Note: This KB is only applicable to Enforce running on Linux Enforce Login will not come up and no error appears.
Logs do not show anything obvious but it almost appears tomcat is not running .
In the Tomcat logs, you will see that the Vontu Manager appears to stall at connecting to the notifier:
22 Jul 2010 13:58:09,580- Thread: 10 INFO [com.vontu.model.notification.NotificationModel] model.notification.baseclass
No other logging appears after this line.
And when the Enforce services are restarted, you will see the following error in the tomcat logs:
22 Jul 2010 13:59:44,181- Catalina.stop:
java.net.ConnectException: Connection refused
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(Unknown Source)
at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.<init>(Unknown Source)
at java.net.Socket.<init>(Unknown Source)
If you are seeing these symptoms, then you are running into an issue with lack of entropy on /dev/random.
Cause:
Symantec DLP is trying to get a random seed from /dev/random, which has no data. To confirm this, please run the following command:
cat /dev/random | od
If the command above does not return anything, then /dev/random has no data.
The /dev/random device is seeded by system "entropy", such as keyboard actions, mouse movements, network traffic, etc. For some reason, the current configuration of the OS is not supplying /dev/random with enough information to generate random data. When /dev/random lacks data, it blocks until the data becomes available.
Solution:
The solution is to work with the Linux admin so that /dev/random is seeded with data via entropy. The following link has a good discussion on this issue:
http://www.linuxfromscratch.org/hints/downloads/files/entropy.txt