Error opening file for writing; filename='/opt/Symantec/scspagent/IDS/system/ids_syslog.pipe', error='Permission denied
Article ID: 158989
Updated On:
Products
Critical System Protection
Data Center Security Server
Critical System Protection Client Edition
Data Center Security Server Advanced
Issue/Introduction
SLES11 generates above mentioned error when CSP Agent is installed & rebooted the system. Prevention policy is not applied.
Error opening file for writing; filename='/opt/Symantec/scspagent/IDS/system/ids_syslog.pipe', error='Permission denied
Cause
It seemed like Apparomor was getting installed when ReiserFS file System was used & it was blocking access to this pipe. Found following logs in /var/log/audit/*
type=APPARMOR_DENIED msg=audit(1392949802.140:63619259): operation="open" pid=3515 parent=1 profile="/sbin/syslog-ng" requested_mask="rw::" denied_mask="rw::" fsuid=0 ouid=0 name="/opt/Symantec/scspagent/IDS/system/ids_syslog.pipe"
Resolution
1. Migrate to Ext3 file System
Or
2.Change Apparomor settings to allow write access to this pipe by following these Steps:
1. Login to SUSE11. Open Terminal
2. Type:vi /etc/apparmor.d/sbin.syslog-ng.Hit Enter.
3. Go to the end of line /etc/hosts.allow r,
4. Hit Insert ( Or i key). Hit Enter.
5. Enter Following Text
/opt/Symantec/scspagent/IDS/system/ids_syslog.pipe rw,
6. Now Press Esc, Enter :wq. Hit Enter.
7. Type: ./etc/init.d/boot.apparmor restart
8. Type: service syslog restart
Applies To
1. SLES11 64-bit.
2. The issue was only with SLES with ReiserFS File System.
3. It was working fine with EXT3 file system.
Feedback
Powered by
