1 of 1 people found this helpful
If selinux is enabled, during the agent install a couple commands will run:
setsebool -P allow_execstack=1
setsebool -P allow_execmod=1
I believe you could change the context of the agent binaries to textrel_shlib_t to avoid making the system level change. But this has not been QA'd.
I will give it a try. Thanks, our suggestion was running the agent in unconfiend domain but it would be better having the SELinux policy done for this. But obviously it would be very very very long list of the access that the agent is requesting.