Privileged Access Manager Server Control ( 以下、 PAMSC )のデーモンを停止して、カーネルモジュールをアンロードする際に、カーネルモジュールのアンロードに失敗する。
# secons -sk
# SEOS_load -u
# issec
CA Privileged Access Manager Server Control version 14.1 installed in /opt/CA/PAMSC
VeRsIoN: 14.10-40 (17) Compiled On:Jan 09 2022 23:34:52 Kernel: 3.10.0-229.el7.x86_64-RH71 _LINUX70-3100-229-42-RHELX86_64.X86_64 STOP 30034
CA Privileged Access Manager Server Control kernel extension is loaded.
....
CA Privileged Identity Manager 12.8 SP1
CA Privileged Access Manager Server Control 14.x
secons コマンドでデーモンを停止しても、カーネルモジュールがロードされたままの状態となっています。
主な原因は何らかのプロセス等でカーネルモジュールが使用中の状態になっていることが想定されます。
コマンド例:
# issec
CA Privileged Access Manager Server Control version 14.1 installed in /opt/CA/PAMSC
VeRsIoN: 14.10-40 (17) Compiled On:Jan 09 2022 23:34:52 Kernel: 3.10.0-229.el7.x86_64-RH71 _LINUX70-3100-229-42-RHELX86_64.X86_64 STOP 30034
CA Privileged Access Manager Server Control kernel extension is loaded.
CA Privileged Access Manager Server Control daemons are not running.
CA Privileged Access Manager Server Control security daemon is not running.
CA Privileged Access Manager Server Control watchdog daemon is not running.
CA Privileged Access Manager Server Control agent daemon is not running.
CA Privileged Access Manager Server Control serevu daemon is not running.
CA Privileged Access Manager Server Control selogrd daemon is not running.
CA Privileged Access Manager Server Control selogrcd daemon is not running.
CA Privileged Access Manager Server Control eacws daemon is not running.
CA Privileged Access Manager Server Control ReportAgent daemon is not running.
CA Privileged Access Manager Server Control AgentManager daemon is not running.
CA Privileged Access Manager Server Control policyfetcher daemon is not running.
CA Privileged Access Manager Server Control KBLAudMgr daemon is not running.
CA Privileged Access Manager Server Control auxiliary daemon is not running.
CA Privileged Access Manager Server Control uxauthd daemon is not running.
CA Privileged Access Manager Server Control sepmdd daemon is not running.
CA Privileged Access Manager Server Control sersvd daemon is not running.
# SEOS_load -u
SEOS_load: Executing un/load exit file, /opt/CA/PAMSC/exits/LOAD/SEOS_unload_int.always -pre
Ports - nothing to do ...
SEOS_load: Executing un/load exit file, /opt/CA/PAMSC/exits/LOAD/SEOS_unload_unab.always -pre
SEOS_load: Executing un/load exit file, /opt/CA/PAMSC/exits/LOAD/SEOS_unload_int.always -post
SEOS_load: Executing un/load exit file, /opt/CA/PAMSC/exits/LOAD/SEOS_unload_unab.always -post
以下の手順で使用中のプロセスを特定し、プロセスを停止させてください。
注: 1 の結果で該当のプロセスが無い、または、プロセスを終了させたにも関わらず、アンロードができない場合はマシンをリブートしてください。
なお、本KBは以下の英文 KB を翻訳し補足しました。
Article ID: 253637: Need help to unload AC from kernel