tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: binary distribution - how to upgrade ?
Date Thu, 20 Jun 2013 18:22:21 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Bernd,

On 6/20/13 12:45 PM, Lentes, Bernd wrote:
> i'm fairly new to tomcat. We have a SLES 10 SP4 64bit host, running
>  Tomcat 5.5, which was provided as a rpm from the distributor. Our
>  developers need now a more current version, 6 or prefered 7. I 
> didn't find rpm's for these versions for my OS. So i have to
> install the binary version from the tomcat web page.

You should complain to RedHat. It's embarrassing that so many
distributions are still holding on to Tomcat 5.5 and not supporting
newer versions.

There's no really good reason to upgrade to Tomcat 6. Going from Tomcat
5.5 -> 7.0 should not represent too much of a challenge.

> I read that patches concerning security vulnerabilities are not 
> provided for the binary version.

The Apache Tomcat team does not release patches at all... instead, new
versions are released with the patches included. This includes both
source and binary bundles.

> My question: what do i have to do if i read that version x.x has a 
> security vulnerability which is closed by version x.y ?

Upgrade, if you need to. Some vulnerabilities are only present under
certain configurations, etc.

> Just install the new version over the old one ?

I would not recommend installing a new version "on top of" an old one.
See below.

> Uninstalling the old one before ? What is about my webapps ? Are
> they gone with the installation of the new version ?

Since you are going through this process, I highly recommend that you
start thinking about using a "split install" where Tomcat itself is
installed one place and your webapp is installed elsewhere. To do
this, you set the CATALINA_HOME environment variable to point to your
Tomcat installation, and set CATALINA_BASE to where your webapp is
installed. See the RUNNING.txt file in the root of Tomcat's
installation for details -- you are looking for the section titled
"Advanced Configuration - Multiple Tomcat Instances".

Once you have set up the environment for CATALINA_HOME/CATALINA_BASE,
it's fairly simple to upgrade to a new version of Tomcat:

1. Install the new version for example into /opt/apache-tomcat-x.y.z
2. Re-customize /opt/apache-tomcat-x.y.z/conf/server.xml to include
any customizations you have made (usually just <Connector> elements,
perhaps clustering, etc.)
3. Change CATALINA_HOME to /opt/apache-x.y.z
4. Re-start Tomcat

If you are upgrading from x.y.z -> x.y.w (that is, a point-release),
you may be able to replace step #2 above with simply copying the
existing server.xml to the new CATALINA_HOME. YOU MUST NOT DO THIS
BETWEEN MAJOR RELEASES: server.xml changes significantly (mostly class
names) between major releases. You need to start from scratch with
each one.

One of the many advantages of the above technique (i.e. using
CATALINA_BASE) is that rolling-back to a previous Tomcat version is
trivial: simply change CATALINA_HOME to point to the old release and
restart Tomcat. You'll be back where you started.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJRw0hdAAoJEBzwKT+lPKRYEw4P/iYzprGZZt9C+kMSOjOW2pYC
b2xB7IgS1KhY+6ayQkkjyL3ByJFhrCVIXLbkKuQbGNmk+76R4aFxoueLxkT5m0+u
yMFbwrnlAPx/+3UdCRmw9dVRROakQrdevYzm0bJskw1gu6Vneq2Bxq9zJCi4bKF4
B8EwzcjAdo6oX4UZX7U3um9g+yxGFAC6kM2n6t/MVbhF/stq+R6r0JY4Kmz9LP77
uC9WDr73op33spHXkxX2oMkhksuyUtgl3ZmCwxe6VUU1c0BloGfTy5hBrB5WMBAS
F/KryJMiTeMexnKv4QcDE8qz0w3BgzHGI6XSuhvK2FUbeCe6OyD1JdOzFSHRA0M0
aPdLJyDdsnzjjS88rorv4dfBYl7KJelx2N/51H7GUeX1ipVsrq4vgYNafjLbMUpl
J/yu1OJ9cBhKntuDuMrEIduoZ/WsKcl8hSK6hy/87+dkyw6eKfHj76Io8cP7/uPh
mLiuhmatQ6AT5eFg8BYltxImAVfXpbuUO6d428awy4EWa9tWARokhghsmfmlJmg2
Z1zp1gwxMAdiShaAaxRmFF/Kw18rWPvMoZ6M8pdykGqFw8YZk1FEvQ1pYzoTzcv0
XeiZU3qPUd9rBYkhvzgOEfS9XvZuL/46/4jNTDDh78DoVz2ZAEFBKX6CrZGrPF0u
N+uMi9itiRrdD6BcVmbv
=m+/N
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message