You need more information after reading these articles:
and
Configuring the local repository settings
You cannot use this method to update a Data Center Security: Server Advanced agent that is older than 6.7.2.xxxx.
DCS 6.7MP2 and above only
About kernel packages for Linux agents
The Data Center Security: Server Advanced agent packages for Linux have been redesigned in the 6.7 MP2 release to provide timely updates when a new kernel is available for the operating system.
Earlier, whenever a new kernel for the operating system was released, a corresponding updated version of the Data Center Security: Server Advanced agent was not available until the next release of the product. However, this enhancement enables Symantec to provide updates for the Linux agents to accommodate the latest kernel updates for the supported operating system. The agent updates are published to a repository from where you can install the latest available package to update the existing agent.
When you install the 6.7 MP2 or later Linux agents, two packages are installed for the agent: one is the agent package (sdcss) and one is the kernel package (sdcss-kmod). The build numbers of the agent package and the kernel package are independent of each other. However, you can install a kernel package with version 6.7.2.xxxx only on an agent that has version 6.7.2.xxxx. Where xxxx is the build number.
All the kernel packages except SUSE Linux Enterprise Server 11 and Amazon Linux are signed with GPG.
Webserver requirements (this is not covering web site installation)
HTTPS listening on TCP 443
path=/var/www/html
For DCS 6.9.2 and above
Because of a change in how kernel updates are packaged for distribution, the above steps don't apply for DCS 6.9.2 and above. Instead, add the following commands to your scheduled update check to be executed in your browsable package directory:
wget -q -P /var/www/html -x -N -nH -i https://linux-repo.us.securitycloud.symantec.com/SAL/1.1/latest.txt
wget -q -P /var/www/html -x -N -nH -i https://linux-repo.us.securitycloud.symantec.com/SAL/1.2/latest.txt
This will transfer the required files to your /var/www/htm/repos directory that you've set up for local machines to use for updates
You can confirm this in your web browser, by going to http://192.0.2.239/SAL/1.1/rhel8 (where 192.0.2.239 is your webserver)
Modify repo file on Agent Machine
You will then modify the sdcss.repo file, to point to your local webserver (Example Below) and run the update-kmod command
location: /etc/yum.repo.d/sdcss.repo
Note: set gpgcheck=0
DCS 6.9.2
[SDCSS]
name=Symantec Agent for Linux repository
baseurl=http://192.0.2.239/SAL/1.1/rhel9/$basearch
enabled=0
gpgcheck=0
DCS 6.9.3
[SDCSS]
name=Symantec Agent for Linux repository
baseurl=http://192.0.2.239/SAL/1.2/rhel9/$basearch
enabled=0
gpgcheck=0
Update the Agent via it's update-kmod command
cd /usr/lib/symantec
sh installagent.sh --update-kmod
For DCS 6.9.1 and lower
This is an example to create two local repos, one for RHEL7 and another for SLES11. The commands and filename might not match depending of the web server you using of the variant of Linux. But this give a general idea of the steps.
Webserver requirements (this is not covering web site installation)
HTTPS listening on TCP 443
path=/var/www/html
Example IP used: 192.0.2.50 (for local Agent .repo file example only)
Note : all commands are ran under root account. If you using sudo, you need the right permissions and so on. If you are not familiar with "vi" command please check the man page on how to edit/save file.
Install yum-utils and createrepo
yum install yum-utils createrepo
Create the repo files
touch /etc/yum.repos.d/sdcss.rhel7.67mp2.repo
touch /etc/yum.repos.d/sdcss.sles11.67mp2.repo
Edit the RHEL7 repo file and add the sdcss.rhel7.repo information
vi /etc/yum.repos.d/sdcss.rhel7.67mp2.repo
Enter the following in the repo file
[SDCSS-Updates-67mp2-rhel7]
name=SDCSS repository for package updates
baseurl=https://linux-repo.us.securitycloud.symantec.com/DCS_6.7MP2/rhel7/$basearch
enabled=1
gpgcheck=0
Edit the SLES11 repo file and add the sdcss.sles11.repo information
vi /etc/yum.repos.d/sdcss.sles11.67mp2.repo
Enter the following in the repo file
[SDCSS-Updates-67mp2-sles11]
name=SDCSS repository for package updates
baseurl=https://linux-repo.us.securitycloud.symantec.com/DCS_6.7MP2/sles11/$basearch
enabled=1
gpgcheck=0
Update Yum's cache
yum makecache
Get the Repoid
yum repolist
-- It's Currently SDCSS-Updates-67mp2-rhel7 and SDCSS-Updates-67mp2-sles11
Sync the repo
reposync --gpgcheck -l --repoid=SDCSS-Updates-67mp2-rhel7 --download_path=/var/www/html
reposync --gpgcheck -l --repoid=SDCSS-Updates-67mp2-sles11 --download_path=/var/www/html
cd /var/www/html/SDCSS-Updates-rhel7
createrepo -v /var/www/html/SDCSS-Updates-67mp2-rhel7
cd /var/www/html/SDCSS-Updates-sles11
createrepo -v /var/www/html/SDCSS-Updates-67mp2-sles11
Changing the repo on the DCS Agent Machine
You can now change the DCS Repo (located at: /etc/sdcss.repo) on your DCS Agent machine to point to the specific repoid (either SDCSS-Updates-67mp2-rhel7 or
SDCSS-Updates67mp2--sles11) with the baseurl changed to your local server
Example (RHEL):
vi /etc/yum.repos.d/sdcss.repo
[SDCSS-Updates]
name=SDCSS repository for package updates
baseurl=https://linux-repo.us.securitycloud.symantec.com/DCS_6.7MP2/rhel7/$basearch
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-SDCSS
change line in yellow to:
baseurl=https://192.0.2.50/SDCSS-Updates-67mp2-rhel7/$basearch
For RHEL, type:
yum check-update
For SLES, type:
zypper list-updates
For RHEL, type:
yum upgrade sdcss-kmod
For SLES, type:
zypper update sdcss-kmod
Important after updating the package you get this message displayed :
Symantec Data Center Security Server kmod package installed successfully.
A reboot is required. Please reboot your machine at the earliest convenience.
You have to reboot if you want to be protected.
To view what package you have installed run :
rpm -qa |grep sdcs*
Output will be something like :
sdcss-kmod-6.7.3-287.el7.x86_64
sdcss-6.7.3-1473.el7.x86_64