Acc-Eset
-
Posts
7 -
Joined
-
Last visited
Posts posted by Acc-Eset
-
-
Hi,
You found a solution ?
I had the same problem on a Debian 10. I removed the last version of EFS and reinstall the old one, it's ok for now.
Thx
-
I don't know how but it's ok for one of them after install/reinstall, etc...
But the second, still the same issue...
And now, the third :
Quoteoaeventd[10190]: Erreur ESET File Security: Secure Boot is not supported, please disable it in BIOS/UEFI.
nov. 26 11:03:34 serveur2 oaeventd[10190]: Erreur ESET File Security: Initialization of system handler for on-access scan has failed. Please update your OS and restart your computer, then check system logs.And many of this :
Quotenov. 26 11:22:04 startd[10175]: Erreur ESET File Security: Child process scand[11470] did not handle signal 11, restart in 60 seconds
Secure boot was supported in the last installation and not now ?
The server and efs are the same version of the others (this one isn't in the same hyperv -no uefi activated in the others)
But i have 5 others centos servers to upgrade and i'm stuck for now...
Examples of 2 others ones (CentOS updated but not EFS, still in version 7.0.1152.0 - it's the reason i upgrade EFS) :
Quotenov. 26 11:08:53 serveur4 oaeventd[159451]: Erreur ESET File Security: Syscall init_module returns error: Unspecified error
nov. 26 11:08:53 serveur4 oaeventd[159451]: Erreur ESET File Security: Initialization of system handler for on-access scan has failed. Please update your OS and restart your computer, then check system logs.(Others servers on Debian 9 are ok)
-
Hi,
I wanted to upgrade my agent EFS and i have this problem on all my CentOS :
Quotenov. 26 09:22:54 serveur utild[10875]: Erreur ESET File Security: Cannot rename /etc/cron.d/.eset-efs.tmp to /etc/cron.d/eset-efs: Permission denied
nov. 26 09:22:54 serveur utild[10875]: nov. 26 09:22:54 utild[10875]: Erreur ESET File Security: Cannot delete directory /opt/eset/efs/var/schedulerd/ODFeederSetupRequests: Permission denied
nov. 26 09:22:54 serveur utild[10875]: nov. 26 09:22:54 utild[10875]: Erreur ESET File Security: Cannot rename /etc/cron.d/.eset-efs.tmp to /etc/cron.d/eset-efs: Permission denied
nov. 26 09:22:55 serveur systemd[1]: Started ESET File Security.
nov. 26 09:23:05 serveur updated[10872]: nov. 26 09:23:05 updated[10872]: Erreur ESET File Security: Error updating Antivirus modules: Error creating temporary file.
nov. 26 09:23:17 serveur updated[10872]: nov. 26 09:23:17 updated[10872]: Erreur ESET File Security: Error updating Antivirus modules: Error creating temporary file.
nov. 26 09:23:17 serveur updated[10872]: nov. 26 09:23:17 updated[10872]: Erreur ESET File Security: Error creating temporary file.
nov. 26 09:23:28 serveur updated[10872]: nov. 26 09:23:28 updated[10872]: Erreur ESET File Security: Error updating Antivirus modules: Error creating temporary file.
nov. 26 09:24:01 serveur updated[10872]: nov. 26 09:24:01 updated[10872]: Erreur ESET File Security: Error updating Antivirus modules: Error creating temporary file.
nov. 26 09:24:01 serveur updated[10872]: nov. 26 09:24:01 updated[10872]: Erreur ESET File Security: Error creating temporary file.I used the command :
Quotesudo yum upgrade efs-7.1.247.0.x86_64.rpm
The previous version was 7.0.1152.0
Version of CentOS : CentOS Linux release 7.7.1908
Thanks for the help.
-
With the command :
Quoteausearch -m AVC,USER_AVC,SELINUX_ERR,USER_SELINUX_ERR -i
Result (just the end) :
Quote
type=PROCTITLE msg=audit(24/09/2019 13:23:46.885:1067) : proctitle=/opt/eset/RemoteAdministrator/Agent/ERAAgent --daemon --pidfil e /var/run/eraagent.pid
type=SYSCALL msg=audit(24/09/2019 13:23:46.885:1067) : arch=x86_64 syscall=stat success=no exit=EACCES(Permission non accordée) a 0=0x555a79376780 a1=0x7ffe4fb0a360 a2=0x7ffe4fb0a360 a3=0x3 items=0 ppid=1 pid=15822 auid=unset uid=root gid=root euid=root suid= root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=ERAAgent exe=/opt/eset/RemoteAdministrator/Agent/ERAAgen t subj=system_u:system_r:eraagent_t:s0 key=(null)
type=AVC msg=audit(24/09/2019 13:23:46.885:1067) : avc: denied { search } for pid=15822 comm=ERAAgent name=eset dev="dm-1" ino =5144 scontext=system_u:system_r:eraagent_t:s0 tcontext=system_u:object_r:eset_efs_logd_file_t:s0 tclass=dir permissive=0The status of the service :
Quote● eraagent.service - ESET Management Agent
Loaded: loaded (/etc/systemd/system/eraagent.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since mar. 2019-09-24 13:23:46 CEST; 1h 5min ago
Process: 15821 ExecStart=/opt/eset/RemoteAdministrator/Agent/ERAAgent --daemon --pidfile /var/run/eraagent.pid (code=exited, status=0/SUCCESS)
Main PID: 15822 (code=exited, status=70)sept. 24 13:23:46 app systemd[1]: Starting ESET Management Agent...
sept. 24 13:23:46 app systemd[1]: Can't open PID file /var/run/eraagent.pid (yet?) after start: No such file or directory
sept. 24 13:23:46 app systemd[1]: Started ESET Management Agent.
sept. 24 13:23:46 app systemd[1]: eraagent.service: main process exited, code=exited, status=70/n/a
sept. 24 13:23:46 app systemd[1]: Unit eraagent.service entered failed state.
sept. 24 13:23:46 app systemd[1]: eraagent.service failed.The error for the PID file isn't present if i disable selinux and the service starts.
[EDIT]
It's works with the command
./eraagent.sh --update
-
Hi,
The result of the ausearch :
Quote#============= eraagent_t ==============
allow eraagent_t eset_efs_logd_file_t:dir { getattr search };The command
./eraagent.sh --upgrade
didn't work, result :
Quote./eraagent.sh [ --update ] [ --uninstall ]
Maybe the option is "update" and not "upgrade" ?
Thanks
-
Hi,
I have installed Era Agent 7.1.367.0 in CentOS 7, it was working.
Since i have installed the last updates on CentOS, the service doesn't want start. After a research, if i disable Selinux "setenforce 0", I can start the service.
I tried to reinstall and i see that the selinux policy are the same on another server which wasn't update.
(For information, i had this second server on CentOS 7 which was functional and not update. After i updated it, i have the same problem)
Thanks for your help.
EFS causes drbd/pacemaker setup to crash
in ESET Products for Linux Servers
Posted
Hello,
I'm not sure i understand your answer.
I installed Eset security products in Debian 10 normally, like a Debian 9 and all the others servers.
The problem appeared after a reboot. So i wasn't in chroot, or maybe i misunderstood ?
Thanks