Permissions on DLP Detection servers change after reboots
book
Article ID: 187959
calendar_today
Updated On:
Products
Data Loss Prevention Network Protect
Issue/Introduction
Symantec Data Loss Prevention (DLP)
After a reboot, the user on var/run/symantec change from symantecdlp/symantecdlp 770 to root/root 770. This causes the services on the Detection Server to not start.
Environment
15.5 MP1 RHEL 7.6
Cause
The Detection Server is installed on a Logical Volume (LV) using the Logical Volume Manager (LVM). The services are attempting to start before the LV is mounted.
Resolution
Create either an OVO or a cron job to delay the start of the services until after the LV is mounted.