search cancel

Auto-Protect drivers/modules not loading upon boot in Red Hat Enterprise Linux 8


Article ID: 190787


Updated On:


Endpoint Protection


For endpoints running Red Hat Enterprise Linux (RHEL) 8, even after a successful installation of the Symantec Endpoint Protection for Linux (SEPFL) client, upon reboot, the Auto-Protect drivers will not be loaded, and the Auto-Protect module's status will show as "Malfunctioning".


Red Hat Enterprise Linux 8
Symantec Endpoint Protection v14.2.5569.2100 and later


During the installation process, even with SELinux set to "Permissive", the SELinux module will not allow the Auto-Protect drivers/modules to be set to load upon kernel boot. Additionally, during the SEPFL install process, one or more alerts may pop up in the SELinux Troubleshooter or be documented in the SELinux audit log. 


After the SEPFL client is successfully installed, run the following commands in a terminal shell window:

  1. sudo ausearch -c 'insmod' --raw | audit2allow -M my-insmod and press enter. 
  2. sudo semodule -i my-insmod.pp and press enter. 

These commands will allow the kernel drivers/modules to load upon boot of the kernel and bypass the issue with SELinux.