Realtime protection cannot start

There is a sample issue and a sample solution below demonstrated on Ubuntu.

Issue

Real-time protection is unable to start due to missing kernel files.

In /var/log/messages an error is displayed regarding ESET Endpoint Antivirus for Linux:

Oct 15 15:42:30 localhost eea: ESET Endpoint Antivirus error: cannot find kernel sources directory for kernel version 3.10.0-957.el7.x86_64

Oct 15 15:42:30 localhost eea: ESET Endpoint Antivirus error: please check if kernel-devel (or linux-headers) package version matches the current kernel version

Oct 15 15:42:30 localhost oaeventd[31471]: ESET Endpoint Antivirus Error: Cannot open file /lib/modules/3.10.0-957.el7.x86_64/eset/eea/eset_rtp.ko: No such file or directory

 

Solution

Method 1 - requires restart of the operating system

1.Upgrade the packages of your operating system to the latest version. On Ubuntu, execute the following commands from a Terminal window as a privileged user:

apt-get update

apt-get upgrade

2.Restart the operating system.

Method 2

1.Install the latest latest kernel-headers on DEB based Linux distributions. On Ubuntu, execute the following commands from a Terminal window as a privileged user:

apt update

apt install linux-headers-$(uname -r)

2.Restart the EEA service.

systemctl restart eea