[LINUX] Prepared an environment where Java processing can be called via a certain PHP library

How should I study in these fields? It took too long to check each one. It is a memorandum with a feeling of remorse.

Environment

Install Java

python


# yum install java-1.8.0-openjdk
# yum install java-1.8.0-openjdk-devel

Installation is complete when the version is returned with java -version or javac -version.

reference

Procedure to install Java 8 (OpenJDK) on CentOS 7 with yum | WEB ARCH LABO

Set Java as an environment variable

java.sh


export JAVA_HOME=/usr/lib/jvm/jre-1.8.0-openjdk.x86_64
export PATH=$PATH:$JAVA_HOME/bin
export CLASSPATH=.:$JAVA_HOME/jre/lib:$JAVA_HOME/lib:$JAVA_HOME/lib/tools.jar

python


# source java.sh

OK if you can confirm that the environment variable is set in printenv.

reference

Installing Java Open JDK 8 on CentOS 7

install composer

python


# php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
# php composer-setup.php

OK if you can confirm that composer.phar has been downloaded with ll.

reference

Procedure to install Composer on CentOS | WEB ARCH LABO

problem solving

There was no problem when I ran it on the command line, but an error occurred via Apache, so I did additional work.

Register policy with SELinux

When I searched the log output to / var / log / messages, I found that the cause was SELinux. However, when I looked into the solution, I found that SELinux was only disabled by executing setenforce 0. This is too loose security and can be resolved by registering the policy with SELinux, which I found after further investigation. I also considered introducing a tool, but I didn't want to pollute the environment so much, so I analyzed /var/log/audit/audit.log and made it myself.

javalocal.te


module javalocal 1.0;
require {
	type httpd_sys_script_t;
	type proc_net_t;
	class process { execmem };
	class file { read open getattr };
}
allow httpd_sys_script_t self:process { execmem };
allow httpd_sys_script_t proc_net_t:file { read open getattr };

python


# make -f /usr/share/selinux/devel/Makefile
# semodule -i javalocal.pp

reference

How to make java work with CGI on selinux --muibrog Create your own SELinux policy module-Wankoin Guide to Eradication of "Stuck Because of SELinux" I'm not scared if I understand the reason! How to interact with SELinux

Set the locale to Japan

By the way, it is finally executed via Apache, but the expected result is not returned when Japanese is included. I investigated this and found that the cause was PHP's ╩╗exec](http://php.net/manual/ja/function.exec.php) and [╩╗escapeshellcmd. /ja/function.escapeshellcmd.php) was truncating Japanese. When I tried to output the execution command as a character string, Japanese was missing. I don't know the details because this solution was done by an expert, but I think I changed the settings so that PHP and Apache can handle Japanese.

reference

If you run exec with PHP, only Japanese disappears

Recommended Posts

Prepared an environment where Java processing can be called via a certain PHP library