J.J.

Hello Nwb Thank you for provided log files. I checked them and there are definitely issues with access rights of logging service, which could be caused by some issue during installation or installation is broken. 09/24/2021 09:41:32 PM,Logging service,Cannot create temporary file: Permission denied,eset-eea-logd 09/24/2021 06:29:30 PM,Configuration service,Cannot write to socket: Broken pipe,eset-eea-confd Regarding to feedback about permissions of tmp it should be ok. But information about missing directories indicates broken installation. In this case I would suggest to uninstall EEA reboot the machine and make clean installation from terminal running binary as root. Also you are using version 8.1.3.0 and we released new service release with performance fixes so, I would suggest to obtain installer of newest version 8.1.4.0. https://download.eset.com/com/eset/apps/business/eea/linux/g2/latest/eeau.x86_64.bin

Hello Nwb please restart the system stop eea service check the folder /var/log/eset/eea/ods/ clean up the log files - delete the log files rm /var/log/eset/eea/ods/* check the permission of /var/log/eset/eea/ods/ (stat -c %a /var/log/eset/eea/ods/) should be 700 check permissions of /tmp/ (stat -c %a /tmp/) should be 1777 in case the permissions are different it is needed to fix the permissions to this folders In case issue will persist please collcect the log files and provide us with log files https://help.eset.com/eeau/8/en-US/collect-logs.html

Hello Fedora distribution is not supported by ESET Endpoint Antivirus for Linux Desktop https://help.eset.com/eeau/8/en-US/?system_requirements.html The following operating systems of 64-bit architecture are officially supported and tested: •Ubuntu Desktop 18.04 LTS 64-bit •Ubuntu Desktop 20.04 LTS •Red Hat Enterprise Linux 7, 8 with supported desktop environment installed. •SUSE Linux Enterprise Desktop 15

Hello Could you please provide us with log files. They will be needed for investigating the issue. It is needed to enable ECP logging as mentioned in following article, activate product with error, and than collect the log files using collect_logs.sh script. https://help.eset.com/eeau/8/en-US/collect-logs.html Thank you.

Hello You can find packages for Suse here: https://software.opensuse.org/download/package?package=glibc&project=openSUSE%3ALeap%3A15.2%3AUpdate

When you don`t use ESET Protect and Policies or Web interface in ESET File Security for Linux also same applies for ESET Endpoint Security for Linux You can export settings using /opt/eset/efs/sbin/cfg --export-xml=filename.xml And edit following section and than import xml file set value to 1

Hello JasonLFL Thank you for provided log files. I checked them and it looks there are more issue at this machine: 02/15/2021 10:05:39 AM,Real-time protection service,Syscall init_module returns error: Operation not permitted,root 02/15/2021 10:05:39 AM,Real-time protection service,"Initialization of system handler for on-access scan has failed. Please update your OS and restart your computer, then check system logs.",root 02/15/2021 10:06:40 AM,Updating service,Error updating Antivirus modules: Update information is not consistent.,eset-eea-updated 02/10/2021 02:27:21 PM,Updating service,Error updating Antivirus modules: Update information is not consistent.,eset-eea-updated 02/10/2021 03:02:36 PM,Licensing service,Cannot receive data from server: Network is unreachable,eset-eea-licensed 02/10/2021 03:02:36 PM,Licensing service,Cannot receive data from server: Network is unreachable,eset-eea-licensed 02/04/2021 12:22:02 PM,Licensing service,Cannot read from file /var/opt/eset/eea/licensed/license_cfg.json: Permission denied,eset-eea-licensed 02/04/2021 12:22:02 PM,Real-time protection service,Syscall init_module returns error: Operation not permitted,root There are issues with access rights and also with reaching our update servers and modules update. It could be caused by installing the product with lack of privileges etc. I would suggest to uninstall it and install with root privileges. And also check connection to our servers. Here you can find which ports and IPs needs to be reachable: https://support.eset.com/en/kb332-ports-and-addresses-required-to-use-your-eset-product-with-a-third-party-firewall Also issue could be caused by secure boot please check if it is enabled. In case it is enabled it is needed to disable it because secure boot is not supported. You can use following commands to check the state of secure boot: sudo apt-get install mokutil mokutil --sb-state

Hello Could you please provide me with the file name, I will need it to identify the file with log files. Please send me the file name via PM. I will check the logs and let you know. Thank you

Hello Could you please provide us with log files from affected machine? To collect log files please follow instructions in manual: https://help.eset.com/eeau/7/en-US/collect-logs.html Upload log files to ftp.nod.sk/support/ And provide us with information about file name. Also recommendation I would suggest is to completely uninstall product, check if you have installed krenel, kernel-devel and kernel-headers in same version for kernel which is actually in use. Thank you.

Hello I would suggest man pages every agent have man page, for example you can usecommand man esets.cfg Also I prepared and exported all of them to pdf, It would be more comfortable. Here you can download them: http://ftp.nod.sk/~jedovnicky/esets_manpages.zip

Hello, The following operating systems of 64-bit architecture are officially supported: •RedHat Enterprise Linux (RHEL) 6 64-bit •RedHat Enterprise Linux (RHEL) 7 64-bit •RedHat Enterprise Linux (RHEL) 8 64-bit •CentOS 6 64-bit •CentOS 7 64-bit •Centos 8 64-bit •Ubuntu Server 16.04 LTS 64-bit •Ubuntu Server 18.04 LTS 64-bit •Ubuntu Server 20.04 LTS 64-bit •Debian 9 64-bit •Debian 10 64-bit •SUSE Linux Enterprise Server (SLES) 12 64-bit •SUSE Linux Enterprise Server (SLES) 15 64-bit ESET File Security for Linux has been tested on the latest minor releases of the listed operating systems. Update your operating system before installing ESET File Security for Linux. https://help.eset.com/efs/7/en-US/?system_requirements.html Anyway you can install ESET File Security for Linux also at not supported operating system to test if it works, on your own. If os met all requirements it should work on it, but in case of any issue it will not be supported.

Hello Dingolino Thank you for provided log files. We can see the crashes but there are no dumps and stack traces collected, It is needed to enable dumps and stack traces and wait for issue occurrence and than collect the dump and also text files from stack trace and info_get.command log. Info_get. command log does not automatically collects the dumps and stack traces and they have to be collected manually. Thank you

Hello guys Could you please enable core dumps and stack trace and provide us with log files collected by info_get command to investigate the issue? Here you can obtain the mentioned script: http://ftp.nod.sk/tools/info_get.command/ Steps to enable core dumps and stack trace: 1. Stop esets service 2.run command ulimit -c unlimited to enable complete dumps 3. Please run the esets_daemon with the strace parameter "strace -ffo esets_daemon.txt -s 256 /opt/eset/esets/sbin/esets_daemon" 4. Wait till issue occurs again and send us all esets_daemon.txt*, and /tmp/bt.* files including fresh info_get command logs. 5. Output from the infoget command script which is available at: http://ftp.nod.sk/tools/info_get.command/

Hello When you want to enable the web interface from ESMC steps are as follows: - you will create policy to enable Web Interface Assign policy to client: Then you have to generate certificate, so you create new client task to generate certificate and password: -r is for generating certificate and --password is password: Then again you choose target: And its done

Man pages can be accessed from terminal once product is installed commands are: man esets_smtp, man esets_pop3, man esets.cfg etc. Also here you can download exported man pages http://ftp.nod.sk/~jedovnicky/esets_manpages.zip Here is information about user specific configuration: USER SPECIFIC CONFIGURATION The ESETS system implements possibility to define so called user specific configuration, i.e. rele vant con-figuration parameters specific for e-mail recipient and/or e-mail sender can be defined. As described in section USER SPECIFIC CONFIGURATION of esets.cfg(5) manual page the user spe-cific configuration is created when an appropriate special configuration section created within a special con-figuration file path referenced from this agent section (see main ESETS configuration file) by option user_config = path. The header name of user specific section must be in general of the following format, [s_eml|c_eml] where 's_eml' is server's (i.e. recipient's) fully qualified email address or its domain subset, 'c_eml' is client's (i.e. sender's) fully qualified email address or its subset. Note that it is not mandatory to define both client' s and server's parts of the header name. In this case the appropriate part not present within header name will be assumed to be not restricted. The following exam-ple shows definition of section with the section header name compound only from the client' s e-mail address for which we would like to define special configuration. [|username@domain.com] av_scan_obj_archives = yes Please, note that thanks to '|' character present at the beginning of section header name, the main ESETS daemon knows that an appropriate email address represents the client's part of the section header name. In case you omit the character '|', the appropriate content of the section header name will be assumed to be its server's part as shown in an example below. [username@domain.com] av_scan_obj_archives = yes Note also that the section header name can be only domain subset of an appropriate fully qualified email address as shown in an example below [domain.com] av_scan_obj_archives = yes or even [org|domain.com] av_scan_obj_archives = yes Once user specific configuration defined, it will be used if main ESETS system control and scanning dae-mon has been instructed about it. The esets_smtp agent will do this automatically and tell the daemon about the first recipient and also about the sender of the message. Once fully qualified recipient' s and/or sender's email address passed to the daemon, it is compared with section header names found in the special configuration file. The comparison is performed with all section header names consecutively in order as they are written within the file. The configuration appropriate to the first matched section is chosen. If no section header name matches the recipient's/sender's email address passed to the daemon, the configuration appropriate to the agent section from main ESETS configuration file is chosen. The section header name matching algorithm is as follows: If no recipient's address passed to the daemon or no recipient's part of the section header name present, the algorithm returns match for this part of section header name. If fully qualified recipient' s address 'rcptname@rcptdomain.com' passed to the daemon, the algorithm compares this address and its parts (i.e. consecutively 'rcptname@rcptdomain.com', 'rcptdomain.com', 'com' is compared) with the recipi-ent's part of the section header name. Similarly if no sender's address passed to the daemon or no sender's part of the section header name present, the algorithm returns match for this part of section header name. If fully qualified sender' s address 'sndrname@sndrdomain.com' passed to the daemon, the algorithm compares this address and its parts (i.e. consecutively 'sndrname@sndrdomain.com', 'sndrdomain.com', 'com' is compared) with the sender's part of the section header name. If both comparison steps described above return match the configuration appropriate to the section header name is chosen. On the other hand if at least one of the steps returns no match, an appropriate section is skipped.