FHolzer
-
Posts
56 -
Joined
-
Last visited
Posts posted by FHolzer
-
-
most of you errors are missing "common linux knowledge".
Im not tryin to be offense - but you should probably get more linux skills before installing software like this.
i dont see anything related to ESET.
Also keep in mind that there so MANY Linux distros with different Package Versions.
The Documentation is good - but you should know what you are doing and dont copy paste all commands without thinking.
As example -> if you dont know where your my.cnf is located - you are missing common mysql/mariadb knowledge.
If you dont know how to search for a file on linux -> you are missing common knowledge.
your last error seems also mysql Related.
it could be a DNS Problem, wrong creds. or a missconfigured mysql-daemon.
also you are using the password "password" in your installer.
This cant be right ....
-
what was the output of
ausearch -c 'esets_mda' --raw | audit2allow -M my-esetsmda semodule -i my-esetsmda.pp
?
-
what says the output of command:
localectl
-
OS: Centos 8 | 4.18.0-193.28.1.el8_2.x86_64
ESET ver: /opt/eset/esets/sbin/esets_daemon (esets) 4.5.16
Selinux: disabled
[wwwi] agent_enabled = yes listen_addr = "10.0.1.15" listen_port = 3377 username = "esetlogin" password = "test1234"
when i restart the esets process i get the following error:esets_daemon[3458]: error[0d820000]: Child process wwwi[3460] terminated with return code 127, won't be restarte
cant anything related to error code 127.
What i`m missing?
Generally Exit Code 127 means something like "command is not found"
It worked on several centos7 machines without a problem.
First Centos8 machine. -
had the same issue.
thanks for creating the post @Krzysztof L.
this year you saved me time
Well i guess i did it the last 4 years
@Marcos
Can confirm it was a corrupt perseus / em002_32.dat -
Hi,
i set up a whitelist via user_specific_configuration (user_config = "esets_smtp_spec.cfg")
The `esets_smtp_spec.cfg` looks like this
[black-list] action_av = "reject" [white-list] action_av = "accept" action_as = "accept" [|sndrname1@sndrdomain1.com] parent_id = "white-list"
is there a wildcard way for whitelisting the whole domain?
Will Something like this work? :
[|sndrdomain1.com] parent_id = "white-list"
also - the help page is referring to "For esets_smtp, refer to the esets_smtp(1) man page."
Where can i find this man page online?
sincerly,
Franz -
wow - what an fast response. TY
unfortunately i dont have anem001.dat
[root@srvmail01 sbin]# cd /var/opt/eset/esets/lib/ [root@srvmail01 lib]# ll total 103720 drwxr-xr-x 3 esets esets 4096 14. Apr 2016 data -rw-r--r-- 1 esets esets 172409 30. Sep 13:30 em000_32.dat -rw-r--r-- 1 esets esets 1100402 23. Okt 14:57 em001_32.dat -rw-r--r-- 1 esets esets 70579835 24. Okt 17:42 em002_32.dat -rw-r--r-- 1 esets esets 1479292 10. Okt 14:43 em003_32.dat -rw-r--r-- 1 esets esets 2391100 8. Okt 12:40 em004_32.dat -rw-r--r-- 1 esets esets 323143 24. Sep 12:22 em005_32.dat -rw-r--r-- 1 esets esets 106325 29. Jul 13:18 em006_32.dat -rw-r--r-- 1 esets esets 38604 14. Apr 2016 em013_32.dat -rw-r--r-- 1 esets esets 1635443 24. Okt 17:42 em021_32.dat -rw-r--r-- 1 esets esets 320545 16. Sep 14:12 em022_32.dat -rw-r--r-- 1 esets esets 13410472 24. Okt 17:42 em023_32.dat -rw-r--r-- 1 esets esets 148141 14. Sep 2017 em034_32.dat -rw-r--r-- 1 esets esets 5613785 24. Okt 17:44 em049_32.dat
isnt it the "em021_32.dat" ?
or do you mean the "em001_32.dat" ?
im not sure.
EDIT:
yes its was the ""em001_32.dat"[root@srvmail01 sbin]# ./esets_update --verbose Virus signature database has been updated successfully. ESETS Update utility +-+--------------------+------------------------+------------------------+ | | Module | Available version | Installed version | +-+--------------------+------------------------+------------------------+ |*| loader | 1074.1 (20190925) | | |*| perseus | 1555 (20190911) | | |*| engine | 20235 (20191024) | | |*| archiver | 1293 (20191004) | | |*| heuristic | 1194 (20190918) | | |*| cleaner | 1200 (20190916) | | | | | | | | | | | | | | | | d | |*| horus | 7833 (20191016) | | |*| dblite | 1110 (20190827) | | +-+--------------------+------------------------+------------------------+ [root@srvmail01 sbin]#
will observe it for now.
Thank you again Marcos! -
It looks like the Problem is back since October 29, 2018
status=deferred (connect to 127.0.0.1[127.0.0.1]:2526: Connection refused)
Mail Security Version:4.5.15
Signatures:[root@srvmail01 ~]# cd /opt/eset/esets/sbin/ [root@srvmail01 sbin]# ./esets_update --verbose Update is not necessary - the installed virus signature database is current. ESETS Update utility +-+--------------------+------------------------+------------------------+ | | Module | Available version | Installed version | +-+--------------------+------------------------+------------------------+ | | loader | 1074.1 (20190925) | 1074.1 (20190925) | | | perseus | 1556.1 (20191023) | 1556.1 (20191023) | | | engine | 20234 (20191024) | 20234 (20191024) | | | archiver | 1293 (20191004) | 1293 (20191004) | | | heuristic | 1194 (20190918) | 1194 (20190918) | | | cleaner | 1200 (20190916) | 1200 (20190916) | | | horus | 7833 (20191016) | 7833 (20191016) | | | dblite | 1110 (20190827) | 1110 (20190827) | +-+--------------------+------------------------+------------------------+
The deamon freeze, after a reboot/restart after 5 until 15minutes.
Before it freezes it scans and delivers Mails just fine.
It Worked like a charm the last "year"its crazy, cause its almost to the day 1 Year since the last time this Bug appeared ....
-
hi @CircleSquare !!
can you post us your output from ?
cd /opt/eset/esets/sbin ./esets_update --verbose
-
for now it looks stable.
i will inform you if it crashes again.
Thanks for your time! -
first yes looks like there was also a horus update.
im on
| horus | 7779 (20181029) | 7779 (20181029) |
im not sure if the issue was resolved with that - since the error occurs from 10minutes after starting the daemon - up to 24hours and more.
we will see.
was there a fix in v7779 cause you are mentioning it ? -
Quote
including fresh info_get command logs
what do you mean with ` including fresh info_get command logs ` ?
Edit - oh you mean that -> https://support.eset.com/kb6159/?locale=en_US&viewlocale=en_US
got you
----also there is a new engine version again
| | engine | 18293 (20181029) | 18293 (20181029) |
-
just made an Virus Database Update again.
It Updated the engine from 18289 to 18291.
the Update is from today - so it looks like it just was released.
[root@srvmail01 sbin]# ./esets_update --verbose Virus signature database has been updated successfully. ESETS Update utility +-+--------------------+------------------------+------------------------+ | | Module | Available version | Installed version | +-+--------------------+------------------------+------------------------+ | | loader | 1072 (20180813) | 1072 (20180813) | | | perseus | 1543 (20180927) | 1543 (20180927) | |*| engine | 18291 (20181029) | 18289 (20181028) | | | archiver | 1278 (20180924) | 1278 (20180924) | | | heuristic | 1190 (20180924) | 1190 (20180924) | | | cleaner | 1170 (20181025) | 1170 (20181025) | | | horus | 7778 (20181017) | 7778 (20181017) | | | dblite | 1103 (20180629) | 1103 (20180629) | +-+--------------------+------------------------+------------------------+
now the daemons run since ~45 minutes.
but as we know - it can be hanging later.
Will report back later.
to all ending here - Update your databases via:
cd /opt/eset/esets/sbin ./esets_update --verbose
-
It looks like the Problem is back since 25/10/2018.
Also confirmed from the User Krzysztof L.
Same error pattern as in the old topic.
The daemon runs for 10 - 30 seconds and than is "dead"i Updated everything so far but problem persists.
[root@srvmail01 ~]# /opt/eset/esets/sbin/esets_daemon --version /opt/eset/esets/sbin/esets_daemon (esets) 4.5.11
./esets_update --verbose Update is not necessary - the installed virus signature database is current. ESETS Update utility +-+--------------------+------------------------+------------------------+ | | Module | Available version | Installed version | +-+--------------------+------------------------+------------------------+ | | loader | 1072 (20180813) | 1072 (20180813) | | | perseus | 1543 (20180927) | 1543 (20180927) | | | engine | 18289 (20181028) | 18289 (20181028) | | | archiver | 1278 (20180924) | 1278 (20180924) | | | heuristic | 1190 (20180924) | 1190 (20180924) | | | cleaner | 1170 (20181025) | 1170 (20181025) | | | horus | 7778 (20181017) | 7778 (20181017) | | | dblite | 1103 (20180629) | 1103 (20180629) | +-+--------------------+------------------------+------------------------+
-
Just to make an update for Visitors or Google´ers who might end up here ...
The Problem is fixed since 11.Dezember.2017 for me.
It never came back for any of my customers so far. -
i dont know, it was just a common sys-admin thought
i didnt used the prerelease-update - i changed the files manually.
-
also, de error sound different,
it wasdelivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:2526: Connection refused
in the past and not
Quotedelivery temporarily suspended: conversation with 127.0.0.1[127.0.0.1] timed out while receiving the initial server greeting
-
did you recheck you versions ? (automatically updated, etc)
-
Ty Peter!
installed it and will test it.appreciate your work - and dont worry, the best (and every) software has bugs
hope we figured the problem - my customers already go crazy ^^
for the record:[root@mail sbin]# ./esets_update --verbose Update is not necessary - the installed virus signature database is current. ESETS Update utility +-+--------------------+------------------------+------------------------+ | | Module | Available version | Installed version | +-+--------------------+------------------------+------------------------+ | | loader | 1069 (20161122) | 1069 (20161122) | | | perseus | 1532 (20171031) | 1532 (20171031) | | | engine | 16530 (20171206) | 16530 (20171206) | | | archiver | 1270 (20171113) | 1270 (20171113) | | | heuristic | 1184 (20171110) | 1184 (20171110) | | | cleaner | 1150 (20171031) | 1150 (20171031) | | | horus | 6556 (20171206) | 6556 (20171206) | | | dblite | 1095 (20171206) | 1095 (20171206) | +-+--------------------+------------------------+------------------------+
-
My Last Response from ESET was on 22.11.2017 with the information:
Quotewir haben noch keine neuen Informationen von unserer Entwicklung bekommen.
Sobald wir neue Informationen bekommen, melden wir uns wieder bei Ihnen.which translates to "we have no glue yet but we will inform you if we find a solution"
-
thank you for the workaround,
Still - this isnt an open source or free product.
I payed for the smpt scan - i need a fix for it. -
for me its a litte hard do reproduce the error.
Yes its still there - but it happens in a time span of Days to weeks.
not hours/minutes like for others.
but sure, i can try it.
-
-
Just had this Error myself again. - so its not fixed with 4.5.9
it worked around 7days straight with no problem.
Im in contact with ESET Support again - will inform you guys about the progress.
Mail Security - eset_wwwi not starting
in ESET Products for Linux Servers
Posted
everything else seem's to be working perfectly fine with Centos8.
(would be a shame if not ....)