RKE2 installation failed with permission denied error

RKE2 

RKE2 deployment/rke2 service startup failing in a hardened Red Hat Linux server. This Red Hat Linux is hardened as per the CIS baseline.

The RKE2 Installation is failing with the following error:

Error loading shared library libreadline.so.8: Permission denied (needed by /usr/bin/entry)
Error relocating /usr/bin/entry: unstifle_history: symbol not found
Error relocating /usr/bin/entry: rl_make_bare_keymap: symbol not found
Error relocating /usr/bin/entry: rl_bind_key_if_unbound_in_map: symbol not found

The etcd error:

failed to verify flags","error":"open /var/lib/rancher/rke2/server/db/etcd/config: permission denied"}

Please note that these library reference names may vary according to the OS variant.

The cluster nodes originally had a umask of 027 because of security settings on the operating system. Later, this was changed to umask 022 by adding UMask=022 to the RKE2 systemd service file, which replaced the nonstandard default enforced by the OS hardening policy.

When the umask value is set to 027,  the user has read and write access to the files, and read, write, and search permissions for the directories. Both files and directories, all others (groups and others) do not have full access. The group has only read-only access to the files and read/execute access to the directories. Others have no access to files and only have execute access to directories.  

For the RKE2 startup, the umask value should be set to 022, as RKE2 creates files that need to be read by other processes or users (e.g., container runtimes, system daemons).