Re: Tomcat 6.0.33 ?
Jean-frederic Clere-3 wrote: > > On 07/27/2011 07:07 PM, Mark Thomas wrote: >> On 27/07/2011 17:31, Henri Gomez wrote: >>> Hi guys, >>> >>> We're stuck with Tomcat 6.0.32 with this bug >>> (https://issues.apache.org/bugzilla/show_bug.cgi?id=50189). >>> Did there is any date for 6.0.33 release ? >> >> Any committer can roll a release. Last time I checked, you were a >> committer. > > Well I can do a release... Next week. > Any update on this? Thanks, Petr -- View this message in context: http://old.nabble.com/Tomcat-6.0.33---tp32149462p32250168.html Sent from the Tomcat - Dev mailing list archive at Nabble.com. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release build 6.0.33
Jean-frederic Clere-3 wrote: > > The candidates binaries are available here: > http://people.apache.org/~jfclere/tomcat-6/v6.0.33/ > [x] Stable Solaris 11; JVM Version: 1.6.0_26-b03 Sources builds just fine. No issue seen while testing basic functionality compared to version 6.0.32. Thanks, Petr -- View this message in context: http://old.nabble.com/-VOTE--Release-build-6.0.33-tp32271500p32279551.html Sent from the Tomcat - Dev mailing list archive at Nabble.com. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
tomcat-users.xml Unix file permissions and security (possible patch)
Hi all, >From Tomcat tar archive I get: ls -l apache-tomcat-6.0.18/conf/tomcat-users.xml -rw--- 1 tomcat staff 1107 Jul 21 2008 apache-tomcat-6.0.18/conf/tomcat-users.xml But Tomcat itself changes this during its first run: ls -l apache-tomcat-6.0.18/conf/tomcat-users.xml -rw-r--r- 1 tomcat staff 70 Feb 12 08:31 apache-tomcat-6.0.18/conf/tomcat-users.xml This is bad from security perspective. Why not directly write to the file and avoid renaming. This risk of problem during saving is probably smaller then readable passwords... See attached patch (it would need some more clearance). Thanks, Petr http://www.nabble.com/file/p21980349/MemoryUserDatabase.diff MemoryUserDatabase.diff -- View this message in context: http://www.nabble.com/tomcat-users.xml-Unix-file-permissions-and-security-%28possible-patch%29-tp21980349p21980349.html Sent from the Tomcat - Dev mailing list archive at Nabble.com. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
tomcat 6.0.20 problem with read only "conf" directory
Hi, while preparing Tomcat upgrade from 6.0.18 to 6.0.20 for OpenSolaris I realized that I see error in log because "conf" directory is not writable: java.io.FileNotFoundException: /var/tomcat6/conf/Catalina/localhost/host-manager.xml (No such file or directory) at java.io.FileOutputStream.open(Native Method) at java.io.FileOutputStream.(FileOutputStream.java:179) at java.io.FileOutputStream.(FileOutputStream.java:131) at org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:957) at org.apache.catalina.startup.HostConfig.deployDirectories(HostConfig.java:909) ... This is most probably caused by new code for: https://issues.apache.org/bugzilla/show_bug.cgi?id=42747 I believe read only conf dir should be valid option. Any comment on this? Thanks, Petr -- View this message in context: http://www.nabble.com/tomcat-6.0.20-problem-with-read-only-%22conf%22-directory-tp23962282p23962282.html Sent from the Tomcat - Dev mailing list archive at Nabble.com. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: tomcat 6.0.20 problem with read only "conf" directory
markt-2 wrote: > > I believe read only conf dir should be valid option. >> >> Any comment on this? > > As far as I recall, the conf directory has always needed to be writeable > in 6.0.x. > For what reasons? I only remember tomcat-users.xml needed to be writable. But with read only (now by default) user database I was not aware of any other issue. Petr -- View this message in context: http://www.nabble.com/tomcat-6.0.20-problem-with-read-only-%22conf%22-directory-tp23962282p23962559.html Sent from the Tomcat - Dev mailing list archive at Nabble.com. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Tomcat 6 with JDK 1.6 (why not use commons-dbcp-1.4)
Hi, why not to allow Tomcat 6 to be built with JDK 1.6. With commons-dbcp-1.4 it seems so easy (see bellow). Any comment on this? Or at least allow to choose? Thanks, Petr --- apache-tomcat-6.0.28-src/build.properties.default.orig +++ apache-tomcat-6.0.28-src/build.properties.default -# - Commons DBCP, version 1.1 or later - -commons-dbcp.version=1.3 +# - Commons DBCP, version 1.4 (for JDK 1.6) - +commons-dbcp.version=1.4 --- apache-tomcat-6.0.28-src/build.xml.orig +++ apache-tomcat-6.0.28-src/build.xml - http://old.nabble.com/Tomcat-6-with-JDK-1.6-%28why-not-use-commons-dbcp-1.4%29-tp29149150p29149150.html Sent from the Tomcat - Dev mailing list archive at Nabble.com. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Tomcat 6 with JDK 1.6 (why not use commons-dbcp-1.4)
markt-2 wrote: > > On 13/07/2010 12:08, Petr Sumbera wrote: >> >> Hi, >> >> why not to allow Tomcat 6 to be built with JDK 1.6. With commons-dbcp-1.4 >> it >> seems so easy (see bellow). Any comment on this? Or at least allow to >> choose? > > Because the Servlet specification requires Java 1.5 support and there > are issues with the JDBC API if you build with 1.6. > Any pointer to the second issues? I need to build Tomcat 6 with JD 1.6 anyway.. Thanks, Petr -- View this message in context: http://old.nabble.com/Tomcat-6-with-JDK-1.6-%28why-not-use-commons-dbcp-1.4%29-tp29149150p29149908.html Sent from the Tomcat - Dev mailing list archive at Nabble.com. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
UMASK issue after update from tomcat 8.0 to 8.5
Hi, after update to 8.5 we have ran into an issue where our Jenkins build jobs were failing and complaining that we can't access files. This is caused by following change in 8.5: http://svn.apache.org/viewvc?view=revision&revision=1713174 Shouldn't this be mentioned at least at: https://tomcat.apache.org/migration-85.html#Migrating_from_8.0.x_to_8.5.x ? Any other suggestion or comment? Thanks! Petr - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
