Endpoint Protection

How to install Symantec Endpoint Protection 12.1.5 (RU5) on Linux operating system. 

10-13-2014 02:40 PM

#Updated: 17th Oct'14 

Hi,

This article will demonstrate how to install Symantec Endpoint Protection on Red Hat Linux machine.

 

The enterprise version of Symantec Endpoint Protection now includes the Symantec Endpoint Protection client for Linux. The Symantec Endpoint Protection client for Linux replaces the Symantec AntiVirus client for Linux and supports a greater range of distributions and kernels. Added distributions include Red Hat Enterprise Linux Server (RHEL) 6.5 and CentOS 6.5

SEP for Linux clients can now be managed by RU5 SEPM, or later. Configuration enhancements have been made to the SEPM to allow policy creation for managed Linux clients. This includes AV policy settings, centralized exceptions, and LiveUpdate settings. The SEPM also features enhanced reporting for Linux clients, including the SEP client version, host OS details, and hardware details.

 

There are certain requirements and pre-requisites to install Symantec Endpoint Protection for Linux.

1) Symantec Endpoint Protection requires a specific kernel on the system before installing Symantec AutoProtect package or otherwise you should compile your own kernel with our AutoProtect to ensure it will function properly. For a list of supported kernels please see:  

If you use a version of a Linux distribution that uses a Symantec Endpoint Protection legacy kernel and need to troubleshoot issues with it, you would need to update the Linux distribution to use a supported kernel version and then reproduce the issue.

For example, Red Hat Enterprise Linux (RHEL) 6U5 2.6.32-431.el6.* is listed as a supported kernel, but you can also use version Red Hat Enterprise Linux (RHEL) 6U5 2.6.32-431.17.1.el6.* with Symantec Endpoint Protection for Linux

Supported kernels for 12.1.5

Legacy kernels for 12.1.5

Make sure you are login with the necessary priviledge, can verify with the command 'whoami' 

Note: You must have superuser privileges to install the Symantec Endpoint Protection client on the Linux computer. 

In this example I have logged in with 'root' user.

whoami_1.jpg

 

Type command 'uname -a' to verify the kernel version details.

uname -a_0.jpg

Verify the Java version details:

Type command "java -version"

Symantec Java LiveUpdate (JLU) requires Sun Java VM (Virtual Machine ) version 1.5 or above to ensure LiveUpdate works correctly.

Unlimited Strength Java Cryptography Extension (JCE)
You must install the Unlimited Strength Java Cryptography Extension policy files to match your version of Java. This installation requires superuser privileges.
You can download the installation files under Additional Resources from the following Oracle website: http://www.oracle.com/technetwork/java/javase/downloads/index.html

• i686-based dependent packages on 64-bit computers
Many of the executable files in the Symantec Endpoint Protection client for Linux are 32-bit programs. For 64-bit computers, you must install the i686-based dependent packages before you install Symantec Endpoint Protection. If you have not already installed the i686-based dependent packages, you can install them with the following commands. 
The installation of these packages requires superuser privileges, which the following commands demonstrate with sudo. 
◦ For Red Hat-based distributions: sudo yum install glibc.i686 libgcc.i686 libX11.i686
◦ For Debian-based distributions: sudo apt-get install ia32-libs
◦ For Ubuntu-based distributions: sudo apt-get install libx11-6:i386 libgcc1:i386 libc6:i386

 

Hardware

  • Intel Pentium 4 (2 GHz) or higher processor
  • 1 GB of RAM
  • 5 GB of available hard disk space

Operating systems

  • CentOS 6U4, 6U5; 32-bit and 64-bit
  • Debian 6.0.5 Squeeze; 32-bit and 64-bit
  • Fedora 16, 17; 32-bit and 64-bit
  • Novell Open Enterprise Server (OES) 2 SP2 and 2 SP3 running
  • SUSE Linux Enterprise Server (SLES) 10 SP3; 32-bit and 64-bit
  • Novell Open Enterprise Server (OES) 11 and 11 SP1 running
  • SUSE Linux Enterprise Server (SLES) 11 SP1 and SP2; 64-bit
  • Oracle Linux 5U8, 5U9, 6U2, 6U4; 64-bit
  • Red Hat Enterprise Linux Server (RHEL) 5U7 - 5U10, 6U2 - 6U5; 32-bit and 64-bit
  • SUSE Linux Enterprise Server (SLES) 10 SP3, 10 SP4, 11 SP1 - 11 SP3; 32-bit and 64-bit
  • SUSE Linux Enterprise Desktop (SLED) 10 SP3, 10 SP4, 11 SP1 - 11 SP3; 32-bit and 64-bit
  • Ubuntu Server 11.10, 12.04, 12.04.2, 13.04; 64-bit
  • Ubuntu Desktop 11.10, 12.04, 12.04.2, 13.04; 64-bit

Graphical desktop environments

You can use the following graphical desktop environments to view the Symantec Endpoint Protection client's graphical user interface:

  • KDE
  • Gnome

Reference: System Requirements for Symantec Endpoint Protection 12.1.5

http://www.symantec.com/docs/TECH224712 

You cannot deploy the Linux client from Symantec Endpoint Protection Manager remotely. The installation steps are similar whether the client  is unmanaged or managed.  

The only way to install a managed client is with an installation package that you create in Symantec Endpoint Protection Manager. You can convert an unmanaged client to a managed client at any time by importing client-server communication settings into the Linux client.

If all the system requirements are met correctly, Export the linux package through the Symantec Endpoint Protection Manager console.

By default two pacakges are available to export.

1) RPM package for Red hat linux clients

2) Debian package for Ubuntu, Cent OS etc

Export the appropriate packages.

Screenshot 3_0.jpg

SEPM exports the package into .zip format.

Package size is around 38 MB only.

As said earlier, At this point SEPM  does not have the functionality to push the linux package remotely, it can either create a Web Link and Email & Save Package.  

Screenshot 5_0.jpg

In this article, I am saving this package locally on the System.

Screenshot 4_0.jpg

Copy the installation package that you created to the Linux computer. The package is a .zip file.

On the Linux computer, open a terminal application window.

Navigate to the installation directory with the following command:
cd /directory/

Here you can see it's under Downloads folder

Navigate to download folder_3.jpg

Extract the contents of the .zip file into a directory named 'tmp' or you can extract at other location as well.

I did extract here at the same location.

Type command "Unzip SymantecEndpointProtection.zip"

Unzip.jpg

To begin with install check the permission on install script.

Check Permission_0.jpg

By default Owner, Group & Otherw have read permission on install script. The installer is in read only. If you tried to install you will get permission denied error message like below.

access denied.jpg

Need to assign execute permission on install script

To correctly set the execute file permissions on install.sh, use the following command:
chmod u+x install.sh

verify the giver permission_0.jpg

Use the built-in script to install Symantec Endpoint Protection with the following command:
sudo ./install.sh -i

Enter your password if prompted

This script initiates the installation of the Symantec Endpoint Protection components. The default installation directory is as follows:.
/opt/Symantec/symantec_antivirus

The default work directory for LiveUpdate is as follows:
/opt/Symantec/LiveUpdate/tmp

Starting install.jpg

 

Starting install-1.jpg

The installation completes when the command prompt returns. You do not have to restart the computer to complete the installation.

Starting install-2.jpg

To verify the client installation, click or right-click the Symantec Endpoint Protection yellow shield and then click Open Symantec Endpoint Protection. The location of the yellow shield varies by Linux version. The client user interface displays information about program version, virus definitions, server connection status, and management.

last.jpg

Under Clients tab can verify linux client status

last-1.jpg

Linux settings under Virus & Spyware policies:

Linux settings-1_0.jpg

Following commands can be issued on the linux machine from the SEPM console.

Linux settings_2.jpg

 1) Scan

2) Update Content

3) Update Content & Scan

4) Enable Auto-Protect

 

Migration Paths:

Symantec Endpoint Protection adds support for Linux as of 12.1.5. You can only migrate Symantec AntiVirus for Linux 1.0.14 directly to the Symantec Endpoint Protection client for Linux 12.1.5.

You must uninstall all earlier versions of Symantec AntiVirus for Linux first.

You do not need to uninstall Symantec AntiVirus for Linux Reporter before you install the Symantec Endpoint Protection client for Linux.

 

I hope it's helpful!

 

 

 

Statistics
1 Favorited
24 Views
1 Files
0 Shares
0 Downloads
Attachment(s)
pdf file
LinuxClient_Guide_SEP12.1.5.pdf   456K   1 version
Uploaded - 02-25-2020

Tags and Keywords

Comments

12-15-2016 12:29 PM

Reboot is mandatory to complete the upgrade process. Apart from this three shouldn't be any problem, what's the upgrade path?  

12-14-2016 11:02 PM

Hi,can I know if there will be any possible issues or downtime when upgrading the SEP from older version to newer version as well as installing packages for Linux client management?

09-14-2016 11:43 AM

If installing SEP for linux for the first time create ect/Symantec.conf file manually.

09-14-2016 11:04 AM

Check the owner and group owner of the java folder? Is it root?

09-14-2016 04:17 AM

pls help me.

1.I downloaded and installed Java SE Runtime Environment 8u102 

2.Copied jre1.8.0 directory from /usr/lib/jvm/jre1.8.0 to /opt/Symantec

3. I downloaded correct JCE files from site

4. Copied - local_policy.jar and  US_export_policy.jar  to /opt/Symantec/jre1.8.0/lib/security/

5.  /ect/Symantec.conf - this file is missing... so I did not get to edit

-----------

[Symantec Shared]

BaseDir=/opt/Symantec

JAVA_HOME= /opt/Symantec/jre1.8.0/bin

 My log:

Ср. сент. 14 11:00:23 MSK 2016: Starting to install Symantec Endpoint Protection for Linux
FromProduct=
ToProduct=12.1.7004.6500
Ср. сент. 14 11:00:23 MSK 2016: Performing pre-check...
Searching /usr/java for java...
find: «/usr/java»: Нет такого файла или каталога
Searching /usr/local for java...
Searching /usr/lib for java...
/usr/lib/jvm/java-1.6.0-openjdk-amd64/jre/bin/java
/usr/lib/jvm/java-1.6.0-openjdk-amd64/jre/bin/java is not sun java, skip it.
/usr/lib/jvm/java-1.6.0-openjdk-amd64/bin/java
/usr/lib/jvm/java-1.6.0-openjdk-amd64/bin/java is not sun java, skip it.
/usr/lib/jvm/jdk1.8.0/jre/bin/java
The owner of /usr/lib/jvm/jdk1.8.0/jre/bin/java is: 10, it is not superuser.
/usr/lib/jvm/jdk1.8.0/bin/java
The owner of /usr/lib/jvm/jdk1.8.0/bin/java is: 10, it is not superuser.
/usr/lib/jvm/jre1.8.0/bin/java
The owner of /usr/lib/jvm/jre1.8.0/bin/java is: 10, it is not superuser.
/usr/lib/jvm/java-6-openjdk-amd64/jre/bin/java
/usr/lib/jvm/java-6-openjdk-amd64/jre/bin/java is not sun java, skip it.
/usr/lib/jvm/java-6-openjdk-amd64/bin/java
/usr/lib/jvm/java-6-openjdk-amd64/bin/java is not sun java, skip it.
Ср. сент. 14 11:00:23 MSK 2016: Error:<><------>Installation requires Oracle Java 1.5 or later whose owner is superuser. Please install the correct version with superuser and Java Cryptography Extension (JCE).
Unlimited Strength Jurisdiction Policy Files, and try again.


Ср. сент. 14 11:00:23 MSK 2016: Pre-check failed.

03-16-2016 04:34 PM

ok.

should i create /opt/Symantec ?

 

02-16-2016 06:14 PM

I too have found this error misleading, however as Chetan has pointed out it is most likely the version of Java installed or potentially the Java Cryptography Extension (JCE) has not been placed in the newly installed Sun Java directory.

 

The most helpful place to determine the cause of the error is to review the install log file. Perhaps review the sepfl-install.log located in the home directory of the user used to install - in my case /root. This file includes all the checks including check for java. Below is a sample from my install log file (Centos 6.7) - as you can see it cycles through all the instances of Java looking for the Sun version. The install will fail with the error you noted if it does not find the Sun version of Java...

I suspect examining this log file will provide the clue you need to successfully install the product.... Incidentally using the location of the *correct* version of java noted in the log file, you can copy of the JCE files there too...

Hope this helps...

***** Start of sepfl-install.log *****

Thu Feb  4 15:42:33 AEDT 2016: Starting to install Symantec Endpoint Protection for Linux
FromProduct=
ToProduct=12.1.6608.6300
Thu Feb  4 15:42:39 AEDT 2016: Performing pre-check...
Searching /usr/java for java...
find: `/usr/java': No such file or directory
Searching /usr/local for java...
Searching /usr/lib for java...
/usr/lib/jvm/java-openjdk/bin/java
/usr/lib/jvm/java-openjdk/bin/java is not sun java, skip it.
/usr/lib/jvm/java-openjdk/jre/bin/java
/usr/lib/jvm/java-openjdk/jre/bin/java is not sun java, skip it.
/usr/lib/jvm/jre-openjdk/bin/java
/usr/lib/jvm/jre-openjdk/bin/java is not sun java, skip it.
/usr/lib/jvm/jre-1.7.0-openjdk.x86_64/bin/java
/usr/lib/jvm/jre-1.7.0-openjdk.x86_64/bin/java is not sun java, skip it.
/usr/lib/jvm/jre-1.7.0/bin/java
/usr/lib/jvm/jre-1.7.0/bin/java is not sun java, skip it.
/usr/lib/jvm/java/bin/java
/usr/lib/jvm/java/bin/java is not sun java, skip it.
/usr/lib/jvm/java/jre/bin/java
/usr/lib/jvm/java/jre/bin/java is not sun java, skip it.
/usr/lib/jvm/jdk1.8.0_72/bin/java
found java: /usr/lib/jvm/jdk1.8.0_72/bin/java
 

02-16-2016 12:05 PM

Do not create them manually. It looks oracle java is not installed correctly. Directories lib/security should be present there.

02-12-2016 02:28 PM

Should i create this path "/usr/java//lib/security/", reason is i only have /usr/java ?

I have completed the installation of java. But still have not copied the policy files.

 

 

02-11-2016 07:59 AM

Thanks for the screenshot.

You must install the Unlimited Strength Java Cryptography Extension policy files to match your version of Java.

Install Oracle Java and replace the JCE Cryptography files for SEP to install properly. See the recommended installs below:
To get the of Oracle Java - http://www.oracle.com/technetwork/java/javase/downloads/jre8-downloads-2133155.html

To get the JCE Cryptography files for jre 8 - http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

You will need to copy the 2 JCE files (local_policy.jar & US_export_policy.jar) to "/usr/java/<java version>/lib/security/"

Replace <java version> with the correct Oracle Java you installed

This installation requires superuser privileges.

i686-based dependent packages on 64-bit computers:

Many of the executable files in the Symantec Endpoint Protection client for Linux are 32-bit programs. For 64-bit computers, you must install the i686-based dependent packages before you install Symantec Endpoint Protection. If you have not already installed the i686-based dependent packages, you can install them with the following commands.

The installation of these packages requires superuser privileges.

For Red Hat-based distributions: yum install glibc.i686 libgcc.i686 libX11.i686

Once all the pre-requisites are installed correct. You should be able install SEP for linux

Navigate to folder were you extracted the installation file file and the following commands -

1. "chmod u+x install.sh" - Set execute file permissions on install.sh

2. "./install -i"

 

02-11-2016 06:31 AM

Hello,

it seems you need Java from Oracle.

More, you need the Java Cryptography Extension (JCE). You will need to replace the downloaded files (from Oracle) to your Java installation folder.

02-10-2016 02:36 PM

Yes, attached is the screen shot

 

02-10-2016 01:45 PM

Do you get any error?

02-10-2016 01:14 PM

I tried the steps that you mentioned and still  i am not able to get this done.

I have Centos 6.5 installed.

 

Need help

 

12-02-2015 02:20 AM

Hello,

Just in case someone else comes across the error:

Installation requires Oracle Java 1.5 or later whose owner is superuser. Please install the correct version with superuser and Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files, and try again.

when installing the Linux client.

Ilano's post (upvoted) above ultimately was the fix for my issue but it wasn't clear why. I was running Centos 7 which already had OpenJDK installed, hence java -version worked, however inspecting the install.sh file indicates the Symantec client requires the Sun/Oracle version. Also reviewing the install log file created in the user home directory stated the installed version was not Suns hence was being skipped...!!!

In short you need the Sun/Oracle version of Java Runtime (OpenJDK or IBM versions of Java result in this error) then copy the JCE policy files.

My adventure wasn't over however as the Auto Protect did not compile automatically due to the recent version of the Linux kernel (Centos 7). Following this article - https://support.symantec.com/en_US/article.TECH132773.html - I was able to successfully start auto protect and now happy...

Hope this helps someone...

11-27-2015 04:05 AM

I'm new in using Linux.

On our school we use Symantec Endpoint Protection to manage the security of our clients. Because of budgetcuts we are looking to alternatives like Ubuntu to use on our computers.

I've already created an installationpacket in our Symantec Endpoint Manager.

A lot of errors are already solved but the error of java is still present. I've used this link to install java http://tecadmin.net/install-oracle-java-8-jdk-8-ubuntu-via-ppa/# but i'm getting still the error 'Installation requires Oracle Java 1.5 or later whose owner is ...

Beside that i'm getting still the warning 'X11 libraries are missing' but i've already installed this libraries.

Can anyone help me with this problems and with the installation of Symantec Endpoint Protection on my Ubuntu machines.

You can also contact me on my e-mail via ict@pibo.be.

 

 

11-05-2015 05:55 AM

Hello,

is there an article which describes how to update the linux client ?

Actually in 12.1 RU6, I wan to update to 12.1.RU6 MP3 (new release which fixes a bug annoying me).

Do I simple have to install.sh -i the new version or is there something else to do ?

Thanks

10-15-2015 02:33 PM

They will go out to Symantec LU unless you configure the SEPM as a reverse proxy to server Linux and Mac clients.

Enabling Mac and Linux clients to download LiveUpdate content using the Apache Web server as a reverse proxy

http://www.symantec.com/docs/HOWTO85034

10-15-2015 02:22 PM

For the 12.1.6 Red Hat clients, do the clients get the definition updates from the SEP Managers, or do they go out to Symantec for them?  I haven't been able to find anything conclusive on this.

10-06-2015 02:20 PM

Hello are you able to download this if you are using a free trialware version?  It says no package was found.

06-19-2015 07:33 AM

Hi Kwan,

AS per  http://www.symantec.com/docs/TECH223240

Kernel 2.6.18-164.el5 for RHEL5U4 have been moved to the legacy (unsupported) list.

 

06-19-2015 06:50 AM

Hi,

I tried the above but still got the java version error.

I made the mistake of copying and pasting the above into the config file. Taking the 'space' out of:

JAVA_HOME= /opt/Symantec/jre1.8.0_25/bin

so it looks like:

JAVA_HOME=/opt/Symantec/jre1.8.0_25/bin

meant I was able to successfully install the SEP Linux client. As mentioned in this forum, I created files and directories that did not exist ( /etc/Symantec.conf and /opt/Symantec ).

Now, getting the virus definitions updated, that is another "insert expletive here" problem altogether.

;-D

06-19-2015 06:48 AM

"This is a professional product and going through these hoops shouldn't be required"

Completely agree - absolutely ludicrous installation. I spent hours trying to get this to work, eventually succeeded (see my post above) but we shouldn't have to spend ridiculous amounts of time for what should be a simple AV client installation.

06-09-2015 12:13 AM

Hi Chetan,

With this spec, can I install SEP 12.1.5?

[root@mymsweptst02 home]# uname -a
Linux mymsweptst02.sunway.com.my 2.6.18-164.el5 #1 SMP Tue Aug 18 15:51:48 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux

[root@mymsweptst02 proc]# lsb_release -a
LSB Version:    :core-3.1-amd64:core-3.1-ia32:core-3.1-noarch:graphics-3.1-amd64:graphics-3.1-ia32:graphics-3.1-noarch
Distributor ID: RedHatEnterpriseServer
Description:    Red Hat Enterprise Linux Server release 5.4 (Tikanga)
Release:        5.4
Codename:       Tikanga

[root@mymsweptst02 etc]# java -version
java version "1.6.0_19"
Java(TM) SE Runtime Environment (build 1.6.0_19-b04)
Java HotSpot(TM) Server VM (build 16.2-b04, mixed mode)

Thanks and regards,

Kwan

 

06-05-2015 01:30 PM

As per system requirements only Intel Pentium 4 (2 GHz) or higher processor are supported. So other platfroms are not tested nor supported.

 

06-05-2015 08:07 AM

Hi Chetan, Thank you for the list of supported OS. But I am referring to hardware on which the Linux resides. I checked the links shared by you. All I could make out is that currently it is available only on hardware with Intel platform. I would like to know if anything is available on Mainframe hardware. I think it is not currently available, just want to get it confirmed from the right support team. Thank you in advance Srinivas

06-05-2015 08:00 AM

Hi Srinivas,

Supported operating systems are as per below:

Operating systems

  • CentOS 6U4, 6U5; 32-bit and 64-bit
  • Debian 6.0.5 Squeeze; 32-bit and 64-bit
  • Fedora 16, 17; 32-bit and 64-bit
  • Novell Open Enterprise Server (OES) 2 SP2 and 2 SP3 running SUSE Linux Enterprise Server (SLES) 10 SP3; 32-bit and 64-bit
  • Novell Open Enterprise Server (OES) 11 and 11 SP1 running SUSE Linux Enterprise Server (SLES) 11 SP1 and SP2; 64-bit
  • Oracle Linux 5U8, 5U9, 6U2, 6U4, 6U5; 64-bit
  • Red Hat Enterprise Linux Server (RHEL) 5U7 - 5U10, 6U2 - 6U5; 32-bit and 64-bit
  • SUSE Linux Enterprise Server (SLES) 10 SP3, 10 SP4, 11 SP1 - 11 SP3; 32-bit and 64-bit
  • SUSE Linux Enterprise Desktop (SLED) 10 SP3, 10 SP4, 11 SP1 - 11 SP3; 32-bit and 64-bit
  • Ubuntu Server 11.10, 12.04, 12.04.2, 13.04; 64-bit
  • Ubuntu Desktop 11.10, 12.04, 12.04.2, 13.04; 64-bit

For a list of supported kernels, see Supported Linux kernels for Symantec Endpoint Protection.

For more details check system requirement article, here it goes: http://www.symantec.com/docs/TECH230602

06-05-2015 07:54 AM

Hi,
Is SEP available for Linux on System Z(s390/s390x)?
Regards,
Srinivas

03-19-2015 07:24 AM

Please check "Installation of SEP For Linux on Red Hat Enterprise Linux" Video

https://www-secure.symantec.com/connect/videos/installation-sep-linux-red-hat-enterprise-linux

01-05-2015 11:01 AM

Hi all,
not sure if this is the proper place to ask. If not I'd gladly appreciate a pointer into the right direction.
I'm investigation whether and how to update from SEP 12.1.4 to 12.1.5.
Curently I'm running SEP with these RPMs:
sav-1.0.14-13.i386
savjlu-1.0.14-13.i386
in an openSUSE 13.1 (i586) environment.
Looking at SEP 12.1.5 the RPMs have changed. Inside Symantec_Endpoint_Protection_12.1.5_Linux_Client_EN.zip I eventually find these RPMs:
sep.rpm
sepap-x64.rpm
sepap.rpm
sepjlu.rpm
sepui.rpm
I don't need managed clients. I don't need GUI. All I need is scanning via the command line client.
According to the release notes an update does not seem to be required.
So I'm wondering:
- With these constraints (only cli scanning needed): Does an update bring any benefits?
- If I want/have to update: Is 12.1.5 a drop-in replacement? (I'm guessing sep.rpm and sepjlu.rpm.)
- If not, is there a comprehensive list of changes? (We have plenty of scripts parsing the output of SAVFL, for setting up configuration files, ...)
TIA, Till

12-22-2014 07:15 AM

Error:          Installation requires Oracle Java 1.5 or later whose owner is superuser. Please install the correct version with superuser and Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files, and try again.
Do this steps below and try again.
 
# install : jre-7u71-linux-x64.rpm
# cp US_export_policy /usr/java/jre1.7.0_71/lib/security
# cp local_policy /usr/java/jre1.7.0_71/lib/security
 
Regards,
Ilano

11-24-2014 09:31 PM

Hi,

I am run into same issue.

bsianew:/opt/Symantec # java -version
java version "1.8.0_25"
Java(TM) SE Runtime Environment (build 1.8.0_25-b17)
Java HotSpot(TM) 64-Bit Server VM (build 25.25-b02, mixed mode)
bsianew:/opt/Symantec #
 

for UnlimitedJCEPolicyJDK7.zip

bsianew:/opt/Symantec/jre1.8.0_25/lib/security # ls -al
total 176
drwxr-xr-x  3 root root  4096 Nov 25 02:04 .
drwxr-xr-x 15 root root  4096 Sep 17 20:45 ..
-rw-r-----  1 root root  7289 Nov 21 21:16 README.txt
-rw-r--r--  1 root root  2487 Nov 21 21:16 US_export_policy.jar
drwxrwxr-x  2 root root  4096 May 31  2011 UnlimitedJCEPolicy
-rwxr-x---  1 root root  7426 Nov 25 02:03 UnlimitedJCEPolicyJDK7.zip
-rw-r--r--  1 root root  3890 Sep 17 20:42 blacklist
-rw-r--r--  1 root root  1188 Sep 17 20:42 blacklisted.certs
-rw-r--r--  1 root root 95881 Sep 17 20:42 cacerts
-rw-r--r--  1 root root  2466 Sep 17 20:42 java.policy
-rw-r--r--  1 root root 20867 Sep 17 20:42 java.security
-rw-r--r--  1 root root    98 Sep 17 20:42 javaws.policy
-rw-r--r--  1 root root  2500 Nov 21 21:16 local_policy.jar
-rw-r--r--  1 root root     0 Sep 17 20:42 trusted.libraries
bsianew:/opt/Symantec/jre1.8.0_25/lib/security #

I created manually directory called /opt/Symantec/ before installation becuase it was not there.

bsianew:/opt/Symantec # pwd
/opt/Symantec
bsianew:/opt/Symantec # ./install.sh -i
Starting to install Symantec Endpoint Protection for Linux
Performing pre-check...
Error:          Installation requires Oracle Java 1.5 or later whose owner is superuser. Please install the correct version with superuser and Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files, and try again.
Pre-check failed.
bsianew:/opt/Symantec #

Please help.

 

11-20-2014 06:03 PM

On the 30th day they were gone.

Oddly enough, there is NO setting anywhere that is set to 30 in my SEPM.

So I guess IF I upgrade my Linux clients to 12.1.5, I will have to document that my SEPM will be innaccurate for 30 calendar days.

Thanks.

11-20-2014 02:23 PM

Chetan,

I tried to install SEP 12.5.1 on my Ubuntu Box, but got following error.

I am running  Ubuntu 14.0.4 with LAMP Configuration.

I did below tasks as per your recommendation.

1.Download and install Java SE Runtime Environment 8u25 -from http://www.oracle.com/technetwork/java/javase/downloads/jre8-downloads-2133155.html

2.Copy jre1.8.0_25 directory from /usr/java to /opt/Symantec

3. Make sure you have correct JCE files and http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

Copy - local_policy.jar and  US_export_policy.jar  to /opt/Symantec/jre1.8.0_25/lib/security/

Now, when I run install.sh -i

 

root@nagios408:/home/draj/sep-deb# ./install.sh -i
Starting to install Symantec Endpoint Protection for Linux
error: db5 error(-30969) from dbenv->open: BDB0091 DB_VERSION_MISMATCH: Database environment version mismatch
error: cannot open Packages index using db5 -  (-30969)
error: cannot open Packages database in /root/.rpmdb
error: db5 error(-30969) from dbenv->open: BDB0091 DB_VERSION_MISMATCH: Database environment version mismatch
error: cannot open Packages database in /root/.rpmdb
Performing pre-check...
Warning:        X11 libraries are missing, GUI component will not be installed!
Pre-check succeeded
error: db5 error(-30969) from dbenv->open: BDB0091 DB_VERSION_MISMATCH: Database environment version mismatch
error: cannot open Packages index using db5 -  (-30969)
error: cannot open Packages database in /root/.rpmdb
error: db5 error(-30969) from dbenv->open: BDB0091 DB_VERSION_MISMATCH: Database environment version mismatch
error: cannot open Packages database in /root/.rpmdb
Begin installing virus protection component
Selecting previously unselected package sav.
(Reading database ... 105894 files and directories currently installed.)
Preparing to unpack .../sep-deb/./Repository/sep.deb ...
Missing package files: //../install.sh, please check the package and use a valid one.
Virus protection component failed to install, with error:  /home/draj/sep-deb/./Repository/sep.deb

 

Please help.

Thanks.

Dilip


 

 

 

11-06-2014 09:41 AM

Hi, below you have a fix to get Symantec installed on Linux.  It doesn't make sense to me because there is no /opt/Symantec directory/conf file.  I can't get far enough to install it for me to copy files to that directory.  I have version 1.7 Java installed already and I copied the JCE files to the <java-home>/lib/security directory and it still complains about it.  My honest feedback here is you guys should make a better installer that takes care of a lot of these pre-req's.  This is a professional product and going through these hoops shouldn't be required.  Most applications these days are easy RPM installs. 

 

 

Hi,

Please find the below steps to do a fresh install of JRE only exclusively for symantec.

1.Download and install Java SE Runtime Environment 8u25 -from http://www.oracle.com/technetwork/java/javase/downloads/jre8-downloads-2133155.html

2.Copy jre1.8.0_25 directory from /usr/java to /opt/Symantec

3. Make sure you have correct JCE files and http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

Copy - local_policy.jar and  US_export_policy.jar  to /opt/Symantec/jre1.8.0_25/lib/security/

4.edit /ect/Symantec.conf

-----------

[Symantec Shared]

BaseDir=/opt/Symantec

JAVA_HOME= /opt/Symantec/jre1.8.0_25/bin

-----------

5.run install.sh -i

11-05-2014 07:28 AM

Legacy version logs resides there.

10-27-2014 06:21 PM

Chetan,

No files in that location. What usually resides there?

Thanks

10-27-2014 02:22 PM

Hi,

Also do you see any file present at this location: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\data\inbox\log\tex\legacy

10-27-2014 02:11 PM

Yes, Add/remove repair tool.

10-27-2014 02:06 PM

Afternoon...

Yes, it is set to Truncate the Logs every 2 hours and Rebuild Daily @ 2AM. I think default is 4 hours and every Wednesday @ 3AM.

I do not know what you mean by 'repair the SEPM'. Windows Add/Remove repair tool or something else?

Is there no manual db edit tool available?

I can't believe I am the only one seeing this issue, I can duplicate this behavior on our test rack over and over with the same results.

I install SEPM on a test server, install the old SAVFL on a test box, upgrade it to the new 12.1.5 Linux SEP client and both instances of the machine are listed in the SEPM and will not 'falll out' no matter what I set the settings to.

Thanks.

10-27-2014 01:26 PM

Database maintenance tasks are running?

Admin --> Server --> Localhost --> Edit database properties --> General --> Truncate the database transaction logs and Rebuild indexes 

Also could you repair the SEPM? 

10-27-2014 12:55 PM

Yes, that box is checked. That is needed for the existing SAVFL clients to talk back to the SEPM I believe.

I need the existing SAVFL clients to be able to talk to the SEPM while we proceed in upgrading the SAVFL clients to the new 12.1.5 Linux SEP client. I will not be able to upgrade all SAVFL in one swoop and need the SAVFL clients to talk to the SEPM while the upgrade is ongoing to meet compliance. So turning that off in the SEPM is not an option at this time.

Unless I can figure out how to remove the old enteries from the DB, it is looking like I may have to run a second SEPM in parallel and move clients to it as upgraded. But this solution will will require many hoops to jump thru and much paperwork ... management isn't gonna like that.

Thanks

10-27-2014 08:03 AM

Hi,

Thanks for the update.

Go to the SEPM Home tab --> Preferences --> Logs & Reports-->  Legacy Report --> Upload Symantec Antivirus Version 10.x log files.

Check-box is selected?

10-24-2014 03:47 PM

Chetan,

Thanks for the document link, unfortunately I have already followed much of that with no avail.

I have most all the settings at 100 entries and 2 days. And I have ran the https sweep command listed in the document multiple times with a success message afterwards. Even after restarting services and full reboots, the old db enteries still show up. I even deleted all the files in the /temp folder the document refers to.

Going to let it run over the weekend and see if the server elves can fix it for me.

Thanks

10-24-2014 06:56 AM

Hi,

Thanks for the screenshot.

This logs are stored in the database as per the SEPM settings.SEPM --> Admin --> Servers --> localhost --> Edit database properties --> Log settings --> Management Server log settings

Default settings are 10000 entries for 60 days.

You can change here or sweep out log data manually.

Check this article:

Managing log data in the Symantec Endpoint Protection Manager (SEPM)

http://www.symantec.com/docs/TECH90856 

10-23-2014 09:52 AM

Thanks for the follow up.

Trust me, I have been watching this closely because if I can not clear them up I can not take the chance of an auditor coming in and grilling me on why I have 'ghost' or false clients (information) in my console.

And by the way they are still there. I managed to sanitize a screen shot enough to post here.

  • Machine A old SAVFL client is still listed, it contacted last on 10/17/2014. <- Bad
  • Machine A new 12.1.5 client contacted 10/23 - this morning. <- Good
  • Machine B old SAVFL client is still listed, it contacted last on 10/20/2014. <- Bad
  • Machine B new 12.1.5 client contacted 10/23 - this morning.<- Good

SEPM is set to remove clients after 1 day and they are still showing.

If I had this in production and an auditor questioned this it would cause me a ton of headaches and paperwork.

So at this time, if I can not clear those out when I upgrade to the new 12.1.5 client, I will have to blow away the old SEPM database and start a new one and this is going to cause a whole new headache of paperwork and tracking of the old database.

Thanks for your attention to this.

 

10-23-2014 12:24 AM

Keep it under observation because database maintenance cycle should take care of it.

10-20-2014 03:01 PM

I guess I will have to plead ignorant and ask how to remove SAVFL entries from SEPM.

 

Screenshots would make this easier, but I can't post them because of the nature of my system.

Anyway....

If I goto Home>Clients and drill down to the correct group I can see the new Linux 12.1.5 client machine. This is all good.

If I goto Home>Monitors>Logs>View Log It will list both versions of the same machine - The new 12.1.5 version and the old SAVFL version.

In the Admin>Domains>Edit Props>General Tab I have checked the box for "Delete clients that have not connected ....." and have it set for 1 days.

On the Home>End Point Status pie chart ... both versions of the client are counted there.

I guess basically, how do I delete the old SAVFL client from the database.

 

Thanks!

10-20-2014 01:28 PM

If you removed manually does it come again?

10-20-2014 12:56 PM

Thanks! Great works fine for me.

But, I now have the old SAVFL and the new 12.1.5 Linux client listed twice in my SEPM.

Ideas on how to get rid of the old one? I set it to forget clients after 1 day and it is still there.

10-20-2014 09:27 AM

No, Restart is not mandatory.

 

10-20-2014 03:14 AM

thank for the guide

Just small question does linux package required restart after SEP 12.1.5 installaion ?

 

10-17-2014 10:38 AM

Hi,

Please find the below steps to do a fresh install of JRE only exclusively for symantec.

1.Download and install Java SE Runtime Environment 8u25 -from http://www.oracle.com/technetwork/java/javase/downloads/jre8-downloads-2133155.html

2.Copy jre1.8.0_25 directory from /usr/java to /opt/Symantec

3. Make sure you have correct JCE files and http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

Copy - local_policy.jar and  US_export_policy.jar  to /opt/Symantec/jre1.8.0_25/lib/security/

4.edit /ect/Symantec.conf

-----------

[Symantec Shared]

BaseDir=/opt/Symantec

JAVA_HOME= /opt/Symantec/jre1.8.0_25/bin

-----------

5.run install.sh -i

10-17-2014 07:15 AM

Hi,

Could you attach Sepfl-Install.log, file should be present under root's home.

 

10-17-2014 03:19 AM

Thanks Chetan.

I having a problem once i perform sudo ./install.sh -i. I cant continue the next step due to java version. I confirmed that i installed the correct one. i attached a screenshot for your review.

Need your advise.

 

Thanks.

10-15-2014 02:11 AM

Really a great help. Thanks Chetan.

10-15-2014 02:07 AM

Thank you. Well done.

 

Related Entries and Links

No Related Resource entered.