Package MFErt-2.0-104.i686 doesn't verify: no digest

Technical Articles ID: KB94087
Last Modified: 2022-11-15 03:41:31 Etc/GMT

Environment

Trellix Agent (TA) 5.7.7
McAfee Agent (MA) 5.7.6 and earlier

Supported Linux operating systems

For environment information, see KB51573 - Supported platforms for Trellix Agent 5.x.

NOTE: MA was rebranded to TA in version 5.7.7.

Problem 1

When you try to install TA using the install.sh or SmartInstall.sh package, it fails.

You see this issue when the Linux operating system uses DISA STIG security policies.

Example of installation attempt from the terminal console:

space required to copy archive is 88796342 bytes space available at mfehNKXin is 7208583168 bytes extracting archive to mfehNKXin... please wait
86475+1 records in
86475+1 records out
44275530 bytes (44 MB, 42 MiB) copied, 0.296471 s, 149 MB/s

Archive: mfehNKXin/package.zip
inflating: mfehNKXin/MFEma.x86_64.rpm
inflating: mfehNKXin/MFErt.i686.rpm
inflating: mfehNKXin/MFEma.i686.rpm
inflating: mfehNKXin/DXL.zip
inflating: mfehNKXin/MFEma.x86_64.deb
inflating: mfehNKXin/MFErt.i686.deb
inflating: mfehNKXin/MFEma.i686.deb
inflating: mfehNKXin/reqseckey.bin
inflating: mfehNKXin/srpubkey.bin
inflating: mfehNKXin/sitelist.xml
inflating: mfehNKXin/req2048seckey.bin
inflating: mfehNKXin/sr2048pubkey.bin
inflating: mfehNKXin/agentfipsmode
inflating: mfehNKXin/agent.ini
inflating: mfehNKXin/RepoKeys.ini
inflating: mfehNKXin/contrib.ini

Verifying... ################################# [100%]

Preparing... ################################# [100%]

package MFErt-2.0-104.i686 does not verify: no digest

Problem 2

If you try to install TA with no digest checking (rpm -ivh --nodigest --nofiledigest), TA installs. But, the agent service doesn't start.

When you try to start or view the service status, it results in an error similar to the one below:

[root@root ~]# /opt/McAfee/agent/bin/masvc status
/opt/McAfee/agent/bin/masvc: error while loading shared libraries: libma_io_service.so.5: cannot open shared object file: No such file or directory

Problem 3

You try to install TA on a Linux environment that's SELinux with FIPS Security Policies.

Example: You run the following commands and see the output below:

Command:

[root@root ~]# fips-mode-setup --check

FIPS is enabled

Command:
[root@root ~]# update-crypto-policies --show
FIPS

Solution

For Problems 1 and 2:

This issue is resolved in McAfee Agent 5.7.3. This version is available from either the ePO Software Manager or the Product Downloads site.

NOTE: You need a valid Grant Number to access the update.

To view other known and resolved issues, see KB93773 - Trellix Agent 5.7.x Known Issues.

Workaround

If the output returned in Problem 3 matches, TA is not currently supported on the SELinux implementation.

To submit a new product idea, go to the Enterprise Customer Product Ideas page.

Click Sign In and enter your ServicePortal User ID and password. If you do not yet have a ServicePortal or Community account, click Register to register for a new account on either website.

For more information about product ideas, see KB60021 - How to submit a Product Idea.

Affected Products

Languages:

This article is available in the following languages:

Knowledge Center

Package MFErt-2.0-104.i686 doesn't verify: no digest

Environment

Problem 1

Problem 2

Problem 3

Solution

Workaround

Affected Products

Languages:

Title

Title

Knowledge Center

Package MFErt-2.0-104.i686 doesn't verify: no digest

Environment

Problem 1

Problem 2

Problem 3

Solution

Workaround

Affected Products

Languages:

Choose your region

Title

Title