From efc565cf33da3b240c6bda5100a3c8740ac5de4d Mon Sep 17 00:00:00 2001 From: pawelz Date: Thu, 3 Dec 2009 17:10:22 +0000 Subject: [PATCH] - better permission for /var/lib/tomcat and some subdirs: - some stupid java apps (opensso for example) need write acess to /var/lib/tomcat, but they don't write anything there. - no need for sticky bit for /var/lib/work - no rx for "other". Tomcat config/cache/temporary dirs may contain some private data like passwords Changed files: tomcat.spec -> 1.142 --- tomcat.spec | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/tomcat.spec b/tomcat.spec index 01fca18..b680d36 100644 --- a/tomcat.spec +++ b/tomcat.spec @@ -365,20 +365,20 @@ fi %{_tomcatdir}/logs %{_tomcatdir}/work -%dir %{_vardir} +%dir %attr(770,root,tomcat) %{_vardir} # these directory has to be writeable because /admin need to modify config # files and create temporary files -%dir %attr(775,root,tomcat) %{_vardir}/conf -%dir %attr(775,root,tomcat) %{_vardir}/conf/Catalina +%dir %attr(770,root,tomcat) %{_vardir}/conf +%dir %attr(770,root,tomcat) %{_vardir}/conf/Catalina %dir %{_vardir}/conf/Catalina/localhost # tomcat config has to be writeable because of tomcat-users.xml file and Catalina dir %config(noreplace) %attr(660,root,tomcat) %verify(not md5 mtime size) %{_vardir}/conf/catalina.policy %config(noreplace) %attr(660,root,tomcat) %verify(not md5 mtime size) %{_vardir}/conf/*.properties* %config(noreplace) %attr(660,root,tomcat) %verify(not md5 mtime size) %{_vardir}/conf/*.xml -%dir %attr(1730,root,tomcat) %{_vardir}/work -%dir %attr(775,root,tomcat) %{_vardir}/webapps -%dir %attr(775,root,tomcat) %{_vardir}/temp -%dir %attr(775,root,tomcat) %{_logdir}/tomcat +%dir %attr(770,root,tomcat) %{_vardir}/work +%dir %attr(770,root,tomcat) %{_vardir}/webapps +%dir %attr(770,root,tomcat) %{_vardir}/temp +%dir %attr(770,root,tomcat) %{_logdir}/tomcat %{_vardir}/logs %files webapp-docs -- 2.44.0