glfs/general/prog/ojdk-conf.xml
DJ Lucas 8944fff11b Remove instructions to regenerate cacerts file when installing Java as this is no longer necessary.
git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@21118 af4574ff-66df-0310-9fd7-8a98e5e911e0
2019-02-10 02:26:31 +00:00

134 lines
4.4 KiB
XML

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % general-entities SYSTEM "../../general.ent">
%general-entities;
]>
<sect1 id="ojdk-conf" xreflabel="Configuring the JAVA environment">
<?dbhtml filename="ojdk-conf.html"?>
<sect1info>
<othername>$LastChangedBy$</othername>
<date>$Date$</date>
</sect1info>
<title>Configuring the JAVA environment</title>
<sect2 id="java-profile">
<title>Setting up the environment</title>
<para>
After the package installation is complete, the next step is to make sure
that the system can properly find the files. If you set up your login
scripts as recommended in <xref linkend='postlfs-config-profile'/>, update
the environment by creating the <filename>openjdk.sh</filename> script,
as the <systemitem class="username">root</systemitem> user:
</para>
<screen role="root"><userinput>cat &gt; /etc/profile.d/openjdk.sh &lt;&lt; "EOF"
<literal># Begin /etc/profile.d/openjdk.sh
# Set JAVA_HOME directory
JAVA_HOME=/opt/jdk
# Adjust PATH
pathappend $JAVA_HOME/bin
# Add to MANPATH
pathappend $JAVA_HOME/man MANPATH
# Auto Java CLASSPATH: Copy jar files to, or create symlinks in, the
# /usr/share/java directory. Note that having gcj jars with OpenJDK 8
# may lead to errors.
AUTO_CLASSPATH_DIR=/usr/share/java
pathprepend . CLASSPATH
for dir in `find ${AUTO_CLASSPATH_DIR} -type d 2>/dev/null`; do
pathappend $dir CLASSPATH
done
for jar in `find ${AUTO_CLASSPATH_DIR} -name "*.jar" 2>/dev/null`; do
pathappend $jar CLASSPATH
done
export JAVA_HOME
unset AUTO_CLASSPATH_DIR dir jar
# End /etc/profile.d/openjdk.sh</literal>
EOF</userinput></screen>
<para>
If <xref linkend="sudo"/> is installed, the super user should have
access to the above variables. Execute the following commands as the
<systemitem class="username">root</systemitem> user:
</para>
<screen role="root"><userinput>cat &gt; /etc/sudoers.d/java &lt;&lt; "EOF"
<literal>Defaults env_keep += JAVA_HOME
Defaults env_keep += CLASSPATH</literal>
EOF</userinput></screen>
<para>
For allowing <command>mandb</command> to include the OpenJDK man pages
in its database, issue, as the <systemitem class="username">root
</systemitem> user:
</para>
<screen role="root"><userinput>cat &gt;&gt; /etc/man_db.conf &lt;&lt; "EOF" &amp;&amp;
<literal># Begin Java addition
MANDATORY_MANPATH /opt/jdk/man
MANPATH_MAP /opt/jdk/bin /opt/jdk/man
MANDB_MAP /opt/jdk/man /var/cache/man/jdk
# End Java addition</literal>
EOF
mkdir -p /var/cache/man &amp;&amp;
mandb -c /opt/jdk/man</userinput></screen>
</sect2>
<sect2 id="ojdk-certs" xreflabel="installing the JVM Certificate Authority Certificates">
<title>Setting up the Certificate Authority Certificates for Java</title>
<para>
<application>OpenJDK</application> uses its own format for the
CA certificates. The Java security modules use
<envar>$JAVA_HOME</envar><filename>/lib/security/cacerts</filename> by
default. In order to keep all the certificates in one place, we use
<filename>/etc/ssl/java/cacerts</filename>. The instructions
on the <xref linkend="make-ca"/> page previously created the file
located in <filename class="directory">/etc/ssl/java</filename>.
Setup a symlink in the default location as the
<systemitem class="username">root</systemitem> user:
</para>
<screen role="root"><userinput>ln -sfv /etc/pki/tls/java/cacerts /opt/jdk/lib/security/cacerts</userinput></screen>
<para>
Use the following command to check if the <filename>cacerts</filename>
file has been successfully installed:
</para>
<screen role="root"><userinput>/opt/jdk/bin/keytool -list -cacerts</userinput></screen>
<para>
At the prompt <computeroutput>Enter keystore password:</computeroutput>,
enter <userinput>changeit</userinput> (the default) or just press the
<quote>Enter</quote> key. If the <filename>cacerts</filename> file was
installed correctly, you will see a list of the certificates with
related information for each one. If not, you need to reinstall them.
</para>
<para>
If you later install a new JVM, you just have to create the symlink in
the default location to be able to use the cacerts.
</para>
</sect2>
</sect1>