You want to know how to manually compile the Auto-Protect kernel module for Symantec Endpoint Protection for Linux (SEPFL), and any additional steps that need to be followed. You may need to do this if you have updated the operating system kernel, or if you want to capture more verbose output after auto-compile fails.
Cause of issues have been found unless the following order of operations is followed:
This article assumes you already installed the Symantec Endpoint Protection client for Linux and the AutoProtect kernel module failed to enable. This failure may be because the Linux system did not meet the prerequisites for auto-compile to build a custom AutoProtect kernel module, or the compiler returned an error and was unable to enable the AutoProtect kernel module. "Kernel release not specified" is a typical error returned by compilation if the requirements below are not met.
For more information, see Auto-compile for Symantec Endpoint Protection client for Linux.
You must install gcc and the Linux kernel source for the Linux kernel for which you want to build the AutoProtect kernel modules. The table below contains what packages to install for your distribution in addition to the gcc package.
|Distribution||Kernel package to install||Special build command|
|SUSE Linux Enterprise Server (SLES)||kernel-$flavor-devel-$version (See note)||
|Open Enterprise Server||
|Oracle Unbreakable Enterprise Kernel (UEK)||
|Ubuntu 9.10 and earlier||
|Ubuntu 10.04 and later||
In the special build command, the string
$(uname -r) represents the operating system kernel version that is currently running. When you use
$(uname -r) in the build command, the kernel modules you build will be for the kernel that is currently running. If you are trying to build for a different kernel version, you must replace
$(uname -r) with the kernel version for which you want to build. You also need to ensure that you have the kernel source installed for the version for which you are trying to build.
The packages listed in the table above will install the latest kernel source available from your repository. If you are not running the latest available kernel in your distribution, you will need to ensure that you download the same kernel source as the kernel you are running, and replace
Note: Debian does not provide a generic linux-headers package. Instead, you must download the correct architecture type by specifying it when the linux-headers are downloaded. The packages available are (as of Debian 5.0.4):
Note: Installing linux-source on Ubuntu 10.10 does not appear to install the linux-headers as well. To remedy this, you should also install the correct version of the Linux headers packages (e.g. linux-headers-generic, linux-headers-generic-pae, linux-headers-server, linux-headers-virtual).
Note: to obtain the $flavor and $version of SLES devel package to match currently running kernel, reference the output of "uname -r" command:
3.0.101-80-default # for example
using this, search package repositories (bold and underline added here for emphasis):
zypper search -s kernel-default-devel | grep 3.0.101-80
reference search output:
v | kernel-default-devel | package | 3.0.101-80.1 | x86_64 | SLES11-SP4-Updates
and install that package (note the devel package version in this example is suffixed by .1):
sudo zypper install kernel-default-devel-3.0.101-80.1
Note: RedHat Enterprise Linux 8 also requires the elfutils-libelf-devel package.
You must build the AutoProtect kernel modules with root privileges, using a terminal program.
tar -xf ap-kernelmodule.tar.gz # For .tar.bz2 extension install bzip2 (sudo yum install bzip2)
mv * /opt/Symantec/autoprotect/
/opt/Symantec/symantec_antivirus/sav info -a