Jump to content

Endpoint for Linux - running but not working correctly


Recommended Posts

Hi

I am running Eset Endpoint on the newest ESMC console and I am currently testing a Ubuntu install on LTS 20.04.

I have installed Eset Endpoint 7 o the system and it seems it is running fine, however it is not doing anything.
I can download and open the EICAR file and the webfilter does not block any pages - I have setup a simple rule to block a specific page and it is always loading. I have about 4 years experience with ESET via ESMC/ERA and this is really driving me nuts....

Installation:

Ubuntu LTS 20.04 on HyperV running Azure Kernel

Console output which implies the install seems to be correct:

systemctl status eea.service
● eea.service - ESET Endpoint Antivirus
     Loaded: loaded (/lib/systemd/system/eea.service; enabled; vendor preset: e>
     Active: active (running) since Mon 2020-08-03 21:12:08 CEST; 34s ago
    Process: 8657 ExecStartPre=/opt/eset/eea/lib/install_scripts/check_start.sh>
    Process: 9350 ExecStartPost=/bin/sleep 2 (code=exited, status=0/SUCCESS)
    Process: 9374 ExecStartPost=/opt/eset/eea/lib/install_scripts/launch_gui_al>
   Main PID: 9349 (startd)
      Tasks: 35 (limit: 1001)
     Memory: 279.5M
     CGroup: /system.slice/eea.service
             ├─9349 /opt/eset/eea/sbin/startd
             ├─9352 /opt/eset/eea/lib/logd
             ├─9353 /opt/eset/eea/lib/sysinfod
             ├─9354 /opt/eset/eea/lib/updated
             ├─9355 /opt/eset/eea/lib/licensed
             ├─9356 /opt/eset/eea/lib/confd
             ├─9362 /opt/eset/eea/lib/oaeventd
             └─9373 /opt/eset/eea/lib/scand

 

Any ideas?

 

 

Link to comment
Share on other sites

Hi, since I seemingly cant edit my post here is an update:

After purging ESET and re-installing it somehow file detection works, it cleans the EICAR file.

However webcontrol still is not working and I can load all pages even though certain should be blocked.

 

Link to comment
Share on other sites

4 hours ago, Marcos said:

According to https://help.eset.com/eeau/7/en-US/?system_requirements.html Ubuntu 20 is not supported yet. A new version of ESET Endpoint for Linux with support for Ubuntu 20 LTS is going to be available within a few weeks' time.

Ok, thx. With that in mind I can live with the current state.

Link to comment
Share on other sites

  • 1 month later...
  • 2 weeks later...

@Peter Randziak - I'm back, 
Unfortunately, I have checked and found out the gui\ESET app itself doesn't appear in Ubuntu 20.04 (using the latest version you mentioned 7.1.6.0) I can see it is running in the processes in the back (using `ps -ef` in the command line)
but there is absolutely no way to find the actual gui and see what is happening with it. 
I carried on with uninstalling it and reinstalling 4.0.95, and it just worked. GUI and everything. 

Can we get it checked somehow?

Thanks

Link to comment
Share on other sites

  • ESET Moderators

Hello guys,

I'm apologize for the delay. I have this noted, but somehow did not manage to get to it, my fault 😞 

Please collect the logs from the latest 7.1.6.0 and pass them to me by a private message.

Also please state what is the exact faulty behavior / error as we've discussed 3 of them here already.

Peter

Link to comment
Share on other sites

Thanks for replying @Peter Randziak

Collecting logs will be difficult as COVID is slowing access down. 
I suggest simulating it on Vanilla Ubuntu 20.04 and seeing for yourself.

Issue is as follows:
Installing Agent + ESET Endpoint AV 7.1.6.0 using ESMC (server task + Client task) (everything is the latest version of course)
 

after installation is complete EVERYTHING Related to GUI won't be seen anywhere, and I'll put it into detail:
* no ESET icon on task bar (the green `e`)

* no ESET app can be found in the applications

* trying to run on terminal the egui executable won't do anything. 


Please see if you can start with that, I'll do my best to get some logs tomorrow, but I'm unable to promise anything due to workload. 
 

Link to comment
Share on other sites

  • ESET Moderators

Hello Avielc,

31 minutes ago, avielc said:

after installation is complete EVERYTHING Related to GUI won't be seen anywhere, and I'll put it into detail:
* no ESET icon on task bar (the green `e`)

* no ESET app can be found in the applications

* trying to run on terminal the egui executable won't do anything. 

Well the issue is that the version 7 does not have any GUI so there is nothing to be shown 🙂 (yes I completely forgot about it 😞 )

It has only a notification manager to display notifications in case of events like threat detected or successful module update...

The product is meant to be managed by means of ESMC...

Peter

Link to comment
Share on other sites

I think I have seen a gui of it on 18.04, which means this is a unique behavior for 20.04  @Peter Randziak
I'm not entirely sure, so i'll verify it when I can (hopefully tomorrow) 
 

But Why change a product that is known to work in a singular method cross-platform. 
both Windows and Mac have a GUI, why would Linux, especially Ubuntu be any different? 

I'm sorry, Linux have end users too, and I'm sure Many of the Linux users do not install a gui-less OS.

This is very convenient for users to see what they are clicking and what is the status of their Antivirus software. 

and I'm sure you can agree that it exists on WIndows and Mac for that reason too. 
 

Link to comment
Share on other sites

  • ESET Moderators

Hello @avielc,

GUI for Linux is planned, but I'm not going to share any details nor promise any timeframe 🙂

I agree that it makes sense to have it on systems with OS GUI, where the end users work.

I hope it will be available soon and will improve the user experience.

Peter

Link to comment
Share on other sites

Hi

Thx everyone to keep the topic up.  Iwas bus and just checked the status of ESET on my Ubuntu 20.04 LTS install.

The notifications from ESET show up correct, that is nice now. The GUI lacking is well, unusal ut for now this isn't too bad for me.

However the webfilter still is not functional for me - I can browser any site which is under the "denied"  group in my ESMC policy and the exact same setting work just fine on any Windows installation.

What kind of logs are needed to resolve this?

 

Link to comment
Share on other sites

  • Administrators

Could you please point me to the setting that doesn't work? I've also discussed it with a colleague who is well versed in Linux but he's not aware of having web filtering in Endpoint for Linux either:

image.png

Link to comment
Share on other sites

45 minutes ago, Marcos said:

Could you please point me to the setting that doesn't work? I've also discussed it with a colleague who is well versed in Linux but he's not aware of having web filtering in Endpoint for Linux either:

image.png

 

Hi, I guess I am using an older V6 profile then?

 

EDIT:
Yes that's it! - I created that profile last year and just re-assigned it to the new Ubuntu VM.
The new V7+ profile doesn't have that setting...

grafik.thumb.png.033e8942f0352e29f97124b0b7a5db6b.png

Edited by ichkriegediekriese
Link to comment
Share on other sites

I have been trying to test the new ESET Endpoint Security 7 for Linux on an up to date Ubuntu 18.04 machine. The ESET Agent is already installed (version 7.1.503.0) on the machine and reporting to my company's ESMC Server without issues.

Link to comment
Share on other sites

  • Administrators
1 hour ago, xpaceseven said:

I have been trying to test the new ESET Endpoint Security 7 for Linux on an up to date Ubuntu 18.04 machine. The ESET Agent is already installed (version 7.1.503.0) on the machine and reporting to my company's ESMC Server without issues.

Since you didn't mention any issues with Endpoint v7, I assume it's running just fine. Isn't it?

Link to comment
Share on other sites

I'll try to follow through  with  the GUI-less setup for now,  as there isn't much of  a choice from what I see...

I haven't tested it myself  yet (unfortunately COVID  and other  work assignment  disrupted  that)  so  I  assume it's  definitely GUI-less on  all OS (18.04,  etc) 
There are  a few issues with it:
1. How  does  a  user  scan  a customized folder when it wants to.

2. Say a virus was detected (I know, highly unlikely on UNIX, but still...) how can the user choose to either clean\delete the virus.

3. Should something disrupt the  user's workflow (say firewall blocking  some  intelliJ from accessing external  network  resource,  how can you change these rules locally\ disable features within the Endpoint App.

 

Thanks

 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...