Unable to remove Unix_Template_ policy after it has been applied.
| Article:TECH152833 | | | Created: 2011-02-07 | | | Updated: 2012-11-01 | | | Article URL http://www.symantec.com/docs/TECH152833 |
Problem
SCSP agent (IDS service) does not start upon reboot of the system (seen most often in Solaris), if filewatch.dat file is corrupted.
Error
SCSP agent does not start upon reboot of the system
Cause
When Solaris (any Unix) system is shutdown , it calls SCSP agent shutdown script, during this time IDS daemon writes out filewatch.dat file. This process may take more than 60 seconds. By default “shutdown” command will wait only 60 seconds and bring the system down. This will leave filewatch.dat file in corrupted state. Or if the IDS service was unexpectedly terminated it can also leave the file in a bad state.
Solution
Work around solutions:
1. Use “shutdown –gxx –y” where xx is the number of seconds to wait (grace period) and it should be increased to 120, and –y is to prompt at the end of this grace period. If IDS daemon is still running you should wait till it exit.
2. If SCSP agent does not start, delete filewatch.dat and start the daemon manually.
Permanent solutions in progress:
1. Ability to recover and start automatically if filewatch.dat is corrupted.
2. (optional) Speed up writing of filewatch.dat
3. (optional) Ability to process partial data available in filewatch.dat
|
|
Article URL http://www.symantec.com/docs/TECH152833
Terms of use for this information are found in Legal Notices
Thank you.