INTERNAL ONLY: RHEL 6 with SecurID PAM 7.0 agent throws error 'cannot enable executable stack as shared object requires: Permission denied'
Originally Published: 2011-09-27
Article Number
Issue
If you tail /var/log/secure with pam in debug mode, the following errors show up:
Sep 27 15:40:07 fog sshd[14354]: error: PAM: Module is unknown for testuser
Sep 27 15:40:07 fog sshd[14354]: Connection closed by 192.168.131.196
Sep 27 15:59:33 fog sshd[14459]: PAM unable to dlopen(/lib64/security/pam_securid.so): /lib64/security/pam_securid.so: cannot enable executable stack as shared object requires: Permission denied
Sep 27 15:59:33 fog sshd[14459]: PAM adding faulty module: /lib64/security/pam_securid.so
Sep 27 15:59:33 fog sshd[14459]: error: PAM: Module is unknown for testuer from ssh.myhost.com
Sep 27 15:59:33 fog sshd[14459]: Connection closed by 192.168.131.196
Sep 27 16:02:57 fog sshd[14498]: PAM unable to dlopen(/lib64/security/pam_securid.so): /lib64/security/pam_securid.so: cannot enable executable stack as shared object requires: Permission denied
Sep 27 16:02:57 fog sshd[14498]: PAM adding faulty module: /lib64/security/pam_securid.so
Sep 27 16:02:57 fog sshd[14498]: error: PAM: Module is unknown for testuer from ssh.myhost.com
Sep 27 16:02:57 fog sshd[14498]: Connection closed by 192.168.131.196
Cause
Resolution
1. cd /etc/selinux
2. edit config
3. add to the bottom of the file
setenforce 0
4. save the file
Additional information on SELinux is available in the manpage for SELinux
http://linuxcommand.org/man_pages/setenforce8.html
Until such time as the agent is officially qualified on whatever platform displays this error, this can be used as a workaround. There is no official support available for RHEL 6 at the time of this writing. This workaround has been observed as unnecessary on RHEL 4 or RHEL 5.
Related Articles
Password Lockout Examples Number of Views RSA Identity Governance & Lifecycle - Access Certification whitepaper Number of Views Error: Cannot connect to database. 'Access denied. The database cannot be accessed at this time. RSA ACE/Server database a… Number of Views RSA Authentication Agent for Web for IIS protecting Microsoft Outlook Web Access (OWA) with single sign-on (SSO), but gett… Number of Views Prime kit tomcat.pid: Permission denied error when restarting services for RSA Authentication Manager Prime Kit Number of Views
Trending Articles
RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process Downloading RSA Authentication Manager license files or RSA Software token seed records When configuring LDAP or LDAPS in RSA Authentication Manager with a global catalog the connection fails
Don't see what you're looking for?
