Solved/Way forward: cat: grub.conf: Permission denied.
Today we will look at an interesting article where the OS files are locked on the system.
Lets try to edit the grub.conf file.
I. Error Message
[root@ngelinux001 boot]# cd grub/ [root@ngelinux001 grub]# ls -ltr total 284 -rw-r--r--. 1 root root 1341 May 6 2010 splash.xpm.gz -rw-------. 1 root root 847 Jan 24 2014 grub.conf -rw-r--r--. 1 root root 13964 Jan 24 2014 xfs_stage1_5 -rw-r--r--. 1 root root 11364 Jan 24 2014 vstafs_stage1_5 -rw-r--r--. 1 root root 12024 Jan 24 2014 ufs2_stage1_5 -rw-r--r--. 1 root root 125976 Jan 24 2014 stage2 -rw-r--r--. 1 root root 512 Jan 24 2014 stage1 -rw-r--r--. 1 root root 14412 Jan 24 2014 reiserfs_stage1_5 -rw-r--r--. 1 root root 11956 Jan 24 2014 minix_stage1_5 lrwxrwxrwx. 1 root root 11 Jan 24 2014 menu.lst -> ./grub.conf -rw-r--r--. 1 root root 13268 Jan 24 2014 jfs_stage1_5 -rw-r--r--. 1 root root 11756 Jan 24 2014 iso9660_stage1_5 -rw-r--r--. 1 root root 11748 Jan 24 2014 ffs_stage1_5 -rw-r--r--. 1 root root 12620 Jan 24 2014 fat_stage1_5 -rw-r--r--. 1 root root 13380 Jan 24 2014 e2fs_stage1_5 -rw-r--r--. 1 root root 63 Jan 24 2014 device.map [root@ngelinux001 grub]# [root@ngelinux001 grub]# cat grub.conf cat: grub.conf: Permission denied [root@ngelinux001 grub]#
II. Way forward
a. First check out the attributes if set on file.
[root@ngelinux001 grub]# lsattr grub.conf lsattr: Permission denied While reading flags on grub.conf
b. Check running system processes for any agent running with keywords like scan/agent/dcs/dg/daemon.
[root@ngelinux001 grub]# ps -ef | grep -i scan root 1802 494 0 2021 ? 00:00:00 ./eda_scan --aciEnableCaseSensitivity=1 --aciMatchWholeWord=0 --aciAllowOverlap= root 1807 494 0 2021 ? 00:00:00 ./eda_scan --aciEnableCaseSensitivity=1 --aciMatchWholeWord=0 --aciAllowOverlap [root@ngelinux001 grub]# ps -ef | grep -i 494 root 494 1 0 2021 ? 06:48:50 dgdaemon --bindir=/dgagent --datadir=/dgagent --loader root 1802 494 0 2021 ? 00:00:00 ./eda_scan --aciEnableCaseSensitivity=1 --aciMatchWholeWord=0 --aciAllowOverlap=0 --aciEnableComponents=1 --aciMaxMatchLength=0 root 1807 494 0 2021 ? 00:00:00 ./eda_scan --aciEnableCaseSensitivity=1 --aciMatchWholeWord=0 --aciAllowOverlap=0 --aciEnableComponents=1 --aciMaxMatchLength=0 root 4945 7660 0 07:09 ? 00:00:00 sleep 60 root 4991 3918 0 07:10 pts/15 00:00:00 grep -i 494 [root@ngelinux001 grub]#
III. Stop the agent and then try.
[root@ngelinux001 grub]# /etc/init.d/dgagent stop Ok
IV. Not working ?
If it is still not working, you need to access the Endpoint protection console and disable it from there.
Even in single user mode, this will not work, as it had encrypted the kernel itself.