What to do when Azul Zulu Builds of OpenJDK can't read files for cryptography and DNS on RHEL and Centos 8.1 and above


Azul Zulu is not able to open some system files that it needs to read in order for a Java program to function correctly.


RedHat Enterprise Linux 8.1 introduced a mechanism for "whitelisting" Applications to provide some assurance that a particular executable binary could be trusted to access certain files. The fapolicyd daemon makes the decision, based on its configuration. The configuration files are:

/etc/fapolicyd/fapolicyd.conf - daemon configuration
/etc/fapolicyd/fapolicyd.rules - access control rules
/etc/fapolicyd/fapolicyd.trust - admin defined trusted files

If the rpmdb is set as a trust source and you installed Azul Zulu Builds of OpenJDK from a .tar.gz, then Azul Zulu won't be in the rpmdb, and can't access the files it needs to because it isn't trusted.


Either change the fapolicyd configuration to allow Azul Zulu to access the files it needs, or install Azul Zulu from an RPM.

Add Comment



Please sign in to leave a comment.

Was this article helpful?
0 out of 0 found this helpful