FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 08-29-2008, 04:12 PM
Craig White
 
Default Java and openjdk

On Fri, 2008-08-29 at 10:38 -0400, Gene Heskett wrote:
> On Friday 29 August 2008, Rahul Sundaram wrote:
> >Gene Heskett wrote:
> >> And the simple fact that those of us who want a working java are going to
> >> the sun site, getting the latest jre and installing it, never again to
> >> click on an ICED TEA update in yumex. Really, I think that says it all.
> >> You for legal reasons are defending an emasculated version, but the final
> >> say on what gets run is us, its our machine. Sue us? I doubt it.
> >
> >It is not iced tea now. It is called OpenJDK and that is a certified
> >Java from Sun. I won't sue for getting the details wrong ;-)
> >
> >Rahul
>
> Oh? From my yumex screen (F8 install)
> java-1.7.0-icedtea
> jave-1.7.0-icedtea-plugin
>
> and from an rpm -qa|grep java
> java-1.7.0-icedtea-1.7.0.0-0.19.b21.snapshot.fc8
> java-1.5.0-gcj-1.5.0.0-17.fc8
> tzdata-java-2008d-1.fc8
> glib-java-0.2.6-10.fc8
> java_cup-0.10-0.k.6jpp.1
> java-1.7.0-icedtea-plugin-1.7.0.0-0.19.b21.snapshot.fc8
>
> Humm, I may be wrong about not having icedtea
----
icedtea was F8, but not F9
----
> [root@coyote ~]# which java
> /usr/bin/java
> [root@coyote ~]# ls -l `which java`
> lrwxrwxrwx 1 root root 22 2008-03-31
> 19:34 /usr/bin/java -> /etc/alternatives/java
> [root@coyote ~]# ls -l /etc/alternatives/java/
> ls: cannot access /etc/alternatives/java/: Not a directory
> [root@coyote ~]# ls -l /etc/alternatives/java
> lrwxrwxrwx 1 root root 39 2008-03-31
> 19:41 /etc/alternatives/java -> /usr/lib/jvm/jre-1.7.0-icedtea/bin/java
>
> However, from FF's aboutlugins, I get this:
> Java(TM) Plug-in 1.6.0_06-b02
>
> File name: /usr/java/jre1.6.0_06/plugin/i386/ns7/libjavaplugin_oji.so
> Java(TM) Plug-in 1.6.0_06
----
which java command is for running java from command shell

java plugin in Firefox is a separate issue...what's so difficult to
understand about that?
----
>
> So, do I need to replace that link? By installing the yumex offerings and
> bearing in mind that I long since gave up trying to keep up with every new
> browser version having its own plugins dir, created one & put all the plugins
> there, and linked all the other browsername/plugins to it?
>
> In that case, is it safe to do so since updates are not yet flowing? Those
> are old packages that have been sitting there for a month or more.
>
> A side note, we (my local group of friends) have found a blog
> <http://blogs.zdnet.com/security/?p=1803&tag=nl.e539> that gives a few hints
> on finding out if we too have been infected. According to it, no systems
> here are. The point being that the extreme privacy this has been kept under
> has now been exposed, letting the horse out of the barn so to speak, and this
> list deserves more candor from its 'parent' regarding it. We had been led to
> believe this was only a debian problem because of the speedup shortcut in the
> random number section of the code supposedly only they used. If this is a
> different exploit, then we need to know. We aren't above pulling in the
> src's and building our own you know, however my reading that code is not
> going to tell me if its safe, so I've told the one in my local group who was
> going to do that to hold off another day or so... His exposure to an exploit
> is 100x that of mine, so lets see some activity of some kind other than take
> a potato and wait. We are beginning to need a second potato to stave off the
> hunger here.
----
as someone who runs gui as root...you have so many issues to worry about
I wouldn't know where to start...in fact, your assertion that someone
else has an exposure to exploitation more than you is laughable.

Craig

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
 
Old 08-29-2008, 04:14 PM
Les Mikesell
 
Default Java and openjdk

Rahul Sundaram wrote:


I expected more from the conformance test.


... which was my major point even earlier. Conformance tests won't get
you what you wanted. Major apps are relying on non-standard
implementation quirks and even bugs and break even between revisions
from the same vendor.


Yes, and they generally specify which jvm you need to use for the
application. That means pragmatically that an OS should be designed to
easily accommodate whatever jvms your apps need, concurrently if
desired. In the future I don't expect this to completely go away any
more than the existence of gcc made C compiler version dependencies go
away - but you will look at it differently when it's 'your' jvm versions
that are problematic.


For some very strange definition of 'works'. The article accompanying
it describes parts that don't work.


I will go by what has been posted on the blog.

"Okay, I started mucking around with OpenJDK on Fedora 9 today, and it
turns out it is pretty easy to build OpenNMS against OpenJDK and get it
to work"


But it doesn't stop there - farther down:

"For some reason I got an error in Statsd.
[...]
This could be an OpenJDK issue or just a testing issue, so I disabled
that daemon for now"



So more than merely building as your claimed earlier.


But not actually working like it is supposed to or in a usable way.


In fact, I'd probably have one running
under vmware if I expected even that to work without having to track
non-standard patches. Is that listed on the FAQ these days?


Feel free to use rpmfusion.org wiki for writing down all the content you
wanted. Any good search engine can be your friend as well.


I think you are missing the pragmatic point again. I'm willing to
sometimes make some effort at beta testing but there are limits. And
right now one of those would be using a system that installs with no
extra work under vmware. If you can't respond to that or have the
answer in an official FAQ, I'll just wait until I have a specific need
for a feature I can't get elsewhere before trying to deal with it.


I don't really see the point of running an OS that is antagonistic
toward the drivers and applications that would make it useful but I'm
curious enough about how it is going to mesh with the next RHEL cut to
keep watching. By the way, shouldn't that cut have happened by now?


--
Les Mikesell
lesmikesell@gmail.com

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
 
Old 08-30-2008, 01:50 AM
Rahul Sundaram
 
Default Java and openjdk

Les Mikesell wrote:



I don't really see the point of running an OS that is antagonistic
toward the drivers and applications that would make it useful but I'm
curious enough about how it is going to mesh with the next RHEL cut to
keep watching. By the way, shouldn't that cut have happened by now?


Since you are not interested in helping out, neither am I. Good luck.

Rahul

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
 
Old 08-30-2008, 02:06 AM
Rahul Sundaram
 
Default Java and openjdk

Gene Heskett wrote:



Oh? From my yumex screen (F8 install)
java-1.7.0-icedtea
jave-1.7.0-icedtea-plugin


Right, I have mentioned before several times in this thread that I was
referring to Fedora 9. Maybe, you missed that.


In that case, is it safe to do so since updates are not yet flowing? Those
are old packages that have been sitting there for a month or more.


It would be and if there are any changes required, I would except more
announcements.



A side note, we (my local group of friends) have found a blog
<http://blogs.zdnet.com/security/?p=1803&tag=nl.e539> that gives a few hints
on finding out if we too have been infected. According to it, no systems
here are. The point being that the extreme privacy this has been kept under
has now been exposed,


This blog post is talking about a generic issue and not related to
Fedora specifically but yes, if you are concerned about security. there
are multiple checks and this is one of them.


Rahul

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
 
Old 08-30-2008, 04:13 AM
Gene Heskett
 
Default Java and openjdk

On Friday 29 August 2008, Craig White wrote:
>On Fri, 2008-08-29 at 10:38 -0400, Gene Heskett wrote:
>> On Friday 29 August 2008, Rahul Sundaram wrote:
>> >Gene Heskett wrote:
>> >> And the simple fact that those of us who want a working java are going
>> >> to the sun site, getting the latest jre and installing it, never again
>> >> to click on an ICED TEA update in yumex. Really, I think that says it
>> >> all. You for legal reasons are defending an emasculated version, but
>> >> the final say on what gets run is us, its our machine. Sue us? I
>> >> doubt it.
>> >
>> >It is not iced tea now. It is called OpenJDK and that is a certified
>> >Java from Sun. I won't sue for getting the details wrong ;-)
>> >
>> >Rahul
>>
>> Oh? From my yumex screen (F8 install)
>> java-1.7.0-icedtea
>> jave-1.7.0-icedtea-plugin
>>
>> and from an rpm -qa|grep java
>> java-1.7.0-icedtea-1.7.0.0-0.19.b21.snapshot.fc8
>> java-1.5.0-gcj-1.5.0.0-17.fc8
>> tzdata-java-2008d-1.fc8
>> glib-java-0.2.6-10.fc8
>> java_cup-0.10-0.k.6jpp.1
>> java-1.7.0-icedtea-plugin-1.7.0.0-0.19.b21.snapshot.fc8
>>
>> Humm, I may be wrong about not having icedtea
>
>----
>icedtea was F8, but not F9
>----
>
>> [root@coyote ~]# which java
>> /usr/bin/java
>> [root@coyote ~]# ls -l `which java`
>> lrwxrwxrwx 1 root root 22 2008-03-31
>> 19:34 /usr/bin/java -> /etc/alternatives/java
>> [root@coyote ~]# ls -l /etc/alternatives/java/
>> ls: cannot access /etc/alternatives/java/: Not a directory
>> [root@coyote ~]# ls -l /etc/alternatives/java
>> lrwxrwxrwx 1 root root 39 2008-03-31
>> 19:41 /etc/alternatives/java -> /usr/lib/jvm/jre-1.7.0-icedtea/bin/java
>>
>> However, from FF's aboutlugins, I get this:
>> Java(TM) Plug-in 1.6.0_06-b02
>>
>> File name: /usr/java/jre1.6.0_06/plugin/i386/ns7/libjavaplugin_oji.so
>> Java(TM) Plug-in 1.6.0_06
>
>----
>which java command is for running java from command shell
>
>java plugin in Firefox is a separate issue...what's so difficult to
>understand about that?
>----
>
>> So, do I need to replace that link? By installing the yumex offerings and
>> bearing in mind that I long since gave up trying to keep up with every new
>> browser version having its own plugins dir, created one & put all the
>> plugins there, and linked all the other browsername/plugins to it?
>>
>> In that case, is it safe to do so since updates are not yet flowing?
>> Those are old packages that have been sitting there for a month or more.
>>
>> A side note, we (my local group of friends) have found a blog
>> <http://blogs.zdnet.com/security/?p=1803&tag=nl.e539> that gives a few
>> hints on finding out if we too have been infected. According to it, no
>> systems here are. The point being that the extreme privacy this has been
>> kept under has now been exposed, letting the horse out of the barn so to
>> speak, and this list deserves more candor from its 'parent' regarding it.
>> We had been led to believe this was only a debian problem because of the
>> speedup shortcut in the random number section of the code supposedly only
>> they used. If this is a different exploit, then we need to know. We
>> aren't above pulling in the src's and building our own you know, however
>> my reading that code is not going to tell me if its safe, so I've told the
>> one in my local group who was going to do that to hold off another day or
>> so... His exposure to an exploit is 100x that of mine, so lets see some
>> activity of some kind other than take a potato and wait. We are beginning
>> to need a second potato to stave off the hunger here.
>
>----
>as someone who runs gui as root...you have so many issues to worry about
>I wouldn't know where to start...in fact, your assertion that someone
>else has an exposure to exploitation more than you is laughable.
>
>Craig

When I get hacked and rootkitted is the time to gloat, until then, well..
(this is occasionally a mixed list)

And may I complement you on your ability to change the subject when I ask a
potentially embarrassing question?

--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
That feeling just came over me.
-- Albert DeSalvo, the "Boston Strangler"

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
 
Old 08-30-2008, 04:08 PM
Les Mikesell
 
Default Java and openjdk

Rahul Sundaram wrote:

Les Mikesell wrote:



I don't really see the point of running an OS that is antagonistic
toward the drivers and applications that would make it useful but I'm
curious enough about how it is going to mesh with the next RHEL cut to
keep watching. By the way, shouldn't that cut have happened by now?


Since you are not interested in helping out, neither am I. Good luck.



It's not so much a matter of not being interested as not seeing much
chance of success.


--
Les Mikesell
lesmikesell@gmail.com

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
 

Thread Tools




All times are GMT. The time now is 05:05 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org