What to do when Azul Zulu Builds of OpenJDK can't read files for cryptography and DNS on RHEL and Centos 8.1 and above

Issue:

Azul Zulu is not able to open some system files that it needs to read in order for a Java program to function correctly.

Cause:

RedHat Enterprise Linux 8.1 introduced a mechanism for "whitelisting" Applications to provide some assurance that a particular executable binary could be trusted to access certain files. The fapolicyd daemon makes the decision, based on its configuration. The configuration files are:

/etc/fapolicyd/fapolicyd.conf - daemon configuration
/etc/fapolicyd/fapolicyd.rules - access control rules
/etc/fapolicyd/fapolicyd.trust - admin defined trusted files

If the rpmdb is set as a trust source and you installed Azul Zulu Builds of OpenJDK from a .tar.gz, then Azul Zulu won't be in the rpmdb, and can't access the files it needs to because it isn't trusted.

Resolution:

Either change the fapolicyd configuration to allow Azul Zulu to access the files it needs, or install Azul Zulu from an RPM.

Add Comment

Comments

0 comments

Please sign in to leave a comment.

Was this article helpful?
0 out of 0 found this helpful