback. Would like to unmask it soon. Cheers
Closing old bugs.
