Menu
I am experimenting with Linux capabilities for java application. I do not want to add capabilities to interpreter (JVM), so I tried to write a simple wrapper (with debugging information printed to stdout):
#include <stdio.h>
#include <stdlib.h>
#include <sys/capability.h>
#include <unistd.h>
int main(int argc, char *argv[]){
cap_t cap = cap_get_proc();
if (!cap) {
perror("cap_get_proc");
exit(1);
}
printf("%s: running with caps %s\n", argv[0], cap_to_text(cap, NULL));
return execlp("/usr/bin/java", "-server", "-jar", "project.jar", (char *)NULL);
}
This way, I can see that the capability is set for this executable:
./runner: running with caps = cap_net_bind_service+p
And getcap shows
runner = cap_net_bind_service+ip
I have the capability set to be inheritable, so there should be no problem. However, java still doesn't want to bind to privileged ports.
I am getting this error:
sun/nio/ch/Net.java:-2:in `bind': java.net.SocketException: Permission denied (NativeException)
Can someone help me to resolve this?
341
The definition of a capability is something that a person or thing is able to do. When a person can cook, this is an example of a situation where he has the capability to cook. When a computer can open a file, this is an example of a situation where the computer has the capability to open the file.
A person's capability is the amount of work they can do and how well they can do it. ... a job that was beyond the capability of one man.
ability, capacity, power, potential, potentiality. competence, proficiency, accomplishment, adeptness, aptitude, aptness, faculty, experience, skill, skilfulness, talent, flair. cleverness, intelligence. gift, strong point, forte, knack.
Business capability is the expression or the articulation of the capacity, materials and expertise an organization needs in order to perform core functions.
Try using a port above 1024, or run as root.
183
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
