FranceBB
-
Posts
36 -
Joined
-
Last visited
-
Days Won
1
Posts posted by FranceBB
-
-
Thank you J.J!
Next week I'll upgrade to 6.5.13 (released on November 28th, 2023) and I'll let you know.
-
Hey there,
version 9.1.11.0 supported up to kernel 6.3.13 from July 11th 2023. That's the version I'm currently running.
A few days ago, on February the 8th 2024, version 9.1.13.0 was released specifically to support newer kernels.
What's the most recent ESET supported kernel I can update to?
-
Sorry I meant July 11th 2023, but still...
Can you also try what happens with OPEN VPN?
-
And it's working correctly?!
Very interesting! I'm also on Fedora but to make it work I had to version lock the kernel to 6.3.13 from April 2023 as I couldn't manage to make it work with anything more recent...
-
Another year passed, so I added my feedback... this now marks my 8th year with ESET.
I started using ESET 8 years ago as it was literally the only company out there providing a Linux antivirus for home users, namely NOD32.
It was fast, lightweight and it just kept working, the user interface was very basic and old-style and even the antivirus features were limited but it was everything I needed as a home user.
Unfortunately, due to the tiny market of home linux users (less than 1% of net market share, really), ESET sadly discontinued NOD32, leaving us with only one option: "upgrade" to ESET Endpoint Protection.
Aside from the added cost that this brought (which is considerably higher for a home user, given that you're forced to purchase 5 licenses even if you need 1), to this day ESET Endpoint Protection for Linux has less options than NOD32.
The GUI is reduced to the very minimum and it doesn't even have a button to perform a full system scan, it doesn't have a button to enable/disable the individual shields, it doesn't have a button to set exceptions (like specific paths that should be excluded), it doesn't have an option to see quarantined files and eventually restore them and/or send them to ESET for evaluation in case the user thinks they're false positives, it doesn't have an option to choose what the antivirus is supposed to do when it faces a threat (like, remove it automatically? move it to quarantine? ask the user?), it doesn't have an option to schedule scans (like if the user wants to setup automatic scans every night at 2AM when the computer isn't in use etc).
I mean, ESET Endpoint Protection for Linux is lacking a lot of features, the GUI is too minimal and it also doesn't support the latest kernels which is forcing people to either stick with an older long time support kernel like 6.1.x or update to and end of life kernel which has already been deprecated like 6.3.13 (which is currently the last one supported).
I know that Linux is still a tiny market, but please, find some space in your heart to support us 'cause we're feeling left behind.
-
On 10/27/2023 at 12:18 AM, JAK said:
I just installed Eset Endpoint Linux on Fedora 37 Linux but web access protection not working.
Product name: ESET Endpoint Antivirus Product version: 10.1.8.0 Operating system: Fedora 37
Hi Jack,
it's not a matter of Fedora, it's the web access protection that is malfunctioning even on supported distro like RHEL (which comes from Fedora and CentOS).
I'm happily running ESET 9.1.11.0 (which doesn't have web access protection) on Fedora 40, but you need to keep one thing in mind: you can't use any kernel newer than 6.3.13-200.fc38.x86_64 (you can version lock it in dnf so that it updates everything else but the kernel)
-
Yep, the web scan on the new 10.x antivirus has caused a lot of issues to plenty of users on plenty of distro.
Sadly we all ended up doing the same thing: rolling back to 9.x
Currently I'm on version 9.1.11.0 which doesn't have the web scan and it works reliably. I'll only move to a newer version when the web scan will be either deactivable from the GUI or fixed and made more friendly.
One thing to note if you actually decide to stick with version 9.x, make sure to kernel-lock your OS so that it never upgrades past kernel 6.3.13 'cause newer kernels are incompatible.
Aside from that you can update everything else and in terms of support version 9.x will be supported 'till 2026, so we're good. I sincerely hope that ESET will improve things way sooner than that, though.
-
It's not a matter of distro, it's a matter of kernel. You can use the current Ubuntu or, for that matter, any other recently updated distro like Fedora, CentOS Stream etc, as long as you stick with kernel 6.3.13. Any kernel newer than that won't work. For instance, I'm on Fedora 39, but I version locked the kernel to 6.3.13 and ESET Endpoint runs fine. I also recommend sticking with version 9.x of the antivirus given that version 10 introduces web protection which is completely broken and would block all your internet traffic, as already reported by multiple people on this forum.
-
4 hours ago, GabrielEset said:
Yes, you can disable it on Politics
That's only if you also purchased ESET PROTECT Cloud, though, which is something that many home users who got migrated from the now defunct NOD32 didn't obviously purchase...
-
Well, I can reproduce it on two different Fedora installations too, which is why I'm sticking with 9.x.
Speaking of which, in order to still update when new versions are gonna be released, is there a way to disable the web protection without ESET Protect Cloud? A configuration file perhaps? A command line entry?
I know that the GUI is low priority, but it would be nice to add an option to enable/disable components in there too.
-
Not that I'm aware of. Just roll back to 9.1.11 and in the meantime collect the logs and open an issue / bug in the help center. The more people report this the faster it will be solved.
I already did, but you should too 'cause it will show them that it occurs on Linux regardless of the distro.
-
-
4 hours ago, Peter Randziak said:
I recommend to follow it up via a ticket so it can be checked and resolved / work-around-ed.
Will do.
QuoteThe support schedule is available at https://support-eol.eset.com/en/policy_business/product_tables.html
July 11, 2026.
Looks like I'm gonna be fine for quite some time, though.
-
Reverting to 9.1.11 worked (9.11 to be precise).
I can now browse the web just fine.
So I think I'm gonna stick to 9.1.11 for the time being until there's gonna be an option in the GUI in the future versions to actually disable web filtering etc.
How long is 9.x gonna be supported?
-
I don't know whether it's gonna be quite as easy, but for what it's worth, I have identified the errors in the journal:
ESET Endpoint Antivirus Error: Command AddCertToSystem failed. Internal error
ESET Endpoint Antivirus Critical Error: Protoscan configure failed
eea-user-agent.service: Main process exited, code=killed, status=15/TERM
eea-user-agent.service: Failed with result 'signal'.
Process 8570 (wapd) of user 960 dumped core.
Module libpcre2-8.so.0 from rpm pcre2-10.42-1.fc38.1.x86_64
Module libcrypt.so.2 from rpm libxcrypt-4.4.36-1.fc39.x86_64
Module libselinux.so.1 from rpm libselinux-3.5-1.fc39.x86_64
Module libbrotlicommon.so.1 from rpm brotli-1.0.9-12.fc39.x86_64
Module libsasl2.so.3 from rpm cyrus-sasl-2.1.28-10.fc39.x86_64
Module libevent-2.1.so.7 from rpm libevent-2.1.12-8.fc38.x86_64
Module libkeyutils.so.1 from rpm keyutils-1.6.1-6.fc38.x86_64
Module libkrb5support.so.0 from rpm krb5-1.21-1.fc39.x86_64
Module libcom_err.so.2 from rpm e2fsprogs-1.47.0-1.fc39.x86_64
Module libk5crypto.so.3 from rpm krb5-1.21-1.fc39.x86_64
Module libkrb5.so.3 from rpm krb5-1.21-1.fc39.x86_64
Module libunistring.so.5 from rpm libunistring-1.1-3.fc38.x86_64
Module libz.so.1 from rpm zlib-1.2.13-3.fc38.x86_64
Module libbrotlidec.so.1 from rpm brotli-1.0.9-12.fc39.x86_64
Module libgssapi_krb5.so.2 from rpm krb5-1.21-1.fc39.x86_64
Module libcrypto.so.3 from rpm openssl-3.0.8-2.fc39.x86_64
Module libssl.so.3 from rpm openssl-3.0.8-2.fc39.x86_64
Module libpsl.so.5 from rpm libpsl-0.21.2-3.fc39.x86_64
Module libssh.so.4 from rpm libssh-0.10.5-1.fc39.x86_64
Module libidn2.so.0 from rpm libidn2-2.3.4-2.fc38.x86_64
Module libnghttp2.so.14 from rpm nghttp2-1.55.0-1.fc39.x86_64
Module libcurl.so.4 from rpm curl-8.1.2-1.fc39.x86_64
Module libprotobuf.so.32 without build-id.
Module libcommon.so without build-id.
Module wapd without build-id.
Stack trace of thread 8570:
#0 0x00007f40bea8fad4 __pthread_kill_implementation (libc.so.6 + 0x8fad4)
#1 0x00007f40bea3e8ee raise (libc.so.6 + 0x3e8ee)
#2 0x00007f40bea268ff abort (libc.so.6 + 0x268ff)
#3 0x0000556352c3a537 n/a (wapd + 0x3a537)
#4 0x0000556352c66230 _ZN9WapDaemon12OnCfgChangedEP11CfgSnapshotS1_ (wapd + 0x66230)
#5 0x00007f40bf9809ca _ZN17ApplicationDaemon4InitEv (libcommon.so + 0x3809ca)
#6 0x00007f40bf97a3bd _ZN15ApplicationBase3RunEv (libcommon.so + 0x37a3bd)
#7 0x0000556352c3e47d main (wapd + 0x3e47d)
#8 0x00007f40bea2814a __libc_start_call_main (libc.so.6 + 0x2814a)
#9 0x00007f40bea2820b __libc_start_main@@GLIBC_2.34 (libc.so.6 + 0x2820b)
#10 0x0000556352c3eb5e _start (wapd + 0x3eb5e)
Stack trace of thread 9263:
#0 0x00007f40bea8a409 __futex_abstimed_wait_common (libc.so.6 + 0x8a409)
#1 0x00007f40bea8cda9 pthread_cond_wait@@GLIBC_2.3.2 (libc.so.6 + 0x8cda9)
#2 0x00007f40bf943690 _Z15nod_eventa_waitP19_nod_event_array_t_mPKiii (libcommon.so + 0x343690)
#3 0x00007f40bf9282fd _Z27AppEventaWaitImplementationP19_nod_event_array_t_mPKiiiPi (libcommon.so + 0x3282fd)
#4 0x00007f40bf921b2e _ZN6ModApi20AppInterfaceCallbackEjz (libcommon.so + 0x321b2e)
#5 0x00007f40afd46c2a n/a (n/a + 0x0)
ELF object binary architecture: AMD x86-64
ESET Endpoint Antivirus Error: Child process enable-user-monitoring[9276] terminated by signal 15
ESET Endpoint Antivirus Error: Child process wapd[8570] did not handle signal 6, restart in 32 seconds
Package 'eea' isn't signed with proper key
'post-create' on '/var/spool/abrt/ccpp-2023-07-19-17:57:46.60633-8570' exited with 1
Deleting problem directory '/var/spool/abrt/ccpp-2023-07-19-17:57:46.60633-8570'
ESET Endpoint Antivirus Error: Cannot receive data from server: Network is unreachable
ESET Endpoint Antivirus Critical Error: Protoscan configure failed
-
Well, I opened the ticket and the reply was a bit disappointing...
QuoteUnfortunately Fedora is not a supported operating system and while the software may work when installed, it is not fully tested and we cannot guarantee all functionality will work.
While i am aware that Fedora/RHEL/CentOS are different branches of the same software, there are differences and Fedora is not supported.In other words, the fact that OpenVPN connections are being filtered won't be taken into account as my distro isn't supported.
Luckily my subscription will be up in a month or so (at the end of August if I recall correctly), so it looks like there's no point in renewing it...
It really saddens me 'cause I had no problems for years with the good old NOD32, but given that such a product is dead and that I'm not officially supported on the solution I've been migrated to (ESET Endpoint), I guess I'll just let ESET go.
It's been really nice 'till it lasted, so thank you for all these years together. :')
-
Quote
We do not support a particular kernel in Linux Endpoint products. We only support a particular Linux distribution(s), which means we should support default kernels available there
Yeah, well, you're supporting RHEL and I'm using Fedora which is basically RHEL but upstream, so I guess it's just gonna be a matter of time before support for kernel 6.4.0 gets introduced.
In a nutshell, it's Rawhide -> Fedora -> CentOS -> RHEL
Unfortunately, though, RHEL 9.2 is so downstream (for stability purposes) that its kernel is 5.14.x, to be precise 5.14.0-284.18.1.el9_2.x86_64 while CentOS is at 6.3.x, Fedora is at 6.4.x and Rawhide is at 6.5.x.
QuotePlease raise a support ticket if you have encountered issues with Web access protection and the VPN.
I will, thanks.
Quotewe don't offer any security solution for Linux for home users
I know, I know, but at least you kindly migrated all of us here for free (from Nod32), so we're still "hanging around"
-
Regarding the kernel issue, this is what happens when the eea service tries to start on any kernel newer than 6.3.9:
× eea.service - ESET Endpoint Antivirus Loaded: loaded (/usr/lib/systemd/system/eea.service; enabled; preset: disabled) Drop-In: /usr/lib/systemd/system/service.d └─10-timeout-abort.conf Active: failed (Result: exit-code) since Fri 2023-07-14 18:51:00 BST; 1h 2min ago Process: 4897 ExecStartPre=/opt/eset/eea/lib/install_scripts/check_start.sh (code=exited, status=2) Process: 5576 ExecStopPost=/usr/bin/killall /opt/eset/eea/lib/egui --quiet (code=exited, status=1/FAILURE) CPU: 1.012s Jul 14 18:51:00 router-localhost systemd[1]: eea.service: Scheduled restart job, restart counter is at 5. Jul 14 18:51:00 router-localhost systemd[1]: Stopped eea.service - ESET Endpoint Antivirus. Jul 14 18:51:00 router-localhost systemd[1]: eea.service: Consumed 1.012s CPU time. Jul 14 18:51:00 router-localhost systemd[1]: eea.service: Start request repeated too quickly. Jul 14 18:51:00 router-localhost systemd[1]: eea.service: Failed with result 'exit-code'. Jul 14 18:51:00 router-localhost systemd[1]: Failed to start eea.service - ESET Endpoint Antivirus.As far as the VPN issue is concerned, instead, I can send you the log I collected in the /opt/eset/eea/log/eventlog.dat
I can attach it here unless there's anything sensitive. Please let me know if I can safely attach it here.
-
Hi there,
looks like ESET 10.0.3.0 stable is blocking any VPN connections on Linux.
From the documentation, everything points to ESET PROTECT which I don't have as I'm a home user, not a company https://help.eset.com/eeau/10/en-US/wap_excluded_applications.html so I wouldn't know how to exclude OpenVPN from being blocked. The GUI doesn't seem to allow any kind of configuration and I can't find any command I can put in the terminal to do this.
So... what's the solution?
I've now temporarily disabled the antivirus by stopping the eea service.
Oh, by the way, kernel 6.3.9 is the last supported kernel by ESET 10.0.3.0.
Kernel 6.4.0 and 6.5.0 are not supported and the eea service won't even start.
-
Hi everyone, so I've just upgraded to the new Beta 10 of Endpoint Antivirus (former NOD32 user here).
I know I'm late to the party, but I'd like to share a few suggestions about the missing components in the UI which would be nice if they were added to make it more usable.
1) Full System Scan
currently the menu only allows people to perform a custom scan or a removable media scan, however there's no button for a full system scan. It would be nice to have one so that users can trigger a full system scan (which is one of the most used features in any antivirus) without having to insert the path manually.
2) Add a scan progress in terms of bar or percentage like we had in ESET NOD32 so that users are gonna be able to know how long it's gonna take to perform the scan and at what point of the scan the system is.
3) In the three lines menu (top right), add an option to view files that are currently in quarantine. This will allow users to view which files the antivirus considered as malicious and either delete them forever OR restore them.
4) In the three lines menu (top right), add an option to add exceptions. Perhaps the antivirus detects some unsigned executable as malicious and blocks them, however it might as well be just a development version of a program meant to be tested or whatever, so users should have a way of whitelisting some paths and/or individual files.
5) Scheduled scan. Some devices might be running overnight, therefore it would be sensible to be able to schedule some scans on them when they're not in use, like during the night. In other words, it would be nice to have an option to schedule scans on a particular time of the day or perhaps just on some days etc.
6) Sensibility. It would be nice to be able to adjust the antivirus sensibility and either raise it or lower it according to what the user might wanna do and what the box it's running on is supposed to do.
7) In the about section, a license is shown, however it would be nice to show how long that license is gonna last and when it's supposed to expire, so that the user can see it at a glance.
-
Hi there,
here are a few suggestions about the missing components in the UI which should be added to make it more usable.
I would appreciate if you could pass them on to the product team and the devs, Marco.
1) Full System Scan
currently the menu only allows people to perform a custom scan or a removable media scan, however there's no button for a full system scan. It would be nice to have one so that users can trigger a full system scan (which is one of the most used features in any antivirus) without having to rely on the command line.
2) Add a scan progress in terms of bar or percentage like we had in ESET NOD32 so that users are gonna be able to know how long it's gonna take to perform the scan and at what point of the scan the system is.
3) In the three lines menu (top right), add an option to view files that are currently in quarantine. This will allow users to view which files the antivirus considered as malicious and either delete them forever OR restore them.
4) In the three lines menu (top right), add an option to add exceptions. Perhaps the antivirus detects some unsigned executable as malicious and blocks it, however it might as well be just a development version of a program meant to be tested or whatever, so users should have a way of whitelisting some paths and/or individual files.
5) Scheduled scan. Some devices might be running overnight, therefore it would be sensible to be able to schedule some scans on them when they're not in use, like during the night. In other words, it would be nice to have an option to schedule scans on a particular time of the day or perhaps just on some days etc.
6) Sensibility. It would be nice to be able to adjust the antivirus sensibility and either raise it or lower it according to what the user might wanna do and what the box it's running on is supposed to do.
7) In the about section, a license is shown, however it would be nice to show how long that license is gonna last and when it's supposed to expire, so that the user can see it at a glance.
-
On 4/22/2023 at 10:58 AM, curano said:
Just a precision - this is the complete message when I started it manually
/opt/eset/esets/bin/esets_gui --autostart
Gtk-Message: 11:55:10.132: Failed to load module "appmenu-gtk-module"
Segmentation fault (core dumped)I don't find the module...
Same here with Fedora 38 and GNOME 44.
Different gtk module, same result: the gui won't start.
/opt/eset/esets/bin/esets_gui Gtk-Message: 18:01:20.907: Failed to load module "pk-gtk-module" Segmentation fault (core dumped)
-
To make things worse, if you guys were sticking with NOD32, you should know that Fedora 37 is the last compatible version.
I've upgraded to Fedora 38 on April 20th and although the daemon loads just fine, the GUI doesn't.
[FranceBB@localhost ~]$ /opt/eset/esets/bin/esets_gui Gtk-Message: 17:45:28.098: Failed to load module "pk-gtk-module" Segmentation fault (core dumped)
-
Which is really a shame, to be fair...
ESET Endpoint Protection 9.1.13.0 supported kernels
in ESET Endpoint Products for Linux
Posted
I just updated actually 'cause I had a bit of spare time and it worked like a charm.
I'm happily writing from kernel 6.5.13.