Enforce services won't start automatically upon startup - RHEL / Linux

book

Article ID: 171690

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

Data Loss Prevention Enforce
Linux

SymantecDLP Services may no longer start automatically after a linux system reboot.

Resolution

To enable Data Loss Prevention services to start automatically (after a reboot), complete the following:

These steps work for DLP 15.1, 15.5, 15.7 and 15.8:

Log onto the Enforce server and SU as root, then run the following:

systemctl enable SymantecDLPManagerService

systemctl enable SymantecDLPIncidentPersisterService

systemctl enable SymantecDLPDetectionServerControllerService

systemctl enable SymantecDLPNotifierService

Log onto to Detection server and su as root, then run the following:

systemctl enable SymantecDLPDetectionServerService

 

The following has been tested on 15.5 and RHEL7:

1. Create systemd script as root:

=> vi /etc/systemd/system/dlpSymantec_startup.service

[Unit]

After=network-online.target

[Service]

ExecStart=/usr/local/bin/dlpSymantec_startup.sh

[Install]

WantedBy=default.target

2. Create the dlpSymantec_startup.sh and add the services startup commands. 

=> vi /usr/local/bin/dlpSymantec_startup.sh

Enforce services 

#!/bin/bash
#DLP startup scripts###
service start SymantecDLPManagerService
service start SymantecIncidentPersisterService
service start SymantecDLPNotifierService
service start SymantecDLPDetectionServerControllerService

exit 0
 

Detection Services on Detection servers.

#!/bin/bash
#DLP v15.5
service SymantecDLPDetectionServerService start
exit 0

 

3. Set the permissions of the systemd script and the bash script

=> chmod 744 /usr/local/bin/dlpSymantec_startup.sh

=> chmod 664 /etc/systemd/system/dlpSymantec_startup.service

4. Enable the systemd service.

=> systemctl daemon-reload

=> systemctl enable dlpSymantec_startup.service

NOTE: Symantec DLP 15.1 will be named without the service at the end of each service name for example SymantecDLPManagerService will be named SymantecDLPManager