rmid starts the activation system daemon that allows objects to be registered and activated in a Java virtual machine (JVM).
rmid [options]
The rmid tool starts the activation system daemon. The activation system daemon must be started before activatable objects can be either registered with the activation system or activated in a JVM. See the RMI Specification and Activation tutorials for details on how to write programs that use activatable remote objects.The daemon can be started by executing the
rmidcommand, and specifying a security policy file, as follows:rmid -J-Djava.security.policy=rmid.policyNote: When running Sun's implementation of
rmid, by default you will need to specify a security policy file so thatrmidcan verify whether or not the information in eachActivationGroupDescis allowed to be used to launch a JVM for an activation group. Specifically, the command and options specified by theCommandEnvironmentand anyPropertiespassed to anActivationGroupDesc's constructor must now be explicitly allowed in the security policy file forrmid. The value of thesun.rmi.activation.execPolicyproperty dictates the policy thatrmiduses to determine whether or not the information in anActivationGroupDescmay be used to launch a JVM for an activation group.Executing
rmidby defaultTo specify an alternate port for the registry, you must specify the
- starts the Activator and an internal registry on the default port, 1098, and
- binds an
ActivationSystemto the namejava.rmi.activation.ActivationSystemin this internal registry.-portoption when starting uprmid. For example,rmid -J-Djava.security.policy=rmid.policy -port 1099starts the activation system daemon and a registry on the registry's default port, 1099.
- -C<someCommandLineOption>
- Specifies an option that is passed as a command-line argument to each child process (activation group) of
rmidwhen that process is created. For example, you could pass a property to each Java virtual machine spawned by the activation system daemon:rmid -C-Dsome.property=valueThis ability to pass command-line arguments to child processes can be useful for debugging. For example, the following command:rmid -C-Djava.rmi.server.logCalls=truewill enable server-call logging in all child JVMs.- -J<someCommandLineOption>
- Specifies an option that is passed to the
javainterpreter runningrmid. For example, to specify thatrmiduse a policy file namedrmid.policy, the-Joption can be used to define thejava.security.policyproperty onrmid's command line, for example:rmid -J-Djava.security.policy=rmid.policy- -J-Dsun.rmi.activation.execPolicy=<policy>
- Specifies the policy that
rmidemploys to check commands and command-line options used to launch the JVM in which an activation group runs. Please note that this option exists only in Sun's implementation of the RMI activation daemon. If this property is not specified on the command line, the result is the same as if-J-Dsun.rmi.activation.execPolicy=defaultwere specified. The possible values of <policy> can bedefault, <policyClassName>, ornone:
- default (or if this property is unspecified)
The default
execPolicyallowsrmidto execute commands with specific command-line options only ifrmidhas been granted permission to execute those commands and options in the security policy file thatrmiduses. Only the default activation group implementation can be used with the default execution policy.
rmidlaunches a JVM for an activation group using the information in the group's registered activation group descriptor, anActivationGroupDesc. The group descriptor specifies an optionalActivationGroupDesc.CommandEnvironmentwhich includes the command to execute to start the activation group as well as any command line options to be added to the command line. By default,rmiduses thejavacommand found injava.home. The group descriptor also contains properties overrides that are added to the command line as options defined as:-D<property>=<value>The permission
com.sun.rmi.rmid.ExecPermissionis used to grantrmidpermission to execute a command, specified in the group descriptor'sCommandEnvironmentto launch an activation group. The permissioncom.sun.rmi.rmid.ExecOptionPermissionis used to allowrmidto use command-line options, specified as properties overrides in the group descriptor or as options in theCommandEnvironment, when launching the activation group.When granting
rmidpermission to execute various commands and options, the permissionsExecPermissionandExecOptionPermissionneed to be granted universally (i.e., granted to all code sources).
ExecPermission- The
ExecPermissionclass represents permission forrmidto execute a specific command to launch an activation group.Syntax
The name of anExecPermissionis the path name of a command to grantrmidpermission to execute. A path name that ends in "/*" indicates all the files contained in that directory (where "/" is the file-separator character,File.separatorChar). A path name that ends with "/-" indicates all files and subdirectories contained in that directory (recursively). A path name consisting of the special token "<<ALL FILES>>" matches any file.Note: A path name consisting of a single "*" indicates all the files in the current directory, while a path name consisting of a single "-" indicates all the files in the current directory and (recursively) all files and subdirectories contained in the current directory.
ExecOptionPermission- The
ExecOptionPermissionclass represents permission forrmidto use a specific command-line option when launching an activation group. The name of anExecOptionPermissionis the value of a command line option.Syntax
Options support a limited wildcard scheme. An asterisk signifies a wildcard match, and it may appear as the option name itself (i.e., it matches any option), or an asterisk may appear at the end of the option name only if the asterisk follows either a "." or "=".For example: "*" or "-Dfoo.*" or "-Da.b.c=*" is valid, "*foo" or "-Da*b" or "ab*" is not.
- Policy file for
rmid- When granting
rmidpermission to execute various commands and options, the permissionsExecPermissionandExecOptionPermissionneed to be granted universally (i.e., granted to all code sources). It is safe to grant these permissions universally because onlyrmidchecks these permissions.An example policy file that grants various execute permissions to
rmidis:grant { permission com.sun.rmi.rmid.ExecPermission "/files/apps/java/jdk1.2.2/solaris/bin/java"; permission com.sun.rmi.rmid.ExecPermission "/files/apps/java/jdk1.2.2/solaris/bin/java_g"; permission com.sun.rmi.rmid.ExecPermission "/files/apps/rmidcmds/*"; permission com.sun.rmi.rmid.ExecOptionPermission "-Djava.security.policy=/files/policies/group.policy"; permission com.sun.rmi.rmid.ExecOptionPermission "-Djava.security.debug=*"; permission com.sun.rmi.rmid.ExecOptionPermission "-Dsun.rmi.*"; };The first two permissions granted allowrmidto execute the 1.2.2 version of thejavaandjava_gcommands, specified by their explicit path names. Note that by default, the version of thejavacommand found injava.homeis used (the same one thatrmiduses), and does not need to be specified in the policy file. The third permission allowsrmidto execute any command in the directory/files/apps/rmidcmds.The fourth permission granted, an
ExecOptionPermission, allowsrmidto launch an activation group that defines the security policy file to be/files/policies/group.policy. The next permission allows thejava.security.debugproperty to be used by an activation group. The last permission allows any property in thesun.rmiproperty name hierarchy to be used by activation groups.To start
rmidwith a policy file, thejava.security.policyproperty needs to be specified onrmid's command line, for example:rmid -J-Djava.security.policy=rmid.policy
- <policyClassName>
If the default behavior is not flexible enough, an administrator can provide, when starting
rmid, the name of a class whosecheckExecCommandmethod is executed in order to check commands to be executed by rmid.The policyClassName specifies a public class with a public, no-argument constructor and an implementation of the following
checkExecCommandmethod:public void checkExecCommand(ActivationGroupDesc desc, String[] command) throws SecurityException;Before launching an activation group,rmidcalls the policy'scheckExecCommandmethod, passing it the activation group descriptor and an array containing the complete command to launch the activation group. If thecheckExecCommandthrows aSecurityException,rmidwill not launch the activation group and anActivationExceptionwill be thrown to the caller attempting to activate the object.
- CLASSPATH
- Used to provide the system a path to user-defined classes. Directories are separated by colons. For example:
.:/usr/local/java/classes
rmic, CLASSPATH, java