I recently started moving some VM’s off of an old pc running VMWare Server 2.0.2 to a newer server I have running ESXi 5.
I’ve been using the vmware converter to move a lot of the machines over, but was having issues where the vmware converter would give the error “Unable to obtain hardware information for the selected machine.”

I wasn’t having a lot of luck until I tried just copying one of the images to the datastore on the vmware server and upgrading hardware. From there I had realized it was having trouble with the cdrom in the old vm config. To fix this, here is what I had to do.

made a copy of my vmx file ( I like to do this so I have a path back if I screw up )

edit the .vmx file

looked for the IDE device info that referenced the CDROM, and removed it, then saved the file.

——example——–
ide1:0.present = “TRUE”
ide1:0.autodetect = “TRUE”
ide1:0.filename = “auto detect”
ide1:0.deviceType = “cdrom-raw”

After removing this, the vmware converter was able to read the hardware info and was able to move the vm.

I’ve come to realize that the most recent version of symantec for linux actually works. The realtime scanner at least.
Now that that works I just need to get liveupdate to work!
With Liveudate, I’m able to get the definitions to download, but liveupdate then fails and it never applys the update.

I’ve had the most success with the updates at ftp.symantec.com. After putting together a series of scripts to download the updates, extract them from the scripts they have them in (I seem to have issues if I run it), then copy the files to the /opt/Symantec/virusdef/incoming directory.
This seems to work pretty well at this point.

—————————–

As an update to this, I now have it all working as it should!
I found my issue with liveupdate, it seemed like if I free up at least 3GB of disk space, it will work.

As for the ftp definitions, I found out that recently they have moved to supporting x86 and x86-64 in the same download (the 32bit one). I haven’t been able to locate this in any document yet however.

https://www.davidhedges.info/index.php/2012/08/29/128/

I’ve spend a lot of time working with this, and of what I’ve found so far, would make the suggestion not to use symantec AV on linux if at all possible!

1. Out of the box from a fresh install of symantec AV, Symantec installs the default kernel modules which make your server very unstable. These from what I observed cause the server to randomly hang or panic and crash.
To get around this issue, you need to compile custom kernel modules, and place them in /opt/Symantec/autoprotect before you install the symantec rpms. I’m also still working on trying to put something together to automatically rebuild the kernel modules when a new kernel is installed.

2. Unless you plan to update your java cryptography extensions (JCE) every time you run an update that involves java, your are probably better off not installing liveupdate or savui. (http://www.symantec.com/docs/TECH123310)
without this you are not able to use any of the liveupdate management tools effectively. if you try to create a liveupdate config file it will become corrupt or be wiped out when you try to manage liveupdate.

3. By default liveupdate runs its updates out of /tmp, when it cleans up it removes other random files from tmp. This is an issue because, if the server is using /tmp for anything other than liveupdate, liveupdate tends to interfere with it by removing those files. One good example is with novell OES, where it tends to remove /tmp/.ncp2nss, and the other files used by the nss file system. This typically causes the volumes to stop allowing files to be removed or modified, and you get hundreds or thousands of 0 byte tmp files on the volume.

What I ended up doing was creating my own scripts to manually pull the updates from a central server, and install the definitions on the server. I had also realized that at least in SLES 10, the definition file that you pull from symantec’s ftp site will not run, and throws out a few memory errors before failing. for linux/unix this file is just a short script that includes a uuencoded file. I wrote a script to download these updates, then uudecode the file out of the update, then manually install the definitions.

at this point I’ve had to script out an installer for symantec so that others who install it do the install in the correct order. I’ve had to script out most of the liveupdate functionality, and had to work out how to get the their definitions to actually work.
In my opinion I’ve spent a lot more time than anyone should spend trying to make a commercial product work, and still am running into issues with it.

I’m still fighting with an issue where rtvscand jumps to 100% cpu utilization on some servers, but not all.

With all I’ve been through with this, I’m of the opinion, that just about any AV product is going to be more stable and functional than Symantecs AV for linux. There are even free products like CLAMAV that work much better and require much less effort to get them to run they should.

I put together a web based config generator to configure an HP ILO’s. Just enter in the few items, hit submit, then copy to your server.

Once you have it there, all that’s left is running “hponcfg -f yourfile.txt”

here is a link to the ILO config tool