search cancel

Bug Report: Installation of Symantec Encryption Desktop MP10 causes machine to not boot MacBook 12" 8,1 Early 2015

book

Article ID: 162355

calendar_today

Updated On:

Products

Desktop Email Encryption Drive Encryption

Issue/Introduction

There have been instances where Symantec Drive Encryption has been installed on a MacBook 12" 8,1 Early 2015 system and the system will no longer boot after doing so.

This system has been observed to have 4k sector size blocks, which is not currently a supported technology for Symantec Drive Encryption.  As a result, Symantec Drive Encryption cannot be used on these systems.  Other features included with Symantec Encryption Desktop, such as File Encryption, Email Encryption or Virtual Disk can still be used with some workarounds listed in this article.

 

 

Resolution

Note: From Symantec Encryption Desktop version 10.3.2 Maintenance Pack 12, now when you install Symantec Encryption Desktop on systems running a Mac OS X operating system that have a 4k sector drive, a message informs you that the Symantec Encryption Desktop Drive Encryption component will not be installed. However, all the other components of Symantec Encryption Desktop will be installed on these systems.

To check if the system is 4k, run the following Command:

diskutil info / | grep "Block Size"

If the value returned is: 4096, this indicates the drive is using 4k sector size blocks and Symantec Drive Encryption will not work.

If the return is Device Block size: 512, Drive Encryption can then be used.

If other features are needed as part of Symantec Encryption Desktop, such as Email Encryption, Virtual Disk or individual File Encryption, a workaround exists to prevent this issue.

NOTE: Before attempting these steps, please ensure current backups are up to date and that information needed on the system is copied to the backups.


Scenario 1 - Preventing the Issue During Installation of Symantec Encryption Desktop:

In this scenario, all other features, such as File Encryption, Email Encryption, or Virtual Disk will be included in the installation process.  Only Symantec Drive Encryption is excluded from being used.

1. Mount the disk image used for installation of Symantec Encryption Desktop so that "Encryption Desktop.pkg" is listed and right-click on this and select "Show Package Contents"

2. Open the "Packages" folder, which will include two packages, "PGP Desktop.pkg", and "PGPwde.pkg".

3. Double-click on only "PGP Desktop.pkg" and walk through the on-screen instructions to complete the installation.   Symantec Drive Encryption will not be installed, but all other features will be included.

 

Scenario 2 - Symantec Drive Encryption has been installed, but the system has not been rebooted:

1. Open Terminal.

2. Run the following commands:

sudo su -

rm -rf /System/Library/Extensions/PGPwde.kext /

touch /System/Library/Extensions

kextcache -v -u /

rm /Library/LaunchDaemons/com.pgp.framework.PGPwde.plist

rm /Library/LaunchDaemons/com.pgp.framework.PGPwde.plist

rm -rf /Library/Extensions/PGPdiskdriver.kext

rm /Library/PrivilegedHelperTools/com.pgp.framework.PGPwde

exit

Once this has happened, the system should reboot properly, and all other features should be intact.

 

Scenario 3 - System has been rebooted after installation, however the system will no longer boot


As a workaround, it is possible to use Target Disk Mode or similar to boot a system up and move the PGPWDE driver out of the existing location to allow proper boot.


Once in the Target Disk Mode (or similar method), run the following commands:

1. Identify the affected drive and use that in the following command:


$ sudo chroot /Volumes/

 

For example, if the name of the drive is "Macintosh HD", then run the following command:

sudo chroot /Volumes/Macintosh\ HD

Because of the chroot command all of the following commands affect the mount volume and _NOT_ your host system. Do not skip this step!

2. Type the following:
cd /System/Library/Extensions

mv PGPwde.kext /Users/Shared/

cd /System/Library/Caches/com.apple.bootstamps/ (press the tab key here to auto-complete the next value, then enter).

pwd

You should now be in a directory similar to the following (the UUID value will be different):
/System/Library/Caches/com.apple.bootstamps/D7887679-6DFD-3C78-8846-0360E6DD2CC1

rm \:System\:Library\:Caches\:com.apple.kext.caches\:Startup\:kernelcache

cd /System/Library/Caches/com.apple.kext.caches/Startup

rm kernelcache

exit


Symantec is currently reviewing this issue.  Please subscribe to this article to be informed of future information.