Package: tomcat6 Version: 6.0.26-0ubuntu1~ppa1 Severity: wishlist >From Jason Brittain (MuleSource):
When the init script invoked Tomcat via jsvc, it had to be run by an administrator user because jsvc itself had to be started as root in order to allow binding to privileged ports. Now that we use authbind, it doesn't require the init script to run as an administrator to do the same thing. For example the init script could run as user 'tomcat6' and starts, stops, and restarts could work just fine while Tomcat could still bind to privileged ports. So, what's the use case for the init script being run as user 'tomcat6'? There are situations where the administrator does not want to or cannot configure sudo for a user to be able to run the Tomcat init script, or where there is a script that runs as user tomcat6 that needs to be able to either restart Tomcat or get Tomcat's status. It is possible to make this work now that the init script doesn't use jsvc, and I thought I'd ask you whether you think it would be helpful to allow it. The code change would be only inside the init script -- it would be a relatively small change to remove the few lines of code that requires the user be root to run it, possibly invoke start-stop-daemon without the --user switch, maybe a small number of changes to make sure that running the rest of the init script as non-root works properly. I think the changes are pretty small. It would, however, need to be tested afterwards to make sure the usual use case works properly still. So, I'm not proposing making this change for Lucid, unless there's time in the schedule to test and debug it afterwards. What do you guys think? -- System Information: Debian Release: squeeze/sid APT prefers karmic-updates APT policy: (500, 'karmic-updates'), (500, 'karmic-security'), (500, 'karmic-backports'), (500, 'karmic') Architecture: amd64 (x86_64) Kernel: Linux 2.6.31-20-generic (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages tomcat6 depends on: ii adduser 3.110ubuntu7 add and remove users and groups ii tomcat6-common 6.0.26-0ubuntu1~ppa1 Servlet and JSP engine -- common f Versions of packages tomcat6 recommends: ii authbind 1.2.0build2 Allows non-root programs to bind() Versions of packages tomcat6 suggests: ii tomcat6-admin 6.0.26-0ubuntu1~ppa1 Servlet and JSP engine -- admin we ii tomcat6-docs 6.0.26-0ubuntu1~ppa1 Servlet and JSP engine -- document ii tomcat6-examples 6.0.26-0ubuntu1~ppa1 Servlet and JSP engine -- example ii tomcat6-user 6.0.26-0ubuntu1~ppa1 Servlet and JSP engine -- tools to -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
