Bobby,
Isn't the default policy file here:
glassfish/lib/templates/server.policy
?
Tom
On 10/22/2010 2:25 PM, Bobby Bissett wrote:
> This is from the 3rd agenda item for 19 October meeting:
> http://wikis.sun.com/display/GlassFish/AdminIteam
>
> "• issue 11665 - can't perform upgrades with security manager on (Bobby)
> • test to do: see if upgrade can run with default policy file from 3.1
> • otherwise: okay to turn off"
>
> Well, this will teach me for thinking live during a meeting -- there may not be any default policy file from 3.1 during an upgrade. For instance, the user can:
>
> rm -rf domains/domain1
> cp -R<v2domain> domains/
> <upgrade>
>
> Even if the upgrade tool is used and domain1 is renamed, there's no guarantee that we'll know which domain was an untouched 3.1 domain unless we want to store this info somewhere else.
>
> So it looks like that's not an option. However, the policy file is pretty lenient. For instance:
>
> // Core server classes get all permissions by default
> grant codeBase "file:${com.sun.aas.installRoot}/modules/-" {
> permission java.security.AllPermission;
> };
>
> That may be all the permissions needed for an upgrade (fewer = better), so maybe it could run with this. I'll look into that, including handling it in the server and wrapping the whole shebang in a dopriv block.
>
> Separate note: There's also the issue with the server being started without the --upgrade flag and doing an upgrade automatically before starting the server for real (e.g. it was started with a 2.1.1 domain). In that case, we certainly don't want the launcher changing anything -- the solution there is "don't do that." IOW, a documentation issue.
>
> Cheers,
> Bobby
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: admin-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: admin-help_at_glassfish.dev.java.net
>