SEP for Linux has just been freshly installed or upgraded from a release older than 14.3 RU1

After the installation completes, the CAF service hangs for a while then crashes without starting successfully 

SEP for Linux 14.3 RU1 and newer

missing sticky bit for /dev/shm

Ensure that /dev/shm, /tmp and /var/tmp have sticky bit with all read/write/exec assigned (1777 bit)

• /dev/shm : to use the shared memory IPC between the agent processes with system default permissions on the folder 1777.
  The sticky bit (t) ensures that only the owner of a file or the root user can delete or rename files within that directory, even if others have write access. This is important for shared memory segments to prevent tampering by other users.
  
  /dev/shm: is a temporary filesystem (tmpfs) used for shared memory and backed by RAM.

          The following artifacts are owned by the SEP for Linux agent:

           -rw-------. 1 root   sisips 4096 May  4 07:39 sem.amd_ids_shm 
           -rw-rw----. 1 root   root     32 May  4 07:38 sem._opt_Symantec_sdcssagent_EVTD_system_
           -rw-rw----. 1 sisips sisips   32 May  4 07:39 sem._opt_Symantec_sdcssagent_IPS_rpc_
           -rwx------. 1 root   root     32 May  4 07:39 sem.sef_loaded_post_boot
           

• /tmp : Same permission 1777 is applicable for /tmp too.
  NOTE : These are default permissions for both pusedo fs directories on Linux distributions

• Following char device node files to be configured by SEP Linux installation under /dev directory.
   

         crw-rw----. 1 root root 238, 0 May 20 22:12 /dev/sisap0
         crw-rw----. 1 root root 239, 0 May 20 22:12 /dev/sisevt0
 
 

• /var/log/btmp and /var/log/wtmp: system log files with at least 640 for root and utmp user have permission to access it.