Loading...

Knowledge Center


On non-Windows systems, McAfee Agent 5.x is unable to listen for wake-up calls on ports lower than 1024
Technical Articles ID:   KB86939
Last Modified:  6/18/2018

Environment

McAfee Agent 5.x
Non-Windows systems

For details of MA supported environments, see KB51573.

Problem

If the agent wake-up call port is lower than 1024, agents on non-Windows systems fail to receive wake-up calls.

The macmnsvc.log records errors similar to the following when the agent starts:
 
http_server.Debug: Http server starting
http_server.Debug: Http Server listening on port <591>
http_server.Warning: Error starting http_server - libuv err: ('permission denied' EACCES)

Cause

In McAfee Agent 5.x, the non-Windows agent runs some processes as a non-root user. Previous versions of the agent ran everything as root. 

The range of ports up to 1024 are considered privileged ports, and on UNIX or Linux systems, only root can open a privileged port for listening.

Solution

This behavior is expected with MA 5.x. In non-Windows environments running McAfee Agent 5.x, you must choose a non-privileged port for the agent wake-up call port that is higher than 1024.

Workaround

MA 5.0.5 and later include a new installer option that installs the agent in a root mode, in which all processes run as root, allowing the agent to listen on ports below 1024. 

To install the agent in root mode, use the -r switch when installing the agent: install.sh -i -r

Rate this document

Beta Translate with

Select a desired language below to translate this page.

Languages:

This article is available in the following languages:

English United States
Japanese

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.