Realtime protection cannot start

Issue

Real-time protection is unable to start due to missing kernel files.

The Events screen in the Web interface of ESET File Security for Linux displays an error message similar to the one in one of the screenshots below:

In ESET File Security for Linux version 7.0:

real-time-protection-cannot-start

 

In ESET File Security for Linux version 7.1:

real-time-protection-cannot-start_7.1

 

In system logs a corresponding error message is displayed:

Jul 15 15:42:30 localhost efs: ESET File Security error: cannot find kernel sources directory for kernel version 3.10.0-957.el7.x86_64

Jul 15 15:42:30 localhost efs: ESET File Security error: please check if kernel-devel (or linux-headers) package version matches the current kernel version

Jul 15 15:42:30 localhost oaeventd[31471]: ESET File Security Error: Cannot open file /lib/modules/3.10.0-957.el7.x86_64/eset/efs/eset_rtp.ko: No such file or directory

 

Solution

Method 1 - requires restart of the operating system

1.Upgrade the packages of your operating system to the latest version. On CentOS 7, execute the following command from a Terminal window as a privileged user:

yum upgrade

2.Restart the operating system.

Method 2

1.Install the latest kernel-dev modules (on RPM-based Linux distributions) or the latest kernel-headers (on DEB based Linux distributions). On Oracle Linux, execute the following command from a Terminal window as a privileged user:

yum install kernel-uek-devel-`uname -r`

2.Restart the EFS service.

systemctl restart efs