<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Thanks !</p>
<p>I have verified and it is ok, i can close my bug report.</p>
<p>Best regards,</p>
<div class="moz-signature">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<font size="1" face="verdana,arial,sans-serif" color="#000000"> </font>
<br>
<a href="" moz-do-not-send="true" lang="fr"> <img
src="cid:part1.FCD1AB76.22D54409@univ-lille.fr"
alt="Université de Lille" class="" width="150" height="50"
border="0"></a> <br>
<br>
<font size="1" face="verdana,arial,sans-serif" color="#ae2573"> <b>Mathieu
HETRU</b></font> <br>
<font size="1" face="verdana,arial,sans-serif" color="#000000">
Responsable du bureau missions transversales<br>
<br>
Université de Lille - Campus Cité Scientifique<br>
Direction des Systèmes d'Information<br>
Service Intégration / Exploitation<br>
Cellule missions transversales<br>
</font> <br>
<font size="1" face="verdana,arial,sans-serif" color="#000000">
Bureau 47 - Bâtiment A3<br>
Domaine universitaire de la Cité Scientifique<br>
Avenue Carl Von Limé<br>
BP 90179 59653 Villeneuve d'Ascq<br>
</font><br>
<font size="1px" face="verdana,arial,sans-serif" color="#ae2573">
Tél. :</font><font size="1" face="verdana,arial,sans-serif"
color="#000000">+33 (0)3 62 26 83 81 (numéro interne : 68381)</font><br>
<font size="1" face="verdana,arial,sans-serif" color="#000000"><br>
<font size="1" face="verdana,arial,sans-serif" color="#ae2573">
<a href="mailto:mathieu.hetru@univ-lille.fr"
moz-do-not-send="true">mathieu.hetru@univ-lille.fr</a></font>
<font size="1" face="verdana,arial,sans-serif" color="#ae2573">
<b>|</b></font> <font size="1"
face="verdana,arial,sans-serif" color="#ae2573"> <a
href="http://www.univ-lille.fr" moz-do-not-send="true">
www.univ-lille.fr</a></font> </font></div>
<div class="moz-cite-prefix">Le 24/11/2020 à 08:56, Emmanuel Bourg a
écrit :<br>
</div>
<blockquote type="cite"
cite="mid:d7f1c3cb-3280-a3ed-5bae-d1314ad3e071@apache.org">
<pre class="moz-quote-pre" wrap="">Hi Mathieu,
Le 18/05/2020 à 15:26, Mathieu HETRU a écrit :
</pre>
<blockquote type="cite">
<pre class="moz-quote-pre" wrap="">So each virtualhost in server.xml got one webapps directory under
catalina_home (/var/lib/tomcat9).
But tomcat9 cannot deploy war files (applications) because the unix user
"tomcat" cannot have access read-write under /var/lib/tomcat9.
</pre>
</blockquote>
<pre class="moz-quote-pre" wrap="">The tomcat user isn't allowed to write to /var/lib/tomcat9 because we
want to prevent a malicious or compromised web application from altering
the Tomcat configuration. So you have to customize the systemd
configuration for the tomcat9 service as you've figured out.
</pre>
<blockquote type="cite">
<pre class="moz-quote-pre" wrap="">I have found the solution with adding this line :
ReadWritePaths=/var/lib/tomcat9/
in the systemctl file service of tomcat9
/usr/lib/systemd/system/tomcat9.service
and systemctl daemon-reload
But, when an update of debian occured on tomcat9 package, i lost my
modification.
</pre>
</blockquote>
<pre class="moz-quote-pre" wrap="">/usr/lib/systemd/system/tomcat9.service belongs to the package and
should not be modified. Custom settings go to a conf file under
/etc/systemd/system/tomcat9.service.d/, you can look at the
README.Debian file for an example.
Emmanuel Bourg
</pre>
</blockquote>
</body>
</html>