[
https://issues.apache.org/jira/browse/KNOX-3153?focusedWorklogId=970237&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-970237
]
ASF GitHub Bot logged work on KNOX-3153:
----------------------------------------
Author: ASF GitHub Bot
Created on: 21/May/25 16:51
Start Date: 21/May/25 16:51
Worklog Time Spent: 10m
Work Description: bonampak opened a new pull request, #1048:
URL: https://github.com/apache/knox/pull/1048
## What changes were proposed in this pull request?
knoxcli.sh should use the found java path when querying the jdk version.
Also, the launching command should also quote the JAVA variable as in
knox-functions.sh appstart.
## How was this patch tested?
Tested on a dev cluster with openJDK 17.
invoke-knox-cli.sh:
```bash
#!/bin/bash
export KNOX_GATEWAY_DATA_DIR=/var/lib/knox/gateway/data;
export KNOX_GATEWAY_CONF_DIR=/var/lib/knox/gateway/conf;
bash -x knox-bin-path/knoxcli.sh "$@"
```
Test commands:
```bash
./invoke-knox-cli.sh create-cert --hostname host-fqdn --force
./invoke-knox-cli.sh list-alias
```
The create-cert command fails as java version 17 is not detected,
add-exports are not appended to the command line
(X509CertificateUtil.java:generateCertificate(276)) - Error in generating
certificate: java.lang.IllegalAccessException: class
org.apache.knox.gateway.util.X509CertificateUtil cannot access class
sun.security.x509.X509CertInfo (in module java.base) because module java.base
does not export sun.security.x509 to unnamed module @23e028a9.
This results in a corrupted keystore as KeyStoreEngine writes a partial
keystore and fails when trying to add a null certificate.
When using JAVA for the version check, add-exports are properly set and the
command works as expected.
If the java executable path contains spaces, the command failed without
quoting and with this change, works as expected.
Created a symlink to a folder with spaces.
```bash
mkdir /tmp/"folder with spaces"
ln -s /usr/lib/jvm/jdk1.17.0.11.0-openjdk/bin/java "/tmp/folder with
spaces/java17"
```
invoke-knox-cli.sh:
```bash
#!/bin/bash
export KNOX_GATEWAY_DATA_DIR=/var/lib/knox/gateway/data;
export KNOX_GATEWAY_CONF_DIR=/var/lib/knox/gateway/conf;
export JAVA="/tmp/folder with spaces/java17"
bash -x knox-bin-path/knoxcli.sh "$@"
```
the existing call:
```bash
$JAVA "${APP_JAVA_OPTS[@]}" -jar "$APP_JAR" "$@" || exit 1
```
```bash
./invoke-knox-cli.sh list-alias
```
```
+ /tmp/folder with spaces/java17 -Djava.library.path=...
.../bin/knoxcli.sh: line 84: /tmp/folder: No such file or directory
+ exit 1
```
with quoting:
```bash
"$JAVA" "${APP_JAVA_OPTS[@]}" -jar "$APP_JAR" "$@" || exit 1
```
```bash
./invoke-knox-cli.sh list-alias
```
```
+ '/tmp/folder with spaces/java17' -Djava.library.path=...
Listing aliases for: __gateway
...
+ return 0
```
Issue Time Tracking
-------------------
Worklog Id: (was: 970237)
Remaining Estimate: 0h
Time Spent: 10m
> Fix Java command invocations in knoxcli.sh
> ------------------------------------------
>
> Key: KNOX-3153
> URL: https://issues.apache.org/jira/browse/KNOX-3153
> Project: Apache Knox
> Issue Type: Task
> Components: KnoxCLI
> Affects Versions: 2.1.0
> Reporter: Tamás Marcinkovics
> Assignee: Tamás Marcinkovics
> Priority: Major
> Labels: easyfix
> Fix For: 2.1.0
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> In knoxcli.sh, java 17 version is not detected correctly if the java command
> is not in the PATH.
> [https://github.com/apache/knox/blob/dfcde4df9638397e2387d983c387f003e34bd721/gateway-release/home/bin/knoxcli.sh#L66]
> As the script uses the JAVA variable for launch, the version command should
> also use the same.
> Also, the variable should be quoted so that paths with spaces would work as
> well.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
