[jboss-as7-dev] JBAS-9373, need control of what interfaces/ports are bound to
Brian Stansberry
brian.stansberry at redhat.com
Thu Apr 21 13:40:41 EDT 2011
Nope I misread and was wrong; the address is not configurable, it's hard
coded:
return new ServerSocket(port, 0, InetAddress.getByName(null));
Which makes sense, the whole intent of that class is to ensure
uniqueness on the machine and that's impossible if different processes
use different addresses. Finding a better way to do this is a
long-standing issue.
On 4/21/11 12:33 PM, Brian Stansberry wrote:
> I have a feeling this is a 1 line fix; give me a minute. It's pulling
> the port from the socket config, just not the address.
>
> On 4/21/11 12:18 PM, Scott Stark wrote:
>> I created this bug, now changed to an enhancement request:
>> https://issues.jboss.org/browse/JBAS-9373
>>
>> to deal with the tm layer binding to an anonymous port on the 127.0.0.1
>> interface as a means to obtain a system wide unique number. How this is
>> done is not exposed via the domain model, and when running in an selinux
>> (secured linux) environment we need control over what interfaces/ports
>> are bound to, where files are written, etc. to be able to write the
>> correct selinux policy.
>>
>> Do we need, or already have a id service that can be leveraged here? It
>> looks like the arjuna Uid class that is used generates a 28 byte/224 bit
>> value.
>>
>> The main issue is that any subsystem has to express what privileged
>> resources it is making use of through the domain model.
>>
>> _______________________________________________
>> jboss-as7-dev mailing list
>> jboss-as7-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/jboss-as7-dev
>
>
--
Brian Stansberry
Principal Software Engineer
JBoss by Red Hat
More information about the jboss-as7-dev
mailing list