Unable to remove Unix_Template_ policy after it has been applied.

Article:TECH152833  |  Created: 2011-02-07  |  Updated: 2012-11-01  |  Article URL http://www.symantec.com/docs/TECH152833
Article Type
Technical Solution



SCSP agent (IDS service) does not start upon reboot of the system (seen most often in Solaris), if filewatch.dat file is corrupted.


SCSP agent does not start upon reboot of the system


When Solaris (any Unix) system is shutdown , it calls SCSP agent shutdown script, during this time IDS daemon writes out filewatch.dat file. This process may take more than 60 seconds. By default “shutdown” command will wait only 60 seconds and bring the system down.  This will leave filewatch.dat file in corrupted state. Or if the IDS service was unexpectedly terminated it can also leave the file in a bad state.


Work around solutions:

1.    Use “shutdown –gxx –y” where xx is the number of seconds to wait (grace period) and it should be increased to 120, and –y is to prompt at the end of this grace period. If IDS daemon is still running you should wait till it exit.
2.    If SCSP agent does not start, delete filewatch.dat and start the daemon manually.

Permanent solutions in progress:

1.    Ability to recover and start automatically if filewatch.dat is corrupted.
2.    (optional) Speed up writing of filewatch.dat
3.    (optional) Ability to process partial data available in filewatch.dat

Article URL http://www.symantec.com/docs/TECH152833

Terms of use for this information are found in Legal Notices