Bug#689158: unblock: tomcat7/7.0.28-3

tony mancill Sat, 29 Sep 2012 08:57:18 -0700

Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock


Dear Release Maintainers:

Please unblock package tomcat7.  

The upload of tomcat7-7.0.28-3 addresses bug #688936 (tomcat7 modifies
conffile /etc/logrotate.d/tomcat7 in postinst).  The unblock request
for wheezy is because the bug is a policy violation.

The debdiff between this version and the package currently in wheezy is
attached.  Thank you for your consideration.

Regards,
tony

unblock tomcat7/7.0.28-3

diff -Nru tomcat7-7.0.28/debian/changelog tomcat7-7.0.28/debian/changelog
--- tomcat7-7.0.28/debian/changelog	2012-07-10 22:13:47.000000000 -0700
+++ tomcat7-7.0.28/debian/changelog	2012-09-27 14:16:09.000000000 -0700
@@ -1,3 +1,14 @@
+tomcat7 (7.0.28-3) unstable; urgency=low
+
+  [ Miguel Landaeta ]
+  * Fix small typo in README.Debian.
+
+  [ tony mancill ]
+  * Use ucf and a template for /etc/logrotate.d/tomcat6 file to avoid
+    updating the shipped conffile. (Closes: #688936)
+
+ -- tony mancill <tmanc...@debian.org>  Thu, 27 Sep 2012 10:55:35 -0700
+
 tomcat7 (7.0.28-2) unstable; urgency=low
 
   [ Jakub Adam ]
diff -Nru tomcat7-7.0.28/debian/logrotate tomcat7-7.0.28/debian/logrotate
--- tomcat7-7.0.28/debian/logrotate	2012-07-10 22:13:47.000000000 -0700
+++ tomcat7-7.0.28/debian/logrotate	1969-12-31 16:00:00.000000000 -0800
@@ -1,8 +0,0 @@
-/var/log/tomcat7/catalina.out {
-  copytruncate
-  weekly
-  rotate 52
-  compress
-  missingok
-  create 640 @@@TOMCAT7USER@@@ adm
-}
diff -Nru tomcat7-7.0.28/debian/logrotate.md5sum tomcat7-7.0.28/debian/logrotate.md5sum
--- tomcat7-7.0.28/debian/logrotate.md5sum	1969-12-31 16:00:00.000000000 -0800
+++ tomcat7-7.0.28/debian/logrotate.md5sum	2012-09-27 14:16:09.000000000 -0700
@@ -0,0 +1 @@
+9e56464a7cc25288a994171d0e303ba6  logrotate.template
diff -Nru tomcat7-7.0.28/debian/logrotate.template tomcat7-7.0.28/debian/logrotate.template
--- tomcat7-7.0.28/debian/logrotate.template	1969-12-31 16:00:00.000000000 -0800
+++ tomcat7-7.0.28/debian/logrotate.template	2012-09-27 14:16:09.000000000 -0700
@@ -0,0 +1,8 @@
+/var/log/tomcat7/catalina.out {
+  copytruncate
+  weekly
+  rotate 52
+  compress
+  missingok
+  create 640 tomcat7 adm
+}
diff -Nru tomcat7-7.0.28/debian/README.Debian tomcat7-7.0.28/debian/README.Debian
--- tomcat7-7.0.28/debian/README.Debian	2012-07-10 22:13:47.000000000 -0700
+++ tomcat7-7.0.28/debian/README.Debian	2012-09-27 14:16:09.000000000 -0700
@@ -28,7 +28,7 @@
 Deviations from upstream's tomcat7:
 
   * In order to prevent library duplication, this version of tomcat
-    does provide tomcat-dbcp.jar.  Instead, it uses commons-dbcp.jar 
+    does not provide tomcat-dbcp.jar.  Instead, it uses commons-dbcp.jar 
     from the libcommons-dbcp-java package.  This also means that
     libtomcat7-java does not provide the tomcat-dbcp.pom for the 
     local maven-repo.  For more information and rationale, see:  
diff -Nru tomcat7-7.0.28/debian/rules tomcat7-7.0.28/debian/rules
--- tomcat7-7.0.28/debian/rules	2012-07-10 22:13:47.000000000 -0700
+++ tomcat7-7.0.28/debian/rules	2012-09-27 14:16:09.000000000 -0700
@@ -85,7 +85,6 @@
 	dh_testroot
 	dh_prep 
 	dh_installdirs
-	cp debian/logrotate debian/tomcat7/etc/logrotate.d/tomcat7
 
 binary-indep: build install
 	dh_testdir
diff -Nru tomcat7-7.0.28/debian/tomcat7.install tomcat7-7.0.28/debian/tomcat7.install
--- tomcat7-7.0.28/debian/tomcat7.install	2012-07-10 22:13:47.000000000 -0700
+++ tomcat7-7.0.28/debian/tomcat7.install	2012-09-27 14:16:09.000000000 -0700
@@ -5,3 +5,5 @@
 debian/default_root /usr/share/tomcat7-root/
 debian/defaults.template /usr/share/tomcat7/
 debian/defaults.md5sum /usr/share/tomcat7/
+debian/logrotate.template /usr/share/tomcat7/
+debian/logrotate.md5sum /usr/share/tomcat7/
diff -Nru tomcat7-7.0.28/debian/tomcat7.postinst tomcat7-7.0.28/debian/tomcat7.postinst
--- tomcat7-7.0.28/debian/tomcat7.postinst	2012-07-10 22:13:47.000000000 -0700
+++ tomcat7-7.0.28/debian/tomcat7.postinst	2012-09-27 14:16:09.000000000 -0700
@@ -4,6 +4,8 @@
 . /usr/share/debconf/confmodule
 TEMPLATE="/usr/share/tomcat7/defaults.template"
 CONFFILE="/etc/default/tomcat7"
+LR_TEMPLATE="/usr/share/tomcat7/logrotate.template"
+LR_CONFFILE="/etc/logrotate.d/tomcat7"
 JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC"
 
 case "$1" in
@@ -36,11 +38,12 @@
 	chown -R $TOMCAT7_USER:adm /var/log/tomcat7 /var/cache/tomcat7
 	chmod 750 /var/log/tomcat7 /var/cache/tomcat7
 
-	# replace the TOMCAT7USER token in /etc/logrotate.d/tomcat7
-	LOGROTATE_TOKEN="@@@TOMCAT7USER@@@"
-	if grep -q "$LOGROTATE_TOKEN" /etc/logrotate.d/tomcat7 ; then
-		sed --in-place "s/$LOGROTATE_TOKEN/$TOMCAT7_USER/" /etc/logrotate.d/tomcat7
-	fi
+	# populate /etc/logrotate.d/tomcat7
+	tmpfile=`mktemp /tmp/tomcat7.XXXXXXXXXX`
+	chmod 644 $tmpfile
+	cat $LR_TEMPLATE | sed "s%create 640 tomcat7 adm%create 640 $TOMCAT7_USER adm%" >> $tmpfile
+	ucf --debconf-ok --sum-file /usr/share/tomcat7/logrotate.md5sum $tmpfile $LR_CONFFILE
+	rm -f $tmpfile
 
 	# configuration files should not be modifiable by tomcat7 user, as this can be a security issue
 	# (an attacker may insert code in a webapp and have access to all tomcat configuration)
diff -Nru tomcat7-7.0.28/debian/tomcat7.postrm.in tomcat7-7.0.28/debian/tomcat7.postrm.in
--- tomcat7-7.0.28/debian/tomcat7.postrm.in	2012-07-10 22:13:47.000000000 -0700
+++ tomcat7-7.0.28/debian/tomcat7.postrm.in	2012-09-27 14:16:09.000000000 -0700
@@ -4,6 +4,7 @@
 #DEBHELPER#
 
 CONFFILE=/etc/default/tomcat7
+LR_CONFFILE=/etc/logrotate.d/tomcat7
 
 # Remove cached files and auto-generated catalina.policy
 rm -rf /var/cache/tomcat7/*
@@ -47,8 +48,9 @@
         set +e
         if [ -x "/usr/bin/ucf" ]; then
             ucf --purge $CONFFILE
+            ucf --purge $LR_CONFFILE
         fi
-        rm -rf /var/log/tomcat7 /var/lib/tomcat7/temp $CONFFILE
+        rm -rf /var/log/tomcat7 /var/lib/tomcat7/temp $CONFFILE $LR_CONFFILE
         if [ -d "/var/lib/tomcat7" ] ; then
             rmdir --ignore-fail-on-non-empty /var/lib/tomcat7
         fi
[The following lists of changes regard files as different if they have
different names, permissions or owners.]

Files in second .changes but not in first
-----------------------------------------
-rw-r--r--  root/root   /usr/share/tomcat7/logrotate.md5sum
-rw-r--r--  root/root   /usr/share/tomcat7/logrotate.template

Files in first .changes but not in second
-----------------------------------------
-rw-r--r--  root/root   /etc/logrotate.d/tomcat7

Control files of package libservlet3.0-java: lines which differ (wdiff format)
------------------------------------------------------------------------------
Version: [-7.0.28-2-] {+7.0.28-3+}

Control files of package libservlet3.0-java-doc: lines which differ (wdiff format)
----------------------------------------------------------------------------------
Suggests: libservlet3.0-java (>= [-7.0.28-2)-] {+7.0.28-3)+}
Version: [-7.0.28-2-] {+7.0.28-3+}

Control files of package libtomcat7-java: lines which differ (wdiff format)
---------------------------------------------------------------------------
Depends: libecj-java, libcommons-pool-java, libcommons-dbcp-java, libservlet3.0-java (>= [-7.0.28-2)-] {+7.0.28-3)+}
Suggests: tomcat7 (>= [-7.0.28-2)-] {+7.0.28-3)+}
Version: [-7.0.28-2-] {+7.0.28-3+}

Control files of package tomcat7: lines which differ (wdiff format)
-------------------------------------------------------------------
Depends: tomcat7-common (>= [-7.0.28-2),-] {+7.0.28-3),+} ucf, adduser, debconf (>= 0.5) | debconf-2.0
Suggests: tomcat7-docs (>= [-7.0.28-2),-] {+7.0.28-3),+} tomcat7-admin (>= [-7.0.28-2),-] {+7.0.28-3),+} tomcat7-examples (>= [-7.0.28-2),-] {+7.0.28-3),+} tomcat7-user (>= [-7.0.28-2),-] {+7.0.28-3),+} libtcnative-1
Version: [-7.0.28-2-] {+7.0.28-3+}

Control files of package tomcat7-admin: lines which differ (wdiff format)
-------------------------------------------------------------------------
Depends: tomcat7-common (>= [-7.0.28-2)-] {+7.0.28-3)+}
Version: [-7.0.28-2-] {+7.0.28-3+}

Control files of package tomcat7-common: lines which differ (wdiff format)
--------------------------------------------------------------------------
Depends: libtomcat7-java (>= [-7.0.28-2),-] {+7.0.28-3),+} default-jre-headless | java6-runtime-headless | java6-runtime | java-6-runtime
Installed-Size: [-135-] {+136+}
Version: [-7.0.28-2-] {+7.0.28-3+}

Control files of package tomcat7-docs: lines which differ (wdiff format)
------------------------------------------------------------------------
Depends: tomcat7-common (>= [-7.0.28-2)-] {+7.0.28-3)+}
Version: [-7.0.28-2-] {+7.0.28-3+}

Control files of package tomcat7-examples: lines which differ (wdiff format)
----------------------------------------------------------------------------
Depends: tomcat7-common (>= [-7.0.28-2),-] {+7.0.28-3),+} libjstl1.1-java, libjakarta-taglibs-standard-java
Installed-Size: [-1076-] {+1077+}
Version: [-7.0.28-2-] {+7.0.28-3+}

Control files of package tomcat7-user: lines which differ (wdiff format)
------------------------------------------------------------------------
Depends: tomcat7-common (>= [-7.0.28-2),-] {+7.0.28-3),+} netcat
Suggests: tomcat7-docs (>= [-7.0.28-2),-] {+7.0.28-3),+} tomcat7-admin (>= [-7.0.28-2),-] {+7.0.28-3),+} tomcat7-examples (>= [-7.0.28-2),-] {+7.0.28-3),+} tomcat7 (>= [-7.0.28-2)-] {+7.0.28-3)+}
Version: [-7.0.28-2-] {+7.0.28-3+}

Bug#689158: unblock: tomcat7/7.0.28-3

Reply via email to