Jump to content

Acc-Eset

Members
  • Content Count

    7
  • Joined

  • Last visited

Posts posted by Acc-Eset

  1. I don't know how but it's ok for one of them after install/reinstall, etc...

    But the second, still the same issue...

    And now, the third :

    Quote

    oaeventd[10190]: Erreur ESET File Security: Secure Boot is not supported, please disable it in BIOS/UEFI.
    nov. 26 11:03:34 serveur2 oaeventd[10190]: Erreur ESET File Security: Initialization of system handler for on-access scan has failed. Please update your OS and restart your computer, then check system logs.

     

    And many of this :

    Quote

    nov. 26 11:22:04 startd[10175]: Erreur ESET File Security: Child process scand[11470] did not handle signal 11, restart in 60 seconds

     

    Secure boot was supported in the last installation and not now ?

    The server and efs are the same version of the others (this one isn't in the same hyperv -no uefi activated in the others)

    But i have 5 others centos servers to upgrade and i'm stuck for now...

    Examples of 2 others ones (CentOS updated but not EFS, still in version  7.0.1152.0 - it's the reason i upgrade EFS)  :

    Quote

    nov. 26 11:08:53 serveur4 oaeventd[159451]: Erreur ESET File Security: Syscall init_module returns error: Unspecified error
    nov. 26 11:08:53 serveur4 oaeventd[159451]: Erreur ESET File Security: Initialization of system handler for on-access scan has failed. Please update your OS and restart your computer, then check system logs.

     

    (Others servers on Debian 9 are ok)

  2. Hi,

    I wanted to upgrade my agent EFS and i have this problem on all my CentOS :

    Quote

    nov. 26 09:22:54 serveur utild[10875]: Erreur ESET File Security: Cannot rename /etc/cron.d/.eset-efs.tmp to /etc/cron.d/eset-efs: Permission denied
    nov. 26 09:22:54 serveur utild[10875]: nov. 26 09:22:54 utild[10875]: Erreur ESET File Security: Cannot delete directory /opt/eset/efs/var/schedulerd/ODFeederSetupRequests: Permission denied
    nov. 26 09:22:54 serveur utild[10875]: nov. 26 09:22:54 utild[10875]: Erreur ESET File Security: Cannot rename /etc/cron.d/.eset-efs.tmp to /etc/cron.d/eset-efs: Permission denied
    nov. 26 09:22:55 serveur systemd[1]: Started ESET File Security.
    nov. 26 09:23:05 serveur updated[10872]: nov. 26 09:23:05 updated[10872]: Erreur ESET File Security: Error updating Antivirus modules: Error creating temporary file.
    nov. 26 09:23:17 serveur updated[10872]: nov. 26 09:23:17 updated[10872]: Erreur ESET File Security: Error updating Antivirus modules: Error creating temporary file.
    nov. 26 09:23:17 serveur updated[10872]: nov. 26 09:23:17 updated[10872]: Erreur ESET File Security: Error creating temporary file.
    nov. 26 09:23:28 serveur updated[10872]: nov. 26 09:23:28 updated[10872]: Erreur ESET File Security: Error updating Antivirus modules: Error creating temporary file.
    nov. 26 09:24:01 serveur updated[10872]: nov. 26 09:24:01 updated[10872]: Erreur ESET File Security: Error updating Antivirus modules: Error creating temporary file.
    nov. 26 09:24:01 serveur updated[10872]: nov. 26 09:24:01 updated[10872]: Erreur ESET File Security: Error creating temporary file.

    I used the command :

    Quote

    sudo yum upgrade efs-7.1.247.0.x86_64.rpm

    The previous version was 7.0.1152.0

    Version of CentOS : CentOS Linux release 7.7.1908

    Thanks for the help.

  3. With the command :

    Quote

    ausearch -m AVC,USER_AVC,SELINUX_ERR,USER_SELINUX_ERR -i

     

    Result (just the end) :

     

    Quote


    type=PROCTITLE msg=audit(24/09/2019 13:23:46.885:1067) : proctitle=/opt/eset/RemoteAdministrator/Agent/ERAAgent --daemon --pidfil                      e /var/run/eraagent.pid
    type=SYSCALL msg=audit(24/09/2019 13:23:46.885:1067) : arch=x86_64 syscall=stat success=no exit=EACCES(Permission non accordée) a                      0=0x555a79376780 a1=0x7ffe4fb0a360 a2=0x7ffe4fb0a360 a3=0x3 items=0 ppid=1 pid=15822 auid=unset uid=root gid=root euid=root suid=                      root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=ERAAgent exe=/opt/eset/RemoteAdministrator/Agent/ERAAgen                      t subj=system_u:system_r:eraagent_t:s0 key=(null)
    type=AVC msg=audit(24/09/2019 13:23:46.885:1067) : avc:  denied  { search } for  pid=15822 comm=ERAAgent name=eset dev="dm-1" ino                      =5144 scontext=system_u:system_r:eraagent_t:s0 tcontext=system_u:object_r:eset_efs_logd_file_t:s0 tclass=dir permissive=0

     

     

    The status of the service :

     

    Quote

    ● eraagent.service - ESET Management Agent
       Loaded: loaded (/etc/systemd/system/eraagent.service; enabled; vendor preset: disabled)
       Active: failed (Result: exit-code) since mar. 2019-09-24 13:23:46 CEST; 1h 5min ago
      Process: 15821 ExecStart=/opt/eset/RemoteAdministrator/Agent/ERAAgent --daemon --pidfile /var/run/eraagent.pid (code=exited, status=0/SUCCESS)
     Main PID: 15822 (code=exited, status=70)

    sept. 24 13:23:46 app systemd[1]: Starting ESET Management Agent...
    sept. 24 13:23:46 app systemd[1]: Can't open PID file /var/run/eraagent.pid (yet?) after start: No such file or directory
    sept. 24 13:23:46 app systemd[1]: Started ESET Management Agent.
    sept. 24 13:23:46 app systemd[1]: eraagent.service: main process exited, code=exited, status=70/n/a
    sept. 24 13:23:46 app systemd[1]: Unit eraagent.service entered failed state.
    sept. 24 13:23:46 app systemd[1]: eraagent.service failed.

     

    The error for the PID file isn't present if i disable selinux and the service starts.

     

    [EDIT]

    It's works with the command

    ./eraagent.sh --update

     

  4. Hi,

    I have installed Era Agent 7.1.367.0 in CentOS 7, it was working.

    Since i have installed the last updates on CentOS, the service doesn't want start. After a research, if i disable Selinux "setenforce 0", I can start the service.

    I tried to reinstall and i see that the selinux policy are the same on another server which wasn't update.

    (For information, i had this second server on CentOS 7 which was functional and not update. After i updated it, i have the same problem)

    Thanks for your help.

×
×
  • Create New...