Bug#935203: tomcat9: systemd and /var/lib/tomcat9/policy/

[David Magda]

Hello,

I've just installed the following from stretch-backports:

	$ dpkg --list | grep tomcat9 | cut -c1-60
	ii  libtomcat9-java                 9.0.16-4~bpo9+1
	ii  tomcat9                         9.0.16-4~bpo9+1
	ii  tomcat9-common                  9.0.16-4~bpo9+1

And got the following error on initial start-up:

	[2020-09-10 14:59:31] [info] mkdir: cannot create directory 
‘/var/lib/tomcat9/policy’: Read-only file system

I then did a 'mkdir' and tried to do a chown/chgrp to the tomcat 
user/group and got:

	[2020-09-10 15:12:39] [info] rm: cannot remove 
'/var/lib/tomcat9/policy': Read-only file system

I copied over the config file:

	$ sudo cp -p /lib/systemd/system/tomcat9.service /etc/systemd/system/

And tried adding the following line:

	ReadWritePaths=/var/lib/tomcat9/policy/

Did not help. I then put:

	ReadWritePaths=/var/lib/tomcat9/

and things were okay.



Further, on package installation, the package was expecting a "tomcat" 
group because a 'chown' failed:

	Creating config file /etc/tomcat9/tomcat-users.xml with new version
	chown: invalid group: ‘root:tomcat’

I did a 'vigr' and created a "tomcat" group with the same GID as 
"tomcat8" and that allowed the installation to finish.