SystemEDGE Upgrade on RHEL Fails with "lsm returned with exit code 7"

Document ID : KB000073569
Last Modified Date : 15/03/2018
Show Technical Document Details
SystemEDGE Upgrade from 5.x to 5.9 on RHEL fails with CASETUP:BOOTSTRAP:ERR:30811: Installation failed - lsm returned with exit code 7

1. Rerun setup as follows to get more verbose logging:
./ EULA_ACCEPTED="yes" CA_SETUP_LOG_FILE=/tmp/sysedge.log

2.  Check the created sysedge.log for the presence of the following message "Operation not permitted"

/opt/CA/SharedComponents/csutils/scripts/install.csutils: line 237: /opt/CA/SharedComponents/csutils/bin/casrvc: Operation not permitted
error: %post(ca-cs-utils-11.2.12166.0-0000.noarch) scriptlet failed, exit status 126
Script or command "rpm -U "/tmp/ca-setup.jSVC4607/ca-cs-utils-11.2.12166.0-0000.noarch.rpm"" failed with exit code 1.
Reason:         The script or command encountered a problem.
Action:         Find further details in the installation log file

3.   The Operation not permitted message if the user has root permissions is indicative of an application blocking security product, in this instance CA PIM/Access Control.
  • The first command will set blockrun to no, which means that PIM will not prevent it from running when it becomes untrusted.
# selang -s -c “er PROGRAM ______ blockrun-“

# selang -s -c “er PROGRAM /opt/CA/SharedComponents/csutils/bin/casrvc blockrun-“

((perform the upgrade))
  • After the upgrade this command will retrust the program.
# selang -s -c “er PROGRAM ______ trust“

# selang -s -c “er PROGRAM /opt/CA/SharedComponents/csutils/bin/casrvc trust“
  • This command will reinsate blockrun: 
# selang -s -c “er PROGRAM ______  blockrun“

# selang -s -c “er PROGRAM /opt/CA/SharedComponents/csutils/bin/casrvc blockrun“
Additional Information:
​How to Use Seretrust to List Selang Commands That Will Retrust Programs:

How to Prevent PIM from Untrusting a program:

How to Determine Why PIM Untrusted a Program: