Knowledge Base:Object libsandbox.so from LD PRELOAD cannot be preloaded
During installation of a package, the following error message appears:
>>> Setting SELinux security labels ERROR: ld.so: object 'libsandbox.so' from LD_PRELOAD cannot be preloaded: ignored.
This article is applicable to Gentoo Linux systems with a selinux profile set:
eselect profile show
Current /etc/make.profile symlink: hardened/linux/amd64/selinux
A SELinux profile always ends with
This message should only occur after the Setting SELinux security labels message. It happens because SELinux tells glibc to disable LD_PRELOAD (and other environment variables that are considered potentially harmful) during domain transitions. Here, Portage calls the setfiles command (part of a SELinux installation) and as such transitions from portage_t to setfiles_t, which clears the environment variable.
Gentoo recommends it is safe to trust the SELinux policy here (since setfiles runs in its own confined domain anyhow) rather than updating the policy to allow transitioning between portage_t to setfiles_t without clearing these environment variables.
libsandbox.so is not disabled during builds and merges, only during the activity where Portage labels the files it just merged.
The error is cosmetic and can be ignored but sadly not hidden.