[SCM] tomcat6 packaging branch, master, updated. debian/6.0.35-4-2-g3805ab2

tony mancill tmancill at debian.org
Sat Sep 22 18:53:46 UTC 2012 

The following commit has been merged in the master branch:
commit 3805ab2ee91618587912170c2e05100880c70df5
Author: tony mancill <tmancill at debian.org>
Date:   Sat Sep 22 11:52:17 2012 -0700

    use logrotate template file and ucf handling (Debian #687818)

diff --git a/debian/changelog b/debian/changelog
index 9d1d66b..13531ff 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,8 @@ tomcat6 (6.0.35-5) UNRELEASED; urgency=low
   * Apply patch to README.Debian to explain setting the HTTPOnly flag
     in cookies by default; CVE-2010-4312. (Closes: #608286)
     - Thank you to Thijs Kinkhorst for the patch.
+  * Use ucf and a template for /etc/logrotate.d/tomcat6 file to avoid
+    updating the shipped conffile. (Closes: #687818)
 
  -- tony mancill <tmancill at debian.org>  Mon, 06 Aug 2012 21:29:11 -0700
 
diff --git a/debian/logrotate.md5sum b/debian/logrotate.md5sum
new file mode 100644
index 0000000..ee08b7f
--- /dev/null
+++ b/debian/logrotate.md5sum
@@ -0,0 +1 @@
+b5420492288987ba126ea151bd92852d  logrotate.template
diff --git a/debian/logrotate b/debian/logrotate.template
similarity index 72%
rename from debian/logrotate
rename to debian/logrotate.template
index 1b32f6b..0d5efb2 100644
--- a/debian/logrotate
+++ b/debian/logrotate.template
@@ -4,5 +4,5 @@
   rotate 52
   compress
   missingok
-  create 640 @@@TOMCAT6USER@@@ adm
+  create 640 tomcat6 adm
 }
diff --git a/debian/rules b/debian/rules
index 228dd24..8162d37 100755
--- a/debian/rules
+++ b/debian/rules
@@ -73,7 +73,6 @@ install: build
 	dh_testroot
 	dh_prep 
 	dh_installdirs
-	cp debian/logrotate debian/tomcat6/etc/logrotate.d/tomcat6
 
 binary-indep: build install
 	dh_testdir
diff --git a/debian/tomcat6.install b/debian/tomcat6.install
index c40413e..ad0864e 100644
--- a/debian/tomcat6.install
+++ b/debian/tomcat6.install
@@ -5,3 +5,5 @@ debian/policy/*.policy /etc/tomcat6/policy.d/
 debian/default_root /usr/share/tomcat6-root/
 debian/defaults.template /usr/share/tomcat6/
 debian/defaults.md5sum /usr/share/tomcat6/
+debian/logrotate.template /usr/share/tomcat6/
+debian/logrotate.md5sum /usr/share/tomcat6/
diff --git a/debian/tomcat6.postinst b/debian/tomcat6.postinst
index 9855fb1..468f6f2 100644
--- a/debian/tomcat6.postinst
+++ b/debian/tomcat6.postinst
@@ -4,6 +4,8 @@ set -e
 . /usr/share/debconf/confmodule
 TEMPLATE="/usr/share/tomcat6/defaults.template"
 CONFFILE="/etc/default/tomcat6"
+LR_TEMPLATE="/usr/share/tomcat6/logrotate.template"
+LR_CONFFILE="/etc/logrotate.d/tomcat6"
 JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC"
 
 case "$1" in
@@ -36,11 +38,12 @@ case "$1" in
 	chown -R $TOMCAT6_USER:adm /var/log/tomcat6 /var/cache/tomcat6
 	chmod 750 /var/log/tomcat6 /var/cache/tomcat6
 
-  # replace the TOMCAT6USER token in /etc/logrotate.d/tomcat6 if it still contains the token
-  LOGROTATE_TOKEN="@@@TOMCAT6USER@@@"
-  if grep -q "$LOGROTATE_TOKEN" /etc/logrotate.d/tomcat6 ; then
-    sed --in-place "s/$LOGROTATE_TOKEN/$TOMCAT6_USER/" /etc/logrotate.d/tomcat6
-  fi
+	# populate /etc/logrotate.d/tomcat6
+	tmpfile=`mktemp /tmp/tomcat6.XXXXXXXXXX`
+	chmod 644 $tmpfile
+	cat $LR_TEMPLATE | sed "s%create 640 tomcat6 adm%create 640 $TOMCAT6_USER adm%" >> $tmpfile
+	ucf --debconf-ok --sum-file /usr/share/tomcat6/logrotate.md5sum $tmpfile $LR_CONFFILE
+	rm -f $tmpfile
 
 	# configuration files should not be modifiable by tomcat6 user, as this can be a security issue
 	# (an attacker may insert code in a webapp and have access to all tomcat configuration)
diff --git a/debian/tomcat6.postrm b/debian/tomcat6.postrm
index 1ebe7cb..359ca31 100644
--- a/debian/tomcat6.postrm
+++ b/debian/tomcat6.postrm
@@ -4,6 +4,7 @@ set -e
 #DEBHELPER#
 
 CONFFILE=/etc/default/tomcat6
+LR_CONFFILE=/etc/logrotate.d/tomcat6
 
 # Remove cached files and auto-generated catalina.policy
 rm -rf /var/cache/tomcat6/*
@@ -47,8 +48,9 @@ case "$1" in
         set +e
         if [ -x "/usr/bin/ucf" ]; then
             ucf --purge $CONFFILE
+            ucf --purge $LR_CONFFILE
         fi
-        rm -rf /var/log/tomcat6 /var/lib/tomcat6/temp $CONFFILE
+        rm -rf /var/log/tomcat6 /var/lib/tomcat6/temp $CONFFILE $LR_CONFFILE
         if [ -d "/var/lib/tomcat6" ] ; then
             rmdir --ignore-fail-on-non-empty /var/lib/tomcat6
         fi

-- 
tomcat6 packaging

More information about the pkg-java-commits mailing list