{"update": {"autokarma": true, "autotime": false, "stable_karma": 3, "stable_days": 0, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "- Load sysconfig from tomcat.conf, resolves: rhbz#1311771, rhbz#1311905\n- Set default javax.sql.DataSource factory to apache commons one, resolves rhbz#1214381\n\n----\n\n- Updated to 7.0.68\n- Fix symlinks from $CATALINA_HOME/lib perspective, resolves: rhbz#1308685\n- Fix tomcat user shell, resolves rhbz#1302718\n- Remove log4j support. It has never been working actually. See rhbz#1236297\n- Move shipped config to /etc/sysconfig/tomcat. /etc/tomcat/tomcat.conf can now be used to override it with shell expansion, resolves rhbz#1293636\n- Security fix for CVE-2016-0763", "type": "security", "status": "obsolete", "request": null, "severity": "unspecified", "suggest": "unspecified", "locked": false, "pushed": false, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2016-02-27 15:43:03", "date_modified": null, "date_approved": null, "date_testing": "2016-02-28 12:30:17", "date_stable": null, "alias": "FEDORA-2016-b19c75d748", "test_gating_status": null, "from_tag": null, "date_pushed": "2016-02-28 12:30:17", "meets_testing_requirements": false, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2016-b19c75d748", "title": "tomcat-7.0.68-2.fc22", "version_hash": "7616915fdb59fcc5863e73809a95c19a490e2025", "release": {"name": "F22", "long_name": "Fedora 22", "version": "22", "id_prefix": "FEDORA", "branch": "f22", "dist_tag": "f22", "stable_tag": "f22-updates", "testing_tag": "f22-updates-testing", "candidate_tag": "f22-updates-candidate", "pending_signing_tag": "", "pending_testing_tag": "f22-updates-testing-pending", "pending_stable_tag": "f22-updates-pending", "override_tag": "f22-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": null, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "van", "email": "ivan.afonichev@gmail.com", "id": 623, "avatar": "https://seccdn.libravatar.org/avatar/3ac2d25b8ce69cf2ee5cd75fd81bf3fd43267af2097d8608512c8a9e01da8988?s=24&d=retro", "openid": "van.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by van. ", "timestamp": "2016-02-27 15:43:03", "update_id": 51600, "user_id": 91, "id": 394216, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has obsoleted [tomcat-7.0.68-1.fc22](https://bodhi.fedoraproject.org/updates/FEDORA-2016-62619c1bda), and has inherited its bugs and notes.", "timestamp": "2016-02-27 15:43:07", "update_id": 51600, "user_id": 91, "id": 394218, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2016-02-28 13:53:49", "update_id": 51600, "user_id": 91, "id": 394311, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": -1, "karma_critpath": 0, "text": "The update has the same problems as tomcat-8.0.32-4.fc23. tomcat version works but Dogtag still fails to start.", "timestamp": "2016-02-29 09:03:45", "update_id": 51600, "user_id": 2622, "id": 394706, "bug_feedback": [{"karma": 0, "comment_id": 394706, "bug_id": 1214381, "bug": {"bug_id": 1214381, "title": "tomcat lib package doesn't include tomcat-dbcp.jar (which is required and different from apache-commons-dbcp)", "security": false, "parent": false}}, {"karma": -1, "comment_id": 394706, "bug_id": 1311771, "bug": {"bug_id": 1311771, "title": "Tomcat 8.0.32 update breaks FreeIPA and Dogtag installations", "security": false, "parent": false}}, {"karma": 1, "comment_id": 394706, "bug_id": 1311905, "bug": {"bug_id": 1311905, "title": "tomcat-8.0.32: tomcat version fails with load error org.apache.catalina.util.ServerInfo", "security": false, "parent": false}}, {"karma": 0, "comment_id": 394706, "bug_id": 1302718, "bug": {"bug_id": 1302718, "title": "user 'tomcat': program '/bin/nologin' does not exist", "security": false, "parent": false}}, {"karma": 0, "comment_id": 394706, "bug_id": 1293636, "bug": {"bug_id": 1293636, "title": "Systemd tomcat.service unit loads /etc/sysconfig/tomcat without shell expansion", "security": false, "parent": false}}, {"karma": 0, "comment_id": 394706, "bug_id": 1236297, "bug": {"bug_id": 1236297, "title": "log4j not working on tomcat", "security": false, "parent": false}}, {"karma": 0, "comment_id": 394706, "bug_id": 1311093, "bug": {"bug_id": 1311093, "title": "CVE-2016-0763 tomcat: security manager bypass via setGlobalContext()", "security": true, "parent": true}}, {"karma": 0, "comment_id": 394706, "bug_id": 1308685, "bug": {"bug_id": 1308685, "title": "links are broken when viewed from /usr/share/tomcat/lib", "security": false, "parent": false}}, {"karma": 0, "comment_id": 394706, "bug_id": 1311095, "bug": {"bug_id": 1311095, "title": "CVE-2015-5174 CVE-2015-5351 CVE-2016-0714 CVE-2016-0706 CVE-2015-5345 CVE-2015-5346 CVE-2016-0763 tomcat: multiple security vulnerabilities [epel-6]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}, {"karma": -1, "karma_critpath": 0, "text": "Breaks Dogtag, too bad.", "timestamp": "2016-02-29 14:40:13", "update_id": 51600, "user_id": 1315, "id": 394865, "bug_feedback": [{"karma": 0, "comment_id": 394865, "bug_id": 1214381, "bug": {"bug_id": 1214381, "title": "tomcat lib package doesn't include tomcat-dbcp.jar (which is required and different from apache-commons-dbcp)", "security": false, "parent": false}}, {"karma": 0, "comment_id": 394865, "bug_id": 1311771, "bug": {"bug_id": 1311771, "title": "Tomcat 8.0.32 update breaks FreeIPA and Dogtag installations", "security": false, "parent": false}}, {"karma": 0, "comment_id": 394865, "bug_id": 1311905, "bug": {"bug_id": 1311905, "title": "tomcat-8.0.32: tomcat version fails with load error org.apache.catalina.util.ServerInfo", "security": false, "parent": false}}, {"karma": 0, "comment_id": 394865, "bug_id": 1302718, "bug": {"bug_id": 1302718, "title": "user 'tomcat': program '/bin/nologin' does not exist", "security": false, "parent": false}}, {"karma": 0, "comment_id": 394865, "bug_id": 1293636, "bug": {"bug_id": 1293636, "title": "Systemd tomcat.service unit loads /etc/sysconfig/tomcat without shell expansion", "security": false, "parent": false}}, {"karma": 0, "comment_id": 394865, "bug_id": 1236297, "bug": {"bug_id": 1236297, "title": "log4j not working on tomcat", "security": false, "parent": false}}, {"karma": 0, "comment_id": 394865, "bug_id": 1311093, "bug": {"bug_id": 1311093, "title": "CVE-2016-0763 tomcat: security manager bypass via setGlobalContext()", "security": true, "parent": true}}, {"karma": 0, "comment_id": 394865, "bug_id": 1308685, "bug": {"bug_id": 1308685, "title": "links are broken when viewed from /usr/share/tomcat/lib", "security": false, "parent": false}}, {"karma": 0, "comment_id": 394865, "bug_id": 1311095, "bug": {"bug_id": 1311095, "title": "CVE-2015-5174 CVE-2015-5351 CVE-2016-0714 CVE-2016-0706 CVE-2015-5345 CVE-2015-5346 CVE-2016-0763 tomcat: multiple security vulnerabilities [epel-6]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "pspacek", "email": "pspacek@isc.org", "id": 1315, "avatar": "https://seccdn.libravatar.org/avatar/049899d532021a7d606b289ecbf5057881630ce86d462929043ee598de5219a7?s=24&d=retro", "openid": "pspacek.id.fedoraproject.org", "groups": [{"name": "packager"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes", "timestamp": "2016-03-06 18:00:18", "update_id": 51600, "user_id": 91, "id": 397159, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been obsoleted by [tomcat-7.0.68-3.fc22](https://bodhi.fedoraproject.org/updates/FEDORA-2016-e6651efbaf).", "timestamp": "2016-03-11 06:48:35", "update_id": 51600, "user_id": 91, "id": 399198, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "tomcat-7.0.68-2.fc22", "signed": true, "release_id": 12, "type": "rpm", "epoch": null}], "bugs": [{"bug_id": 1214381, "title": "tomcat lib package doesn't include tomcat-dbcp.jar (which is required and different from apache-commons-dbcp)", "security": false, "parent": false, "feedback": [{"karma": 0, "comment_id": 394681, "bug_id": 1214381, "comment": {"karma": -1, "karma_critpath": 0, "text": "The new package still doesn't work for Dogtag / FreeIPA. There is still a problem with CATALINA_HOME. I'm running F24 with all latest updates, Tomcat from Koji and self-build Dogtag 1.3.0 packages from git master.\n\n    # dnf remove tomcat\n    # dnf install /tmp/tomcat-*.rpm /home/heimes/packages/RPMS/noarch/pki-*.rpm /home/heimes/packages/RPMS/x86_64/pki-*.rpm\n    # rpm -qa tomcat pki-base\n    tomcat-8.0.32-4.fc23.noarch\n    pki-base-10.3.0-0.4.fc24.noarch\n\ntomcat version works:\n\n    # tomcat version\n    Server version: Apache Tomcat/8.0.32\n    ...\n\nBut Dogtag installation still fails because the server can't be started.\n\n    # pkispawn\n    ...\n    Installing CA into /var/lib/pki/pki-tomcat.\n    Storing deployment configuration into /etc/sysconfig/pki/tomcat/pki-tomcat/ca/deployment.cfg.\n    pkispawn    : ERROR    ....... server failed to restart\n    # systemctl status pki-tomcatd\n    ...\n    Feb 29 09:00:23 dogtag.example.org server[12521]: Java virtual machine used: /usr/lib/jvm/java/bin/java\n    Feb 29 09:00:23 dogtag.example.org server[12521]: classpath used: /bin/bootstrap.jar:/bin/tomcat-juli.jar:/usr/lib/java/commons-daemon.jar\n    Feb 29 09:00:23 dogtag.example.org server[12521]: main class used: org.apache.catalina.startup.Bootstrap\n    Feb 29 09:00:23 dogtag.example.org server[12521]: flags used: -DRESTEASY_LIB=/usr/share/java/resteasy -Djava.library.path=/usr/lib64/nuxwdog-jni\n    Feb 29 09:00:23 dogtag.example.org server[12521]: options used: -Dcatalina.base=/var/lib/pki/pki-tomcat -Dcatalina.home= -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/l\n    Feb 29 09:00:23 dogtag.example.org server[12521]: arguments used: stop\n    Feb 29 09:00:23 dogtag.example.org server[12521]: Error: Could not find or load main class org.apache.catalina.startup.Bootstrap\n", "timestamp": "2016-02-29 08:08:08", "update_id": 51599, "user_id": 2622, "id": 394681, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 394706, "bug_id": 1214381, "comment": {"karma": -1, "karma_critpath": 0, "text": "The update has the same problems as tomcat-8.0.32-4.fc23. tomcat version works but Dogtag still fails to start.", "timestamp": "2016-02-29 09:03:45", "update_id": 51600, "user_id": 2622, "id": 394706, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 394740, "bug_id": 1214381, "comment": {"karma": -1, "karma_critpath": 0, "text": "This breaks also installation of IPA server on F23 from RPMs already present in updates/updates-testing:\n\n    # rpm -q freeipa-server tomcat pki-base\n    freeipa-server-4.2.3-2.fc23.x86_64\n    tomcat-8.0.32-4.fc23.noarch\n    pki-base-10.2.6-15.fc23.noarch\n\nThe error is similar to that reported by Christian:\n\n    Feb 29 09:24:31 master1.ipa.test server[6475]: Java virtual machine used: /usr/lib/jvm/jre/bin/java\n    Feb 29 09:24:31 master1.ipa.test server[6475]: classpath used: /bin/bootstrap.jar:/bin/tomcat-juli.jar:/usr/lib/java/commons-daemon.jar\n    Feb 29 09:24:31 master1.ipa.test server[6475]: main class used: org.apache.catalina.startup.Bootstrap\n    Feb 29 09:24:31 master1.ipa.test server[6475]: flags used: -DRESTEASY_LIB=/usr/share/java/resteasy -Djava.library.path=/usr/lib64/nuxwdog-jni\n    Feb 29 09:24:31 master1.ipa.test server[6475]: options used: -Dcatalina.base=/var/lib/pki/pki-tomcat -Dcatalina.home= -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/lib/pki/pki-tomcat/temp -Djava.util.logging.confi\n    Feb 29 09:24:31 master1.ipa.test server[6475]: arguments used: stop\n    Feb 29 09:24:32 master1.ipa.test server[6475]: Error: Could not find or load main class org.apache.catalina.startup.Bootstrap  \n    Feb 29 09:24:32 master1.ipa.test systemd[1]: pki-tomcatd@pki-tomcat.service: Control process exited, code=exited status=1\n    Feb 29 09:24:32 master1.ipa.test systemd[1]: pki-tomcatd@pki-tomcat.service: Unit entered failed state.\n    Feb 29 09:24:32 master1.ipa.test systemd[1]: pki-tomcatd@pki-tomcat.service: Failed with result 'exit-code'.\n", "timestamp": "2016-02-29 09:54:02", "update_id": 51599, "user_id": 1567, "id": 394740, "testcase_feedback": [], "user": {"name": "mbabinsk", "email": "mbabinsk@redhat.com", "id": 1567, "avatar": "https://seccdn.libravatar.org/avatar/abf8f97fed2d2d9cc024eb8a796b96500b124fbf8fdb541a9a189fa082adb6c1?s=24&d=retro", "openid": "mbabinsk.id.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 394864, "bug_id": 1214381, "comment": {"karma": -1, "karma_critpath": 0, "text": "Breaks Dogtag, too bad.", "timestamp": "2016-02-29 14:39:05", "update_id": 51599, "user_id": 1315, "id": 394864, "testcase_feedback": [], "user": {"name": "pspacek", "email": "pspacek@isc.org", "id": 1315, "avatar": "https://seccdn.libravatar.org/avatar/049899d532021a7d606b289ecbf5057881630ce86d462929043ee598de5219a7?s=24&d=retro", "openid": "pspacek.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 394865, "bug_id": 1214381, "comment": {"karma": -1, "karma_critpath": 0, "text": "Breaks Dogtag, too bad.", "timestamp": "2016-02-29 14:40:13", "update_id": 51600, "user_id": 1315, "id": 394865, "testcase_feedback": [], "user": {"name": "pspacek", "email": "pspacek@isc.org", "id": 1315, "avatar": "https://seccdn.libravatar.org/avatar/049899d532021a7d606b289ecbf5057881630ce86d462929043ee598de5219a7?s=24&d=retro", "openid": "pspacek.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 400701, "bug_id": 1214381, "comment": {"karma": -1, "karma_critpath": 0, "text": "Unfortunately, Dogtag will not build on Fedora 23 due to the introduction of the addition of ContextBind in tomcat 8.0.32:\n\n    com/netscape/cms/tomcat/ProxyRealm.java:43: error: cannot access ContextBind\n                proxies.put(context.getBaseName(), this):\n\n      class file for org.apache.tomcat.ContextBind not found", "timestamp": "2016-03-15 01:34:59", "update_id": 52579, "user_id": 475, "id": 400701, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 400705, "bug_id": 1214381, "comment": {"karma": 0, "karma_critpath": 0, "text": "actually --- it is the fact that the location of ContextBind changed, and the new jar is not in our classpath on F23 or F22", "timestamp": "2016-03-15 01:55:56", "update_id": 52579, "user_id": 475, "id": 400705, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 400874, "bug_id": 1214381, "comment": {"karma": 1, "karma_critpath": 0, "text": "After discussions, it was determined that if this was only a build time issue, that I would back port the code necessary to build Dogtag for tomcat 8.0.32.\n\nI tested the existing pki packages against Tomcat 8.0.32, and found that I was still able to run transparently.\n\nAs a consequence, we will remove the negative Karma and back port this Dogtag build change, as we needed to rebuild pki packages for a separate issue anyway.", "timestamp": "2016-03-15 17:03:31", "update_id": 52579, "user_id": 475, "id": 400874, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 402430, "bug_id": 1214381, "comment": {"karma": 1, "karma_critpath": 0, "text": "Tested to see if there was an issue with Dogtag 10.2.6 on F22.  There was, and this has been corrected by the following packages in Bodhi:\n\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-f00f8e2144 tomcatjss-7.1.2-2.fc22\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-c9a44b20fd pki-core-10.2.6-12.fc22\n\nWhen used in conjunction with these two packages, this build of tomcat was tested by creating a new CA and successfully enrolling a certificate; no FreeIPA tests were attempted.", "timestamp": "2016-03-17 20:45:38", "update_id": 52578, "user_id": 475, "id": 402430, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}]}, {"bug_id": 1236297, "title": "log4j not working on tomcat", "security": false, "parent": false, "feedback": [{"karma": 0, "comment_id": 393199, "bug_id": 1236297, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update will break all FreeIPA or Dogtag installations, as some classes were moved around into different jar files.  Anyone that installs this update and tries to restart their Dogtag or FreeIPA services will have a failure when tomcat starts up with the following error in the journal:\n\n    Error: Could not find or load main class org.apache.catalina.startup.Bootstrap\n\nI will file a bug about this, but I don't think this is something that should be updated in F23 since it's not backwards compatible and breaks people's installations.", "timestamp": "2016-02-24 23:54:29", "update_id": 51350, "user_id": 1346, "id": 393199, "testcase_feedback": [], "user": {"name": "nkinder", "email": "nkinder@redhat.com", "id": 1346, "avatar": "https://seccdn.libravatar.org/avatar/238c59fe1265eca13213cbc7500c271516a5059936578330f0e0a5b7067693a9?s=24&d=retro", "openid": "nkinder.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 393224, "bug_id": 1236297, "comment": {"karma": 0, "karma_critpath": 0, "text": "I have filed Fedora#1311771 for the issue mentioned above.", "timestamp": "2016-02-25 00:09:06", "update_id": 51350, "user_id": 1346, "id": 393224, "testcase_feedback": [], "user": {"name": "nkinder", "email": "nkinder@redhat.com", "id": 1346, "avatar": "https://seccdn.libravatar.org/avatar/238c59fe1265eca13213cbc7500c271516a5059936578330f0e0a5b7067693a9?s=24&d=retro", "openid": "nkinder.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 393225, "bug_id": 1236297, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2016-02-25 00:10:03", "update_id": 51350, "user_id": 1346, "id": 393225, "testcase_feedback": [], "user": {"name": "nkinder", "email": "nkinder@redhat.com", "id": 1346, "avatar": "https://seccdn.libravatar.org/avatar/238c59fe1265eca13213cbc7500c271516a5059936578330f0e0a5b7067693a9?s=24&d=retro", "openid": "nkinder.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 393323, "bug_id": 1236297, "comment": {"karma": -1, "karma_critpath": 0, "text": "I can confirm that this breaks FreeIPA/Dogtag installation in F23 as nkinder pointed out.", "timestamp": "2016-02-25 08:50:51", "update_id": 51350, "user_id": 1567, "id": 393323, "testcase_feedback": [], "user": {"name": "mbabinsk", "email": "mbabinsk@redhat.com", "id": 1567, "avatar": "https://seccdn.libravatar.org/avatar/abf8f97fed2d2d9cc024eb8a796b96500b124fbf8fdb541a9a189fa082adb6c1?s=24&d=retro", "openid": "mbabinsk.id.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 393612, "bug_id": 1236297, "comment": {"karma": -1, "karma_critpath": 0, "text": "This version has the same same issue as the latest 8.0. It breaks Dogtag and FreeIPA.\n\n    # rpm -qa tomcat\n    tomcat-7.0.68-1.fc22.noarch\n    # tomcat version\n    Error: Could not find or load main class org.apache.catalina.util.ServerInfo\n\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1311771\n", "timestamp": "2016-02-25 22:19:18", "update_id": 51382, "user_id": 2622, "id": 393612, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 394706, "bug_id": 1236297, "comment": {"karma": -1, "karma_critpath": 0, "text": "The update has the same problems as tomcat-8.0.32-4.fc23. tomcat version works but Dogtag still fails to start.", "timestamp": "2016-02-29 09:03:45", "update_id": 51600, "user_id": 2622, "id": 394706, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 394865, "bug_id": 1236297, "comment": {"karma": -1, "karma_critpath": 0, "text": "Breaks Dogtag, too bad.", "timestamp": "2016-02-29 14:40:13", "update_id": 51600, "user_id": 1315, "id": 394865, "testcase_feedback": [], "user": {"name": "pspacek", "email": "pspacek@isc.org", "id": 1315, "avatar": "https://seccdn.libravatar.org/avatar/049899d532021a7d606b289ecbf5057881630ce86d462929043ee598de5219a7?s=24&d=retro", "openid": "pspacek.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 402430, "bug_id": 1236297, "comment": {"karma": 1, "karma_critpath": 0, "text": "Tested to see if there was an issue with Dogtag 10.2.6 on F22.  There was, and this has been corrected by the following packages in Bodhi:\n\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-f00f8e2144 tomcatjss-7.1.2-2.fc22\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-c9a44b20fd pki-core-10.2.6-12.fc22\n\nWhen used in conjunction with these two packages, this build of tomcat was tested by creating a new CA and successfully enrolling a certificate; no FreeIPA tests were attempted.", "timestamp": "2016-03-17 20:45:38", "update_id": 52578, "user_id": 475, "id": 402430, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}]}, {"bug_id": 1293636, "title": "Systemd tomcat.service unit loads /etc/sysconfig/tomcat without shell expansion", "security": false, "parent": false, "feedback": [{"karma": 0, "comment_id": 393199, "bug_id": 1293636, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update will break all FreeIPA or Dogtag installations, as some classes were moved around into different jar files.  Anyone that installs this update and tries to restart their Dogtag or FreeIPA services will have a failure when tomcat starts up with the following error in the journal:\n\n    Error: Could not find or load main class org.apache.catalina.startup.Bootstrap\n\nI will file a bug about this, but I don't think this is something that should be updated in F23 since it's not backwards compatible and breaks people's installations.", "timestamp": "2016-02-24 23:54:29", "update_id": 51350, "user_id": 1346, "id": 393199, "testcase_feedback": [], "user": {"name": "nkinder", "email": "nkinder@redhat.com", "id": 1346, "avatar": "https://seccdn.libravatar.org/avatar/238c59fe1265eca13213cbc7500c271516a5059936578330f0e0a5b7067693a9?s=24&d=retro", "openid": "nkinder.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 393224, "bug_id": 1293636, "comment": {"karma": 0, "karma_critpath": 0, "text": "I have filed Fedora#1311771 for the issue mentioned above.", "timestamp": "2016-02-25 00:09:06", "update_id": 51350, "user_id": 1346, "id": 393224, "testcase_feedback": [], "user": {"name": "nkinder", "email": "nkinder@redhat.com", "id": 1346, "avatar": "https://seccdn.libravatar.org/avatar/238c59fe1265eca13213cbc7500c271516a5059936578330f0e0a5b7067693a9?s=24&d=retro", "openid": "nkinder.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 393225, "bug_id": 1293636, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2016-02-25 00:10:03", "update_id": 51350, "user_id": 1346, "id": 393225, "testcase_feedback": [], "user": {"name": "nkinder", "email": "nkinder@redhat.com", "id": 1346, "avatar": "https://seccdn.libravatar.org/avatar/238c59fe1265eca13213cbc7500c271516a5059936578330f0e0a5b7067693a9?s=24&d=retro", "openid": "nkinder.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 393323, "bug_id": 1293636, "comment": {"karma": -1, "karma_critpath": 0, "text": "I can confirm that this breaks FreeIPA/Dogtag installation in F23 as nkinder pointed out.", "timestamp": "2016-02-25 08:50:51", "update_id": 51350, "user_id": 1567, "id": 393323, "testcase_feedback": [], "user": {"name": "mbabinsk", "email": "mbabinsk@redhat.com", "id": 1567, "avatar": "https://seccdn.libravatar.org/avatar/abf8f97fed2d2d9cc024eb8a796b96500b124fbf8fdb541a9a189fa082adb6c1?s=24&d=retro", "openid": "mbabinsk.id.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 393612, "bug_id": 1293636, "comment": {"karma": -1, "karma_critpath": 0, "text": "This version has the same same issue as the latest 8.0. It breaks Dogtag and FreeIPA.\n\n    # rpm -qa tomcat\n    tomcat-7.0.68-1.fc22.noarch\n    # tomcat version\n    Error: Could not find or load main class org.apache.catalina.util.ServerInfo\n\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1311771\n", "timestamp": "2016-02-25 22:19:18", "update_id": 51382, "user_id": 2622, "id": 393612, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 394706, "bug_id": 1293636, "comment": {"karma": -1, "karma_critpath": 0, "text": "The update has the same problems as tomcat-8.0.32-4.fc23. tomcat version works but Dogtag still fails to start.", "timestamp": "2016-02-29 09:03:45", "update_id": 51600, "user_id": 2622, "id": 394706, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 394865, "bug_id": 1293636, "comment": {"karma": -1, "karma_critpath": 0, "text": "Breaks Dogtag, too bad.", "timestamp": "2016-02-29 14:40:13", "update_id": 51600, "user_id": 1315, "id": 394865, "testcase_feedback": [], "user": {"name": "pspacek", "email": "pspacek@isc.org", "id": 1315, "avatar": "https://seccdn.libravatar.org/avatar/049899d532021a7d606b289ecbf5057881630ce86d462929043ee598de5219a7?s=24&d=retro", "openid": "pspacek.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 400701, "bug_id": 1293636, "comment": {"karma": -1, "karma_critpath": 0, "text": "Unfortunately, Dogtag will not build on Fedora 23 due to the introduction of the addition of ContextBind in tomcat 8.0.32:\n\n    com/netscape/cms/tomcat/ProxyRealm.java:43: error: cannot access ContextBind\n                proxies.put(context.getBaseName(), this):\n\n      class file for org.apache.tomcat.ContextBind not found", "timestamp": "2016-03-15 01:34:59", "update_id": 52579, "user_id": 475, "id": 400701, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 400705, "bug_id": 1293636, "comment": {"karma": 0, "karma_critpath": 0, "text": "actually --- it is the fact that the location of ContextBind changed, and the new jar is not in our classpath on F23 or F22", "timestamp": "2016-03-15 01:55:56", "update_id": 52579, "user_id": 475, "id": 400705, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 400874, "bug_id": 1293636, "comment": {"karma": 1, "karma_critpath": 0, "text": "After discussions, it was determined that if this was only a build time issue, that I would back port the code necessary to build Dogtag for tomcat 8.0.32.\n\nI tested the existing pki packages against Tomcat 8.0.32, and found that I was still able to run transparently.\n\nAs a consequence, we will remove the negative Karma and back port this Dogtag build change, as we needed to rebuild pki packages for a separate issue anyway.", "timestamp": "2016-03-15 17:03:31", "update_id": 52579, "user_id": 475, "id": 400874, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 402430, "bug_id": 1293636, "comment": {"karma": 1, "karma_critpath": 0, "text": "Tested to see if there was an issue with Dogtag 10.2.6 on F22.  There was, and this has been corrected by the following packages in Bodhi:\n\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-f00f8e2144 tomcatjss-7.1.2-2.fc22\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-c9a44b20fd pki-core-10.2.6-12.fc22\n\nWhen used in conjunction with these two packages, this build of tomcat was tested by creating a new CA and successfully enrolling a certificate; no FreeIPA tests were attempted.", "timestamp": "2016-03-17 20:45:38", "update_id": 52578, "user_id": 475, "id": 402430, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}]}, {"bug_id": 1302718, "title": "user 'tomcat': program '/bin/nologin' does not exist", "security": false, "parent": false, "feedback": [{"karma": 0, "comment_id": 393199, "bug_id": 1302718, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update will break all FreeIPA or Dogtag installations, as some classes were moved around into different jar files.  Anyone that installs this update and tries to restart their Dogtag or FreeIPA services will have a failure when tomcat starts up with the following error in the journal:\n\n    Error: Could not find or load main class org.apache.catalina.startup.Bootstrap\n\nI will file a bug about this, but I don't think this is something that should be updated in F23 since it's not backwards compatible and breaks people's installations.", "timestamp": "2016-02-24 23:54:29", "update_id": 51350, "user_id": 1346, "id": 393199, "testcase_feedback": [], "user": {"name": "nkinder", "email": "nkinder@redhat.com", "id": 1346, "avatar": "https://seccdn.libravatar.org/avatar/238c59fe1265eca13213cbc7500c271516a5059936578330f0e0a5b7067693a9?s=24&d=retro", "openid": "nkinder.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 393224, "bug_id": 1302718, "comment": {"karma": 0, "karma_critpath": 0, "text": "I have filed Fedora#1311771 for the issue mentioned above.", "timestamp": "2016-02-25 00:09:06", "update_id": 51350, "user_id": 1346, "id": 393224, "testcase_feedback": [], "user": {"name": "nkinder", "email": "nkinder@redhat.com", "id": 1346, "avatar": "https://seccdn.libravatar.org/avatar/238c59fe1265eca13213cbc7500c271516a5059936578330f0e0a5b7067693a9?s=24&d=retro", "openid": "nkinder.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 393225, "bug_id": 1302718, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2016-02-25 00:10:03", "update_id": 51350, "user_id": 1346, "id": 393225, "testcase_feedback": [], "user": {"name": "nkinder", "email": "nkinder@redhat.com", "id": 1346, "avatar": "https://seccdn.libravatar.org/avatar/238c59fe1265eca13213cbc7500c271516a5059936578330f0e0a5b7067693a9?s=24&d=retro", "openid": "nkinder.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 393323, "bug_id": 1302718, "comment": {"karma": -1, "karma_critpath": 0, "text": "I can confirm that this breaks FreeIPA/Dogtag installation in F23 as nkinder pointed out.", "timestamp": "2016-02-25 08:50:51", "update_id": 51350, "user_id": 1567, "id": 393323, "testcase_feedback": [], "user": {"name": "mbabinsk", "email": "mbabinsk@redhat.com", "id": 1567, "avatar": "https://seccdn.libravatar.org/avatar/abf8f97fed2d2d9cc024eb8a796b96500b124fbf8fdb541a9a189fa082adb6c1?s=24&d=retro", "openid": "mbabinsk.id.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 393612, "bug_id": 1302718, "comment": {"karma": -1, "karma_critpath": 0, "text": "This version has the same same issue as the latest 8.0. It breaks Dogtag and FreeIPA.\n\n    # rpm -qa tomcat\n    tomcat-7.0.68-1.fc22.noarch\n    # tomcat version\n    Error: Could not find or load main class org.apache.catalina.util.ServerInfo\n\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1311771\n", "timestamp": "2016-02-25 22:19:18", "update_id": 51382, "user_id": 2622, "id": 393612, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 394706, "bug_id": 1302718, "comment": {"karma": -1, "karma_critpath": 0, "text": "The update has the same problems as tomcat-8.0.32-4.fc23. tomcat version works but Dogtag still fails to start.", "timestamp": "2016-02-29 09:03:45", "update_id": 51600, "user_id": 2622, "id": 394706, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 394865, "bug_id": 1302718, "comment": {"karma": -1, "karma_critpath": 0, "text": "Breaks Dogtag, too bad.", "timestamp": "2016-02-29 14:40:13", "update_id": 51600, "user_id": 1315, "id": 394865, "testcase_feedback": [], "user": {"name": "pspacek", "email": "pspacek@isc.org", "id": 1315, "avatar": "https://seccdn.libravatar.org/avatar/049899d532021a7d606b289ecbf5057881630ce86d462929043ee598de5219a7?s=24&d=retro", "openid": "pspacek.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 402430, "bug_id": 1302718, "comment": {"karma": 1, "karma_critpath": 0, "text": "Tested to see if there was an issue with Dogtag 10.2.6 on F22.  There was, and this has been corrected by the following packages in Bodhi:\n\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-f00f8e2144 tomcatjss-7.1.2-2.fc22\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-c9a44b20fd pki-core-10.2.6-12.fc22\n\nWhen used in conjunction with these two packages, this build of tomcat was tested by creating a new CA and successfully enrolling a certificate; no FreeIPA tests were attempted.", "timestamp": "2016-03-17 20:45:38", "update_id": 52578, "user_id": 475, "id": 402430, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}]}, {"bug_id": 1308685, "title": "links are broken when viewed from /usr/share/tomcat/lib", "security": false, "parent": false, "feedback": [{"karma": 0, "comment_id": 393199, "bug_id": 1308685, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update will break all FreeIPA or Dogtag installations, as some classes were moved around into different jar files.  Anyone that installs this update and tries to restart their Dogtag or FreeIPA services will have a failure when tomcat starts up with the following error in the journal:\n\n    Error: Could not find or load main class org.apache.catalina.startup.Bootstrap\n\nI will file a bug about this, but I don't think this is something that should be updated in F23 since it's not backwards compatible and breaks people's installations.", "timestamp": "2016-02-24 23:54:29", "update_id": 51350, "user_id": 1346, "id": 393199, "testcase_feedback": [], "user": {"name": "nkinder", "email": "nkinder@redhat.com", "id": 1346, "avatar": "https://seccdn.libravatar.org/avatar/238c59fe1265eca13213cbc7500c271516a5059936578330f0e0a5b7067693a9?s=24&d=retro", "openid": "nkinder.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 393224, "bug_id": 1308685, "comment": {"karma": 0, "karma_critpath": 0, "text": "I have filed Fedora#1311771 for the issue mentioned above.", "timestamp": "2016-02-25 00:09:06", "update_id": 51350, "user_id": 1346, "id": 393224, "testcase_feedback": [], "user": {"name": "nkinder", "email": "nkinder@redhat.com", "id": 1346, "avatar": "https://seccdn.libravatar.org/avatar/238c59fe1265eca13213cbc7500c271516a5059936578330f0e0a5b7067693a9?s=24&d=retro", "openid": "nkinder.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 393225, "bug_id": 1308685, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2016-02-25 00:10:03", "update_id": 51350, "user_id": 1346, "id": 393225, "testcase_feedback": [], "user": {"name": "nkinder", "email": "nkinder@redhat.com", "id": 1346, "avatar": "https://seccdn.libravatar.org/avatar/238c59fe1265eca13213cbc7500c271516a5059936578330f0e0a5b7067693a9?s=24&d=retro", "openid": "nkinder.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 393323, "bug_id": 1308685, "comment": {"karma": -1, "karma_critpath": 0, "text": "I can confirm that this breaks FreeIPA/Dogtag installation in F23 as nkinder pointed out.", "timestamp": "2016-02-25 08:50:51", "update_id": 51350, "user_id": 1567, "id": 393323, "testcase_feedback": [], "user": {"name": "mbabinsk", "email": "mbabinsk@redhat.com", "id": 1567, "avatar": "https://seccdn.libravatar.org/avatar/abf8f97fed2d2d9cc024eb8a796b96500b124fbf8fdb541a9a189fa082adb6c1?s=24&d=retro", "openid": "mbabinsk.id.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 393612, "bug_id": 1308685, "comment": {"karma": -1, "karma_critpath": 0, "text": "This version has the same same issue as the latest 8.0. It breaks Dogtag and FreeIPA.\n\n    # rpm -qa tomcat\n    tomcat-7.0.68-1.fc22.noarch\n    # tomcat version\n    Error: Could not find or load main class org.apache.catalina.util.ServerInfo\n\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1311771\n", "timestamp": "2016-02-25 22:19:18", "update_id": 51382, "user_id": 2622, "id": 393612, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 394706, "bug_id": 1308685, "comment": {"karma": -1, "karma_critpath": 0, "text": "The update has the same problems as tomcat-8.0.32-4.fc23. tomcat version works but Dogtag still fails to start.", "timestamp": "2016-02-29 09:03:45", "update_id": 51600, "user_id": 2622, "id": 394706, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 394865, "bug_id": 1308685, "comment": {"karma": -1, "karma_critpath": 0, "text": "Breaks Dogtag, too bad.", "timestamp": "2016-02-29 14:40:13", "update_id": 51600, "user_id": 1315, "id": 394865, "testcase_feedback": [], "user": {"name": "pspacek", "email": "pspacek@isc.org", "id": 1315, "avatar": "https://seccdn.libravatar.org/avatar/049899d532021a7d606b289ecbf5057881630ce86d462929043ee598de5219a7?s=24&d=retro", "openid": "pspacek.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 402430, "bug_id": 1308685, "comment": {"karma": 1, "karma_critpath": 0, "text": "Tested to see if there was an issue with Dogtag 10.2.6 on F22.  There was, and this has been corrected by the following packages in Bodhi:\n\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-f00f8e2144 tomcatjss-7.1.2-2.fc22\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-c9a44b20fd pki-core-10.2.6-12.fc22\n\nWhen used in conjunction with these two packages, this build of tomcat was tested by creating a new CA and successfully enrolling a certificate; no FreeIPA tests were attempted.", "timestamp": "2016-03-17 20:45:38", "update_id": 52578, "user_id": 475, "id": 402430, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}]}, {"bug_id": 1311093, "title": "CVE-2016-0763 tomcat: security manager bypass via setGlobalContext()", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 393199, "bug_id": 1311093, "comment": {"karma": -1, "karma_critpath": 0, "text": "This update will break all FreeIPA or Dogtag installations, as some classes were moved around into different jar files.  Anyone that installs this update and tries to restart their Dogtag or FreeIPA services will have a failure when tomcat starts up with the following error in the journal:\n\n    Error: Could not find or load main class org.apache.catalina.startup.Bootstrap\n\nI will file a bug about this, but I don't think this is something that should be updated in F23 since it's not backwards compatible and breaks people's installations.", "timestamp": "2016-02-24 23:54:29", "update_id": 51350, "user_id": 1346, "id": 393199, "testcase_feedback": [], "user": {"name": "nkinder", "email": "nkinder@redhat.com", "id": 1346, "avatar": "https://seccdn.libravatar.org/avatar/238c59fe1265eca13213cbc7500c271516a5059936578330f0e0a5b7067693a9?s=24&d=retro", "openid": "nkinder.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 393224, "bug_id": 1311093, "comment": {"karma": 0, "karma_critpath": 0, "text": "I have filed Fedora#1311771 for the issue mentioned above.", "timestamp": "2016-02-25 00:09:06", "update_id": 51350, "user_id": 1346, "id": 393224, "testcase_feedback": [], "user": {"name": "nkinder", "email": "nkinder@redhat.com", "id": 1346, "avatar": "https://seccdn.libravatar.org/avatar/238c59fe1265eca13213cbc7500c271516a5059936578330f0e0a5b7067693a9?s=24&d=retro", "openid": "nkinder.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 393225, "bug_id": 1311093, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2016-02-25 00:10:03", "update_id": 51350, "user_id": 1346, "id": 393225, "testcase_feedback": [], "user": {"name": "nkinder", "email": "nkinder@redhat.com", "id": 1346, "avatar": "https://seccdn.libravatar.org/avatar/238c59fe1265eca13213cbc7500c271516a5059936578330f0e0a5b7067693a9?s=24&d=retro", "openid": "nkinder.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 393323, "bug_id": 1311093, "comment": {"karma": -1, "karma_critpath": 0, "text": "I can confirm that this breaks FreeIPA/Dogtag installation in F23 as nkinder pointed out.", "timestamp": "2016-02-25 08:50:51", "update_id": 51350, "user_id": 1567, "id": 393323, "testcase_feedback": [], "user": {"name": "mbabinsk", "email": "mbabinsk@redhat.com", "id": 1567, "avatar": "https://seccdn.libravatar.org/avatar/abf8f97fed2d2d9cc024eb8a796b96500b124fbf8fdb541a9a189fa082adb6c1?s=24&d=retro", "openid": "mbabinsk.id.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 393612, "bug_id": 1311093, "comment": {"karma": -1, "karma_critpath": 0, "text": "This version has the same same issue as the latest 8.0. It breaks Dogtag and FreeIPA.\n\n    # rpm -qa tomcat\n    tomcat-7.0.68-1.fc22.noarch\n    # tomcat version\n    Error: Could not find or load main class org.apache.catalina.util.ServerInfo\n\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1311771\n", "timestamp": "2016-02-25 22:19:18", "update_id": 51382, "user_id": 2622, "id": 393612, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 394706, "bug_id": 1311093, "comment": {"karma": -1, "karma_critpath": 0, "text": "The update has the same problems as tomcat-8.0.32-4.fc23. tomcat version works but Dogtag still fails to start.", "timestamp": "2016-02-29 09:03:45", "update_id": 51600, "user_id": 2622, "id": 394706, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 394865, "bug_id": 1311093, "comment": {"karma": -1, "karma_critpath": 0, "text": "Breaks Dogtag, too bad.", "timestamp": "2016-02-29 14:40:13", "update_id": 51600, "user_id": 1315, "id": 394865, "testcase_feedback": [], "user": {"name": "pspacek", "email": "pspacek@isc.org", "id": 1315, "avatar": "https://seccdn.libravatar.org/avatar/049899d532021a7d606b289ecbf5057881630ce86d462929043ee598de5219a7?s=24&d=retro", "openid": "pspacek.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 402430, "bug_id": 1311093, "comment": {"karma": 1, "karma_critpath": 0, "text": "Tested to see if there was an issue with Dogtag 10.2.6 on F22.  There was, and this has been corrected by the following packages in Bodhi:\n\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-f00f8e2144 tomcatjss-7.1.2-2.fc22\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-c9a44b20fd pki-core-10.2.6-12.fc22\n\nWhen used in conjunction with these two packages, this build of tomcat was tested by creating a new CA and successfully enrolling a certificate; no FreeIPA tests were attempted.", "timestamp": "2016-03-17 20:45:38", "update_id": 52578, "user_id": 475, "id": 402430, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}]}, {"bug_id": 1311095, "title": "CVE-2015-5174 CVE-2015-5351 CVE-2016-0714 CVE-2016-0706 CVE-2015-5345 CVE-2015-5346 CVE-2016-0763 tomcat: multiple security vulnerabilities [epel-6]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 393612, "bug_id": 1311095, "comment": {"karma": -1, "karma_critpath": 0, "text": "This version has the same same issue as the latest 8.0. It breaks Dogtag and FreeIPA.\n\n    # rpm -qa tomcat\n    tomcat-7.0.68-1.fc22.noarch\n    # tomcat version\n    Error: Could not find or load main class org.apache.catalina.util.ServerInfo\n\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1311771\n", "timestamp": "2016-02-25 22:19:18", "update_id": 51382, "user_id": 2622, "id": 393612, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 394706, "bug_id": 1311095, "comment": {"karma": -1, "karma_critpath": 0, "text": "The update has the same problems as tomcat-8.0.32-4.fc23. tomcat version works but Dogtag still fails to start.", "timestamp": "2016-02-29 09:03:45", "update_id": 51600, "user_id": 2622, "id": 394706, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 394865, "bug_id": 1311095, "comment": {"karma": -1, "karma_critpath": 0, "text": "Breaks Dogtag, too bad.", "timestamp": "2016-02-29 14:40:13", "update_id": 51600, "user_id": 1315, "id": 394865, "testcase_feedback": [], "user": {"name": "pspacek", "email": "pspacek@isc.org", "id": 1315, "avatar": "https://seccdn.libravatar.org/avatar/049899d532021a7d606b289ecbf5057881630ce86d462929043ee598de5219a7?s=24&d=retro", "openid": "pspacek.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 402430, "bug_id": 1311095, "comment": {"karma": 1, "karma_critpath": 0, "text": "Tested to see if there was an issue with Dogtag 10.2.6 on F22.  There was, and this has been corrected by the following packages in Bodhi:\n\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-f00f8e2144 tomcatjss-7.1.2-2.fc22\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-c9a44b20fd pki-core-10.2.6-12.fc22\n\nWhen used in conjunction with these two packages, this build of tomcat was tested by creating a new CA and successfully enrolling a certificate; no FreeIPA tests were attempted.", "timestamp": "2016-03-17 20:45:38", "update_id": 52578, "user_id": 475, "id": 402430, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}]}, {"bug_id": 1311771, "title": "Tomcat 8.0.32 update breaks FreeIPA and Dogtag installations", "security": false, "parent": false, "feedback": [{"karma": -1, "comment_id": 394681, "bug_id": 1311771, "comment": {"karma": -1, "karma_critpath": 0, "text": "The new package still doesn't work for Dogtag / FreeIPA. There is still a problem with CATALINA_HOME. I'm running F24 with all latest updates, Tomcat from Koji and self-build Dogtag 1.3.0 packages from git master.\n\n    # dnf remove tomcat\n    # dnf install /tmp/tomcat-*.rpm /home/heimes/packages/RPMS/noarch/pki-*.rpm /home/heimes/packages/RPMS/x86_64/pki-*.rpm\n    # rpm -qa tomcat pki-base\n    tomcat-8.0.32-4.fc23.noarch\n    pki-base-10.3.0-0.4.fc24.noarch\n\ntomcat version works:\n\n    # tomcat version\n    Server version: Apache Tomcat/8.0.32\n    ...\n\nBut Dogtag installation still fails because the server can't be started.\n\n    # pkispawn\n    ...\n    Installing CA into /var/lib/pki/pki-tomcat.\n    Storing deployment configuration into /etc/sysconfig/pki/tomcat/pki-tomcat/ca/deployment.cfg.\n    pkispawn    : ERROR    ....... server failed to restart\n    # systemctl status pki-tomcatd\n    ...\n    Feb 29 09:00:23 dogtag.example.org server[12521]: Java virtual machine used: /usr/lib/jvm/java/bin/java\n    Feb 29 09:00:23 dogtag.example.org server[12521]: classpath used: /bin/bootstrap.jar:/bin/tomcat-juli.jar:/usr/lib/java/commons-daemon.jar\n    Feb 29 09:00:23 dogtag.example.org server[12521]: main class used: org.apache.catalina.startup.Bootstrap\n    Feb 29 09:00:23 dogtag.example.org server[12521]: flags used: -DRESTEASY_LIB=/usr/share/java/resteasy -Djava.library.path=/usr/lib64/nuxwdog-jni\n    Feb 29 09:00:23 dogtag.example.org server[12521]: options used: -Dcatalina.base=/var/lib/pki/pki-tomcat -Dcatalina.home= -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/l\n    Feb 29 09:00:23 dogtag.example.org server[12521]: arguments used: stop\n    Feb 29 09:00:23 dogtag.example.org server[12521]: Error: Could not find or load main class org.apache.catalina.startup.Bootstrap\n", "timestamp": "2016-02-29 08:08:08", "update_id": 51599, "user_id": 2622, "id": 394681, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": -1, "comment_id": 394706, "bug_id": 1311771, "comment": {"karma": -1, "karma_critpath": 0, "text": "The update has the same problems as tomcat-8.0.32-4.fc23. tomcat version works but Dogtag still fails to start.", "timestamp": "2016-02-29 09:03:45", "update_id": 51600, "user_id": 2622, "id": 394706, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": -1, "comment_id": 394740, "bug_id": 1311771, "comment": {"karma": -1, "karma_critpath": 0, "text": "This breaks also installation of IPA server on F23 from RPMs already present in updates/updates-testing:\n\n    # rpm -q freeipa-server tomcat pki-base\n    freeipa-server-4.2.3-2.fc23.x86_64\n    tomcat-8.0.32-4.fc23.noarch\n    pki-base-10.2.6-15.fc23.noarch\n\nThe error is similar to that reported by Christian:\n\n    Feb 29 09:24:31 master1.ipa.test server[6475]: Java virtual machine used: /usr/lib/jvm/jre/bin/java\n    Feb 29 09:24:31 master1.ipa.test server[6475]: classpath used: /bin/bootstrap.jar:/bin/tomcat-juli.jar:/usr/lib/java/commons-daemon.jar\n    Feb 29 09:24:31 master1.ipa.test server[6475]: main class used: org.apache.catalina.startup.Bootstrap\n    Feb 29 09:24:31 master1.ipa.test server[6475]: flags used: -DRESTEASY_LIB=/usr/share/java/resteasy -Djava.library.path=/usr/lib64/nuxwdog-jni\n    Feb 29 09:24:31 master1.ipa.test server[6475]: options used: -Dcatalina.base=/var/lib/pki/pki-tomcat -Dcatalina.home= -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/lib/pki/pki-tomcat/temp -Djava.util.logging.confi\n    Feb 29 09:24:31 master1.ipa.test server[6475]: arguments used: stop\n    Feb 29 09:24:32 master1.ipa.test server[6475]: Error: Could not find or load main class org.apache.catalina.startup.Bootstrap  \n    Feb 29 09:24:32 master1.ipa.test systemd[1]: pki-tomcatd@pki-tomcat.service: Control process exited, code=exited status=1\n    Feb 29 09:24:32 master1.ipa.test systemd[1]: pki-tomcatd@pki-tomcat.service: Unit entered failed state.\n    Feb 29 09:24:32 master1.ipa.test systemd[1]: pki-tomcatd@pki-tomcat.service: Failed with result 'exit-code'.\n", "timestamp": "2016-02-29 09:54:02", "update_id": 51599, "user_id": 1567, "id": 394740, "testcase_feedback": [], "user": {"name": "mbabinsk", "email": "mbabinsk@redhat.com", "id": 1567, "avatar": "https://seccdn.libravatar.org/avatar/abf8f97fed2d2d9cc024eb8a796b96500b124fbf8fdb541a9a189fa082adb6c1?s=24&d=retro", "openid": "mbabinsk.id.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 394864, "bug_id": 1311771, "comment": {"karma": -1, "karma_critpath": 0, "text": "Breaks Dogtag, too bad.", "timestamp": "2016-02-29 14:39:05", "update_id": 51599, "user_id": 1315, "id": 394864, "testcase_feedback": [], "user": {"name": "pspacek", "email": "pspacek@isc.org", "id": 1315, "avatar": "https://seccdn.libravatar.org/avatar/049899d532021a7d606b289ecbf5057881630ce86d462929043ee598de5219a7?s=24&d=retro", "openid": "pspacek.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 394865, "bug_id": 1311771, "comment": {"karma": -1, "karma_critpath": 0, "text": "Breaks Dogtag, too bad.", "timestamp": "2016-02-29 14:40:13", "update_id": 51600, "user_id": 1315, "id": 394865, "testcase_feedback": [], "user": {"name": "pspacek", "email": "pspacek@isc.org", "id": 1315, "avatar": "https://seccdn.libravatar.org/avatar/049899d532021a7d606b289ecbf5057881630ce86d462929043ee598de5219a7?s=24&d=retro", "openid": "pspacek.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": -1, "comment_id": 400701, "bug_id": 1311771, "comment": {"karma": -1, "karma_critpath": 0, "text": "Unfortunately, Dogtag will not build on Fedora 23 due to the introduction of the addition of ContextBind in tomcat 8.0.32:\n\n    com/netscape/cms/tomcat/ProxyRealm.java:43: error: cannot access ContextBind\n                proxies.put(context.getBaseName(), this):\n\n      class file for org.apache.tomcat.ContextBind not found", "timestamp": "2016-03-15 01:34:59", "update_id": 52579, "user_id": 475, "id": 400701, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 400705, "bug_id": 1311771, "comment": {"karma": 0, "karma_critpath": 0, "text": "actually --- it is the fact that the location of ContextBind changed, and the new jar is not in our classpath on F23 or F22", "timestamp": "2016-03-15 01:55:56", "update_id": 52579, "user_id": 475, "id": 400705, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 1, "comment_id": 400874, "bug_id": 1311771, "comment": {"karma": 1, "karma_critpath": 0, "text": "After discussions, it was determined that if this was only a build time issue, that I would back port the code necessary to build Dogtag for tomcat 8.0.32.\n\nI tested the existing pki packages against Tomcat 8.0.32, and found that I was still able to run transparently.\n\nAs a consequence, we will remove the negative Karma and back port this Dogtag build change, as we needed to rebuild pki packages for a separate issue anyway.", "timestamp": "2016-03-15 17:03:31", "update_id": 52579, "user_id": 475, "id": 400874, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 1, "comment_id": 402430, "bug_id": 1311771, "comment": {"karma": 1, "karma_critpath": 0, "text": "Tested to see if there was an issue with Dogtag 10.2.6 on F22.  There was, and this has been corrected by the following packages in Bodhi:\n\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-f00f8e2144 tomcatjss-7.1.2-2.fc22\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-c9a44b20fd pki-core-10.2.6-12.fc22\n\nWhen used in conjunction with these two packages, this build of tomcat was tested by creating a new CA and successfully enrolling a certificate; no FreeIPA tests were attempted.", "timestamp": "2016-03-17 20:45:38", "update_id": 52578, "user_id": 475, "id": 402430, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}]}, {"bug_id": 1311905, "title": "tomcat-8.0.32: tomcat version fails with load error org.apache.catalina.util.ServerInfo", "security": false, "parent": false, "feedback": [{"karma": 1, "comment_id": 394681, "bug_id": 1311905, "comment": {"karma": -1, "karma_critpath": 0, "text": "The new package still doesn't work for Dogtag / FreeIPA. There is still a problem with CATALINA_HOME. I'm running F24 with all latest updates, Tomcat from Koji and self-build Dogtag 1.3.0 packages from git master.\n\n    # dnf remove tomcat\n    # dnf install /tmp/tomcat-*.rpm /home/heimes/packages/RPMS/noarch/pki-*.rpm /home/heimes/packages/RPMS/x86_64/pki-*.rpm\n    # rpm -qa tomcat pki-base\n    tomcat-8.0.32-4.fc23.noarch\n    pki-base-10.3.0-0.4.fc24.noarch\n\ntomcat version works:\n\n    # tomcat version\n    Server version: Apache Tomcat/8.0.32\n    ...\n\nBut Dogtag installation still fails because the server can't be started.\n\n    # pkispawn\n    ...\n    Installing CA into /var/lib/pki/pki-tomcat.\n    Storing deployment configuration into /etc/sysconfig/pki/tomcat/pki-tomcat/ca/deployment.cfg.\n    pkispawn    : ERROR    ....... server failed to restart\n    # systemctl status pki-tomcatd\n    ...\n    Feb 29 09:00:23 dogtag.example.org server[12521]: Java virtual machine used: /usr/lib/jvm/java/bin/java\n    Feb 29 09:00:23 dogtag.example.org server[12521]: classpath used: /bin/bootstrap.jar:/bin/tomcat-juli.jar:/usr/lib/java/commons-daemon.jar\n    Feb 29 09:00:23 dogtag.example.org server[12521]: main class used: org.apache.catalina.startup.Bootstrap\n    Feb 29 09:00:23 dogtag.example.org server[12521]: flags used: -DRESTEASY_LIB=/usr/share/java/resteasy -Djava.library.path=/usr/lib64/nuxwdog-jni\n    Feb 29 09:00:23 dogtag.example.org server[12521]: options used: -Dcatalina.base=/var/lib/pki/pki-tomcat -Dcatalina.home= -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/l\n    Feb 29 09:00:23 dogtag.example.org server[12521]: arguments used: stop\n    Feb 29 09:00:23 dogtag.example.org server[12521]: Error: Could not find or load main class org.apache.catalina.startup.Bootstrap\n", "timestamp": "2016-02-29 08:08:08", "update_id": 51599, "user_id": 2622, "id": 394681, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": 1, "comment_id": 394706, "bug_id": 1311905, "comment": {"karma": -1, "karma_critpath": 0, "text": "The update has the same problems as tomcat-8.0.32-4.fc23. tomcat version works but Dogtag still fails to start.", "timestamp": "2016-02-29 09:03:45", "update_id": 51600, "user_id": 2622, "id": 394706, "testcase_feedback": [], "user": {"name": "cheimes", "email": "cheimes@redhat.com", "id": 2622, "avatar": "https://seccdn.libravatar.org/avatar/fb01cd1580c9fa10cf453f7c77b9a5ac59f645883d7bf9f921743803e0379c8d?s=24&d=retro", "openid": "cheimes.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitfreeipa"}, {"name": "git389"}, {"name": "latchset"}, {"name": "gitpki"}, {"name": "python-packagers-sig"}, {"name": "podengo"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 394740, "bug_id": 1311905, "comment": {"karma": -1, "karma_critpath": 0, "text": "This breaks also installation of IPA server on F23 from RPMs already present in updates/updates-testing:\n\n    # rpm -q freeipa-server tomcat pki-base\n    freeipa-server-4.2.3-2.fc23.x86_64\n    tomcat-8.0.32-4.fc23.noarch\n    pki-base-10.2.6-15.fc23.noarch\n\nThe error is similar to that reported by Christian:\n\n    Feb 29 09:24:31 master1.ipa.test server[6475]: Java virtual machine used: /usr/lib/jvm/jre/bin/java\n    Feb 29 09:24:31 master1.ipa.test server[6475]: classpath used: /bin/bootstrap.jar:/bin/tomcat-juli.jar:/usr/lib/java/commons-daemon.jar\n    Feb 29 09:24:31 master1.ipa.test server[6475]: main class used: org.apache.catalina.startup.Bootstrap\n    Feb 29 09:24:31 master1.ipa.test server[6475]: flags used: -DRESTEASY_LIB=/usr/share/java/resteasy -Djava.library.path=/usr/lib64/nuxwdog-jni\n    Feb 29 09:24:31 master1.ipa.test server[6475]: options used: -Dcatalina.base=/var/lib/pki/pki-tomcat -Dcatalina.home= -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/lib/pki/pki-tomcat/temp -Djava.util.logging.confi\n    Feb 29 09:24:31 master1.ipa.test server[6475]: arguments used: stop\n    Feb 29 09:24:32 master1.ipa.test server[6475]: Error: Could not find or load main class org.apache.catalina.startup.Bootstrap  \n    Feb 29 09:24:32 master1.ipa.test systemd[1]: pki-tomcatd@pki-tomcat.service: Control process exited, code=exited status=1\n    Feb 29 09:24:32 master1.ipa.test systemd[1]: pki-tomcatd@pki-tomcat.service: Unit entered failed state.\n    Feb 29 09:24:32 master1.ipa.test systemd[1]: pki-tomcatd@pki-tomcat.service: Failed with result 'exit-code'.\n", "timestamp": "2016-02-29 09:54:02", "update_id": 51599, "user_id": 1567, "id": 394740, "testcase_feedback": [], "user": {"name": "mbabinsk", "email": "mbabinsk@redhat.com", "id": 1567, "avatar": "https://seccdn.libravatar.org/avatar/abf8f97fed2d2d9cc024eb8a796b96500b124fbf8fdb541a9a189fa082adb6c1?s=24&d=retro", "openid": "mbabinsk.id.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 394864, "bug_id": 1311905, "comment": {"karma": -1, "karma_critpath": 0, "text": "Breaks Dogtag, too bad.", "timestamp": "2016-02-29 14:39:05", "update_id": 51599, "user_id": 1315, "id": 394864, "testcase_feedback": [], "user": {"name": "pspacek", "email": "pspacek@isc.org", "id": 1315, "avatar": "https://seccdn.libravatar.org/avatar/049899d532021a7d606b289ecbf5057881630ce86d462929043ee598de5219a7?s=24&d=retro", "openid": "pspacek.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 394865, "bug_id": 1311905, "comment": {"karma": -1, "karma_critpath": 0, "text": "Breaks Dogtag, too bad.", "timestamp": "2016-02-29 14:40:13", "update_id": 51600, "user_id": 1315, "id": 394865, "testcase_feedback": [], "user": {"name": "pspacek", "email": "pspacek@isc.org", "id": 1315, "avatar": "https://seccdn.libravatar.org/avatar/049899d532021a7d606b289ecbf5057881630ce86d462929043ee598de5219a7?s=24&d=retro", "openid": "pspacek.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 400701, "bug_id": 1311905, "comment": {"karma": -1, "karma_critpath": 0, "text": "Unfortunately, Dogtag will not build on Fedora 23 due to the introduction of the addition of ContextBind in tomcat 8.0.32:\n\n    com/netscape/cms/tomcat/ProxyRealm.java:43: error: cannot access ContextBind\n                proxies.put(context.getBaseName(), this):\n\n      class file for org.apache.tomcat.ContextBind not found", "timestamp": "2016-03-15 01:34:59", "update_id": 52579, "user_id": 475, "id": 400701, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 400705, "bug_id": 1311905, "comment": {"karma": 0, "karma_critpath": 0, "text": "actually --- it is the fact that the location of ContextBind changed, and the new jar is not in our classpath on F23 or F22", "timestamp": "2016-03-15 01:55:56", "update_id": 52579, "user_id": 475, "id": 400705, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 400874, "bug_id": 1311905, "comment": {"karma": 1, "karma_critpath": 0, "text": "After discussions, it was determined that if this was only a build time issue, that I would back port the code necessary to build Dogtag for tomcat 8.0.32.\n\nI tested the existing pki packages against Tomcat 8.0.32, and found that I was still able to run transparently.\n\nAs a consequence, we will remove the negative Karma and back port this Dogtag build change, as we needed to rebuild pki packages for a separate issue anyway.", "timestamp": "2016-03-15 17:03:31", "update_id": 52579, "user_id": 475, "id": 400874, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 402430, "bug_id": 1311905, "comment": {"karma": 1, "karma_critpath": 0, "text": "Tested to see if there was an issue with Dogtag 10.2.6 on F22.  There was, and this has been corrected by the following packages in Bodhi:\n\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-f00f8e2144 tomcatjss-7.1.2-2.fc22\n* https://bodhi.fedoraproject.org/updates/FEDORA-2016-c9a44b20fd pki-core-10.2.6-12.fc22\n\nWhen used in conjunction with these two packages, this build of tomcat was tested by creating a new CA and successfully enrolling a certificate; no FreeIPA tests were attempted.", "timestamp": "2016-03-17 20:45:38", "update_id": 52578, "user_id": 475, "id": 402430, "testcase_feedback": [], "user": {"name": "mharmsen", "email": "mharmsen@redhat.com", "id": 475, "avatar": "https://seccdn.libravatar.org/avatar/148f133379f547c8dc0e09e8a25946e2e8fa2f579602eb9fba8695b8a99a651e?s=24&d=retro", "openid": "mharmsen.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}]}], "updateid": "FEDORA-2016-b19c75d748", "karma": -2, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}