# If present, uninstall SEPfL and remove any remaining traces. ./install.sh -u rm -rf /opt/Symantec/symantec_antivirus /etc/symantec/sep /var/symantec/sep /etc/Symantec.conf /etc/savfl_install.cfg /root/sep*.log*
# We are going to follow http://www.symantec.com/docs/HOWTO101761 ("Installing the Symantec Endpoint Protection client for Linux"), # but with a change before the installer is run, then another change after it is run.
# First make sure AutoProtect modules are not installed, nor loaded, by dropping them into /dev/null, as this is where it would crash.
# Next, we will http://www.symantec.com/docs/TECH132773 ("Manually compile Auto-Protect kernel modules for Endpoint Protection for Linux"). # Please note that your kernel module version number will be different if using 14.2.
cd /opt/installs/sep-sym/src/ap-kernelmodule-14.0.3929-1200 ./build.sh --kernel-dir /lib/modules/$(uname -r)/build
# This takes a few seconds and restarts the services. # Update definitions - manually define a proxy if necessary (no need if you update via SEPM).
# After the update completes, wait 10 minutes to allow it to be fully processed, then perform some checks. # Please note that the product version returned will be different if using 14.2.
/opt/Symantec/symantec_antivirus/sav info -d # will return a very recent definitions version /opt/Symantec/symantec_antivirus/sav info -a # will return "Enabled" /opt/Symantec/symantec_antivirus/sav info -e # will return "184.108.40.206" /opt/Symantec/symantec_antivirus/sav info -p # will return "14.0.1 (14.0 RU1 MP2) build 3929 (14.0.3929.1200)" /opt/Symantec/symantec_antivirus/sav info -s # will return "General Status: Done Manual Scan: Done"
# Now test by attempting to save EICAR standard antivirus test file to disk. For more details, # see http://www.symantec.com/docs/HOWTO100330 ("Testing a Virus and Spyware Protection policy"). # Ignore any error message that may be shown.