From owner-freebsd-java@FreeBSD.ORG Tue Oct 23 16:50:23 2007 Return-Path: Delivered-To: freebsd-java@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9FB5116A421 for ; Tue, 23 Oct 2007 16:50:23 +0000 (UTC) (envelope-from glewis@eyesbeyond.com) Received: from misty.eyesbeyond.com (gerbercreations.com [71.39.140.16]) by mx1.freebsd.org (Postfix) with ESMTP id 3FF2B13C4A3 for ; Tue, 23 Oct 2007 16:50:22 +0000 (UTC) (envelope-from glewis@eyesbeyond.com) Received: from misty.eyesbeyond.com (localhost.eyesbeyond.com [127.0.0.1]) by misty.eyesbeyond.com (8.13.1/8.13.3) with ESMTP id l9N5IZgP026007; Mon, 22 Oct 2007 22:18:35 -0700 (PDT) (envelope-from glewis@eyesbeyond.com) Received: (from glewis@localhost) by misty.eyesbeyond.com (8.13.1/8.13.3/Submit) id l9N5IYd3026006; Mon, 22 Oct 2007 22:18:34 -0700 (PDT) (envelope-from glewis@eyesbeyond.com) X-Authentication-Warning: misty.eyesbeyond.com: glewis set sender to glewis@eyesbeyond.com using -f Date: Mon, 22 Oct 2007 22:18:34 -0700 From: Greg Lewis To: Nick Johnson Message-ID: <20071023051834.GA25983@misty.eyesbeyond.com> References: <20071022222034.A25435@turing> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20071022222034.A25435@turing> User-Agent: Mutt/1.4.2.2i Cc: freebsd-java@freebsd.org Subject: Re: FreeBSD jdk15 does not read java.security? X-BeenThere: freebsd-java@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting Java to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Oct 2007 16:50:23 -0000 On Mon, Oct 22, 2007 at 10:53:00PM -0700, Nick Johnson wrote: > While still trying to investigate this InetAddress negative caching > problem I have, I found something a bit puzzling... If I could get someone > else to verify, that would be great. > > It looks like the 1.5.0_12-p6 JDK never reads java.security when it starts > up. Consequently the netaddress.cache.ttl and > netaddress.cache.negative.ttl properties are never read and initialized, > so the cache reverts to its defaults of caching forever... or at least > that's my hypothesis. > > I wrote a tiny Java program that does nothing other than resolve a > hostname and ran it using truss. Though the JVM does open a number of > other configuration files, java.security is not one of them. My old copy > of 1.4.2 also does not open java.security. > > It's conceivable that truss is somehow missing the system call to read > java.security, but it does seem to be catching lots of other open > and stat calls. > > On Linux, strace shows the java.security open call happens just before the > name resolution would happen. On Windows, filemon shows it happens just > after classes.jsa is read. > > Can someone verify that the following program when run with the FreeBSD > 1.5 JDK results in no open calls for java.security? > > Tiny test program follows. Save it as Test.java, compile with javac > Test.java and run it with "truss -o truss.out java -f Test", then you can > grep truss.out for open system calls. > > import java.net.*; > > public class Test { > public static void main(String[] args) throws Exception { > InetAddress address = InetAddress.getByName("freebsd.org"); > System.out.println(address); > } > } So, what do you see if you run java with -Djava.security.debug=properties? Here is an example of what I see: > /usr/local/jdk1.5.0/bin/java -Djava.security.debug=properties SocketTest properties: reading security properties file: /usr/local/jdk1.5.0/jre/lib/security/java.security That leads me to believe that at least on my system java.security is being read. To see what I'm looking for, take a look at j2se/src/share/classes/java/security/Security.java Do you get the message above, nothing, or a stack trace? -- Greg Lewis Email : glewis@eyesbeyond.com Eyes Beyond Web : http://www.eyesbeyond.com Information Technology FreeBSD : glewis@FreeBSD.org