Hang or crash when installing Endpoint Protection 14.2 RU1 on Red Hat Enterprise Linux 7.6 or similar
Article ID: 174759
Updated On:
Products
Issue/Introduction
You start the installation of Symantec Endpoint Protection (SEP) for Linux 14.2 RU1 (14.2.3332.1000) on a version 7.6 Red Hat-based Linux distribution with kernel 3.10.0-957.12.1.el7.x86_64 –a result of the April 23, 2019 Red Hat Security Advisory (RHSA) 2019:0818– or 3.10.0-957.12.2.el7.x86_64.
After the core SEP package is succesfully installed, the system hangs or crashes when attempting to install the Auto-Protect kernel module. While it is possible to log in again after a reboot, the output of systemctl status autoprotect.service -l shows it is inactive (dead).
Red Hat-based Linux distributions include Red Hat Enterprise Linux (RHEL), the Community Enterprise Operating System (CentOS) and Oracle Linux (OL). The latter is only affected when using the Red Hat kernel instead of Oracle's default Unbreakable Enterprise Kernel (UEK).
[[email protected] sep-rpm_14.2.3332]# ./install.sh -i Starting to install Symantec Endpoint Protection for Linux Performing pre-check... Warning: X11 libraries are missing, GUI component will not be installed! Pre-check succeeded Begin installing virus protection component Preparing... ################################# [100%] Performing pre-check... Pre-check is successful Updating / installing... 1:sep-14.2.3332-1000 ################################# [100%] Virus protection component installed successfully Begin installing Auto-Protect component Preparing... ################################# [100%] Performing pre-check... Pre-check is successful Updating / installing... 1:sepap-x64-14.2.3332-1000 ################################# [100%]
Environment
- RHEL, CentOS or OL 7.6
- SEP for Linux 14.2 RU1
Resolution
This issue is fixed in Symantec Endpoint Protection 14.2.2.0 (RU2) For information on how to obtain the latest build of Symantec Endpoint Protection, see Download the latest version of Symantec Endpoint Protection.
This issue appears to have been resolved in RHEL 7.6 with the release of kernel 3.10.0-957.21.2.el7.x86_64.
The 12.2 kernel update is available for CentOS 7.6 but does not resolve the symptoms.
You may work around this by pre-compiling the SEP autoprotect modules per instructions in How to manually install Endpoint Protection for Linux.
With SEP 14.2 RU1 for Linux successfully installed you would also need to pre-compile those modules before rebooting to a different kernel otherwise the system may crash or hang again when loading autoprotect. For example, if updating kernel from 3.10.0-957.12.1 to 3.10.0-957.12.2 then install new kernel, kernel-devel, and kernel-headers and before rebooting run:
cd /path/to/expanded/sep-rpm/src/ap-kernelmodule/
sudo ./build.sh --kernel-rel 3.10.0-957.12.2.el7.x86_64
Feedback
