search cancel

Auto-Protect drivers/modules not loading upon boot in Red Hat Enterprise Linux 8

book

Article ID: 190787

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

For endpoints running Red Hat Enterprise Linux (RHEL) 8, even after a successful installation of the Symantec Endpoint Protection for Linux (SEPFL) client, upon reboot, the Auto-Protect drivers will not be loaded, and the Auto-Protect module's status will show as "Malfunctioning".

Environment

Red Hat Enterprise Linux 8
Symantec Endpoint Protection v14.2.5569.2100 and later

Cause

During the installation process, even with SELinux set to "Permissive", the SELinux module will not allow the Auto-Protect drivers/modules to be set to load upon kernel boot. Additionally, during the SEPFL install process, one or more alerts may pop up in the SELinux Troubleshooter or be documented in the SELinux audit log. 

Resolution

After the SEPFL client is successfully installed, run the following commands in a terminal shell window:

  1. sudo ausearch -c 'insmod' --raw | audit2allow -M my-insmod and press enter. 
  2. sudo semodule -i my-insmod.pp and press enter. 

These commands will allow the kernel drivers/modules to load upon boot of the kernel and bypass the issue with SELinux.