Bug 693815 - /var/log/tomcat6/catalina.out owned by pkiuser

Set the TOMCAT_LOG variable in the per instance tomcat
config file otherwise it defaults to the generic tomcat
log file. Note, we set up and configure our log file elsewhere
so the only issue was the initscript was setting the 
TOMCAT_USER ownership on TOMCAT_LOG, a file we otherwise do
not use or touch.


git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1954 c9f7a03b-bd48-0410-a16d-cbbf54688b0b

5 files changed, 20 insertions, 0 deletions

diff --git a/pki/base/ca/shared/conf/tomcat6.conf b/pki/base/ca/shared/conf/tomcat6.conf
index 31385567d..b3aa82df7 100644
--- a/pki/base/ca/shared/conf/tomcat6.conf
+++ b/pki/base/ca/shared/conf/tomcat6.conf
@@ -47,6 +47,9 @@ TOMCAT_USER="[PKI_USER]"
 # Set the TOMCAT_PID location
 CATALINA_PID="[TOMCAT_PIDFILE]"
 
+# Set the tomcat log file
+TOMCAT_LOG="[TOMCAT_LOG_DIR]/catalina.out"
+
 # Connector port is 8080 for this tomcat6 instance
 #CONNECTOR_PORT="8080"
 
diff --git a/pki/base/kra/shared/conf/tomcat6.conf b/pki/base/kra/shared/conf/tomcat6.conf
index 31385567d..b3aa82df7 100644
--- a/pki/base/kra/shared/conf/tomcat6.conf
+++ b/pki/base/kra/shared/conf/tomcat6.conf
@@ -47,6 +47,9 @@ TOMCAT_USER="[PKI_USER]"
 # Set the TOMCAT_PID location
 CATALINA_PID="[TOMCAT_PIDFILE]"
 
+# Set the tomcat log file
+TOMCAT_LOG="[TOMCAT_LOG_DIR]/catalina.out"
+
 # Connector port is 8080 for this tomcat6 instance
 #CONNECTOR_PORT="8080"
 
diff --git a/pki/base/ocsp/shared/conf/tomcat6.conf b/pki/base/ocsp/shared/conf/tomcat6.conf
index 31385567d..b3aa82df7 100644
--- a/pki/base/ocsp/shared/conf/tomcat6.conf
+++ b/pki/base/ocsp/shared/conf/tomcat6.conf
@@ -47,6 +47,9 @@ TOMCAT_USER="[PKI_USER]"
 # Set the TOMCAT_PID location
 CATALINA_PID="[TOMCAT_PIDFILE]"
 
+# Set the tomcat log file
+TOMCAT_LOG="[TOMCAT_LOG_DIR]/catalina.out"
+
 # Connector port is 8080 for this tomcat6 instance
 #CONNECTOR_PORT="8080"
 
diff --git a/pki/base/setup/pkicreate b/pki/base/setup/pkicreate
index 9aeb3b643..6d3603c4b 100755
--- a/pki/base/setup/pkicreate
+++ b/pki/base/setup/pkicreate
@@ -305,6 +305,7 @@ my $TOMCAT_SSL2_CIPHERS                 = "TOMCAT_SSL2_CIPHERS";
 my $TOMCAT_SSL3_CIPHERS                 = "TOMCAT_SSL3_CIPHERS";
 my $TOMCAT_TLS3_CIPHERS                 = "TOMCAT_TLS3_CIPHERS";
 my $TOMCAT_INSTANCE_COMMON_LIB          = "TOMCAT_INSTANCE_COMMON_LIB";
+my $TOMCAT_LOG_DIR                      = "TOMCAT_LOG_DIR";
 my $PKI_INSTANCE_INITSCRIPT             = "PKI_INSTANCE_INITSCRIPT";
 my $PKI_FLAVOR_SLOT                     = "PKI_FLAVOR";
 my $PKI_UNSECURE_PORT_CONNECTOR_NAME_SLOT              = "PKI_UNSECURE_PORT_CONNECTOR_NAME";
@@ -2423,6 +2424,13 @@ LoadModule nss_module  /opt/fortitude/modules.local/libmodnss.so
                                           . "-SSL3_RSA_WITH_NULL_MD5,-TLS_RSA_EXPORT1024_WITH_RC4_56_SHA,"
                                           . "-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,+TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA";
         $slot_hash{$TOMCAT_INSTANCE_COMMON_LIB} = "$tomcat_instance_common_lib_path/*.jar";
+        if (!$redirected_logs_path) {
+            $slot_hash{$TOMCAT_LOG_DIR} = $logs_instance_path;
+        }
+        else {
+            $slot_hash{$TOMCAT_LOG_DIR} = $redirected_logs_path;
+        }
+
     }
 
     ## Process templates (instance independent)
diff --git a/pki/base/tks/shared/conf/tomcat6.conf b/pki/base/tks/shared/conf/tomcat6.conf
index 31385567d..b3aa82df7 100644
--- a/pki/base/tks/shared/conf/tomcat6.conf
+++ b/pki/base/tks/shared/conf/tomcat6.conf
@@ -47,6 +47,9 @@ TOMCAT_USER="[PKI_USER]"
 # Set the TOMCAT_PID location
 CATALINA_PID="[TOMCAT_PIDFILE]"
 
+# Set the tomcat log file
+TOMCAT_LOG="[TOMCAT_LOG_DIR]/catalina.out"
+
 # Connector port is 8080 for this tomcat6 instance
 #CONNECTOR_PORT="8080"