Cafagent not running. Failed to start Symantec Agent for Linux CAF daemon.
search cancel

Cafagent not running. Failed to start Symantec Agent for Linux CAF daemon.

book

Article ID: 279065

calendar_today

Updated On:

Products

Endpoint Protection Endpoint Security

Issue/Introduction

Symantec Endpoint Protection (SEP) for Linux cafagent service is not running. Failed to start Symantec Agent for Linux CAF daemon.

Daemon status:

  cafagent             not running
  sisamdagent       running
  sisidsagent         running
  sisipsagent         running

Module status:

  sisevt               loaded
  sisap                loaded

 

// /var/log/massages

Jan 24 09:57:11  systemd: Starting Symantec Agent for Linux CAF daemon...
Jan 24 09:57:11  systemd: Started Symantec Agent for Linux IDS daemon.
Jan 24 09:57:11  systemd: Cannot add dependency job for unit ypbind.service, ignoring: Unit not found.
Jan 24 09:57:11  systemd: Cannot add dependency job for unit sssd.service, ignoring: Unit not found. Jan 24 09:57:11 systemd: Starting Symantec Agent for Linux IPS daemon...
Jan 24 09:57:12  systemd: Started Symantec Agent for Linux CAF daemon.

// journalctl-cafagent.txt

Jan 24 09:57:11 systemd[1]: cafdaemon.service: main process exited, code=exited, status=70/n/a
Jan 24 09:57:11 systemd[1]: Failed to start Symantec Agent for Linux CAF daemon.
Jan 24 09:57:11 systemd[1]: Unit cafdaemon.service entered failed state.
Jan 24 09:57:11 systemd[1]: cafdaemon.service failed.
Jan 24 09:57:11 systemd[1]: cafdaemon.service holdoff time over, scheduling restart.
Jan 24 09:57:11 systemd[1]: Stopped Symantec Agent for Linux CAF daemon.
Jan 24 09:57:11 systemd[1]: Starting Symantec Agent for Linux CAF daemon...
Jan 24 09:57:12 systemd[1]: Started Symantec Agent for Linux CAF daemon.

 

Environment

  • Symantec Endpoint Protection 14.3 RU1 and later linux agent.
  • Symantec Endpoint Security 14.3 RU1 and later linux agent.

Cause

Dmidecode was missing.

Resolution

To resolve this issue, the missing dependency needs to be installed.

  1. Uninstall the SEP agent.
  2. Install dmidecode
    • e.g. sudo yum install dmidecode
  3. Re-install the SEP agent.

Note: rpm -qa | grep dmidecode: Is used to check whether dmidecode is installed or not.

Powered by Wolken Software