When trying to install SRAdmin using srainstall.bin we get the following
# ./srainstall.bin -i silent
JRE libraries are missing or not compatible....
When installing Spectrum via sdiclinux.exe using an HII and password file and I get "Operation not permitted" when executing
./sdiclinux.exe -h HII.txt -p pwd.txt -test
<ServerName>: Error launching ./linux/distinst
<ServerName>: ./linux/distinst: Operation not permitted
Release : 21.2, 22.2
The system has fapolicyd installed and running which is blocking the execution and opening of files needed to both install and run.
"The fapolicyd software framework controls the execution of applications based on a user-defined policy. This is one of the most efficient ways to prevent running untrusted and possibly malicious applications on the system."
The Linux systems have fapolicyd installed and running which locks down access to files (open/execute).
Rules need to be created for both root (install/processd) and the spectrum user
An example that allowed SRAdmin and Spectrum to both install and run
Created rules file: /etc/fapolicyd/rules.d/39-spectrum.rules
# Carve out exceptions for Spectrum
allow perm=any uid=1009 : dir=/opt
allow perm=any uid=0 : dir=/opt
# /tmp for Install anywhere and any temp files needed during execution
allow perm=any uid=1009 : dir=/tmp
allow perm=any uid=0 : dir=/tmp
allow perm=any uid=1009 : dir=/usr/Spectrum
allow perm=any uid=0 : dir=/usr/Spectrum
allow perm=any uid=1009 : dir=/sw/SPECTRUM/SRAdmin
allow perm=any uid=0 : dir=/sw/SPECTRUM/SRAdmin
allow perm=any uid=0 : dir=/netops_media
Note: The fapolicyd daemon needs to be restarted for the new rules to take effect
systemctl stop fapolicyd
systemctl start fapolicyd
Note: uid=0 is for root, and uid=1009 was for the spectrum user (the uid for the spectrum user will vary from system to system, use the `id` command to obtain)
This allowed the Install to execute and complete as well as allow Spectrum to start/run
This can likely be further tuned
Debugging fapolicyd to see if it is denying execution