Jump to content

Rookie

Members
  • Posts

    8
  • Joined

  • Last visited

About Rookie

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    Germany

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. 10 days have passed, without an answer from the ESET staff. I've also raised a case with Business support, no help from there. This is really really disappointing. Apart from the bugs with ERA console, this is the second product we have issues with
  2. Anyone from ESET (Admins ? )
  3. We're using ESET File Security for Linux 4.5.6.0 with ERA 6.5. Installation of Agent and FS went without issues, but I have some smaller questions about the security product. 1. We're receiving e-mails for license expiration, but not when threat is found. Task for threat notifications is enabled (through ERA, same as the license expiry task, which is on by default). I've read in manual PDF and man files that mail_notification_script should be executed when this task is enabled, and I've added av_mail_notified_users in /opt/eset/esets/esets.cfg file (default file where I've defined connection to my ERA server), but there is no mail. I am testing scanning with eicar virus, so every on demand scan finds the file, but is not sending me the e-mail. And license e-mails come in every day, since our license expires end of July at the moment 2. Why is ERA not showing Eicar viruses when I find them with scan? I don't get anything in threat part, even though I get it for Windows machines. On the other side, ERA shows license as a warning (marked the servers with yellow), and shows updates, installed products, OS and everything else 3. I've left the log details on default (daemon), and there are logs on the server in /var/log/esets, but they're with .dat extension and not readable. How can I get "regular" logs, that I can read in that folder same as for any other Linux service? For example, ERA logs are in /var/www/eset and I can get the installer as well as trace.log without issues. We're not using web interface, so I need to have logs on the server in readable format 4. Where does ERA writes its configuration on FS on installed servers? I have an ERA policy for FS for Linux, but when I open /opt/eset/esets/esets.cfg I don't have any of those fields uncommented. Everything is commented, as by default, instead of my connection details for ERA, which I am configuring with puppet on the start. I am doing something wrong, or ERA settings here cannot be seen? Thanks in advance for the help.
  4. thanks Martin, that helped me a lot.
  5. Well, changing options on /tmp is out of the question, since our environment comes from a configuration management, and I really don't want to have exec on /tmp. How can I set up those variables? I was running installation and both the service starting manually from root account
  6. So far none, but on those Linux servers we want to put File Security for Linux for which we have licenses
  7. Hi Martin, Here is the content of the folder: total 9.1M drwxr-x--- 2 root root 4.0K Apr 6 12:48 . drwxr-x--- 5 root root 4.0K Apr 6 12:55 .. -rw-r----- 1 root root 68K Nov 4 07:46 em000_64.dat -rw-r----- 1 root root 877K May 28 2016 em001_64.dat -rw-r----- 1 root root 5.7M Feb 11 01:27 em017_64.dat -rw-r----- 1 root root 2.5M Feb 1 01:27 em039_64.dat SELinux is disabled on all of my servers This is an output from mount command mount /dev/vda2 on / type ext4 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) tmpfs on /dev/shm type tmpfs (rw) /dev/vda1 on /boot type ext2 (rw) /dev/vda8 on /home type ext4 (rw,nodev) /dev/vda6 on /tmp type ext4 (rw,noexec,nosuid,nodev) /dev/vda5 on /var type ext4 (rw) /dev/vda3 on /var/log type ext4 (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) Seems like /tmp is mounted with noexec parameter, and workaround on that one? Also, why does the Agent starts when I manually run /opt/eset/RemoteAdministrator/Agent/ERAAgent --daemon --pidfile=/var/run/eraagent.pid ?
  8. I've installed Agent 6.5 x86_64 version with shell script on my CentOS 6.8 systems. Installation proceeds fine (I tried both the server assisted with username/password and the offline with certificates), there are no errors during install, but the Agent never starts and registers with ERA Server. What I've noticed is that the files in /etc/init.d aren't created, so I cannot use service eraagent start (or stop, status etc) and the only way I can start Agent is if I run /opt/eset/RemoteAdministrator/Agent/ERAAgent --daemon --pidfile=/var/run/eraagent.pid from /etc/init/eraagent.conf Running initctl list gives me the following: eraagent stop/waiting Running initctl start eraagent gives me eraagent start/running, process 1705 , but rerunning initctl list afterwards shows the same eraagent stop/waiting Output from trace.log is the following 2017-04-06 13:31:28 Information: [Thread 7f73eaad9700]: Loading ESET modules from /var/opt/eset/RemoteAdministrator/Agent/Modules/ 2017-04-06 13:31:28 Error: Service [Thread 7f73eaad9700]: ReloadModules: LoadLoader failed with 5000 I would guess something is wrong with the installation script, but I am not bash expert to fix it so I can use the eraagent service in normal way with service <service_name> <start,stop,status> Tried it both on a dev system, and a completely clean CentOS 6.8 minimum install, please advise
×
×
  • Create New...