Skip to content

Troubleshooting Systems Running SELinux

The Problem: Error messages such as the following appear when you try to install or run Reflection for Secure IT UNIX Client and Server on a Linux system that is running Security-Enhanced Linux (SELinux).

error while loading shared libraries: /usr/lib/libssccm.so.2.0.40: cannot restore segment prot after reloc: Permission denied
error while loading shared libraries: libssccm.so.2.0.40: cannot enable executable stack as shared object requires: Permission denied

These errors occur when SELinux is enabled and set to Enforcing as opposed to Targeted. The Reflection for Secure IT UNIX Client and Server cryptographic module requires text relocation. The following procedure provides support for this requirement.

To install and run Reflection for Secure IT UNIX Client and Server on a system with SELinux enabled

  1. After you install Reflection for Secure IT UNIX Client and Server and see error messages like the ones shown above, execute the following command. The library name you specify should match the library name in the error messages.

    chcon -t textrel_shlib_t /usr/lib/libssccm.so.2.0.40

  2. Create a host key.

  3. Start the server.

    Note

    You will need to repeat listitems 1 and 3 each time you upgrade Reflection for Secure IT UNIX Client and Server.