Overall protection has no status when installing f-secure from Terminal on MAC

Bonnithedog
Bonnithedog W/ Alumni Posts: 2 Security Scout

Following the guide linked under and status shows services. Installing in GUI is a workaround that works. But would be nice to install from terminal.

sudo installer -pkg /path/to/pkg -target / works fine

Looks like services are running!

$ sudo launchctl list | grep f-secure

Password:

58505  0      com.f-secure.orspclient

61735  0      com.f-secure.fscreputationd

-      0      com.f-secure.fsmac.fsupdated_guts2

-      6      com.f-secure.fscxfenced

58519  0      com.f-secure.fsctelemetryd

58493  0      com.f-secure.fscsafeadmind

61684  0      com.f-secure.remote.scan_for_malware

-      0      com.f-secure.fsmac.licensetool

-      0      com.f-secure.fsavd.dbhelper

-      5      com.f-secure.fsavd

58512  0      com.f-secure.fscsafesettingsd

58680  0      com.f-secure.ultralight.fscsmd

58675  0      com.f-secure.ultralight.fscsensord

58533  0      com.f-secure.uplinkdaemon

-      0      com.f-secure.scheduledscanning

58631  78     com.f-secure.ultralight.fsculcored

-      0      com.f-secure.fsmac.guts2downloader

Answers

  • MonikaL
    MonikaL W/ Alumni Posts: 206 W/ Former Staff

    Hello,

    We would require the diagnostic information from the affected client machine to check the scenario. Please provide this information to support, and we will investigate further.

    Please open a support case here:

    Support request | F-Secure

  • Bonnithedog
    Bonnithedog W/ Alumni Posts: 2 Security Scout

    hi

    I did ran a FSDIAG. But there is nothing in the files?

    I also opend a support ticket. Which sends me to check info in GUI which i can not do. Computer is at a remote location managed trough ssh.


    Copy of output !


    sudo "/Applications/F-Secure/Support Tool.app/Contents/Resources/fsdiag"


    Support Tool build




    This program will gather information about F-Secure products installed on the host as well as some details about the hardware and configuration of your OS X system. In some cases this information might be considered confidential. The data collected will only be stored locally. F-Secure will use this information for diagnostic purposes ONLY.



    Please wait while the program collects information about your system. This process may take awhile to complete. No changes will be made to your system during this process.



    Note: you can safely ignore failed messages. They only mean that data the was checking for did not exist.



    Skipping network diagnostics


    ###2###


    Copying crontab of root user


    Listing free disk space


    Getting misc system info


    ###3###


    Running otool


    ###4###


    Running sw_vers


    ###5###


    Copying software version info files.


    find: /Library/F-Secure-mdr/product_versions: No such file or directory


    ###6###


    Running package verification for com.f-secure.* pkgs


    ###7###


    Copying crash/hang/panic reports


    tar: Removing leading '/' from member names


    ###8###


    Running system_profiler


    ###9###


    ###10###


    Running defaults


    ###11###


    Running vm_stat


    ###12###


    Running kextstat


    ###13###


    Running ioreg


    ###14###


    Running sysctl


    ###15###


    Copying logfiles


    ###16###


    Running profiles


    Kext rejected due to system policy: <OSKext 0x7ff968d30480 [0x7fff90bcf8e0]> { URL = "file:///Library/StagedExtensions/Library/F-Secure/Extensions/fsauth.kext/", ID = "com.f-secure.kext.fsauth" }


    Kext rejected due to system policy: <OSKext 0x7ff968d30480 [0x7fff90bcf8e0]> { URL = "file:///Library/StagedExtensions/Library/F-Secure/Extensions/fsauth.kext/", ID = "com.f-secure.kext.fsauth" }


    Diagnostics for /Library/F-Secure/Extensions/fsauth.kext:


    Kext rejected due to system policy: <OSKext 0x7f8e9670d060 [0x7fff90bcf8e0]> { URL = "file:///Library/StagedExtensions/Library/F-Secure/Extensions/XFENCE.kext/", ID = "com.f-secure.XFENCE" }


    Kext rejected due to system policy: <OSKext 0x7f8e9670d060 [0x7fff90bcf8e0]> { URL = "file:///Library/StagedExtensions/Library/F-Secure/Extensions/XFENCE.kext/", ID = "com.f-secure.XFENCE" }


    Diagnostics for /Library/F-Secure/Extensions/XFENCE.kext:


    Kext rejected due to system policy: <OSKext 0x7fc2b4d05530 [0x7fff90bcf8e0]> { URL = "file:///Library/StagedExtensions/Library/F-Secure/Extensions/fsnke.kext/", ID = "com.f-secure.kext.nke" }


    Kext rejected due to system policy: <OSKext 0x7fc2b4d05530 [0x7fff90bcf8e0]> { URL = "file:///Library/StagedExtensions/Library/F-Secure/Extensions/fsnke.kext/", ID = "com.f-secure.kext.nke" }


    Diagnostics for /Library/F-Secure/Extensions/fsnke.kext:


    cp: /Library/F-Secure-mdr/fsmac/config/*: No such file or directory


    chown: fsdiag.78874/SECL.log: No such file or directory


    cp: /Library/F-Secure/var/fate/*: No such file or directory


    cp: /Library/F-Secure-mdr/var/fate/*: No such file or directory


    cp: /Library/Application Support/XFENCE/build_number: No such file or directory


    find: /Library/F-Secure-mdr/ultralight: No such file or directory


    fsdiag.78874/ultralight/ultralight_logs/ultralight_diag_2021-11-25-09-25-33.zip


    /Applications/F-Secure/Support Tool.app/Contents/Resources/fsdiag: line 590: /Library/F-Secure-mdr/ultralight/fscultralightdiag: No such file or directory


    rm: : No such file or directory


    /Applications/F-Secure/Support Tool.app/Contents/Resources/fsdiag: line 602: : No such file or directory


    ###17###



    Done! Results of diagnostics are located at /tmp/



    hostname :tmp it$ ls


    hostname :tmp it$ ls -all


    total 0


    drwxrwxrwt 3 root wheel 96 Nov 25 10:25 .


    drwxr-xr-x 6 root wheel 192 Sep 21 2019 ..


    drwxr-xr-x 5 root wheel 160 Nov 25 10:26 .com.f-secure.fsav


    hostname :tmp it$ ls -all .com.f-secure.fsav/


    total 8


    drwxr-xr-x 5 root wheel 160 Nov 25 10:26 .


    drwxrwxrwt 3 root wheel 96 Nov 25 10:25 ..


    srw------- 1 root wheel  0 Nov 25 10:26 fsavd-socket


    srw------- 1 root wheel  0 Nov 25 10:18 fsavd-socket-fsav


    -rw------- 1 root wheel  6 Nov 25 10:26 pidfile

This discussion has been closed.