FreeBSD jdk15 does not read java.security?
Greg Lewis
glewis at eyesbeyond.com
Tue Oct 23 09:50:23 PDT 2007
On Mon, Oct 22, 2007 at 10:53:00PM -0700, Nick Johnson wrote:
> While still trying to investigate this InetAddress negative caching
> problem I have, I found something a bit puzzling... If I could get someone
> else to verify, that would be great.
>
> It looks like the 1.5.0_12-p6 JDK never reads java.security when it starts
> up. Consequently the netaddress.cache.ttl and
> netaddress.cache.negative.ttl properties are never read and initialized,
> so the cache reverts to its defaults of caching forever... or at least
> that's my hypothesis.
>
> I wrote a tiny Java program that does nothing other than resolve a
> hostname and ran it using truss. Though the JVM does open a number of
> other configuration files, java.security is not one of them. My old copy
> of 1.4.2 also does not open java.security.
>
> It's conceivable that truss is somehow missing the system call to read
> java.security, but it does seem to be catching lots of other open
> and stat calls.
>
> On Linux, strace shows the java.security open call happens just before the
> name resolution would happen. On Windows, filemon shows it happens just
> after classes.jsa is read.
>
> Can someone verify that the following program when run with the FreeBSD
> 1.5 JDK results in no open calls for java.security?
>
> Tiny test program follows. Save it as Test.java, compile with javac
> Test.java and run it with "truss -o truss.out java -f Test", then you can
> grep truss.out for open system calls.
>
> import java.net.*;
>
> public class Test {
> public static void main(String[] args) throws Exception {
> InetAddress address = InetAddress.getByName("freebsd.org");
> System.out.println(address);
> }
> }
So, what do you see if you run java with -Djava.security.debug=properties?
Here is an example of what I see:
> /usr/local/jdk1.5.0/bin/java -Djava.security.debug=properties SocketTest
properties: reading security properties file: /usr/local/jdk1.5.0/jre/lib/security/java.security
That leads me to believe that at least on my system java.security is being
read. To see what I'm looking for, take a look at
j2se/src/share/classes/java/security/Security.java
Do you get the message above, nothing, or a stack trace?
--
Greg Lewis Email : glewis at eyesbeyond.com
Eyes Beyond Web : http://www.eyesbeyond.com
Information Technology FreeBSD : glewis at FreeBSD.org
More information about the freebsd-java
mailing list