ports/85760: [PATCH] www/jakarta-tomcat55; enable possibility to specify tomcat deamon user/group; make it possible to add user/group even if UID/GID number is reserved

Pawel Wieleba P.Wieleba at iem.pw.edu.pl
Mon Sep 5 19:23:49 UTC 2005 

>Number:         85760
>Category:       ports
>Synopsis:       [PATCH] www/jakarta-tomcat55; enable possibility to specify tomcat deamon user/group; make it possible to add user/group even if UID/GID number is reserved
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Sep 05 19:20:18 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator:     Pawel Wieleba
>Release:        FreeBSD 5.4-stable
>Organization:
>Environment:
FreeBSD srv 5.4-STABLE FreeBSD 5.4-STABLE #0: Sun Aug 28 23:43:13 CEST 2005     root at srv:/usr/obj/usr/src/sys/SRV  i386

>Description:
Now it is _impossible_ to specify what user is used to install and run tomcat with.
I use user www with apache2 and want to run tomcat with a different user because of security reasons.
I have written a patch to the jakarta-tomcat55 port to make it possible to install and run jakarta-tomcat55 server with an alternate user.

>How-To-Repeat:
      
>Fix:
The patch consists of free files:
 Makefile.diff
 pkg-install.diff
 pkg-deinstall.diff

The patch:
srv# cat *.diff
--- Makefile-ORG        Mon Sep  5 20:50:10 2005
+++ Makefile    Mon Sep  5 21:07:11 2005
@@ -66,6 +66,19 @@
                STDOUT_LOG=${STDOUT_LOG} \
                STDERR_LOG=${STDERR_LOG}

+REPLACE_FILES+=        ${PKGDIR}/pkg-install \
+               ${PKGDIR}/pkg-deinstall
+PKGINSTALL=    ${WRKDIR}/pkg-install
+PKGDEINSTALL=  ${WRKDIR}/pkg-deinstall
+
+.if defined(TOMCAT_USER)
+USER=${TOMCAT_USER}
+.endif
+
+.if defined(TOMCAT_GROUP)
+GROUP=${TOMCAT_GROUP}
+.endif
+
 .include <bsd.port.pre.mk>

 .if ${JAVA_PORT_VERSION:C/^([0-9])\.([0-9])(.*)$/\1.\2/} == "1.4"
@@ -91,7 +104,6 @@
        @${ECHO_MSG} "   Logfile stderr:           ${STDERR_LOG}"
        @${ECHO_MSG} "   Starting after install:   ${AUTO_START}"
        @${ECHO_MSG} "   Stop time-out:            ${STOP_TIMEOUT} sec."
-       @PKG_PREFIX=${PREFIX} ${SH} pkg-install ${PKGNAME} PRE-INSTALL

 post-patch:
        @${ECHO_MSG} -n ">> Removing unneeded files..."
@@ -129,6 +141,9 @@
        $f > ${WRKDIR}/`basename $f`
        @${ECHO_MSG} " [ DONE ]"
 .endfor
+
+pre-install:
+       @PKG_PREFIX=${PREFIX} ${SH} pkg-install ${PKGNAME} PRE-INSTALL

 do-install:
        @${ECHO_MSG} -n ">> Creating destination directory..."
--- pkg-deinstall-ORG   Mon Sep  5 20:52:29 2005
+++ pkg-deinstall       Mon Sep  5 20:42:24 2005
@@ -5,7 +5,7 @@
 # * Checks if the PID file exists. If it does, it kills the
 #   process and removes the PID file.
 #
-# * Checks if the 'www' user exists. If it does, then it displays
+# * Checks if the '%%USER%%' user exists. If it does, then it displays
 #   a message.
 #
 # $FreeBSD: ports/www/jakarta-tomcat55/pkg-deinstall,v 1.2 2004/01/02 12:31:11 znerd Exp $
@@ -37,8 +37,8 @@

 if [ "$2" = "POST-DEINSTALL" ]; then
        # If the user exists, then display a message
-       if pw usershow "www" 2>/dev/null 1>&2; then
-               echo "To delete the www user permanently, use 'pw userdel www'"
+       if pw usershow "%%USER%%" 2>/dev/null 1>&2; then
+               echo "To delete the %%USER%% user permanently, use 'pw userdel %%USER%%'"
        fi
 fi

--- pkg-install-ORG     Mon Sep  5 20:52:16 2005
+++ pkg-install Mon Sep  5 20:42:20 2005
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Checks if the 'www' user and group exist. If they don't, then
+# Checks if the '%%USER%%' user and %%GROUP%% group exist. If they don't, then
 # an attempt is made to create both.
 #
 # $FreeBSD: ports/www/jakarta-tomcat55/pkg-install,v 1.2 2005/06/13 14:08:34 hq Exp $
@@ -12,34 +12,39 @@
 fi

 # Set some constants
-USER=www
-GROUP=${USER}
 UID=80
 GID=${UID}

 # See if the group already exists
-if ! pw groupshow "${GROUP}" 2>/dev/null 1>&2; then
+if ! pw groupshow "%%GROUP%%" 2>/dev/null 1>&2; then

        # If not, try to create it
-       if pw groupadd ${GROUP} -g ${GID}; then
-               echo "Added group \"${GROUP}\"."
+       if pw groupadd "%%GROUP%%" -g ${GID}; then
+               echo "Added group \"%%GROUP%%\"."
+       elif pw groupadd "%%GROUP%%"; then
+               echo "Added group \"%%GROUP%%\"."
        else
-               echo "Adding group \"${GROUP}\" failed..."
+               echo "Adding group \"%%GROUP%%\" failed..."
                exit 1
        fi
 fi

 # See if the user already exists
-if ! pw usershow "${USER}" 2>/dev/null 1>&2; then
+if ! pw usershow "%%USER%%" 2>/dev/null 1>&2; then

        # If not, try to create it
-       if pw useradd ${USER} -u ${UID} -g ${GROUP} -h - \
-               -s "/sbin/nologin" -d "/nonexistent" \
-               -c "World Wide Web Owner"; \
+       if pw useradd "%%USER%%" -u ${UID} -g "%%GROUP%%" -h - \
+                -s "/sbin/nologin" -d "/nonexistent" \
+                -c "World Wide Web Owner";
        then
-               echo "Added user \"${USER}\"."
+               echo "Added user \"%%USER%%\"."
+       elif pw useradd "%%USER%%" -g "%%GROUP%%" -h - \
+                -s "/sbin/nologin" -d "/nonexistent" \
+                -c "World Wide Web Owner";
+       then
+               echo "Added user \"%%USER%%\"."
        else
-               echo "Adding user \"${USER}\" failed..."
+               echo "Adding user \"%%USER%%\" failed..."
                exit 1
        fi
 fi


I hope this patch or similar will be added to this port soon.
Best 4 you
Pawel Wieleba
>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list