I want to write an unprivileged (non-root-access) JMX client program that monitors a privileged (running as root) application that has JMX local access enabled -Dcom.sun.management.jmxremote .
At least on MacOSX, jconsole (and jps) don't see root processes wh开发者_如何学Pythonen I run as myself.
Is this just the fact of life here, or is there some way to configure this?
If your client is not permitted to see the root process, then you cannot attach by PID. What you need is to have the root application load a JMXServer that will listen on a [>1024] port and then you can connect through the port rather than by PID. The easiest way to do this would be to specify a couple of more system properties which will trigger the JVM to load a JMX server automatically. For example (these are all the most insecure):
- -Dcom.sun.management.jmxremote.authenticate=false
- -Dcom.sun.management.jmxremote.ssl=false
- -Dcom.sun.management.jmxremote.port=7777
See JMX Management and Monitoring Properties.
To create a JMXServer programmatically, see the JavaDoc for javax.management.remote. There is a really good guide/tutorial on this topic here.
JMX uses a simple TCP port that you can define with some command-line options. If the port is open, anyone (included non-priviledged users) should be able to see it.
As for the process itself, jps cannot see other user's process, but you can see then with "ps aux".
精彩评论