From 2d7c599c77470116e9e6eda6d492cb5bfa368ae1 Mon Sep 17 00:00:00 2001 From: Bitnami Bot Date: Thu, 20 Apr 2023 11:04:42 +0200 Subject: [PATCH] [bitnami/tomcat] Release 8.5.88-debian-11-r0 (#31068) Signed-off-by: Bitnami Containers --- bitnami/tomcat/8.5/debian-11/Dockerfile | 15 ++- .../opt/bitnami/.bitnami_components.json | 12 +-- .../prebuildfs/opt/bitnami/scripts/libos.sh | 95 +++++++++++++++++++ .../rootfs/opt/bitnami/scripts/libtomcat.sh | 4 +- .../rootfs/opt/bitnami/scripts/tomcat/run.sh | 3 +- .../opt/bitnami/scripts/tomcat/start.sh | 2 +- bitnami/tomcat/8.5/debian-11/tags-info.yaml | 2 +- 7 files changed, 110 insertions(+), 23 deletions(-) diff --git a/bitnami/tomcat/8.5/debian-11/Dockerfile b/bitnami/tomcat/8.5/debian-11/Dockerfile index cbbb5ca52f4f..04005aef0b65 100644 --- a/bitnami/tomcat/8.5/debian-11/Dockerfile +++ b/bitnami/tomcat/8.5/debian-11/Dockerfile @@ -4,13 +4,13 @@ ARG JAVA_EXTRA_SECURITY_DIR="/bitnami/java/extra-security" ARG TARGETARCH LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2023-04-18T14:29:42Z" \ + org.opencontainers.image.created="2023-04-20T08:17:30Z" \ org.opencontainers.image.description="Application packaged by VMware, Inc" \ org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="8.5.87-debian-11-r10" \ + org.opencontainers.image.ref.name="8.5.88-debian-11-r0" \ org.opencontainers.image.title="tomcat" \ org.opencontainers.image.vendor="VMware, Inc." \ - org.opencontainers.image.version="8.5.87" + org.opencontainers.image.version="8.5.88" ENV HOME="/" \ OS_ARCH="${TARGETARCH:-amd64}" \ @@ -23,10 +23,9 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"] RUN install_packages ca-certificates curl libssl1.1 procps xmlstarlet zlib1g RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \ COMPONENTS=( \ - "java-11.0.18-10-4-linux-${OS_ARCH}-debian-11" \ - "tomcat-8.5.87-3-linux-${OS_ARCH}-debian-11" \ - "render-template-1.0.5-4-linux-${OS_ARCH}-debian-11" \ - "gosu-1.16.0-5-linux-${OS_ARCH}-debian-11" \ + "java-11.0.19-7-0-linux-${OS_ARCH}-debian-11" \ + "tomcat-8.5.88-0-linux-${OS_ARCH}-debian-11" \ + "render-template-1.0.5-5-linux-${OS_ARCH}-debian-11" \ ) && \ for COMPONENT in "${COMPONENTS[@]}"; do \ if [ ! -f "${COMPONENT}.tar.gz" ]; then \ @@ -45,7 +44,7 @@ RUN chmod g+rwX /opt/bitnami COPY rootfs / RUN /opt/bitnami/scripts/java/postunpack.sh RUN /opt/bitnami/scripts/tomcat/postunpack.sh -ENV APP_VERSION="8.5.87" \ +ENV APP_VERSION="8.5.88" \ BITNAMI_APP_NAME="tomcat" \ JAVA_HOME="/opt/bitnami/java" \ PATH="/opt/bitnami/java/bin:/opt/bitnami/tomcat/bin:/opt/bitnami/common/bin:$PATH" diff --git a/bitnami/tomcat/8.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/tomcat/8.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json index 1d5b245d50b4..1d49626500fe 100644 --- a/bitnami/tomcat/8.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ b/bitnami/tomcat/8.5/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json @@ -1,26 +1,20 @@ { - "gosu": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.16.0-5" - }, "java": { "arch": "amd64", "distro": "debian-11", "type": "NAMI", - "version": "11.0.18-10-4" + "version": "11.0.19-7-0" }, "render-template": { "arch": "amd64", "distro": "debian-11", "type": "NAMI", - "version": "1.0.5-4" + "version": "1.0.5-5" }, "tomcat": { "arch": "amd64", "distro": "debian-11", "type": "NAMI", - "version": "8.5.87-3" + "version": "8.5.88-0" } } \ No newline at end of file diff --git a/bitnami/tomcat/8.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/tomcat/8.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh index 5e141d4ce3f1..e573899abacb 100644 --- a/bitnami/tomcat/8.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ b/bitnami/tomcat/8.5/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh @@ -553,3 +553,98 @@ get_root_disk_device_id() { get_root_disk_size() { fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true } + +######################## +# Run command as a specific user and group (optional) +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Returns: +# Exit code of the specified command +######################### +run_as_user() { + run_chroot "$@" +} + +######################## +# Execute command as a specific user and group (optional), +# replacing the current process image +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Returns: +# Exit code of the specified command +######################### +exec_as_user() { + run_chroot --replace-process "$@" +} + +######################## +# Run a command using chroot +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Flags: +# -r | --replace-process - Replace the current process image (optional) +# Returns: +# Exit code of the specified command +######################### +run_chroot() { + local userspec + local user + local homedir + local replace=false + local -r cwd="$(pwd)" + + # Parse and validate flags + while [[ "$#" -gt 0 ]]; do + case "$1" in + -r | --replace-process) + replace=true + ;; + --) + shift + break + ;; + -*) + stderr_print "unrecognized flag $1" + return 1 + ;; + *) + break + ;; + esac + shift + done + + # Parse and validate arguments + if [[ "$#" -lt 2 ]]; then + echo "expected at least 2 arguments" + return 1 + else + userspec=$1 + shift + + # userspec can optionally include the group, so we parse the user + user=$(echo "$userspec" | cut -d':' -f1) + fi + + if ! am_i_root; then + error "Could not switch to '${userspec}': Operation not permitted" + return 1 + fi + + # Get the HOME directory for the user to switch, as chroot does + # not properly update this env and some scripts rely on it + homedir=$(eval echo "~${user}") + if [[ ! -d $homedir ]]; then + homedir="${HOME:-/}" + fi + + # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion + if [[ "$replace" = true ]]; then + exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" + else + chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" + fi +} \ No newline at end of file diff --git a/bitnami/tomcat/8.5/debian-11/rootfs/opt/bitnami/scripts/libtomcat.sh b/bitnami/tomcat/8.5/debian-11/rootfs/opt/bitnami/scripts/libtomcat.sh index e4be4ab8e184..64218cce29b2 100644 --- a/bitnami/tomcat/8.5/debian-11/rootfs/opt/bitnami/scripts/libtomcat.sh +++ b/bitnami/tomcat/8.5/debian-11/rootfs/opt/bitnami/scripts/libtomcat.sh @@ -215,7 +215,7 @@ tomcat_start_bg() { info "Starting Tomcat in background" local start_error=0 if am_i_root; then - debug_execute gosu "$TOMCAT_DAEMON_USER" "${TOMCAT_BIN_DIR}/startup.sh" || start_error="$?" + debug_execute run_as_user "$TOMCAT_DAEMON_USER" "${TOMCAT_BIN_DIR}/startup.sh" || start_error="$?" else debug_execute "${TOMCAT_BIN_DIR}/startup.sh" || start_error="$?" fi @@ -246,7 +246,7 @@ tomcat_stop() { # In addition, force the shutdown if it did not stop in time to ensure that the shutdown (almost) never fails local tomcat_shutdown_timeout=10 if am_i_root; then - debug_execute gosu "$TOMCAT_DAEMON_USER" "${TOMCAT_BIN_DIR}/shutdown.sh" "$tomcat_shutdown_timeout" -force || stop_error="$?" + debug_execute run_as_user "$TOMCAT_DAEMON_USER" "${TOMCAT_BIN_DIR}/shutdown.sh" "$tomcat_shutdown_timeout" -force || stop_error="$?" else debug_execute "${TOMCAT_BIN_DIR}/shutdown.sh" "$tomcat_shutdown_timeout" -force || stop_error="$?" fi diff --git a/bitnami/tomcat/8.5/debian-11/rootfs/opt/bitnami/scripts/tomcat/run.sh b/bitnami/tomcat/8.5/debian-11/rootfs/opt/bitnami/scripts/tomcat/run.sh index fc557e21f49d..c27d23217b06 100755 --- a/bitnami/tomcat/8.5/debian-11/rootfs/opt/bitnami/scripts/tomcat/run.sh +++ b/bitnami/tomcat/8.5/debian-11/rootfs/opt/bitnami/scripts/tomcat/run.sh @@ -17,8 +17,7 @@ set -o pipefail info "** Starting Tomcat **" if am_i_root; then - exec gosu "$TOMCAT_DAEMON_USER" "${TOMCAT_BIN_DIR}/catalina.sh" run "$@" + exec_as_user "$TOMCAT_DAEMON_USER" "${TOMCAT_BIN_DIR}/catalina.sh" run "$@" else exec "${TOMCAT_BIN_DIR}/catalina.sh" run "$@" fi - diff --git a/bitnami/tomcat/8.5/debian-11/rootfs/opt/bitnami/scripts/tomcat/start.sh b/bitnami/tomcat/8.5/debian-11/rootfs/opt/bitnami/scripts/tomcat/start.sh index 26e09155f0ec..f6baef121455 100755 --- a/bitnami/tomcat/8.5/debian-11/rootfs/opt/bitnami/scripts/tomcat/start.sh +++ b/bitnami/tomcat/8.5/debian-11/rootfs/opt/bitnami/scripts/tomcat/start.sh @@ -19,7 +19,7 @@ start_error=0 if is_tomcat_not_running; then if am_i_root; then - gosu "$TOMCAT_DAEMON_USER" "${TOMCAT_BIN_DIR}/startup.sh" || start_error="$?" + run_as_user "$TOMCAT_DAEMON_USER" "${TOMCAT_BIN_DIR}/startup.sh" || start_error="$?" else "${TOMCAT_BIN_DIR}/startup.sh" || start_error="$?" fi diff --git a/bitnami/tomcat/8.5/debian-11/tags-info.yaml b/bitnami/tomcat/8.5/debian-11/tags-info.yaml index d8b99e3f32cd..02aaf223c88b 100644 --- a/bitnami/tomcat/8.5/debian-11/tags-info.yaml +++ b/bitnami/tomcat/8.5/debian-11/tags-info.yaml @@ -1,4 +1,4 @@ rolling-tags: - "8.5" - 8.5-debian-11 -- 8.5.87 +- 8.5.88