[Amroth]

I just trying to run HL server, everything was fine untill I put amxmodx to server. As you can see, server crashed when amxmodx loaded, tried without amxmodx (only metamod were run) and just works fine.

Code:

Console initialized.
Using breakpad crash handler
Setting breakpad minidump AppID = 70
Forcing breakpad minidump interfaces to load
dlopen failed trying to load:
/home/hlds/.steam/sdk32/steamclient.so
with error:
/home/hlds/.steam/sdk32/steamclient.so: cannot open shared object file: No such file or directory
Looking up breakpad interfaces from steamclient
Calling BreakpadMiniDumpSystemInit
Protocol version 48
Exe version 1.1.2.2/Stdio (valve)
Exe build: 13:12:29 Aug 29 2013 (6153)
STEAM Auth Server

Server IP address X.X.X.X:27015
   
   Metamod version 1.21p37 Copyright (c) 2001-2013 Will Day
     Patch: Metamod-P (mm-p) v37 Copyright (c) 2004-2013 Jussi Kivilinna
   Metamod comes with ABSOLUTELY NO WARRANTY; for details type `meta gpl'.
   This is free software, and you are welcome to redistribute it
   under certain conditions; type `meta gpl' for details.
   

   AMX Mod X version 1.8.2 Copyright (c) 2004-2006 AMX Mod X Development Team 
   AMX Mod X comes with ABSOLUTELY NO WARRANTY; for details type `amxx gpl'.
   This is free software and you are welcome to redistribute it under 
   certain conditions; type 'amxx gpl' for details.

L 05/30/2015 - 04:19:01: -------- Mapchange to crossfire --------
./hlds_run: line 255:  2095 Segmentation fault      (core dumped) $HL_CMD

Any ideas?

OS centos 6.6, 64 bit.
32 bit libraries(glibc, libstdc) are installed.

[Arkshine]

Disable any linux protection like SELinux or similar.

[Amroth]

Thank you, disabling SELinux helps. I wonder why it needed tho.

[Powerlord]

Quote:

Originally Posted by Amroth Thank you, disabling SELinux helps. I wonder why it needed tho.

Not sure about hlds, but srcds uses dynamic text relocation.

I know we had to chcon -t textrel_shlib_t libtier0.so on srcds when SELinux was in use.

[gingerbreadassassin]

Hey guys, I know this is an old post, but I just ran into this exact issue and this thread is the first result.

I'm not satisfied with disabling SELinux, because I'd prefer to utilize the extra security it offers. I'm on CentOS 6.7 x64. I did a little bit of research, and found out how to go about creating a policy specific to running hlds with AMXMODX.

Reading through CentOS' wiki on SELinux, there's a good way to test if SELinux is keeping a process from running without disabling it entirely. To check if SELinux is enabled, run:

Code:

[user@server ~]$ sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted

To test if SELinux is keeping something from running, do:

Code:

[user@server ~]$ su
[root@server ~/user]# setenforce 0

This sets SELinux to 'Permissive' mode, which will allow processes access where before they were denied. Try to run the server through command line, or if you're using a script like I am, do:

Code:

[root@server ~/user]# su csserver
[csserver@server ~/user]$ cd
[csserver@server ~]$ ./csserver debug

In my case, the server then ran, loaded AMXMODX, and was left at

Code:

VAC secure mode is activated.

So, to fix the SELinux access without disabling it entirely, you'll need a package called "setroubleshoot". You'll also want to set SELinux back to "Enforcing".

Code:

[csserver@server ~]$ su
[root@server ~/csserver]# setenforce 1
[root@server ~/csserver]# yum -y install setroubleshoot

This package provides a bunch of tools, but we're only interested in two of them. The first is "sealert", the second is "audit2allow". Here's how you use them:

Code:

[root@server ~/csserver]# sealert -a /var/log/audit/audit.log > selog.txt

This command looks for SELinux entries in the audit log, and parses it into a text file that is more human readable. I use vi, but you can use your preferred text editor (e.g. nano).

Code:

[root@server ~/csserver]# vi selog.txt

Read through this, and you'll find some cool stuff. Particularly:

Code:

SELinux is preventing /home/csserver/serverfiles/hlds_linux from using the execheap access on a process.

This file even tells you how to create and install the requisite SELinux policy. Read through it, but what it suggests is this:

Code:

# grep hlds_linux /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

I prefer not to leave file names to default, so I ran:

Code:

[root@server ~/csserver]# grep hlds_linux /var/log/audit/audit.log | audit2allow -M hlds_amx_pol
[root@server ~/csserver]# semodule -i hlds_amx_pol.pp

The first command searches through the audit log, and pipes (with the | character) entries for "hlds_linux" into the audit2allow tool, which creates SELinux policies from the audit log. The second command installs the policy. Note: it took a minute, so don't worry. Just give it time.
Once it's done, test it:

Code:

[root@server ~/csserver]# su csserver
[csserver@server ~]$ ./csserver debug

Your server should launch normally. If it did while SELinux was in Permissive mode, but doesn't after this fix, run through this process again to figure out what's getting denied.

Once again, I got to

Code:

VAC secure mode is activated.

Whereas before, I would see exactly the same as OP.