Description
The Customer install the Cymetricx agent on a CentOS/RHEL server and the Service is active (running) as show in Figure 1. But looking at service logs in the Cymetricx service status and the service session keeps restarting as denoted by:
session opened for user root
session closed for use root
Environment
A CentOS or a RedHat server.
Cause
SELinux Is enabled and in Enforcing mode by default on CentOS, RHEL servers.
SELinux allows or denies an interaction between a process and a system resource, and by default is blocking every service from running.
Every Service need SELinux to be disabled or permissive mode. For example Forcepoint agent requires SELinux to be disabled.
The command ausearch -m AVC,USER_AVC -ts
recent displays SELinux logs, and as Figure 2 shows, the Cymetricx service is denied from interacting with the OS and from sending HTTPS requests to the Cymetricx server (notice dest 443 and denied).
Figure 2
Figure 3 shows the default SELinux status using the command sestatus
Recommended Actions
The recommended action is:
Disable SELinux using the following command
sudo sed -i 's/enforcing/disabled/g' /etc/selinux/config
Reboot the CentOS/RHEL server for the configuration to take effect.
Additional Notes
The output of SELinux status command sestatus
should be similar to Figure 4
Related Articles
Server Settings
Server Settings To configure Cymetrix server general settings go to: Administration > System Settings > Server Settings Or click on this link https://<IP_ADDRESS>/ settings/server Click “Edit” and fill the required parameters: Agent Timeout ...
Troubleshooting Cloned Server Visibility Issue in CYMETRICX GUI Due to Duplicate Agent ID
When a Linux server is cloned, Cymetricx service are also copied over to the new server. However, since the agent ID is unique for each installation, the agent ID on the cloned server will be the same as the original server, causing a conflict. This ...
CYMETRICX Supported Platforms
The following information details the supported operating systems and workstations for CYMETRICX: Platforms Microsoft Windows Windows Server 2008 R2 Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows Server2019 Windows Server 2020 ...
CYMETRICX ASV/External Scan Integration
To Setup the Integration between the CYMETRICX and ASV Clone system, the customer needs to do the following steps : Make sure there’s connectivity between the clone system and the CYMETRICX server on port 443, check this by apply the ...
CYMETRICX Nessus/Internal Scan Integration
To Setup the Integration between the CYMETRICX and Nessus system, the customer needs to do the following steps : Make sure there’s connectivity between the Nessus system and the CYMETRICX server on port 8834 , check this by apply the ...