Security Software

Hi,

this morning tried to install DSEE 7.0 on a CentOS 5.4 system and had problems starting a directory server instance, due to SElinux. With SElinux disabled there is no problem, however as soon as SElinux is enabled I get errors. Later on tried SElinux enforcing enabled with DSEE 6.3.1 and got the same problem. The error I get with SElinux enabled is:

$ sudo /srv/sun/DSEE/dsee6/ds6/bin/dsadm start '/srv/sun/DSEE/instances/dnldap01'

Password:

/srv/sun/DSEE/dsee6/ds6/lib/ns-slapd: error while loading shared libraries: /srv/sun/DSEE/dsee6/ds6/lib/libsh.so: cannot restore segment prot after reloc: Permission denied

/srv/sun/DSEE/dsee6/ds6/lib/ns-slapd -D /srv/sun/DSEE/instances/dnldap01 -i /srv/sun/DSEE/instances/dnldap01/logs/pid failed: err=127

Failed to start Directory Server instance '/srv/sun/DSEE/instances/dnldap01'

After disabling SElinux, there is no problem:

$ sudo /srv/sun/DSEE/dsee6/ds6/bin/dsadm start '/srv/sun/DSEE/instances/dnldap01'

Directory Server instance '/srv/sun/DSEE/instances/dnldap01' started: pid=4014


Information:
$ /srv/sun/DSEE/dsee6/ds6/lib/ns-slapd -V

Sun Microsystems, Inc.

Sun-Java(tm)-System-Directory/6.3.1 B2008.1121.0522 32-bit

ns-slapd : 6.3.1 B2008.1121.0522 DirectoryServices631_branch (Linux clochette 2.4.21-37.ELsmp #1 SMP Wed Sep 7 13:32:18 EDT 2005 x86_64 x86_64 x86_64 GNU/Linux) ZIP

Slapd Library : 6.3.1 B2008.1121.0522 DirectoryServices631_branch (Linux clochette 2.4.21-37.ELsmp #1 SMP Wed Sep 7 13:32:18 EDT 2005 x86_64 x86_64 x86_64 GNU/Linux)

Front-End Library : 6.3.1 B2008.1121.0522 DirectoryServices631_branch (Linux clochette 2.4.21-37.ELsmp #1 SMP Wed Sep 7 13:32:18 EDT 2005 x86_64 x86_64 x86_64 GNU/Linux)

The company policy is to enforce SElinux; what do I need to do to be able to start the directory instance with SELinux enabled? And the same question applies to the directory proxy server instance.

Any suggestions appreciated,

/rolf