JDK-4861802 : missing /proc/<pid> dir in chroot env. causes 1.4.1 java to fail
  • Type: Bug
  • Component: hotspot
  • Sub-Component: runtime
  • Affected Version: 1.4.1_02
  • Priority: P3
  • Status: Closed
  • Resolution: Fixed
  • OS: solaris_8
  • CPU: generic
  • Submitted: 2003-05-09
  • Updated: 2003-09-10
  • Resolved: 2003-06-18
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other
1.4.1_05 05Fixed
Related Reports
Relates :  
Description
customer using 1.4.1_02

usr/sbin/chroot /chroot /usr/j2se/bin/java -version

Output is:

Need Solaris 2.6 (SunOS 5.6) or later.
Abort

I was able to reproduce this in house and running truss I find that
/proc/<pid> is looked for but not found.  It is at that point that
the error message about needing 2.6 or later is encountered.

This scenario works fine for 1.3.1 where you can see the /proc entry in the  truss and it is also not being found, but it still proceeds.

Needing/exposing /proc in the chroot environment is a security risk.

Why would 1.4.1 now require this where 1.3.1 did not?


Comments
CONVERTED DATA BugTraq+ Release Management Values COMMIT TO FIX: 1.4.1_05 1.4.2_02 tiger FIXED IN: 1.4.1_05 1.4.2_02 tiger INTEGRATED IN: 1.4.1_05 1.4.2_02 tiger-beta VERIFIED IN: 1.4.1_05 1.4.2_02
2004-06-14

EVALUATION ###@###.### 2003-05-13 We provide no guarantee that java should work in a chroot environment. However, the error message is wrong (since we are indeed on Solaris 8), and that should be fixed. It appears that there is leftover code for determining if are on Solaris 2.5.1 or older, but that the check should no longer be made. If this check is no longer made (based on /proc/*) then the absence of /proc might not hurt. ###@###.### 2003-05-21 Java should work in a chroot environment with the fix, and not access /proc/*. However, because /proc/* cannot be accessed, java cannot determine whether the new libthread (T2) is in use, and assumes not. This may cause some small performance loss, and increase the likelihood of some types of races conditions which affect reliability. (And we're working on those.)
2004-06-11