Unable to get packet capture to start. PacketCapture (main.cpp)  Wrong Argument list: exiting
search cancel

Unable to get packet capture to start. PacketCapture (main.cpp)  Wrong Argument list: exiting

book

Article ID: 197036

calendar_today

Updated On:

Products

Data Loss Prevention Data Loss Prevention Network Monitor

Issue/Introduction

We are unable to get packet capture to start. we see the following message.

PacketCapture (main.cpp) Wrong Argument list: exiting

Log Details - please obtain Operational, Debug & Trace and Configuration:

SEVERE: Message chain #2 encountered an unexpected error processing a message. 
java.lang.NoClassDefFoundError: Could not initialize class 
com.symantec.dlp.imagepreclassifier.NativeImagePreclassifier

Environment

Release : 16.x

Component : PacketCapture

Cause

While the original line essentially gives root permissions, it does still require the user to type their password to run commands. Since temproot gets loaded after the Symantec DLP sudoers file, this overrides what was set for NOPASSWD. The sudo only remembers the last rule it loads.

Resolution

The issue can be resolved by changing the first line in one of their other sudoers files in the /etc/sudoer.d directory from:

symantecdlp ALL=(ALL) ALL, NOEXEC: NEVEREXEC

to

symantecdlp ALL=NOEXEC: NEVEREXEC

Powered by Wolken Software