Scenario: * tomcat starts, as user u1, with only the manager application in place; * it is configured as to not deploy automatically; * user u1 copies a webapp tree into $CATALINA_HOME/webapps, which it can since it has write/execute access to this directory; * the manager webapp is called to deploy that new web application; * [in between, credentials on the deployed webapp directory are changed so that user u1 cannot remove the webapp at all] * the manager webapp is called to undeploy that application, BUG: it answers OK, but it is not.
The manager webapp documentation explicitly states that undeploying an application means that the webapp tree is removed - but of course, in this case it isn't. Proof: ---- [o3@tomcat-r8 cockpit]$ wget -O - -q --http-user=tomcat --http-password=tomcat http://localhost:8080/manager/text/list|sed 1d /manager:running:6:/usr/share/tomcat7/webapps/manager # webapp tree is created, then: [o3@tomcat-r8 cockpit]$ wget -O - -q --http-user=tomcat --http-password=tomcat http://localhost:8080/manager/text/deploy'?path=/cockpit&war=file:/var/lib/o3/tomcat/installs/cockpit' OK - Deployed application at context path /cockpit # Note that /var/lib/o3/tomcat/installs is $CATALINA_HOME/webapps [...] # In another terminal: [root@tomcat-r8 installs]# pwd /var/lib/o3/tomcat/installs # We now remove all access rights to o3 [root@tomcat-r8 installs]# chown -R root.root cockpit/ [...] # Back to the first terminal: [o3@tomcat-r8 cockpit]$ wget -O - -q --http-user=tomcat --http-password=tomcat http://localhost:8080/manager/text/undeploy?path=/cockpit OK - Undeployed application at context path /cockpit # At that point, the whole webapp tree still exists [o3@tomcat-r8 cockpit]$ wget -O - -q --http-user=tomcat --http-password=tomcat http://localhost:8080/manager/text/list|sed 1d /manager:running:9:/usr/share/tomcat7/webapps/manager /cockpit:stopped:0:cockpit ---- The documentation explicitly states: "WARNING - This command will delete any web application artifacts that exist within appBase directory (typically "webapps") for this virtual host. This will delete the the application .WAR, if present, the application directory resulting either from a deploy in unpacked form or from .WAR expansion as well as the XML Context definition from $CATALINA_BASE/conf/[enginename]/[hostname]/ directory." This turns out to be FALSE in this case. While the application is indeed stopped, the "web application artifacts" are NOT removed. The undeploy command should have failed. It hasn't. What's more, the logs don't mention that the webapp tree has failed to be removed at all. If I chown back the webapp tree to its rightful owner, then the webapp is indeed undeployed in the full meaning of it: all "artifacts" are indeed destroyed. -- Francis Galiegue ONE2TEAM Ingénieur système Mob : +33 (0) 683 877 875 Tel : +33 (0) 178 945 552 f...@one2team.com 40 avenue Raymond Poincaré 75116 Paris --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
