[KB880] Is ESET Security for Linux Server compatible with SELinux and grsecurity?

Solution

ESET Security for Linux is not compatible with SELinux and grsecurity. 

If you have problems with SELinux and you do not need it, you can switch the system into permissive mode with the following commands:

echo 0 > /selinux/enforce
vi /etc/selinux/config

Set SELinux to "disabled" in configuration file.

SELINUX=disabled

 

For grsecurity, add a trusted group and add the user esets to the group.

# groupadd -g  grsecgroup
# vi /etc/group
grsecgroup:x:123:esets #Example

Enable 'Trusted Path Execution (TPE)' and 'Invert GID option' within grsecurity.

# echo  > /proc/sys/kernel/grsecurity/tpe_gid
# echo 1 > /proc/sys/kernel/grsecurity/tpe
# echo 1 > /proc/sys/kernel/grsecurity/grsec_lock

You can also do this the same way via sysctl command:

# sysctl kernel.grsecurity.tpe_gid =  kernel.grsecurity.tpe = 1 kernel.grsecurity.grsec_lock = 1

To enable grsecurity permanently, edit the /etc/sysctl.conf and add the following lines:

kernel.grsecurity.tpe_gid = 
kernel.grsecurity.tpe = 1
kernel.grsecurity.grsec_lock = 1

 

Languages
Last Updated: Oct 15, 2019

Additional resources

User Guides

ESET Forum

YouTube videos

Need further assistance?

Contact ESET Technical Support

More Information

Support News
Customer Advisories