site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi list; Thanks for any advices/comments. Serge. iD8DBQFGXea+5EPeG5y7WPsRAjKlAKCt1PsKqqbQAC5yCVCYgEpLm3xHnwCfYaCF h1XeEUbtoHH/O7WejzwNxns= =BWPc -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... Indeed I realise that the problem I have is not in the "kernel space"; nevertheless form my reading I have the impression that kernel programming is the only place that one can sometime have to deal with bootstrap-namespace... I have the following problem : I'm trying to run a java AWT program inside something which is close to a daemon context (indeed it is run through xGrid with kerberos, hence with a UID of the person who submitted the job). To be able to have AWT NOT needing GUI, I've set the java.awt.headless to true (as mentioned in http://developer.apple.com/ technotes/tn2005/tn2083.html#SECFRAMEWORKCROSSREFERENCE ). Still the java program crashes with a message : 2007-05-23 16:48:29.572 java[3974] CFLog (0): CFMessagePort: bootstrap_register(): failed 1100 (0x44c), port = 0xe603, name = 'Processes-2.3974' See /usr/include/servers/bootstrap_defs.h for the error codes. 2007-05-23 16:48:29.587 java[3974] CFLog (99): CFMessagePortCreateLocal(): failed to name Mach port (Processes-2.3974) CFMessagePortCreateLocal failed (name = Processes-2.3974 error = 0) Going through more web search I've found http://lists.apple.com/ archives/java-dev/2006/Apr/msg00302.html which explains that most of these messages are coming from de-activated bootstrap-namespace. The only solution I've found so far is to write a small C program with set-uid to ROOT which first get to the root bootstrap namespace (the one attached to launchd process), then create a sub-namespace (using bootstrap_subset()) and then after going back to real-UID exec whatever I was trying to run. This does work, however I'm wondering what are the risks I'm taking when doing this sort of thing. Given the very limited number of users (3 to 5 who have access to the machines) I'm pretty sure no-one will have bad intention some I'm more curious of advices about what type of accident might be caused by the creation of this type of 'mini bootstrap namespace'? PS : Another question is : is there anyway to see the difference between running in a deactivated namespace vs. an activated one but not having the necessary permissions to ope a port? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (Darwin) This email sent to site_archiver@lists.apple.com