diff --git a/test/integration/default/controls/config_spec.rb b/test/integration/default/controls/config_spec.rb
index 09ef4492d31885663f87fedc96665809908d36f8..0cd0cd8ab1d50b0b54329f9cda354cdb8b584c39 100644
--- a/test/integration/default/controls/config_spec.rb
+++ b/test/integration/default/controls/config_spec.rb
@@ -22,7 +22,7 @@ when 'debian'
conf_dir = '/etc/tomcat8'
server_xml_user_and_group = 'tomcat8'
case platform_finger
- when 'debian-10'
+ when 'debian-10', 'ubuntu-20'
main_config_file = '/etc/default/tomcat9'
catalina_tmpdir = '/var/cache/tomcat9/temp'
catalina_tmpdir_user_and_group = 'tomcat'
@@ -48,6 +48,7 @@ when 'redhat'
end
when 'fedora'
case platform_finger
+ when 'fedora-32'
when 'fedora-31'
when 'fedora-30'
end
diff --git a/test/integration/default/controls/packages_spec.rb b/test/integration/default/controls/packages_spec.rb
index 800a43c8fe7b6e84615f542aa892517fd6a6b860..192d31bffc08d7c4395b58ff947cc0a79569818a 100644
--- a/test/integration/default/controls/packages_spec.rb
+++ b/test/integration/default/controls/packages_spec.rb
@@ -11,7 +11,7 @@ control 'Tomcat packages' do
case platform[:family]
when 'debian'
case platform_finger
- when 'debian-10'
+ when 'debian-10', 'ubuntu-20'
%w[tomcat9 haveged]
when 'debian-9', 'ubuntu-18', 'ubuntu-16'
%w[tomcat8 haveged]
diff --git a/test/integration/default/controls/services_spec.rb b/test/integration/default/controls/services_spec.rb
index 942367cefbf9c7d80bc296a0d0a826748b8f2404..8bab4271250f55622240ad9561a550a1a3f7e8af 100644
--- a/test/integration/default/controls/services_spec.rb
+++ b/test/integration/default/controls/services_spec.rb
@@ -12,7 +12,7 @@ control 'Tomcat services' do
case platform[:family]
when 'debian'
case platform_finger
- when 'debian-10'
+ when 'debian-10', 'ubuntu-20'
%w[tomcat9 haveged]
when 'debian-9', 'ubuntu-18', 'ubuntu-16'
%w[tomcat8 haveged]
diff --git a/test/integration/default/controls/yaml_dump_spec.rb b/test/integration/default/controls/yaml_dump_spec.rb
index 22181d89bb9058351630b0937655951f5dd56cff..7b630bdfdeb4f95e2d58bb853021fcd1714bf2da 100644
--- a/test/integration/default/controls/yaml_dump_spec.rb
+++ b/test/integration/default/controls/yaml_dump_spec.rb
@@ -11,7 +11,7 @@ control 'Tomcat `map.jinja` YAML dump' do
case platform[:family]
when 'debian'
case platform_finger
- when 'debian-10'
+ when 'debian-10', 'ubuntu-20'
conf_dir = '/etc/tomcat9'
group = 'tomcat'
main_config = '/etc/default/tomcat9'
diff --git a/test/salt/comparison_files/main_config/fedora-32 b/test/salt/comparison_files/main_config/fedora-32
new file mode 100644
index 0000000000000000000000000000000000000000..0f4c78f24348cec8a59b676fa867c3089e3209e9
--- /dev/null
+++ b/test/salt/comparison_files/main_config/fedora-32
@@ -0,0 +1,67 @@
+# This file is managed by salt. Manual changes risk being overwritten.
+# # Modify the values passed to the tomcat pillar instead.
+
+# Service-specific configuration file for tomcat. This will be sourced by
+# the SysV init script after the global configuration file
+# /etc/tomcat/tomcat.conf, thus allowing values to be overridden in
+# a per-service manner.
+#
+# NEVER change the init script itself. To change values for all services make
+# your changes in /etc/tomcat/tomcat.conf
+#
+# To change values for a specific service make your edits here.
+# To create a new service create a link from /etc/init.d/<your new service> to
+# /etc/init.d/tomcat (do not copy the init script) and make a copy of the
+# /etc/sysconfig/tomcat file to /etc/sysconfig/<your new service> and change
+# the property values so the two services won't conflict. Register the new
+# service in the system as usual (see chkconfig and similars).
+#
+
+# Where your java installation lives
+JAVA_HOME=/usr/lib/jvm/jre
+
+CATALINA_BASE="/usr/share/tomcat"
+
+CATALINA_HOME="/usr/share/tomcat"
+
+CATALINA_TMPDIR="/var/cache/tomcat/temp"
+
+CATALINA_PID="/var/run/tomcat.pid"
+
+
+# You can pass some parameters to java here if you wish to
+#JAVA_OPTS="-Xminf0.1 -Xmaxf0.3"
+JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:MaxPermSize=256m -Dlog4j.configuration=file:/tmp/log4j.properties -Dlogback.configurationFile=/tmp/logback.xml"
+
+#if CLASSPATH is defined in JAVA_OPTS it may no longer munge with the default CLASSPATH
+#replace and customize if necessary
+#CLASSPATH=/usr/share/tomcat/bin/bootstrap.jar:/usr/share/tomcat/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar
+
+# Use JAVA_OPTS to set java.library.path for libtcnative.so
+#JAVA_OPTS="-Djava.library.path=/usr/lib64"
+
+# What user should run tomcat
+TOMCAT_USER=tomcat
+
+# What group should run tomcat
+TOMCAT_GROUP=tomcat
+
+# You can change your tomcat locale here
+#LANG="en_US"
+
+# Run tomcat under the Java Security Manager
+SECURITY_MANAGER="false"
+
+
+# Time to wait in seconds, before killing process
+#SHUTDOWN_WAIT="30"
+
+# Whether to annoy the user with "attempting to shut down" messages or not
+#SHUTDOWN_VERBOSE="false"
+
+# Connector port is 8080 for this tomcat instance
+#CONNECTOR_PORT="8080"
+
+# If you wish to further customize your tomcat environment,
+# put your own definitions here
+# (i.e. LD_LIBRARY_PATH for some jdbc drivers)
diff --git a/test/salt/comparison_files/main_config/ubuntu-20 b/test/salt/comparison_files/main_config/ubuntu-20
new file mode 100644
index 0000000000000000000000000000000000000000..a63ac75939708179e0f7445b2fbfd228035f7239
--- /dev/null
+++ b/test/salt/comparison_files/main_config/ubuntu-20
@@ -0,0 +1,58 @@
+# This file is managed by salt. Manual changes risk being overwritten.
+# Modify the values in the tomcat pillar instead.
+
+# Run Tomcat as this user ID. Not setting this or leaving it blank will use the
+# default of tomcat8.
+TOMCAT9_USER=tomcat
+
+# Run Tomcat as this group ID. Not setting this or leaving it blank will use
+# the default of tomcat8.
+TOMCAT9_GROUP=tomcat
+
+# The home directory of the Java development kit (JDK). You need at least
+# JDK version 7. If JAVA_HOME is not set, some common directories for
+# OpenJDK and the Oracle JDK are tried.
+JAVA_HOME=/usr/lib/jvm/default-java
+
+CATALINA_BASE="/var/lib/tomcat9"
+CATALINA_HOME="/usr/share/tomcat9"
+CATALINA_TMPDIR="/var/cache/tomcat9/temp"
+CATALINA_PID="/var/run/tomcat9.pid"
+
+
+# You may pass JVM startup parameters to Java here. If unset, the default
+# options will be: -Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC
+#
+# Use "-XX:+UseConcMarkSweepGC" to enable the CMS garbage collector (improved
+# response time). If you use that option and you run Tomcat on a machine with
+# exactly one CPU chip that contains one or two cores, you should also add
+# the "-XX:+CMSIncrementalMode" option.
+JAVA_OPTS="-Djava.awt.headless=true -Xmx128m -XX:MaxPermSize=256m -Dlog4j.configuration=file:/tmp/log4j.properties -Dlogback.configurationFile=/tmp/logback.xml"
+
+# To enable remote debugging uncomment the following line.
+# You will then be able to use a java debugger on port 8000.
+#JAVA_OPTS="${JAVA_OPTS} -Xdebug -Xrunjdwp:transport=dt_socket,address=8000,server=y,suspend=n"
+
+# Java compiler to use for translating JavaServer Pages (JSPs). You can use all
+# compilers that are accepted by Ant's build.compiler property.
+JSP_COMPILER=javac
+
+
+# Use the Java security manager? (yes/no, default: no)
+TOMCAT9_SECURITY=no
+
+
+# Number of days to keep logfiles in /var/log/tomcat8. Default is 14 days.
+#LOGFILE_DAYS=14
+# Whether to compress logfiles older than today's
+#LOGFILE_COMPRESS=1
+
+# Location of the JVM temporary directory
+# WARNING: This directory will be destroyed and recreated at every startup !
+JVM_TMP=/tmp/tomcat
+
+
+# If you run Tomcat on port numbers that are all higher than 1023, then you
+# do not need authbind. It is used for binding Tomcat to lower port numbers.
+# (yes/no, default: no)
+AUTHBIND=no
diff --git a/test/salt/comparison_files/server_xml/fedora-32.xml b/test/salt/comparison_files/server_xml/fedora-32.xml
new file mode 100644
index 0000000000000000000000000000000000000000..93757aecf565fa89af5a36344451d42a6f606e0d
--- /dev/null
+++ b/test/salt/comparison_files/server_xml/fedora-32.xml
@@ -0,0 +1,148 @@
+<?xml version='1.0' encoding='utf-8'?>
+<!--
+
+ This file is managed/autogenerated by salt.
+ Manual changes risk being overwritten.
+
+ Modify the salt pillar for the tomcat formula
+ that generates this file instead.
+
+-->
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- Note: A "Server" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/server.html
+ -->
+<Server port="8005" shutdown="SHUTDOWN">
+ <!-- Security listener. Documentation at /docs/config/listeners.html
+ <Listener className="org.apache.catalina.security.SecurityListener" />
+ -->
+
+ <!--APR library loader. Documentation at /docs/apr.html -->
+ <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+
+
+
+
+ <!-- Prevent memory leaks due to use of particular java/javax APIs-->
+ <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
+ <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
+ <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
+ <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
+
+ <!-- Global JNDI resources
+ Documentation at /docs/jndi-resources-howto.html
+ -->
+ <GlobalNamingResources>
+
+
+ <!-- Editable user database that can also be used by
+ UserDatabaseRealm to authenticate users
+ -->
+ <Resource name="UserDatabase" auth="Container"
+ type="org.apache.catalina.UserDatabase"
+ description="User database that can be updated and saved"
+ factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
+ pathname="conf/tomcat-users.xml" />
+ </GlobalNamingResources>
+
+ <!-- A "Service" is a collection of one or more "Connectors" that share
+ a single "Container" Note: A "Service" is not itself a "Container",
+ so you may not define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/service.html
+ -->
+ <Service name="Catalina">
+ <Connector
+
+ port="8443"
+ protocol="org.apache.coyote.http11.Http11Protocol"
+ connectionTimeout="20000"
+ URIEncoding="UTF-8"
+ redirectPort="8443"
+ maxHttpHeaderSize="8192"
+ maxThreads="150"
+ minSpareThreads="25"
+ enableLookups="false"
+ disableUploadTimeout="true"
+ acceptCount="100"
+ scheme="https"
+ secure="true"
+ clientAuth="false"
+ sslProtocol="TLS"
+ SSLEnabled="false"
+ keystoreFile="/path/to/keystoreFile"
+ keystorePass="somerandomtext"
+ />
+
+
+ <Engine name="Catalina" defaultHost="localhost">
+
+ <!-- Use the LockOutRealm to prevent attempts to guess user passwords
+ via a brute-force attack -->
+ <Realm className="org.apache.catalina.realm.LockOutRealm">
+ <!-- This Realm uses the UserDatabase configured in the global JNDI
+ resources under the key "UserDatabase". Any edits
+ that are performed against this UserDatabase are immediately
+ available for use by the Realm. -->
+ <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
+ resourceName="UserDatabase"/>
+ </Realm>
+
+
+
+ <Host name="tomcat-server"
+ unpackWARs="true"
+ autoDeploy="true"
+ deployXML="false">
+ <Context path=""
+ docBase="../webapps/myapp"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.com</Alias>
+
+ </Host>
+
+ <Host name="example.net"
+ unpackWARs="true"
+ autoDeploy="true">
+ <Context path=""
+ docBase="../webapps/myapp2"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.net</Alias>
+
+ <Valve
+ className="org.apache.catalina.valves.AccessLogValve"
+ directory="logs"
+ prefix="localhost_access_log."
+ fileDateFormat="yyyy-MM-dd-HH"
+ suffix=".log"
+ pattern="%h %l %u %t "%m http://%v%U %H" %s %b "%{Referer}i" "%{User-Agent}i" %D" />
+ <Valve
+ className="org.apache.catalina.authenticator.SingleSignOn" />
+
+ </Host>
+
+
+ </Engine>
+ </Service>
+</Server>
diff --git a/test/salt/comparison_files/server_xml/ubuntu-20.xml b/test/salt/comparison_files/server_xml/ubuntu-20.xml
new file mode 100644
index 0000000000000000000000000000000000000000..93757aecf565fa89af5a36344451d42a6f606e0d
--- /dev/null
+++ b/test/salt/comparison_files/server_xml/ubuntu-20.xml
@@ -0,0 +1,148 @@
+<?xml version='1.0' encoding='utf-8'?>
+<!--
+
+ This file is managed/autogenerated by salt.
+ Manual changes risk being overwritten.
+
+ Modify the salt pillar for the tomcat formula
+ that generates this file instead.
+
+-->
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- Note: A "Server" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/server.html
+ -->
+<Server port="8005" shutdown="SHUTDOWN">
+ <!-- Security listener. Documentation at /docs/config/listeners.html
+ <Listener className="org.apache.catalina.security.SecurityListener" />
+ -->
+
+ <!--APR library loader. Documentation at /docs/apr.html -->
+ <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+
+
+
+
+ <!-- Prevent memory leaks due to use of particular java/javax APIs-->
+ <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
+ <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
+ <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
+ <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
+
+ <!-- Global JNDI resources
+ Documentation at /docs/jndi-resources-howto.html
+ -->
+ <GlobalNamingResources>
+
+
+ <!-- Editable user database that can also be used by
+ UserDatabaseRealm to authenticate users
+ -->
+ <Resource name="UserDatabase" auth="Container"
+ type="org.apache.catalina.UserDatabase"
+ description="User database that can be updated and saved"
+ factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
+ pathname="conf/tomcat-users.xml" />
+ </GlobalNamingResources>
+
+ <!-- A "Service" is a collection of one or more "Connectors" that share
+ a single "Container" Note: A "Service" is not itself a "Container",
+ so you may not define subcomponents such as "Valves" at this level.
+ Documentation at /docs/config/service.html
+ -->
+ <Service name="Catalina">
+ <Connector
+
+ port="8443"
+ protocol="org.apache.coyote.http11.Http11Protocol"
+ connectionTimeout="20000"
+ URIEncoding="UTF-8"
+ redirectPort="8443"
+ maxHttpHeaderSize="8192"
+ maxThreads="150"
+ minSpareThreads="25"
+ enableLookups="false"
+ disableUploadTimeout="true"
+ acceptCount="100"
+ scheme="https"
+ secure="true"
+ clientAuth="false"
+ sslProtocol="TLS"
+ SSLEnabled="false"
+ keystoreFile="/path/to/keystoreFile"
+ keystorePass="somerandomtext"
+ />
+
+
+ <Engine name="Catalina" defaultHost="localhost">
+
+ <!-- Use the LockOutRealm to prevent attempts to guess user passwords
+ via a brute-force attack -->
+ <Realm className="org.apache.catalina.realm.LockOutRealm">
+ <!-- This Realm uses the UserDatabase configured in the global JNDI
+ resources under the key "UserDatabase". Any edits
+ that are performed against this UserDatabase are immediately
+ available for use by the Realm. -->
+ <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
+ resourceName="UserDatabase"/>
+ </Realm>
+
+
+
+ <Host name="tomcat-server"
+ unpackWARs="true"
+ autoDeploy="true"
+ deployXML="false">
+ <Context path=""
+ docBase="../webapps/myapp"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.com</Alias>
+
+ </Host>
+
+ <Host name="example.net"
+ unpackWARs="true"
+ autoDeploy="true">
+ <Context path=""
+ docBase="../webapps/myapp2"
+ debug="0"
+ reloadable="true"
+ />
+
+ <Alias>www.example.net</Alias>
+
+ <Valve
+ className="org.apache.catalina.valves.AccessLogValve"
+ directory="logs"
+ prefix="localhost_access_log."
+ fileDateFormat="yyyy-MM-dd-HH"
+ suffix=".log"
+ pattern="%h %l %u %t "%m http://%v%U %H" %s %b "%{Referer}i" "%{User-Agent}i" %D" />
+ <Valve
+ className="org.apache.catalina.authenticator.SingleSignOn" />
+
+ </Host>
+
+
+ </Engine>
+ </Service>
+</Server>
diff --git a/tomcat/osfingermap.yaml b/tomcat/osfingermap.yaml
index b741050c2a9562b2e5489b49a17f3188a04fcaa4..3211d0e1864c1a5d32ac132683701dc01122be9f 100644
--- a/tomcat/osfingermap.yaml
+++ b/tomcat/osfingermap.yaml
@@ -40,6 +40,19 @@ Debian-7:
group: tomcat7
# os: Ubuntu
+Ubuntu-20.04:
+ ver: 9
+ pkg: tomcat9
+ manager_pkg: tomcat9-admin
+ conf_dir: /etc/tomcat9
+ main_config: /etc/default/tomcat9
+ service: tomcat9
+ user: tomcat
+ group: tomcat
+ catalina_base: /var/lib/tomcat9
+ catalina_home: /usr/share/tomcat9
+ catalina_pid: /var/run/tomcat9.pid
+ catalina_tmpdir: /var/cache/tomcat9/temp
Ubuntu-18.04: {}
Ubuntu-16.04: {}
Ubuntu-14.04:
@@ -54,6 +67,7 @@ Ubuntu-14.04:
group: tomcat7
# os: Fedora
+Fedora-32: {}
Fedora-31: {}
Fedora-30: {}