[KB7838] Install ESET PROTECT on CentOS 7 (8.x–9.x)

Issue

  • You are using CentOS Linux version 7 and you need to install ESET PROTECT
ESET PROTECT–Virtual Appliance

ESET PROTECT is also available as a Virtual Appliance that runs on CentOS 7. The Virtual Appliance has a more user-friendly deployment.

Details


Click to expand

This article describes the installation process on CentOS 7 as installed from the official Minimal installer. If you already have some software installed, the installation process might differ.


Solution

  1. Prerequisites
  2. Install the database
  3. Install ODBC connector
  4. Install the prerequisites
  5. Install the server component of ESET PROTECT
  6. Install the Web Console
  7. Install the ESET Management Agent
  8. Remove redundant files

I. Prerequisites

  1. Check your internet connection. For example, try searching for a website on google.

If you have a problem with your connection, use the following command to list available network devices:

nmcli d

To connect to the internet, use the simple tool nmtui which works in the command line.

  1. Install some basic Linux tools.

To finish the installation, you can use a basic Linux tool of your choice. This guide uses nano wget.

sudo yum install nano wget -y

II. Install the database

  1. Download the MySQL repository file.
wget https://dev.mysql.com/get/mysql80-community-release-el7-3.noarch.rpm
  1. Import the GPG Key for MySQL.
rpm -import https://repo.mysql.com/RPM-GPG-KEY-mysql-2022
  1. Install the MySQL repository.
sudo rpm -Uvh mysql80-community-release-el7-3.noarch.rpm
  1. Install the MySQL server.
sudo yum install mysql-community-server -y
  1. After the server is installed, open the MySQL configuration file.
sudo nano /etc/my.cnf
  1. Add the following lines to the [mysqld] section:
max_allowed_packet=33M
log_bin_trust_function_creators=1
innodb_log_file_size=150M
innodb_log_files_in_group=2
  1. Save the changes. Press CTRL + X and press Y to confirm.

  2. Start the MySQL service.
sudo systemctl start mysqld
  1. The database root temporary password is created automatically during the installation. Retrieve it using the following command:
sudo grep 'temporary' /var/log/mysqld.log
  1. Copy and save the password.

  2. Open the MySQL.
mysql -u root -p
  1. Type in the password from step 9.

  2. Change the root password.
ALTER USER 'root'@'localhost' IDENTIFIED BY 'super_strong_new_password';
  1. The output should resemble the following:
Query OK, 0 rows affected (0.02 sec)
  1. Quit the MySQL console.
quit

III. ODBC connector installation

  1. Install unixODBC drivers.
sudo yum install unixODBC -y
  1. Download the file directly. Do not install the driver using YUM as it will not install the latest compatible version.
wget https://downloads.mysql.com/archives/get/p/10/file/mysql-connector-odbc-8.0.17-1.el7.x86_64.rpm
  1. Install the ODBC driver.
sudo rpm -ivh mysql-connector-odbc-8.0.17-1.el7.x86_64.rpm --nodeps
  1. Setup the ODBC driver.
sudo myodbc-installer -a -d -n "MySQL ODBC 8.0.17" -t "Driver=/usr/lib64/libmyodbc8w.so"
  1. List the installed drivers:
sudo myodbc-installer -d -l

IV. Install the prerequisites

  1. Update your OpenSSL.
sudo yum install openssl -y
  1. Install Xvfb.
sudo yum install xorg-x11-server-Xvfb -y
  1. Install Cifs-utils.
sudo yum install cifs-utils
  1. The QtWebKit is not in the standard CentOS repository. You can install the EPEL release and use the qtwebkit-devel package.
sudo yum install -y epel-release
sudo yum install qtwebkit-devel
  1. Install Kerberos.
yum install krb5-workstation
  1. Install LDAP Search.
sudo yum install openldap-clients cyrus-sasl-gssapi cyrus-sasl-ldap -y

V. Install the Server component of ESET PROTECT

  1. Download the ESET PROTECT Server installer.
wget https://download.eset.com/com/eset/apps/business/era/server/linux/latest/server-linux-x86_64.sh
  1. Configure the server installation file set as an executable.
chmod +x server-linux-x86_64.sh
  1. Create the temporary installer script.
touch installer.sh
  1. Open the temporary script and paste the following code:
sudo ./server-linux-x86_64.sh \
--skip-license \
--db-type="MySQL Server" \
--db-driver="MySQL ODBC 8.0.17" \
--db-hostname=localhost \
--db-port=3306 \
--db-admin-username=root \
--db-admin-password=password form step II.12. \
--server-root-password=password \
--db-user-username=erauser \
--db-user-password=strong complex password \
--cert-hostname="hostname, IP, FQDN"
  1. Modify the code in the file to fit your installation, including the hostname and IP address of your machine. Use the IP address that agent machines will use to reach the Server machine. Make sure to set up a complex db-user-password. A weak password will cause the installation to fail.

  2. Run the installer script.
sudo sh installer.sh
  1. The installation may end with SELinux policy... failure. That can be ignored if you do not use SELinux.

  2. Start the ESET PROTECT Server service.
sudo systemctl start eraserver
sudo systemctl status eraserver

You should see that the service is active.


VI. Install the Web Console

  1. Install JDK and Tomcat.
yum install java-1.8.0-openjdk tomcat
  1. Download the Web Console.
wget https://download.eset.com/com/eset/apps/business/era/webconsole/latest/era.war
  1. Move the Web Console file to the Tomcat folder.
sudo cp era.war /var/lib/tomcat/webapps/
  1. Restart the Tomcat service to deploy the era.war file.
sudo systemctl restart tomcat
  1. Check the tomcat folder, if the era folder is present.
ls /var/lib/tomcat/webapps

The output should resemble the following:

era  era.war
  1. You can now connect the Web Console from other machines. For example, try the following:
http://10.1.0.1:8080/era

The PROTECT Server is deployed where 10.1.0.1 is replaced by the IP address of your machine.

Continue to the next section if you can open the ESET PROTECT Web Console and log in with Administrator credentials (the password was set in the installer script as server-root-password).

The connection to the Web Console is now available only via HTTP. You can set up HTTPS connection..

Troubleshooting the Web Console connection

If you are unable to connect to the Web Console, there are a few possible reasons:

  • Check if all services are running:
    sudo systemctl status eraserver
    sudo systemctl status tomcat
    If one of the services is not active, start it.

    To start Tomcat service:
    sudo systemctl start tomcat
    To make Tomcat start after each boot run:
    sudo systemctl enable tomcat
  • Check if network ports are open. The CentOS can have a firewall blocking the 8080 port for outside connection. CentOS7 uses FirewallD, so use the following commands to permanently open port 8080:
firewall-cmd --zone=public --add-port=8080/tcp --permanent
firewall-cmd --reload

VII. Install the ESET Management Agent

  1. Download the Agent installer.
wget https://download.eset.com/com/eset/apps/business/era/agent/latest/agent-linux-x86_64.sh
  1. Set the installer as executable.
chmod +x agent-linux-x86_64.sh
  1. Create agent_installer.sh script.
touch agent_installer.sh
  1. Open the file for editing:
nano agent_installer.sh
  1. Paste and modify the following script (for server-assisted installation) to the file and save it.
sudo ./agent-linux-x86_64.sh \
--skip-license \
--hostname=10.1.0.1 \
--port=2222 \
--webconsole-user=Administrator \
--webconsole-password=password \
--webconsole-port=2223

where:

  • The hostname is the IP or hostname of the PROTECT Server machine
  • The Web Console password is the password you use to log in to ESET PROTECT Web Console
  1. Run the installer script.
sudo sh agent_installer.sh

When prompted, press y to accept the certificate.

You can ignore any errors about SELinux returned by the installer.

    7. Set the ESET Management Agent service to start and enable starting after computer boot-up.

sudo systemctl enable eraagent
sudo systemctl start eraagent
  1. Open the ESET PROTECT Web Console and log in as Administrator. If the Computers section contains your server machine, the Agent is installed successfully.

VIII. Remove redundant files

  1. After the components installation is finished successfully, remove the installers and scripts.
rm -rf agent_installer.sh 
rm -rf agent-linux-x86_64.sh 
rm -rf installer.sh 
rm -rf era.war 
rm -rf mysql80-community-release-el7-3.noarch.rpm 
rm -rf mysql-connector-odbc-8.0.17-1.el7.x86_64.rpm 
rm -rf qtwebkit-2.3.4-29.fc32.x86_64.rpm 
rm -rf server-linux-x86_64.sh