シマンテックのサイトを見ていたらLinux版SEPのサポートカーネルに
Amazon Linux
4.4.8-20.46.amzn1.x86_64
4.4.11-23.53.amzn1.x86_64
が追加されていた。
現行最新版の14.0MP2のプレコンパイルモジュールにamzn1は無いので次の14.0 RU1からのサポートなのかも? と思いつつもとりあえず手元の14.0MP2が動作するか試してみた。
<環境>
Amazon Linux 2016.09リリース(Kernel-4.4.23-31.54.amzn1.x86_64)
動作中のカーネルバージョン確認
$ uname -a Linux ip-172-31-8-203 4.4.23-31.54.amzn1.x86_64 #1 SMP Tue Oct 18 22:02:09 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux $
Amazon Linuxのリリースバージョン確認
$ cat /etc/system-release Amazon Linux AMI release 2016.09 $
<SEP14.0 MP2のインストール>
SEPマネージャからエクスポートしたインストーラを展開してインストールスクリプト実行
# sh ./install.sh -i Starting to install Symantec Endpoint Protection for Linux Performing pre-check... Error: Installation requires 32bits glibc library. Please install it and try again. Warning: X11 libraries are missing, GUI component will not be installed! Pre-check failed. #
32bit版 glibcが無いと怒られる。まあ、これは予想通り。
32bit版glibcをインストール
# yum install glibc.i686 Loaded plugins: priorities, update-motd, upgrade-helper amzn-main/latest | 2.1 kB 00:00 amzn-updates/latest | 2.5 kB 00:00 Resolving Dependencies --> Running transaction check ---> Package glibc.i686 0:2.17-196.172.amzn1 will be installed --> Processing Dependency: nss-softokn-freebl(x86-32) >= 3.16.2.3 for package: glibc-2.17-196.172.amzn1.i686 --> Processing Dependency: libgcc(x86-32) for package: glibc-2.17-196.172.amzn1.i686 --> Processing Dependency: libfreebl3.so(NSSRAWHASH_3.12.3) for package: glibc-2.17-196.172.amzn1.i686 --> Processing Dependency: libfreebl3.so for package: glibc-2.17-196.172.amzn1.i686 --> Running transaction check ---> Package libgcc48.x86_64 0:4.8.3-9.111.amzn1 will be updated ---> Package libgcc48.i686 0:4.8.5-11.135.amzn1 will be installed ---> Package libgcc48.x86_64 0:4.8.5-11.135.amzn1 will be an update ---> Package nss-softokn-freebl.i686 0:3.28.3-8.41.amzn1 will be installed --> Finished Dependency Resolution Dependencies Resolved =========================================================================================================================================================================================== Package Arch Version Repository Size =========================================================================================================================================================================================== Installing: glibc i686 2.17-196.172.amzn1 amzn-main 6.2 M Installing for dependencies: libgcc48 i686 4.8.5-11.135.amzn1 amzn-main 155 k nss-softokn-freebl i686 3.28.3-8.41.amzn1 amzn-updates 211 k Updating for dependencies: libgcc48 x86_64 4.8.5-11.135.amzn1 amzn-main 150 k Transaction Summary =========================================================================================================================================================================================== Install 1 Package (+2 Dependent packages) Upgrade ( 1 Dependent package) Total download size: 6.7 M Is this ok [y/d/N]: y Downloading packages: (1/4): glibc-2.17-196.172.amzn1.i686.rpm | 6.2 MB 00:00 (2/4): libgcc48-4.8.5-11.135.amzn1.i686.rpm | 155 kB 00:00 (3/4): libgcc48-4.8.5-11.135.amzn1.x86_64.rpm | 150 kB 00:00 (4/4): nss-softokn-freebl-3.28.3-8.41.amzn1.i686.rpm | 211 kB 00:00 ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 33 MB/s | 6.7 MB 00:00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : libgcc48-4.8.5-11.135.amzn1.i686 1/5 Installing : nss-softokn-freebl-3.28.3-8.41.amzn1.i686 2/5 Installing : glibc-2.17-196.172.amzn1.i686 3/5 Updating : libgcc48-4.8.5-11.135.amzn1.x86_64 4/5 Cleanup : libgcc48-4.8.3-9.111.amzn1.x86_64 5/5 Verifying : glibc-2.17-196.172.amzn1.i686 1/5 Verifying : libgcc48-4.8.5-11.135.amzn1.i686 2/5 Verifying : libgcc48-4.8.5-11.135.amzn1.x86_64 3/5 Verifying : nss-softokn-freebl-3.28.3-8.41.amzn1.i686 4/5 Verifying : libgcc48-4.8.3-9.111.amzn1.x86_64 5/5 Installed: glibc.i686 0:2.17-196.172.amzn1 Dependency Installed: libgcc48.i686 0:4.8.5-11.135.amzn1 nss-softokn-freebl.i686 0:3.28.3-8.41.amzn1 Dependency Updated: libgcc48.x86_64 0:4.8.5-11.135.amzn1 Complete! #
32bit版libgccも一緒にインストールされるもよう。
一応確認
# rpm -qa | grep glibc glibc-2.17-196.172.amzn1.x86_64 glibc-common-2.17-196.172.amzn1.x86_64 glibc-2.17-196.172.amzn1.i686 #
もう一回SEPインストール実施
# sh ./install.sh -i Starting to install Symantec Endpoint Protection for Linux Performing pre-check... Warning: X11 libraries are missing, GUI component will not be installed! Pre-check succeeded Begin installing virus protection component Preparing... ################################# [100%] Performing pre-check... Pre-check is successful Updating / installing... 1:sav-14.0.2415-0200 ################################# [100%] Virus protection component installed successfully Begin installing Auto-Protect component Preparing... ################################# [100%] Performing pre-check... Pre-check is successful Updating / installing... 1:savap-x64-14.0.2415-0200 ################################# [100%] Auto-Protect component installed successfully Begin installing GUI component GUI component failed to install, with error: libX11.so.6 is needed by savui-14.0.2415-0200.i386 *savuiがエラーになるのはGUI環境じゃないのでlibX11ライブラリもインストールされてないので当然。 コレは無視してオッケー。 Pre-compiled Auto-Protect kernel modules are not loaded yet, need compile them from source code Build Auto-Protect kernel modules from source code failed with error: 1 *amzn1のプレコンパイルモジュールが無いのも判ってた。 カーネルモジュールコンパイル環境インストールしてないのでエラーになる。 Running LiveUpdate to get the latest defintions... Update was successful Installation completed ============================================================= Daemon status: symcfgd [running] rtvscand [running] smcd [running] ============================================================= Error: No drivers are loaded into kernel. *モジュール無いのでロードできない。 ============================================================= Auto-Protect starting Protection status: Definition: 10/12/2017 rev. 21 AP: Malfunctioning ============================================================= The log files for installation of Symantec Endpoint Protection for Linux are under ~/: sepfl-install.log sep-install.log sepap-install.log sepui-install.log sepfl-kbuild.log #
# /opt/Symantec/symantec_antivirus/sav info -d 10/12/2017 rev. 21 # # /opt/Symantec/symantec_antivirus/sav info -a Malfunctioning #
結果としてLiveupdateは動作してウイルス定義ファイルの取得はできるけどauto-protectは動作しない。ここまでは予想通りの挙動。
ここからが本番で、カーネルモジュールがコンパイルできる環境を構築していくんだけど、これが意外と面倒臭かった。
まず、手っ取り早く「Development Tools」でコンパイル環境をつくろうとしたら、カーネルのバージョンと異なるkernel-devel, kernel-headersがインストールされることが判明。最初気が付かずに作業を進めて環境を作り直すことになったわ。
# yum groupinstall "Development Tools" *****中略***** kernel-devel x86_64 4.9.51-10.52.amzn1 kernel-headers x86_64 4.9.51-10.52.amzn1
# uname -a Linux ip-172-31-8-203 4.4.23-31.54.amzn1.x86_64 #1 SMP Tue Oct 18 22:02:09 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux #
起動中のカーネル4.4.23-31.54なのに4.9.51-10.52(最新)を入れようとしてくる。仕方ないのでバージョンを指定してインストールしようとすると
# yum install kernel-devel-4.4.23-31.54.amzn1.x86_64 kernel-headers-4.4.23-31.54.amzn1.x86_64 Loaded plugins: priorities, update-motd, upgrade-helper No package kernel-devel-4.4.23-31.54.amzn1.x86_64 available. No package kernel-headers-4.4.23-31.54.amzn1.x86_64 available. Error: Nothing to do #
そんなバージョン無いといわれる。どゆこと?
どうもyumのリポジトリが最新を見てると4.4が見えてないくさいので、手動で対応
動作中のリリースバージョン確認
# vi /etc/yum.conf releasever=latest <---これを releasever=2016.09 <--これに変更
yumのキャッシュを削除
# yum clean all Loaded plugins: priorities, update-motd, upgrade-helper Cleaning repos: amzn-main amzn-updates Cleaning up everything #
で、もう一回バージョン指定してkernel-develとkernel-headersをインストール
# yum install kernel-devel-4.4.23-31.54.amzn1.x86_64 kernel-headers-4.4.23-31.54.amzn1.x86_64 Loaded plugins: priorities, update-motd, upgrade-helper amzn-main/2016.09 | 2.1 kB 00:00 amzn-main/2016.09/group | 35 kB 00:00 amzn-main/2016.09/primary_db | 3.5 MB 00:00 amzn-updates/2016.09 | 2.3 kB 00:00 amzn-updates/2016.09/group | 35 kB 00:00 amzn-updates/2016.09/updateinfo | 376 kB 00:00 amzn-updates/2016.09/primary_db | 759 kB 00:00 Resolving Dependencies --> Running transaction check ---> Package kernel-devel.x86_64 0:4.4.23-31.54.amzn1 will be installed --> Processing Dependency: /usr/sbin/hardlink for package: kernel-devel-4.4.23-31.54.amzn1.x86_64 ---> Package kernel-headers.x86_64 0:4.4.23-31.54.amzn1 will be installed --> Running transaction check ---> Package hardlink.x86_64 1:1.0-10.4.amzn1 will be installed --> Finished Dependency Resolution Dependencies Resolved =========================================================================================================================================================================================== Package Arch Version Repository Size =========================================================================================================================================================================================== Installing: kernel-devel x86_64 4.4.23-31.54.amzn1 amzn-updates 10 M kernel-headers x86_64 4.4.23-31.54.amzn1 amzn-updates 1.0 M Installing for dependencies: hardlink x86_64 1:1.0-10.4.amzn1 amzn-main 9.6 k Transaction Summary =========================================================================================================================================================================================== Install 2 Packages (+1 Dependent package) Total download size: 11 M Installed size: 40 M Is this ok [y/d/N]: y Downloading packages: (1/3): hardlink-1.0-10.4.amzn1.x86_64.rpm | 9.6 kB 00:00 (2/3): kernel-devel-4.4.23-31.54.amzn1.x86_64.rpm | 10 MB 00:00 (3/3): kernel-headers-4.4.23-31.54.amzn1.x86_64.rpm | 1.0 MB 00:00 ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 34 MB/s | 11 MB 00:00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Warning: RPMDB altered outside of yum. Installing : 1:hardlink-1.0-10.4.amzn1.x86_64 1/3 Installing : kernel-devel-4.4.23-31.54.amzn1.x86_64 2/3 Installing : kernel-headers-4.4.23-31.54.amzn1.x86_64 3/3 Verifying : 1:hardlink-1.0-10.4.amzn1.x86_64 1/3 Verifying : kernel-headers-4.4.23-31.54.amzn1.x86_64 2/3 Verifying : kernel-devel-4.4.23-31.54.amzn1.x86_64 3/3 Installed: kernel-devel.x86_64 0:4.4.23-31.54.amzn1 kernel-headers.x86_64 0:4.4.23-31.54.amzn1 Dependency Installed: hardlink.x86_64 1:1.0-10.4.amzn1 Complete! #
今度はちゃんと見つけてきてインストールされた。
とりあえず確認。
# rpm -qa | grep kernel kernel-tools-4.9.51-10.52.amzn1.x86_64 kernel-headers-4.4.23-31.54.amzn1.x86_64 kernel-4.4.23-31.54.amzn1.x86_64 kernel-devel-4.4.23-31.54.amzn1.x86_64 #
カーネルモジュールのコンパイルにgccも必要なのでgccをインストールしようとすると
# yum install gcc
Loaded plugins: priorities, update-motd, upgrade-helper
Resolving Dependencies
--> Running transaction check
---> Package gcc.noarch 0:4.8.3-3.20.amzn1 will be installed
--> Processing Dependency: gcc48 = 4.8.3 for package: gcc-4.8.3-3.20.amzn1.noarch
--> Running transaction check
---> Package gcc48.x86_64 0:4.8.3-9.111.amzn1 will be installed
--> Processing Dependency: libgcc48(x86-64) = 4.8.3 for package: gcc48-4.8.3-9.111.amzn1.x86_64
--> Processing Dependency: cpp48(x86-64) = 4.8.3-9.111.amzn1 for package: gcc48-4.8.3-9.111.amzn1.x86_64
--> Processing Dependency: libgomp(x86-64) >= 4.8.3-9.111.amzn1 for package: gcc48-4.8.3-9.111.amzn1.x86_64
--> Processing Dependency: glibc-devel(x86-64) >= 2.2.90-12 for package: gcc48-4.8.3-9.111.amzn1.x86_64
--> Processing Dependency: libmpc.so.3()(64bit) for package: gcc48-4.8.3-9.111.amzn1.x86_64
--> Processing Dependency: libgomp.so.1()(64bit) for package: gcc48-4.8.3-9.111.amzn1.x86_64
--> Processing Dependency: libmpfr.so.4()(64bit) for package: gcc48-4.8.3-9.111.amzn1.x86_64
--> Running transaction check
---> Package cpp48.x86_64 0:4.8.3-9.111.amzn1 will be installed
---> Package gcc48.x86_64 0:4.8.3-9.111.amzn1 will be installed
--> Processing Dependency: libgcc48(x86-64) = 4.8.3 for package: gcc48-4.8.3-9.111.amzn1.x86_64
---> Package glibc-devel.x86_64 0:2.17-157.169.amzn1 will be installed
--> Processing Dependency: glibc(x86-64) = 2.17-157.169.amzn1 for package: glibc-devel-2.17-157.169.amzn1.x86_64
--> Processing Dependency: glibc-headers = 2.17-157.169.amzn1 for package: glibc-devel-2.17-157.169.amzn1.x86_64
--> Processing Dependency: glibc-headers for package: glibc-devel-2.17-157.169.amzn1.x86_64
---> Package libgomp.x86_64 0:4.8.3-9.111.amzn1 will be installed
---> Package libmpc.x86_64 0:1.0.1-3.3.amzn1 will be installed
---> Package mpfr.x86_64 0:3.1.1-4.14.amzn1 will be installed
--> Running transaction check
---> Package gcc48.x86_64 0:4.8.3-9.111.amzn1 will be installed
--> Processing Dependency: libgcc48(x86-64) = 4.8.3 for package: gcc48-4.8.3-9.111.amzn1.x86_64
---> Package glibc-devel.x86_64 0:2.17-157.169.amzn1 will be installed
--> Processing Dependency: glibc(x86-64) = 2.17-157.169.amzn1 for package: glibc-devel-2.17-157.169.amzn1.x86_64
---> Package glibc-headers.x86_64 0:2.17-157.169.amzn1 will be installed
--> Processing Dependency: glibc(x86-64) = 2.17-157.169.amzn1 for package: glibc-headers-2.17-157.169.amzn1.x86_64
--> Finished Dependency Resolution
Error: Package: gcc48-4.8.3-9.111.amzn1.x86_64 (amzn-main)
Requires: libgcc48(x86-64) = 4.8.3
Installed: libgcc48-4.8.5-11.135.amzn1.x86_64 (@amzn-main/latest)
libgcc48(x86-64) = 4.8.5-11.135.amzn1
Available: libgcc48-4.8.3-9.111.amzn1.x86_64 (amzn-main)
libgcc48(x86-64) = 4.8.3-9.111.amzn1
Error: Package: glibc-headers-2.17-157.169.amzn1.x86_64 (amzn-updates)
Requires: glibc(x86-64) = 2.17-157.169.amzn1
Installed: glibc-2.17-196.172.amzn1.x86_64 (@amzn-main/latest)
glibc(x86-64) = 2.17-196.172.amzn1
Available: glibc-2.17-106.168.amzn1.x86_64 (amzn-main)
glibc(x86-64) = 2.17-106.168.amzn1
Available: glibc-2.17-157.169.amzn1.x86_64 (amzn-updates)
glibc(x86-64) = 2.17-157.169.amzn1
Error: Package: glibc-devel-2.17-157.169.amzn1.x86_64 (amzn-updates)
Requires: glibc(x86-64) = 2.17-157.169.amzn1
Installed: glibc-2.17-196.172.amzn1.x86_64 (@amzn-main/latest)
glibc(x86-64) = 2.17-196.172.amzn1
Available: glibc-2.17-106.168.amzn1.x86_64 (amzn-main)
glibc(x86-64) = 2.17-106.168.amzn1
Available: glibc-2.17-157.169.amzn1.x86_64 (amzn-updates)
glibc(x86-64) = 2.17-157.169.amzn1
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest
#
libgccと合わない(古い)のでインストールできないと怒られる。仕方ないのでリポジトリを元に戻す。(gccバージョン指定でもオッケーだったかも)
# vi /etc/yum.conf releasever=2016.09 <---これを releasever=latest <--これに変更
yumのキャッシュをクリア
# yum clean all Loaded plugins: priorities, update-motd, upgrade-helper Cleaning repos: amzn-main amzn-updates Cleaning up everything #
改めてgccをインストール
# yum install gcc Loaded plugins: priorities, update-motd, upgrade-helper amzn-main/latest | 2.1 kB 00:00 amzn-main/latest/group_gz | 4.4 kB 00:00 amzn-main/latest/primary_db | 3.8 MB 00:00 amzn-updates/latest | 2.5 kB 00:00 amzn-updates/latest/group_gz | 4.4 kB 00:00 amzn-updates/latest/updateinfo | 426 kB 00:00 amzn-updates/latest/primary_db | 185 kB 00:00 Resolving Dependencies --> Running transaction check ---> Package gcc.noarch 0:4.8.5-1.22.amzn1 will be installed --> Processing Dependency: gcc48 >= 4.8.5 for package: gcc-4.8.5-1.22.amzn1.noarch --> Running transaction check ---> Package gcc48.x86_64 0:4.8.5-11.135.amzn1 will be installed --> Processing Dependency: cpp48(x86-64) = 4.8.5-11.135.amzn1 for package: gcc48-4.8.5-11.135.amzn1.x86_64 --> Processing Dependency: libgomp(x86-64) >= 4.8.5-11.135.amzn1 for package: gcc48-4.8.5-11.135.amzn1.x86_64 --> Processing Dependency: glibc-devel(x86-64) >= 2.2.90-12 for package: gcc48-4.8.5-11.135.amzn1.x86_64 --> Processing Dependency: libmpfr.so.4()(64bit) for package: gcc48-4.8.5-11.135.amzn1.x86_64 --> Processing Dependency: libmpc.so.3()(64bit) for package: gcc48-4.8.5-11.135.amzn1.x86_64 --> Processing Dependency: libgomp.so.1()(64bit) for package: gcc48-4.8.5-11.135.amzn1.x86_64 --> Running transaction check ---> Package cpp48.x86_64 0:4.8.5-11.135.amzn1 will be installed ---> Package glibc-devel.x86_64 0:2.17-196.172.amzn1 will be installed --> Processing Dependency: glibc-headers = 2.17-196.172.amzn1 for package: glibc-devel-2.17-196.172.amzn1.x86_64 --> Processing Dependency: glibc-headers for package: glibc-devel-2.17-196.172.amzn1.x86_64 ---> Package libgomp.x86_64 0:6.4.1-1.45.amzn1 will be installed ---> Package libmpc.x86_64 0:1.0.1-3.3.amzn1 will be installed ---> Package mpfr.x86_64 0:3.1.1-4.14.amzn1 will be installed --> Running transaction check ---> Package glibc-headers.x86_64 0:2.17-196.172.amzn1 will be installed --> Finished Dependency Resolution Dependencies Resolved =========================================================================================================================================================================================== Package Arch Version Repository Size =========================================================================================================================================================================================== Installing: gcc noarch 4.8.5-1.22.amzn1 amzn-main 4.1 k Installing for dependencies: cpp48 x86_64 4.8.5-11.135.amzn1 amzn-main 6.7 M gcc48 x86_64 4.8.5-11.135.amzn1 amzn-main 18 M glibc-devel x86_64 2.17-196.172.amzn1 amzn-main 1.1 M glibc-headers x86_64 2.17-196.172.amzn1 amzn-main 751 k libgomp x86_64 6.4.1-1.45.amzn1 amzn-main 204 k libmpc x86_64 1.0.1-3.3.amzn1 amzn-main 53 k mpfr x86_64 3.1.1-4.14.amzn1 amzn-main 237 k Transaction Summary =========================================================================================================================================================================================== Install 1 Package (+7 Dependent packages) Total download size: 27 M Installed size: 50 M Is this ok [y/d/N]: y Downloading packages: (1/8): cpp48-4.8.5-11.135.amzn1.x86_64.rpm | 6.7 MB 00:00 (2/8): gcc-4.8.5-1.22.amzn1.noarch.rpm | 4.1 kB 00:00 (3/8): gcc48-4.8.5-11.135.amzn1.x86_64.rpm | 18 MB 00:00 (4/8): glibc-devel-2.17-196.172.amzn1.x86_64.rpm | 1.1 MB 00:00 (5/8): glibc-headers-2.17-196.172.amzn1.x86_64.rpm | 751 kB 00:00 (6/8): libgomp-6.4.1-1.45.amzn1.x86_64.rpm | 204 kB 00:00 (7/8): libmpc-1.0.1-3.3.amzn1.x86_64.rpm | 53 kB 00:00 (8/8): mpfr-3.1.1-4.14.amzn1.x86_64.rpm | 237 kB 00:00 ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 15 MB/s | 27 MB 00:00:01 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : mpfr-3.1.1-4.14.amzn1.x86_64 1/8 Installing : libmpc-1.0.1-3.3.amzn1.x86_64 2/8 Installing : cpp48-4.8.5-11.135.amzn1.x86_64 3/8 Installing : libgomp-6.4.1-1.45.amzn1.x86_64 4/8 Installing : glibc-headers-2.17-196.172.amzn1.x86_64 5/8 Installing : glibc-devel-2.17-196.172.amzn1.x86_64 6/8 Installing : gcc48-4.8.5-11.135.amzn1.x86_64 7/8 Installing : gcc-4.8.5-1.22.amzn1.noarch 8/8 Verifying : gcc-4.8.5-1.22.amzn1.noarch 1/8 Verifying : glibc-headers-2.17-196.172.amzn1.x86_64 2/8 Verifying : glibc-devel-2.17-196.172.amzn1.x86_64 3/8 Verifying : cpp48-4.8.5-11.135.amzn1.x86_64 4/8 Verifying : libmpc-1.0.1-3.3.amzn1.x86_64 5/8 Verifying : mpfr-3.1.1-4.14.amzn1.x86_64 6/8 Verifying : gcc48-4.8.5-11.135.amzn1.x86_64 7/8 Verifying : libgomp-6.4.1-1.45.amzn1.x86_64 8/8 Installed: gcc.noarch 0:4.8.5-1.22.amzn1 Dependency Installed: cpp48.x86_64 0:4.8.5-11.135.amzn1 gcc48.x86_64 0:4.8.5-11.135.amzn1 glibc-devel.x86_64 0:2.17-196.172.amzn1 glibc-headers.x86_64 0:2.17-196.172.amzn1 libgomp.x86_64 0:6.4.1-1.45.amzn1 libmpc.x86_64 0:1.0.1-3.3.amzn1 mpfr.x86_64 0:3.1.1-4.14.amzn1 Complete! #
今度はちゃんとインストールされる。
とりあえず、確認
# rpm -qa | grep gcc libgcc48-4.8.5-11.135.amzn1.i686 gcc-4.8.5-1.22.amzn1.noarch libgcc48-4.8.5-11.135.amzn1.x86_64 gcc48-4.8.5-11.135.amzn1.x86_64 #
先ほどインストールしたSEPを一度アンインストール
# sh ./install.sh -u Starting to uninstall Symantec Endpoint Protection for Linux. Begin removing Auto-Protect component Auto-Protect component removed successfully Begin removing virus protection component Virus protection component removed successfully Uninstall completed ============================================================= The log files for uninstallation of Symantec Endpoint Protection for Linux are under ~/: sepfl-install.log sep-install.log sepap-install.log sepui-install.log #
で、もう一回SEPをインストール
# sh ./install.sh -i Starting to install Symantec Endpoint Protection for Linux Performing pre-check... Warning: X11 libraries are missing, GUI component will not be installed! Pre-check succeeded Begin installing virus protection component Preparing... ################################# [100%] Performing pre-check... Pre-check is successful Updating / installing... 1:sav-14.0.2415-0200 ################################# [100%] Virus protection component installed successfully Begin installing Auto-Protect component Preparing... ################################# [100%] Performing pre-check... Pre-check is successful Updating / installing... 1:savap-x64-14.0.2415-0200 ################################# [100%] Auto-Protect component installed successfully Begin installing GUI component GUI component failed to install, with error: libX11.so.6 is needed by savui-14.0.2415-0200.i386 Pre-compiled Auto-Protect kernel modules are not loaded yet, need compile them from source code Build Auto-Protect kernel modules from source code successfully *今度はカーネルモジュールコンパイル環境があるのでオッケー Installation completed ============================================================= Daemon status: symcfgd [running] rtvscand [running] smcd [running] ============================================================= Drivers loaded: symap_custom_4_4_23_31_54_amzn1_x86_64 symev_custom_4_4_23_31_54_amzn1_x86_64 *モジュールがあるのでauto-protectのドライバがロードされる。 ユーザ環境でコンパイルされたモジュールには「custom」が入る。 ============================================================= Auto-Protect starting Protection status: Definition: Waiting for update. AP: Malfunctioning ============================================================= The log files for installation of Symantec Endpoint Protection for Linux are under ~/: sepfl-install.log sep-install.log sepap-install.log sepui-install.log sepfl-kbuild.log #
動作確認
# /opt/Symantec/symantec_antivirus/sav info -d Waiting for update. # # /opt/Symantec/symantec_antivirus/sav info -a Malfunctioning #
定義ファイルが取得できるまではauto-protectも有効(Enable)にならなのでしばし待つ。
Liveupdateのログはこちら。Successにならず、Failになる場合はFirewallなど確認する。
# tail -f /opt/Symantec/LiveUpdate/Logs/lux.log 07:43:50.333095 [Session Results - END] 07:43:50.333117 [Session Summary - START] 07:43:50.333138 Components: 1 07:43:50.333160 Packages: 1 07:43:50.333182 Success: 1 07:43:50.333208 Fail: 0 07:43:50.333229 [Session Summary - END] 07:43:50.333251 ******************************************************************************** 07:43:50.333279 Session ended at Fri 2017/10/13 07:43:50 (UTC +0000) 07:43:50.333302 ********************************************************************************
こうなればオッケー
# /opt/Symantec/symantec_antivirus/sav info -d 10/12/2017 rev. 21 # /opt/Symantec/symantec_antivirus/sav info -a Enabled #
定義ファイルの取得が完了するとバージョンが表示され、auto-protectも有効になる。
最新のAmazon Linux (2017.09リリース版 Kernel 4.9.51-10.52)ではカーネルモジュールのコンパイルがエラーとなった。4.9.xxでのSEP14.0MP2の動作は無理っぽい。
*2017/10/16 追記
Amazon LinuxがSEP14.0 RU1のリリースノートのサポートOSに追加されていることを確認。
