Show Contents / Index / Search

Troubleshooting Systems Running SELinux

The Problem: Error messages such as the following appear when you try to install or run Reflection for Secure IT on a Linux system that is running Security-Enhanced Linux (SELinux).

error while loading shared libraries: /usr/lib/ cannot restore segment prot after reloc: Permission denied


error while loading shared libraries: cannot enable executable stack as shared object requires: Permission denied


These errors occur when SELinux is enabled and set to Enforcing as opposed to Targeted. The Reflection for Secure IT cryptographic module requires text relocation. The following procedure provides support for this requirement.

To install and run Reflection for Secure IT on a system with SELinux enabled

  1. After you install Reflection for Secure IT and see error messages like the ones shown above, execute the following command. The library name you specify should match the library name in the error messages.

    chcon -t textrel_shlib_t /usr/lib/

  2. Create a host key.
  3. Start the server.

Note: You will need to repeat steps 1 and 3 each time you upgrade Reflection for Secure IT.