FreeBSD jdk15 does not read java.security?

Greg Lewis glewis at eyesbeyond.com
Tue Oct 23 09:50:23 PDT 2007 

On Mon, Oct 22, 2007 at 10:53:00PM -0700, Nick Johnson wrote:
> While still trying to investigate this InetAddress negative caching 
> problem I have, I found something a bit puzzling... If I could get someone 
> else to verify, that would be great.
> 
> It looks like the 1.5.0_12-p6 JDK never reads java.security when it starts 
> up.  Consequently the netaddress.cache.ttl and 
> netaddress.cache.negative.ttl properties are never read and initialized, 
> so the cache reverts to its defaults of caching forever... or at least 
> that's my hypothesis.
> 
> I wrote a tiny Java program that does nothing other than resolve a 
> hostname and ran it using truss.  Though the JVM does open a number of 
> other configuration files, java.security is not one of them.  My old copy 
> of 1.4.2 also does not open java.security.
> 
> It's conceivable that truss is somehow missing the system call to read 
> java.security, but it does seem to be catching lots of other open 
> and stat calls.
> 
> On Linux, strace shows the java.security open call happens just before the 
> name resolution would happen.  On Windows, filemon shows it happens just 
> after classes.jsa is read.
> 
> Can someone verify that the following program when run with the FreeBSD 
> 1.5 JDK results in no open calls for java.security?
> 
> Tiny test program follows.  Save it as Test.java, compile with javac 
> Test.java and run it with "truss -o truss.out java -f Test", then you can 
> grep truss.out for open system calls.
> 
> import java.net.*;
> 
> public class Test {
>         public static void main(String[] args) throws Exception {
>                 InetAddress address = InetAddress.getByName("freebsd.org");
>                 System.out.println(address);
>         }
> }

So, what do you see if you run java with -Djava.security.debug=properties?

Here is an example of what I see:

> /usr/local/jdk1.5.0/bin/java -Djava.security.debug=properties SocketTest
properties: reading security properties file: /usr/local/jdk1.5.0/jre/lib/security/java.security

That leads me to believe that at least on my system java.security is being
read.  To see what I'm looking for, take a look at
j2se/src/share/classes/java/security/Security.java

Do you get the message above, nothing, or a stack trace?
-- 
Greg Lewis                          Email   : glewis at eyesbeyond.com
Eyes Beyond                         Web     : http://www.eyesbeyond.com
Information Technology              FreeBSD : glewis at FreeBSD.org

More information about the freebsd-java mailing list