Java unable to start as service on Centos/Rocky/Fedora "Failed to mark memory page as executable"

A bit of a strange issue here that google doesn't turn up any results for except the JVM source code of this error message.

I have a simple Spring Boot fat jar, myapp.jar and I am trying to run this as a systemd service.

I have created a user to run this service useradd --system --no-create-home --shell=/sbin/nologin myapp

Firstly if I attempt to run this application via the shell, sudo -u myapp java -jar myapp.jar the app will start and run as expected.

However, with the following service file

 [Unit]
 Description=MyApp Service
 [Service]
 Type=simple
 WorkingDirectory=/opt/myapp
 ExecStart=/usr/bin/java -jar myapp.jar
 SuccessExitStatus=143
 User=myapp
 Group=myapp
 [Install]
 WantedBy=multi-user.target

Upon the service being started, it will fail with the following error from the log

Nov 09 17:22:24 fedora systemd[1]: Started myapp.service - MyApp Service.
Nov 09 17:22:24 fedora java[1279]: Error occurred during initialization of VM
Nov 09 17:22:24 fedora java[1279]: Failed to mark memory page as executable - check if grsecurity/PaX is enabled

I have tried the exact same thing across Centos, Rocky and Fedora distributions and they all raise the same error.

These are just vanilla servers spun up from ISO's downloaded from the various distributions websites, so no grsecurity/PaX patches have been applied.

From investigations it turns out this problem is specific to Temurin on these various operating systems.

Installing JRE's that are available in the default repositories the problem doesn't occur. From what I can determine its because these are installed into locations which are permitted by SELinux where as Temurin installs itself into a directory not allowed by the default SELinux policy.

I'm able to run the application as my user as the policies are more permissive that if running from an ExecStart in systemd.

Disabling SELinux allows Temurin to run the service as well (although shouldn't be done).