Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

socket permission problem ?

16 views
Skip to first unread message

Lucio Chiappetti

unread,
Jan 18, 2017, 11:31:09 AM1/18/17
to
The following test program fails on line sk.connect(addr);
on a fresh user of newly installed openSUSE Leap 42.2 machine. The java
version bundled is

openjdk version "1.8.0_111"
OpenJDK Runtime Environment (IcedTea 3.2.0) (suse-3.1-x86_64)
OpenJDK 64-Bit Server VM (build 25.111-b14, mixed mode)

The same program (which is just a tester for a more complex program
which I am using and would like some students to use on the new machine)
RUNS HAPPILY since ages on my older machine which is an openSUSE 11.3
(where however I replaced the OpenJDK with the java-1_6_0-sun packages

java version "1.6.0_10"
Java(TM) SE Runtime Environment (build 1.6.0_10-b33)
Java HotSpot(TM) Server VM (build 11.0-b15, mixed mode)

Neither me, nor the new test user have a .java.policy file in their
home (anyhow I am quite not familiar with policy files). Neither machine
has a firewall active.


import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
//import java.net.InetAddress;
import java.net.Socket;
import java.net.SocketAddress;

public class prova {
public static void main(String[] arges) throws Exception {

Socket sk = new Socket();
System.out.println(" DEBUG socket created");
sk.bind(null);
System.out.println(" DEBUG socket bound to null");
SocketAddress addr = sk.getLocalSocketAddress() ;
System.out.println(" DEBUG got local address "+addr);
sk.connect(addr);
System.out.println(" DEBUG socket connected");
BufferedReader in = new BufferedReader(new InputStreamReader(sk.getInputStream()));
System.out.println(" DEBUG input stream OK");
PrintWriter out = new PrintWriter(new BufferedWriter(new OutputStreamWriter(sk.getOutputStream())), true);
System.out.println(" DEBUG output stream OK");
System.out.println(" ");
out.println("ABCD");
System.out.println(" written to output channel message ABCD");
out.println("XYZT");
System.out.println(" written to output channel message XYZT then I will read one from input");
System.out.println(" read "+in.readLine());
out.println("ababab");
System.out.println(" written to output channel message ababab");
out.println("zxzxzx");
System.out.println(" written to output channel message zxzxzx");
out.println("maimai");
System.out.println(" written to output channel message maimai");
System.out.println(" then I will read THREE from input and exit");
System.out.println(" read "+in.readLine());
System.out.println(" read "+in.readLine());
System.out.println(" read "+in.readLine());
}
}

when run on the offending machine it gives

DEBUG socket created
DEBUG socket bound to null
DEBUG got local address 0.0.0.0/0.0.0.0:48070
Exception in thread "main" java.net.ConnectException: Connection refused
(Connection refused)
at java.net.PlainSocketImpl.socketConnect(Native Method)
...
at java.net.Socket.connect(Socket.java:538)
at prova.main(prova.java:19)

Any easy way out ?
Thanks

Knute Johnson

unread,
Jan 18, 2017, 1:04:52 PM1/18/17
to
I think this is a linux problem caused by the kernel security features
that prevent local connections. It runs fine on Windows but on my
Xubuntu it fails as above. I've seen this before and I thought you
could fix it by modifying some of the options in
/etc/sysctl.d/99-sysctl.conf but I couldn't get it to work. I'm sure
that's where you will find the solution however.

--

Knute Johnson

Lucio Chiappetti

unread,
Jan 25, 2017, 10:49:39 AM1/25/17
to
On Wed, 18 Jan 2017, Knute Johnson wrote:

> On 1/18/2017 10:30, Lucio Chiappetti wrote:
>> The following test program fails on line sk.connect(addr);
>> on a fresh user of newly installed openSUSE Leap 42.2 machine.

> I think this is a linux problem caused by the kernel security features
> that prevent local connections. It runs fine on Windows but on my
> Xubuntu it fails as above.

I have checked sysctl config on both my old machine and the new one and
tried to fudge some of the more promising parameters at no avail. I
also found no hints about those "kernel security features" on the net.

After an idea to replace Sockets with named pipes (which however are not
supported by "standard" java as are an unix-only concept), I found that
a "piped reader" can do.

So I modified both my tester (below) and also the actual "production"
application.


import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.io.PipedWriter;
import java.io.PipedReader;

public class prova3 {
public static void main(String[] arges) throws Exception {

PipedReader pipin = new PipedReader();
System.out.println(" DEBUG pipe in OK");
BufferedReader in = new BufferedReader(pipin);
System.out.println(" DEBUG input stream OK");
PrintWriter out = new PrintWriter(new BufferedWriter(new PipedWriter(pipin)));
System.out.println(" DEBUG output stream OK");
System.out.println(" ");
out.println("ABCD");
out.flush();
System.out.println(" written to output channel message ABCD");
out.println("XYZT");
out.flush();
System.out.println(" written to output channel message XYZT then I will read one from input");
System.out.println(" read "+in.readLine());
out.println("ababab");
out.flush();
System.out.println(" written to output channel message ababab");
out.println("zxzxzx");
out.flush();
System.out.println(" written to output channel message zxzxzx");
out.println("maimai");
out.flush();
0 new messages