Packet Capture fails to start on Linux due to SELinux
search cancel

Packet Capture fails to start on Linux due to SELinux

book

Article ID: 160222

calendar_today

Updated On:

Products

Data Loss Prevention Network Monitor

Issue/Introduction

Packet Capture won't start on Linux. In the PacketCapture.log file, there are error entries that state "PacketCapture could not elevate it's privileges".

Cause

SELinux is enabled.

Resolution

Symantec DLP requires that SELinux be disabled to be able to function properly.

  • You can check if SELinux is running with the following command:  /usr/sbin/getenforce
  • If it responds with "Disabled," SELinux is already disabled and is not causing this issue.
  • However if it says "Enforcing", SELinux is running and must be disabled
    • To disable Selinux, edit this file: /etc/selinux/config
    • Change the entry "SELINUX=" to "disabled". This is case sensitive.
    • This change requires a reboot of the Linux box after making this change.

 

Powered by Wolken Software