i setup udev rule for start java application when SD card inserted. but there is problem. java VM can't start and write errror message to syslog:
Oracle Java 16
root: Error occurred during initialization of VM
root: Failed to mark memory page as executable - check if grsecurity/PaX is enabled
when i switch java to openjdk i have similar error:
root: OpenJDK 64-Bit Server VM warning: INFO: os::commit_memory(0x00007fd9ce697000, 2555904, 1) failed; error='Operation not permitted' (errno=1)
root: #
root: # There is insufficient memory for the Java Runtime Environment to continue.
root: # Native memory allocation (mmap) failed to map 2555904 bytes for committing reserved memory.
root: # An error report file with more information is saved as:
root: # /home/<user>/hs_err_pid6568.log
when i run java app from command line from logged session, everything works.
any help how i can disable PaX or any security why i cannot start java vm from udev rule?
can't start java app from udev rule
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
can't start java app from udev rule
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
-
- Level 16
- Posts: 6054
- Joined: Mon Aug 27, 2012 10:17 pm
Re: can't start java app from udev rule
You really don't want to do that, trust me. It's madness.
You need to rethink your strategy. Your UDEV rule should invoke a script, and the script should impersonate your user.why i cannot start java vm from udev rule?
Impersonation is not fully secure unless you know what you're doing because it will require you to use either a clear text password in the script, or a clear text password in a file, but if you research impersonation you will find that there is a way to encrypt the password. So, while not fully secure without encryption, it's a great deal more secure than disabling PaX or grsecurity because if you go that route then you might as well publish your logon credentials and home address on Facebook and Reddit with an invitation for all and sundry to come to your unlocked home.