Package: tomcat5.5 Version: 5.5.20-2etch1 Severity: important As you know, in tomcat5.5 5.5.20-2etch1, /etc/tomcat5.5/policy.d/03catalina.policy contains more restrictive permissions for JULI than was previously the case.
This causes uses of java.util.logging to break, at least in some
instances. I'm not sure exactly why, but it seems that JULI is trying to
look for a context-specific logging.properties file, and fails if it
doesn't have permission to do so.
Stack trace:
org.apache.commons.logging.LogConfigurationException:
java.security.AccessControlException: access denied
(java.io.FilePermission
/var/lib/tomcat5.5/webapps-opencms/ROOT/WEB-INF/classes/logging.properties
read) (Caused by java.security.AccessControlException: access denied
(java.io.FilePermission
/var/lib/tomcat5.5/webapps-opencms/ROOT/WEB-INF/classes/logging.properties
read))
at
org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:538)
at
org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:235)
at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:370)
at
org.apache.catalina.core.ContainerBase.getLogger(ContainerBase.java:380)
at
org.apache.catalina.core.StandardContext.start(StandardContext.java:4114)
at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:759)
at org.apache.catalina.core.ContainerBase.access$0
(ContainerBase.java:743)
at
org.apache.catalina.core.ContainerBase$PrivilegedAddChild.run(ContainerBase.java:143)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:737)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:524)
at
org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:904)
at
org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:867)
at
org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:474)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1122)
at
org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:310)
at
org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1021)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:718)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1013)
at
org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442)
at
org.apache.catalina.core.StandardService.start(StandardService.java:450)
at
org.apache.catalina.core.StandardServer.start(StandardServer.java:709)
at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:294)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
Caused by: java.security.AccessControlException: access denied
(java.io.FilePermission
/var/lib/tomcat5.5/webapps-opencms/ROOT/WEB-INF/classes/logging.properties
read)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at
java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
at java.io.File.exists(File.java:731)
at
org.apache.naming.resources.FileDirContext.file(FileDirContext.java:827)
at
org.apache.naming.resources.FileDirContext.lookup(FileDirContext.java:210)
at
org.apache.naming.resources.ProxyDirContext.lookup(ProxyDirContext.java:293)
at
org.apache.catalina.loader.WebappClassLoader.findResourceInternal(WebappClassLoader.java:1887)
at
org.apache.catalina.loader.WebappClassLoader.findResource(WebappClassLoader.java:929)
at
org.apache.juli.ClassLoaderLogManager.readConfiguration(ClassLoaderLogManager.java:298)
at
org.apache.juli.ClassLoaderLogManager$2.run(ClassLoaderLogManager.java:272)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.juli.ClassLoaderLogManager.getClassLoaderInfo(ClassLoaderLogManager.java:269)
at
org.apache.juli.ClassLoaderLogManager.getLogger(ClassLoaderLogManager.java:174)
at java.util.logging.Logger.getLogger(Logger.java:275)
at
org.apache.commons.logging.impl.Jdk14Logger.getLogger(Jdk14Logger.java:152)
at
org.apache.commons.logging.impl.Jdk14Logger.<init>(Jdk14Logger.java:53)
at sun.reflect.GeneratedConstructorAccessor1.newInstance(Unknown Source)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at
org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:529)
... 29 more
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages tomcat5.5 depends on:
ii adduser 3.102 Add and remove users and
groups
ii apache2-utils 2.2.3-4+etch3 utility programs for
webservers
ii apache2.2-common 2.2.3-4+etch3 Next generation, scalable,
extenda
ii ecj-bootstrap 3.2.1-3 bootstrap version of the
Eclipse J
ii gij-4.1 [java2-runtime] 4.1.1-20 The GNU Java bytecode
interpreter
ii libtomcat5.5-java 5.5.20-2etch1 Java Servlet engine -- core
librar
ii sun-java5-jre [java2-runti 1.5.0-10-3 Sun Java(TM) Runtime
Environment (
ii sun-java6-jre [java2-runti 6-00-2 Sun Java(TM) Runtime
Environment (
tomcat5.5 recommends no packages.
-- no debconf information
signature.asc
Description: This is a digitally signed message part.
