Environment
Novell Access Manager 3.1
Novell Access Manager 3.1 Linux Access Gateway Appliance
Novell Access Manager 3.1 Linux Access Gateway Appliance
Situation
Symptoms:
Linux Access Gateway appliance (LAG) cannot be successfully imported in the Admin Console using the"/chroot/lag/opt/novell/bin/lagconfigure.sh". The process seems to complete fine but the LAG never appear in the console.
The "/etc/init.d/novell-jcc" process cannot be successfully started and the "/opt/novell/devman/jcc/logs/jcc-0.log.0" log files report the following:
Dec 29, 2011 8:39:18 AM com.novell.jcc.server.JCCServerImpl H
INFO: Starting JCC Server
Dec 29, 2011 8:39:18 AM com.novell.jcc.util.JCCUtils logSevere
SEVERE: AM#100706017: Exception - delete admin info failed
com.novell.jcc.server.JCCServerImpl B
access denied (java.util.PropertyPermission jcc.dir read)
java.security.AccessControlException: access denied (java.util.PropertyPermission jcc.dir read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285)
at java.lang.System.getProperty(System.java:650)
at com.novell.jcc.util.JCCUtils.getJCCBasePath(y:2539)
at com.novell.jcc.server.JCCServerImpl.B(y:2247)
at com.novell.jcc.server.JCCServerImpl.A(y:1635)
at com.novell.jcc.server.JCCServerImpl.H(y:3391)
at com.novell.jcc.server.JCCServerImpl.main(y:3031)
Dec 29, 2011 8:39:18 AM com.novell.jcc.server.JCCServerImpl shutdown
INFO: Already shutdown.
Dec 29, 2011 8:39:18 AM com.novell.jcc.util.JCCUtils logSevere
SEVERE: AM#100706018: JCC Server startup failed
com.novell.jcc.server.JCCServerImpl main
access denied (java.util.PropertyPermission jcc.dir read)
java.security.AccessControlException: access denied (java.util.PropertyPermission jcc.dir read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285)
at java.lang.System.getProperty(System.java:650)
at com.novell.jcc.util.JCCUtils.getJCCBasePath(y:2539)
at com.novell.jcc.util.JCCSettings.loadSettings(y:124)
at com.novell.jcc.server.JCCServerImpl.H(y:2325)
at com.novell.jcc.server.JCCServerImpl.main(y:3031)
Dec 29, 2011 8:39:18 AM com.novell.jcc.util.JCCUtils logSevere
SEVERE: AM#100709023: IllegalStateException
com.novell.jcc.server.JCCServerImpl<init>
assertion failed for state: There must only be one instance of this class.
java.lang.IllegalStateException: assertion failed for state: There must only be one instance of this class.
at com.novell.jcc.util.JCCUtils.assertState(y:2565)
at com.novell.jcc.server.JCCServerImpl.<init>(y:1345)
at com.novell.jcc.server.JCCServerImpl.main(y:3439)
Linux Access Gateway appliance (LAG) cannot be successfully imported in the Admin Console using the"/chroot/lag/opt/novell/bin/lagconfigure.sh". The process seems to complete fine but the LAG never appear in the console.
The "/etc/init.d/novell-jcc" process cannot be successfully started and the "/opt/novell/devman/jcc/logs/jcc-0.log.0" log files report the following:
Dec 29, 2011 8:39:18 AM com.novell.jcc.server.JCCServerImpl H
INFO: Starting JCC Server
Dec 29, 2011 8:39:18 AM com.novell.jcc.util.JCCUtils logSevere
SEVERE: AM#100706017: Exception - delete admin info failed
com.novell.jcc.server.JCCServerImpl B
access denied (java.util.PropertyPermission jcc.dir read)
java.security.AccessControlException: access denied (java.util.PropertyPermission jcc.dir read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285)
at java.lang.System.getProperty(System.java:650)
at com.novell.jcc.util.JCCUtils.getJCCBasePath(y:2539)
at com.novell.jcc.server.JCCServerImpl.B(y:2247)
at com.novell.jcc.server.JCCServerImpl.A(y:1635)
at com.novell.jcc.server.JCCServerImpl.H(y:3391)
at com.novell.jcc.server.JCCServerImpl.main(y:3031)
Dec 29, 2011 8:39:18 AM com.novell.jcc.server.JCCServerImpl shutdown
INFO: Already shutdown.
Dec 29, 2011 8:39:18 AM com.novell.jcc.util.JCCUtils logSevere
SEVERE: AM#100706018: JCC Server startup failed
com.novell.jcc.server.JCCServerImpl main
access denied (java.util.PropertyPermission jcc.dir read)
java.security.AccessControlException: access denied (java.util.PropertyPermission jcc.dir read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285)
at java.lang.System.getProperty(System.java:650)
at com.novell.jcc.util.JCCUtils.getJCCBasePath(y:2539)
at com.novell.jcc.util.JCCSettings.loadSettings(y:124)
at com.novell.jcc.server.JCCServerImpl.H(y:2325)
at com.novell.jcc.server.JCCServerImpl.main(y:3031)
Dec 29, 2011 8:39:18 AM com.novell.jcc.util.JCCUtils logSevere
SEVERE: AM#100709023: IllegalStateException
com.novell.jcc.server.JCCServerImpl<init>
assertion failed for state: There must only be one instance of this class.
java.lang.IllegalStateException: assertion failed for state: There must only be one instance of this class.
at com.novell.jcc.util.JCCUtils.assertState(y:2565)
at com.novell.jcc.server.JCCServerImpl.<init>(y:1345)
at com.novell.jcc.server.JCCServerImpl.main(y:3439)
Resolution
The file "/opt/novell/devman/jcc/conf/jcc.policy", where the java
permissions are defined, got corrupted or deleted.
The file should look like this:
-rw-r--r-- 1 root root [...] jcc.policy
cat /opt/novell/devman/jcc/conf/jcc.policy
grant {
permission java.security.AllPermission;
permission java.util.PropertyPermission "jcc.dir", "read";
permission java.net.SocketPermission "*:1024-", "accept, connect";
};
Corruption or deletion can occur during install or upgrade process where something gone silently wrong.
Restore the file copying it over from a working LAG or repeat the upgrade/install process so to restore it properly.
Repeat the LAG import process using the"/chroot/lag/opt/novell/bin/lagconfigure.sh" script and this time it should complete as expected.
The file should look like this:
-rw-r--r-- 1 root root [...] jcc.policy
cat /opt/novell/devman/jcc/conf/jcc.policy
grant {
permission java.security.AllPermission;
permission java.util.PropertyPermission "jcc.dir", "read";
permission java.net.SocketPermission "*:1024-", "accept, connect";
};
Corruption or deletion can occur during install or upgrade process where something gone silently wrong.
Restore the file copying it over from a working LAG or repeat the upgrade/install process so to restore it properly.
Repeat the LAG import process using the"/chroot/lag/opt/novell/bin/lagconfigure.sh" script and this time it should complete as expected.