运行Jetty9 9的UnsatisfiedLinkError的setUID特性
我只是尝试以非根用户的身份运行Jetty 9,使用setuid特性绑定低端口号,但没有成功。我在start.ini中启用了模块setuid,并添加了-Djava.Library ary.path=/opt/Jetty/lib/setuid,但是在启动Jetty时我有以下堆栈跟踪:
文件:/opt/jetty/etc/jetty-setuid.xml java.lang.reflect.InvocationTargetException at sun.reflect.NativeMethodAccessorImpl.invoke0(Native sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) )在java.lang.reflect.Method.invoke(Method.java:606) at org.eclipse.jetty.start.Main.invokeMain(Main.java:321) at org.eclipse.jetty.start.Main.start(Main.java:817) at org.eclipse.jetty.start.Main.main(Main.java:112)引起的: java.lang.reflect.InvocationTargetException at sun.reflect.NativeMethodAccessorImpl.invoke0(Native方法)在sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.set(XmlConfiguration.java:479) at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.configure(XmlConfiguration.java:411) at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.newObj(XmlConfiguration.java:815) at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.itemValue(XmlConfiguration.java:1125) at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.value(XmlConfiguration.java:1030) at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.call(XmlConfiguration.java:721) at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.configure(XmlConfiguration.java:417) at org.eclipse.jetty.xml.XmlConfiguration$JettyXmlConfiguration.configure(XmlConfiguration.java:354) at org.eclipse.jetty.xml.XmlConfiguration.configure(XmlConfiguration.java:262) at org.eclipse.jetty.xml.XmlConfiguration$1.run(XmlConfiguration.java:1243) at java.security.AccessController.doPrivileged(Native Method)在org.eclipse.jetty.xml.XmlConfiguration.main(XmlConfiguration.java:1174) .7由:java引起。org.eclipse.jetty.setuid.SetUID.getpwnam(Ljava/lang/String;:lang.UnsatisfiedLinkError)罗格/eclipse/jetty/setuid/Passwd;在org.eclipse.jetty.setuid.SetUID.getpwnam(Native方法)在org.eclipse.jetty.setuid.SetUIDListener.setUsername(SetUIDListener.java:53) . 23
这些是对此错误的唯一引用:
- dev.eclipse.org/mhonarc/lists/jetty-users/msg01657.html
- groups.google.com/forum/#!topic/dropwizard-user/aap2B_U_QPo
但他们要么被阻止,要么没有提出解决方案。我为setuid包找到的源代码是:https://github.com/jetty-project/codehaus-jetty-project/blob/master/jetty-setuid/modules/java/src/main/java/org/mortbay/setuid/SetUID.java
尽管我无法确定这是我使用的版本,因为这个版本来自org.mortbay包,而Jetty 9使用的版本是Eclipse包。
我尝试在java args中设置-Djetty.libsetuid.path (第一次尝试-捕获块),或者将路径添加到$PATH变量,或者设置-Djava.library.path (第二次尝试-捕捉块),或者将so复制到/lib,最后保持原样(第三次尝试-捕捉块)。在所有情况下,我都得到了相同的异常堆栈。我无法确定Jetty是否没有找到so文件,或者无法加载它,因为如果我删除了对路径的所有引用(后面描述的情况),我仍然会得到相同的错误消息。我使用Java7运行Jetty。
作为测试,Edit在我的一个one应用程序中添加了以下代码片段,考虑到如果one应用程序成功的话,我就知道问题不在于找到共享对象:
SetUID.setgid(1002);
SetUID.setuid(1002);
Passwd pw = SetUID.getpwuid(1002);
System.setProperty("user.name", pw.getPwName());
System.setProperty("user.home", pw.getPwDir());因此,我有相同的UnsatisfiedLinkError。
Edit2,我尝试了以下方法:
System.load(SetUID.__FILENAME);
SetUID.setgid(1002);这给了我以下错误消息:
javax.servlet.ServletException: java.lang.UnsatisfiedLinkError:本机库/lib/libsetuid.so已经加载到另一个类加载器中
因此,我可以得出结论,图书馆至少已经加载。
回答 1
Stack Overflow用户
发布于 2015-06-09 20:59:41
在浏览libsetuid文件(nm -D /path/to/ the / so )时,我意识到我正在使用的so已经过时,并且与Jetty 9不兼容,这些函数被命名为mortbay:
根@ Java_org_mortbay_setuid_SetUID_getrlimitnofiles @root:~/# nm -D libsetuid.so --大小排序0000000000000010 T Java_org_mortbay_setuid_SetUID_setgid 0000000000000010 T Java_org_mortbay_setuid_SetUID_setuid 000000000015 T Java_org_mortbay_setuid_SetUID_setumask 000000000018 T throwNewJavaSecurityException 000000000018 T throwNewJavaException 000000000058 T throwNewJavaException 00000000008e T getJavaMethodId 00000000000000a7 T getJavaMethodId 000000000000f5 T getJavaMethodId 000000000000102 T getJavaFieldInt 00000000000111 T setJavaFieldInt 0000000000000111 T setJavaFieldLong 0000000000005T setJavaFieldString 0000000000000000a7 T getJavaMethodId 000000000000f5 T getJavaFieldInt 0000000000000111 T setJavaFieldInt 0000000000000111 T setJavaFieldLong 0000000000005T setJavaFieldString 0000000000000000a7 T getJavaMethodId 000000000000f5 T getJavaFieldInt 000000000000102 T setJavaFieldInt 0000000000000111 T setJavaFieldLong 00000000000000111 T setJavaFieldLong 00000000000000000000000000000000000000000000000 T throwNewJavaException 00000000000000000000000000008e T throwNewJavaException 0000000000_org_mortbay_setuid_SetUID_getpwuid 0000000000001e5 T Java_org_mortbay_setuid_SetUID_getpwnam 0000000000027e T Java_org_mortbay_setuid_SetUID_getgrgid 00000000000029e T Java_org_mortbay_setuid_SetUID_getgrnam
现在,我使用的是jetty下载中已经出现的共享对象,而不是维基中链接的对象。此外,通过查看setuid模块的代码,我决定在java args中使用属性-Djetty.libsetuid.path来指示库的绝对路径,例如-Djetty.libsetuid.path=/opt/jetty/lib/setuid.so。
https://stackoverflow.com/questions/30738510
复制相似问题
腾讯云开发者
