Packet Capture fails to start on Linux due to SELinux
Article ID: 160222
Data Loss Prevention Network Monitor
Packet Capture won't start on Linux. In the PacketCapture.log file, there are error entries that state "PacketCapture could not elevate it's privileges".
Symantec DLP requires that SELinux be disabled to be able to function properly.
- You can check if SELinux is running with the following command: /usr/sbin/getenforce
- If it responds with "Disabled," SELinux is already disabled and is not causing this issue.
- However if it says "Enforcing", SELinux is running and must be disabled
- To disable Selinux, edit this file: /etc/selinux/config
- Change the entry "SELINUX=" to "disabled". This is case sensitive.
- This change requires a reboot of the Linux box after making this change.