You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@commons.apache.org by JinHwan Hwang <ca...@gmail.com> on 2013/12/03 09:19:48 UTC
[daemon] running https server with ‘common daemon(jsvc)’ generates ‘Permission denied’ error
By googling, I know that there are some issue if i use port number which is
under 1000 without root privileges. But in my case, i have run jsvc with
root account and all the involving files have ‘chmod 755’ permission. Https
server are created by using restlet with jetty container. What will cause
this annoying permission error besides permission of files? Moreover, https
server works fine when i run without jsvc(directly run jar file). I have
post error message and all the sample code which i used below.
Thanks in advance for any help
*jsvc error output*
2013-12-03 16:38:53.248:WARN:oejuc.AbstractLifeCycle:FAILED
SslSelectChannelConnector@0.0.0.0:443: java.net.SocketException:
Permission denied
java.net.SocketException: Permission denied
at sun.nio.ch.Net.bind(Native Method)
at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:126)
at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59)
at org.eclipse.jetty.server.nio.SelectChannelConnector.open(SelectChannelConnector.java:187)
at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:316)
at org.eclipse.jetty.server.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:265)
at org.eclipse.jetty.server.ssl.SslSelectChannelConnector.doStart(SslSelectChannelConnector.java:631)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.Server.doStart(Server.java:293)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.restlet.ext.jetty.JettyServerHelper.start(JettyServerHelper.java:398)
at org.restlet.Server.start(Server.java:590)
at org.restlet.Component.startServers(Component.java:611)
at org.restlet.Component.start(Component.java:538)
at JettyServerExample.main(JettyServerExample.java:26)
at CmmDaemon.start(CmmDaemon.java:23)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.commons.daemon.support.DaemonLoader.start(DaemonLoader.java:243)
2013-12-03 16:38:53.249:WARN:oejuc.AbstractLifeCycle:FAILED
org.restlet.ext.jetty.JettyServerHelper$WrappedServer@2f774b9b:
java.net.SocketException: Permission denied
java.net.SocketException: Permission denied
at sun.nio.ch.Net.bind(Native Method)
at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:126)
at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59)
at org.eclipse.jetty.server.nio.SelectChannelConnector.open(SelectChannelConnector.java:187)
at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:316)
at org.eclipse.jetty.server.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:265)
at org.eclipse.jetty.server.ssl.SslSelectChannelConnector.doStart(SslSelectChannelConnector.java:631)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.Server.doStart(Server.java:293)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.restlet.ext.jetty.JettyServerHelper.start(JettyServerHelper.java:398)
at org.restlet.Server.start(Server.java:590)
at org.restlet.Component.startServers(Component.java:611)
at org.restlet.Component.start(Component.java:538)
at JettyServerExample.main(JettyServerExample.java:26)
at CmmDaemon.start(CmmDaemon.java:23)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.commons.daemon.support.DaemonLoader.start(DaemonLoader.java:243)
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.commons.daemon.support.DaemonLoader.start(DaemonLoader.java:243)
Caused by: java.net.SocketException: Permission denied
at sun.nio.ch.Net.bind(Native Method)
at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:126)
at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59)
at org.eclipse.jetty.server.nio.SelectChannelConnector.open(SelectChannelConnector.java:187)
at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:316)
at org.eclipse.jetty.server.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:265)
at org.eclipse.jetty.server.ssl.SslSelectChannelConnector.doStart(SslSelectChannelConnector.java:631)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.eclipse.jetty.server.Server.doStart(Server.java:293)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
at org.restlet.ext.jetty.JettyServerHelper.start(JettyServerHelper.java:398)
at org.restlet.Server.start(Server.java:590)
at org.restlet.Component.startServers(Component.java:611)
at org.restlet.Component.start(Component.java:538)
at JettyServerExample.main(JettyServerExample.java:26)
at CmmDaemon.start(CmmDaemon.java:23)
... 5 more
Cannot start daemon
Service exit with a return value of 5
*jsvc command*
/root/cc/cc_ssl/jsvc -server -user root -java-home
/usr/java/jdk1.6.0_32 -pidfile
/root/cc/cc_ssl/daemon_ssl_example.jar.pid -outfile
/root/cc/cc_ssl/daemon_ssl_example.jar.out -errfile
/root/cc/cc_ssl/daemon_ssl_example.jar.out -verbose -cp
/root/cc/cc_ssl/ssl_example.jar CmmDaemon
*test codes*
JettyServerExample.java : creating server happens in this file. it runs
well without apache common daemon.
public class JettyServerExample {
public static void main(String[] args) throws Exception {
Engine.setLogLevel(java.util.logging.Level.INFO);
Component component = new Component();
component.getLogService().setLoggerName("net.asdf.WebComponent.www");
component.getDefaultHost().attach("/", new SampleApplication());
component.getServers().add(startHttpsServer(component, 443));
component.start();
}
private static Server startHttpsServer(Component component,
Integer port) throws Exception {
Server server = new Server(new Context(), Protocol.HTTPS,
port, component);
String certPath = "/root/cc/cc_ssl/serverX.jks";
Series<Parameter> parameters = server.getContext().getParameters();
parameters.add("maxThreads", "512");
parameters.add("keystore", certPath);
parameters.add("keyStorePath", certPath);
parameters.add("keyStorePassword", "password");
parameters.add("keyManagerPassword", "password");
parameters.add("keyPassword", "password");
parameters.add("password", "password");
parameters.add("keyStoreType", KeyStore.getDefaultType());
parameters.add("tracing", "true");
parameters.add("truststore", certPath);
parameters.add("trustStorePath", certPath);
parameters.add("trustStorePassword", "password");
parameters.add("trustPassword", "password");
parameters.add("trustStoreType", KeyStore.getDefaultType());
parameters.add("allowRenegotiate", "true");
parameters.add("type", "1");
return server;
}
}
CmmDaemon : implementation of apache common daemon interface
public class CmmDaemon implements Daemon{
@Override
public void destroy() {
// TODO Auto-generated method stub
}
@Override
public void init(DaemonContext arg0) throws DaemonInitException, Exception {
// TODO Auto-generated method stub
}
@Override
public void start() throws Exception {
// TODO Auto-generated method stub
JettyServerExample.main(null);
}
@Override
public void stop() throws Exception {
// TODO Auto-generated method stub
}
}
restlet resource : just restlet test purpose resource.
public class SampleApplication extends Application{
@Override
public Restlet createInboundRoot() {
// Create a router Restlet that defines routes.
Router router = new Router(getContext());
router.attach("test",HelloWorld.class);
return router;
}
}
Re: [daemon] running https server with ‘common daemon(jsvc)’ generates ‘Permission denied’ error
Posted by sebb <se...@gmail.com>.
On 3 December 2013 08:19, JinHwan Hwang <ca...@gmail.com> wrote:
> By googling, I know that there are some issue if i use port number which is
> under 1000 without root privileges. But in my case, i have run jsvc with
> root account and all the involving files have ‘chmod 755’ permission. Https
> server are created by using restlet with jetty container. What will cause
> this annoying permission error besides permission of files? Moreover, https
> server works fine when i run without jsvc(directly run jar file). I have
> post error message and all the sample code which i used below.
>
> Thanks in advance for any help
>
> *jsvc error output*
>
> 2013-12-03 16:38:53.248:WARN:oejuc.AbstractLifeCycle:FAILED
> SslSelectChannelConnector@0.0.0.0:443: java.net.SocketException:
> Permission denied
> java.net.SocketException: Permission denied
> at sun.nio.ch.Net.bind(Native Method)
> at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:126)
> at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59)
> at org.eclipse.jetty.server.nio.SelectChannelConnector.open(SelectChannelConnector.java:187)
> at org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:316)
> at org.eclipse.jetty.server.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:265)
> at org.eclipse.jetty.server.ssl.SslSelectChannelConnector.doStart(SslSelectChannelConnector.java:631)
> at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
> at org.eclipse.jetty.server.Server.doStart(Server.java:293)
> at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
> at org.restlet.ext.jetty.JettyServerHelper.start(JettyServerHelper.java:398)
> at org.restlet.Server.start(Server.java:590)
> at org.restlet.Component.startServers(Component.java:611)
> at org.restlet.Component.start(Component.java:538)
> at JettyServerExample.main(JettyServerExample.java:26)
> at CmmDaemon.start(CmmDaemon.java:23)
I think you need to bind to the socket earlier, in the init() method.
By the time start() is called, the process has dropped root privs.
See:
http://commons.apache.org/proper/commons-daemon/jsvc.html
in particular
http://commons.apache.org/proper/commons-daemon/jsvc.html#Directly
et seq.
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597)
> at org.apache.commons.daemon.support.DaemonLoader.start(DaemonLoader.java:243)
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@commons.apache.org
For additional commands, e-mail: user-help@commons.apache.org