Monday, 19 August 2019

Check Java Security file for running java versions

I had an issue where a number of Java processes were taking a long time to start up.
I had read somewhere that altering the java.security file to use /dev/./urandom instead of /dev/random or /dev/urandom could speed things up.

So as is my way, I wrote a script to chech this setting for me.
for x in $(for i in $(pgrep -x -U $(id -ur) java); do readlink /proc/$i/exe; done | sort -u); do
  fn=${x/bin\/java/}
  echo $fn
  grep "^securerandom.source" ${fn}jre/lib/security/java.security
done
Breaking this down, firstly I wanted to find out the executable use by all of my running Java processes.
pgrep -x -U $(id -ur) java
This returns a list of process ID's for any java processes running as my user.

I then use readlink to get to the actual executable for each process.
readlink /proc/$i/exe
For example if I had a prcess id of 42474 and ran the above readlink e.g. readlink /proc/42474/exe I'd get something like the following.
/proc/42474/exe -> /u01/app/oracle/prod/jdk1.8/bin/java
I then ran the list through sort -u to produce a unique (-u) list of executables.

After I have my unique list of java executable I just grep the java.security file for a line that begins with securerandom.source. The ${x/bin\/java/} takes the full path provided in the loop and replaces the bin/java with nothing.
/u01/app/oracle/prod/jdk1.7/bin/java
securerandom.source=/dev/random
/u01/app/oracle/prod/jdk1.8/bin/java
securerandom.source=/dev/./urandom

No comments:

Post a comment

Oracle CPU downloader

Every quarter I have to go through and download numerous patches for the Oracle CPU (Critical Patch Update). You have to view the CPU docume...