McAfee KB # 53375 describes in detail which versions of the Kernel and Operating system are supported. Regarding your point #2 I haven't heard anything similar so I would advise you to contact McAfee Support and raise a Service Request.
Hope this helps,
We are evaluating Linuxshield with Sles 10.2, OES2.1 64 bit with the original 2.16.60-0.21-smp kernel. We are updating Linuxshield to the latest version and still experiencing what appears to be a memory leak that consumes memory until the system locks up. Is this a 64 bit bug?
The lock up seems to be a similar issue to the one portraited in McAfee KB # KB65587 where running auditd and On Access Scanner lead to the system becoming unusable.
Can you try to disable the auditd and check if the phenomenon still happens ?
@ Ken, this may also help you can you check if auditd is also the root cause in your environment ?
Hope this helps,
I tried stopping, then killing the auditd process. This has no effect on the memory leak. Does anyone have any other ideas?
Probably a good idea for you to ping McAfee Technical Support and raise a case for this.
Let me know how you get on.
I see the exact same issue at several sites. Did you find a solution for this yet?
Best regards, Sebastiaan Veld
No, unfortunately we have not found an answer and are not getting much help from technical support. the decisions was made to look at other solutions as we feel that the interest in McAfee to support Linuxsheild is not a high priority at this time
Mnn, I was afraid that this would be the answer. Ubelievable that such an expensive product works so bad, one of the reasons I've put on hold the license renewel for these customers.
I beleive I've it all working correctly now;
-Disabled auditd as suggested (tough auditd should be supported as it's enabled by default, at least on SLES)
-Removed the folling folders from scanninf (inclusing subfolders): /dev, /proc, /var/log, /var/opt/novell, /admin, /_admin
It's stabel for a few weeks now.
Hope this helps.