Policy Manager fails to start the Automatic Update Server process (bwserver) due to an issue with server.cfg permissions
By default, Linux distributions set a umask of 022. However, if this is modified e.g. to harden the underlying system, it can cause a problem where the Automatic Update Server process (bwserver) fails to start. This is due to the process bwserver not being able to read its own config-file /etc/opt/f-secure/fsaus/conf/server.cfg.
This will prevent legacy clients from downloading updates from the Policy Manager Server. Legacy clients include:
Email and Server Security version 12.x and older
Server Security 12.x and older
Client Security versions older than 13.x.
The workaround is to manually set the permission for server.cfg after installation and restart the fspms daemon.