Delivered with Oracle Enterprise Linux, SELinux modifications provide a variety of policies through the use of Linux Security Modules (LSM) within the Linux kernel.
SELinux requires performing additional steps after installing Access Manager Webgates and before starting the associated Web server.
Problem
The following errors could be reported in logs/console when starting a Web server on Linux distributions that have more strict SELinux policies in place (after installing an Webgate):
11g Webgate
$Webgate_OH/webgate/ohs/lib/webgate.so: cannot restore segment prot after reloc: Permission denied.
10g Webgate
$Webgate_install_dir/access/oblix/apps/webgate/bin/webgate.so: cannot restore segment prot after reloc: Permission denied.
Cause
These errors are reported due to Secure Linux security context policies on files.
Solution
To avoid these errors and start the Web server, run following chcon commands to change the security context on files after installing each Access Manager Web component and before restarting the associated Web server. For more information on the chcon command, see your Linux documentation.
Run chcon -t texrel_shlib_t PATH_TO_LIBWEBPLUGINS.SO. For example:
chcon -t texrel_shlib_t /Webgate_install_dir/access/oblix/lib/webgate.so ... and libxmlengine.so
Run chcon -t texrel_shlib_t PATH_TO_LIBWEBGATE.SO. For example:
chcon -t texrel_shlib_t /Webgate_install_dir/access/oblix/apps/webgate/ bin/webgate.so