我正在尝试授予Java可执行文件在Linux上打开1024以下端口的权限。这是设置
/home/test/java
包含Oracle Server JRE 7.0.25- CentOS的6.4
这是getcap返回的内容
[test@centos6 java]$ pwd
/home/test/java
[test@centos6 java]$ getcap bin/java
bin/java = cap_net_bind_service+ep
[test@centos6 java]$ getcap jre/bin/java
jre/bin/java = cap_net_bind_service+ep
尝试执行Java会出现以下错误。
[test@centos6 java]$ bin/java
bin/java: error while loading shared libraries: libjli.so: cannot open shared object file: No such file or directory
[test@centos6 java]$ jre/bin/java
jre/bin/java: error while loading shared libraries: libjli.so: cannot open shared object file: No such file or directory
如果使用setcap为二进制文件赋予了较高的特权,则可以运行Java 7_u25吗?
JDK-6919633:运行时不支持POSIX文件能力(AKA Linux的能力) 说,
Note: when using the setcap the libraries needed by the java launcher
should be present in /usr/lib or any other "trusted" location that the
runtime loader (rtld) uses to find shared libraries.
如何使共享库受信任?