Symantec Endpoint Protection cafservicemain process produces SIGABRT core dump at service startup if FIPS mode is enabled.
You may see the following information in the system logs:
Jan 19 10:29:37 rhel-8.local.test systemd: cafdaemon.service: Main process exited, code=killed, status=6/ABRT Jan 19 10:29:37 rhel-8.local.test systemd: cafdaemon.service: Failed with result 'signal'. -- Subject: Unit failed -- Defined-By: systemd -- Support: https://access.redhat.com/support -- -- The unit cafdaemon.service has entered the 'failed' state with result 'signal'. Jan 19 10:29:38 akm-rhel-8.akm.test systemd-coredump: Process 694709 (cafservicemain) of user 1001 dumped core.
This issue is caused by an algorithm used by Symantec Endpoint Protection that is not compatible with FIPS mode.
This issue affects Red Hat Enterprise Linux systems running with FIPS mode enabled.
This issue affects Symantec Endpoint Protection 14.3 RU1 and newer clients.
Symantec Endpoint Protection 14.3 RU1 and newer is incompatible with Red Hat's FIPS mode must be disabled for Symantec Endpoint Protection to function.