Endpoint Protection

 View Only
  • 1.  Unable to start Auto Protect on CentOS:

    Posted May 14, 2010 05:40 AM
     

    1. I can’t start AutoProtect for whatever reasons. See the below logs. 

    [root@xxxx ~]# more savap-install.log
    ======================================================
    Pre-install begin: Thu May 13 18:54:33 MYT 2010
    Performing first install pre-install actions
    groupadd: group avdefs exists
    Pre-install end: Thu May 13 18:54:34 MYT 2010
    Post-install begin: Thu May 13 18:54:41 MYT 2010
    Performing new install post-install actions
    BaseDir=/opt/Symantec
    Starting AP: symev: unable to load kernel support module (UNSUPPORTED-OS-rh-UNK-
    UNK-2.6.18-8.el5-i386)
    Stopping rtvscand: .......                                          OK
     
    Stopping symcfgd:                                                  OK
     
    Starting symcfgd:                                                    OK
     
    Stopping rtvscand:                                                  FAILED
     
    Starting rtvscand:                                                    OK
     
    Post-install end: Thu May 13 18:55:09 MYT 2010
    [root@xxxx ~]# /opt/Symantec/symantec_antivirus/sav autoprotect --enable
    [root@xxxx ~]# /opt/Symantec/symantec_antivirus/sav info --autoprotect
    disabled
    [root@xxxx ~]# uname -a
    Linux xxxx 2.6.18-8.el5 #1 SMP Thu Mar 15 19:57:35 EDT 2007 i686 i686 i386 GNU/L                                                                             inux
    [root@**** ~]#

     Can someone guide me on this?


  • 2.  RE: Unable to start Auto Protect on CentOS:

    Posted May 14, 2010 09:21 AM
    Hi NetInfinium,

    I believe the problem is that your kernel is unsupported by the default SAV for Linux install.

    However, with the latest releases of SAV for Linux (MR9 or MR9), you can compile your own autoprotect modules.  For details and an example, see the article Symantec AntiVirus for Linux: How to Compile Auto-Protect Kernel Modules under Ubuntu (http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2009081214270148 )

    Alternately, you may succeed if you replace the line in the file "/etc/redhat-release" so it indicates a SAVFL supported operating system. For example:  Red Hat Enterprise Linux Server release 5.2 (Tikanga)

    See Release notes for Symantec AntiVirus for Linux 1.0x (http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007864478170998 ) for more information.

    Please let the forum know of your progress!

    Thanks and best regards,

    Mick