smcd fails to stop gracefully and must be killed

book

Article ID: 162378

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

This issue has several symptoms:

  • The smcd process within Symantec Endpoint Protection for Linux (SEPFL) fails to stop gracefully and must be killed to end the process.
  • smcd stops writing to its debug.log file. The last line in debug.log is often, but not always, the following: DEBUG smc.DebugLogManager 
    [AVMan]AVMan: aggregation interval: 300
  • The sav manage -p and sav manage -h commands fail with error: Failed to contact Symantec Endpoint Protection.
  • The SEPFL client will not communicate with its Symantec Endpoint Protection Manager (SEPM).
  • The SEPFL client's Java LiveUpdate log shows the following error multiple times: IdsEncodingFailed

Cause

This issue occurs because smcd is hung while waiting on Java LiveUpdate to complete the following operation:

/usr/java/jre1.7.0_79/bin/java -Djava.security.egd=file:/dev/./urandom -cp /opt/Symantec/LiveUpdate/jlu.jar com.symantec.liveupdate.config.Settings UpdateSetting workdir /opt/Symantec/LiveUpdate/tmp

Java LiveUpdate is hung processing this command because the version of the Java Cryptography Extensions which are installed are incorrect.

Resolution

This issue occurs because Java LiveUpdate cannot successfully decrypt its configuration file because the version of the Java Cryptography Extensions which Java is using is incorrect. Java LiveUpdate needs to use the Unlimited Java Cryptography Extensions, but the Limited Java Cryptography Extension files are installed.

Download and install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files from here.