容器环境下 OpenJDK 11.0.15 启动 RASP 失败
tanjelly opened this issue · 2 comments
tanjelly commented
Error info
OpenJDK 64-Bit Server VM warning: Native Memory Tracking did not setup properly, using wrong launcher?
OpenJDK 64-Bit Server VM warning: PrintNMTStatistics is disabled, because native memory tracking is not enabled
OpenJDK 64-Bit Server VM warning: Sharing is only supported for boot loader classes because bootstrap classpath has been appended
[OpenRASP] Failed to initialize module jar: rasp-engine.jar
[OpenRASP] Failed to initialize, will continue without security protection.
java.lang.reflect.InaccessibleObjectException: Unable to make void jdk.internal.loader.ClassLoaders$AppClassLoader.appendToClassPathForInstrumentation(java.lang.String) accessible: module java.base does not "opens jdk.internal.loader" to unnamed module @776ec8df
at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:340)
at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:280)
at java.base/java.lang.reflect.Method.checkCanSetAccessible(Method.java:198)
at java.base/java.lang.reflect.Method.setAccessible(Method.java:192)
at com.baidu.openrasp.ModuleContainer.<init>(ModuleContainer.java:58)
at com.baidu.openrasp.ModuleLoader.<init>(ModuleLoader.java:88)
at com.baidu.openrasp.ModuleLoader.load(ModuleLoader.java:117)
at com.baidu.openrasp.Agent.init(Agent.java:94)
at com.baidu.openrasp.Agent.premain(Agent.java:71)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at java.instrument/sun.instrument.InstrumentationImpl.loadClassAndStartAgent(InstrumentationImpl.java:513)
at java.instrument/sun.instrument.InstrumentationImpl.loadClassAndCallPremain(InstrumentationImpl.java:525)
Envirement
Java
# java -version
openjdk version "11.0.15" 2022-04-19
OpenJDK Runtime Environment (build 11.0.15+10-Ubuntu-0ubuntu0.18.04.1)
OpenJDK 64-Bit Server VM (build 11.0.15+10-Ubuntu-0ubuntu0.18.04.1, mixed mode, sharing)
OS
# cat /etc/os-release
NAME="Ubuntu"
VERSION="18.04.3 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.3 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic
Kernel
# uname -a
Linux e114f36f8663 3.10.0-1160.el7.x86_64 #1 SMP Mon Oct 19 16:18:59 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
Application
Spring Boot Jar or Tomcat 9.0.80
yinhuochong commented
https://rasp.baidu.com/doc/install/software.html#faq-jdk9 jdk9+ 需要添加--add-opens参数
tanjelly commented
感谢,我也刚找到这个配置,可以成功运行了,具体参数:
--add-opens java.base/jdk.internal.loader=ALL-UNNAMED