Application group for tcp/ip communication permission

Hello. How can a legato app connect to a TCP socket? In my scenario, the application tries to connect to a derby database. The IP:port is 192.168.2.2:1527 (usb interface) and the server is readily accessible from the “ij” derby tool, both locally and remotely. Both derby and the application are written in java. They are started from a legato app through the functionality for shell script execution of the .adef files. The legato app is unsandboxed. If I separate the java processes to two different apps, the problem still persists.

If I start the script outside of the legato environment (from the linux command line) there is no problem.

Do I miss some configuration option? Is there an application group that my application should be registered to so that it has this permission?

1 Like

The device the application and the database are deployed on is a Sierra Wireless FX30 modem. The output of ‘fwupdate query’ for firmware information is:

Firmware Version: SWI9X15Y_07.11.22.00 r33729 CARMD-EV-FRMWR1 2017/01/11 18:04:06
Bootloader Version: SWI9X15Y_07.11.22.00 r33729 CARMD-EV-FRMWR1 2017/01/11 18:04:06
Linux Version: 3.14.29ltsi-a00e464379_3f15cd39ad #2 PREEMPT Mon Feb 20 11:11:17 PST 2017
FX30 Version: R13.1.2.004

The tcp/ip socket is created from java code (through the jav.sql.DriverManager.getConnection method). The database connection was tested with the a) ij tool running from the FX30 linux command line (FX30) b) the ij tool running on my host computer (windows 7) c) my application when started from the linux command line (FX30). In all these cases the database connection is functional. The ij tool is a java cli application.

My application is executed through the legato af with the following directive on the .adef file:

processes:
{
    run:
    {
        // Run sh (shell) and pass it the script for it to run.
        (sh start_application)
    }
}

The point of starting through the legato is the automatic startup of the application.

Hi, try adding this line before connecting to the database:
System.setProperty("java.net.preferIPv4Stack", "true");
(or equivalently -Djava.net.preferIPv4Stack=true on the command line)

This fix has solved Java connectivity issues in the past where it would work fine when started outside Legato. As I understand, Java tries to make the connection through an IPv6 stack (for which permissions are denied by Legato) by default since version 7, and any IPv4 connections are mapped to a native IPv6 socket.

You are right. This was the root of the problem. The application still fails to run though legato, throwing weird errors. Thank God for ssh!