# Installation of ESET ERA: ESMC 7 & Web Console at LXC (Linux Container) on Ubuntu 18.04 LTS ###### Tested on LXC container with Ubuntu 18.04 LTS Read about How to install LXC\LXD on Ubuntu: https://linuxcontainers.org/lxd/getting-started-cli/ On LXC\LXD Host Mashine create a containe with Ubuntu 18.04 with name "eset" ``` lxc launch images:ubuntu/18.04 eset ``` Forward port 443 from Host to ESET Container ``` lxc config device add eset tcp-443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443 lxc config device add eset tcp-2222 proxy listen=tcp:0.0.0.0:2222 connect=tcp:127.0.0.1:2222 lxc config device add eset tcp-2223 proxy listen=tcp:0.0.0.0:2223 connect=tcp:127.0.0.1:2223 ``` Login to the new container "eset" ``` lxc exec eset /bin/bash ``` Create an ESET folder ``` mkdir -p /eset cd /eset chmod 755 . ``` Variables: ``` ERA_ADMINISTRATOR_WEBCONSOLE_PASSWORD=WebL0g1nPassw0rd ERA_FQDN="eset.company.com" ERA_AGENT_PORT=2222 ERA_CONSOLE_PORT=2223 ERA_P12_SERVER_PASSWORD=PasswordFromP12 MYSQL_ROOT_PASSWORD=S11per-MySQL-Pssw0rd MYSQL_ERA_USER=era MYSQL_ERA_USER_PASSWORD=S11per-ERA-Pssw0rd ``` Adding Tomcat7 repositories to APT (ESET WebConsole Works with Tomcat7 only) ``` cat <<\EOF> /etc/apt/sources.list.d/tomcat7.list deb http://us.archive.ubuntu.com/ubuntu/ xenial main deb http://us.archive.ubuntu.com/ubuntu/ xenial universe EOF ``` Updating APT and installing depencies ``` apt update apt install -y xvfb \ cifs-utils \ libqtwebkit4 \ mysql-server-5.7 \ libodbc1 \ odbcinst1debian2 \ openjdk-8-jre-headless \ tomcat7 \ openssl \ winbind \ ldap-utils \ libsasl2-modules-gssapi-mit \ snmp \ samba \ wget \ authbind \ unzip \ unixodbc ``` Generating CA File ``` openssl rand -writerand ~/.rnd openssl req -new -x509 -out ca.crt -sha512 -keyout ca.key -newkey rsa:4096 -subj "/CN=ESET CA" -nodes -days 3650 ``` Generating and Signing HTTPS Certificate and Key ``` openssl req -newkey rsa:4096 -keyout "era-server.key" -out "era-server.csr" -nodes -subj "/CN=Server certificate for host ${ERA_FQDN}" openssl x509 -req -in "era-server.csr" -out "era-server.crt" -CA "ca.crt" -CAkey "ca.key" -days 3650 -sha512 -set_serial "$(date +%s)" -extfile <(printf "subjectAltName = DNS:${ERA_FQDN} \n nsCertType = client, server, email \n subjectKeyIdentifier = hash \n extendedKeyUsage = serverAuth, clientAuth \n keyUsage = nonRepudiation, digitalSignature, keyEncipherment \n basicConstraints = CA: FALSE") ``` Generating P12 and DER ``` openssl pkcs12 -export -out "era-server.p12" -inkey "era-server.key" -in "era-server.crt" -certfile "ca.crt" -password pass:${ERA_P12_SERVER_PASSWORD} chmod 644 era-server.p12 openssl x509 -outform der -in ca.crt -out ca.der ``` Changing ESET MySQL max_allowed_packet to 33M ``` find /etc/mysql/ -iname "*.cnf" -exec sed -iE "s/max_allowed_packet.*/max_allowed_packet = 33M/" {} \; ``` Adding ESET MySQL InnoDB requirements ``` cat <<\EOF> /etc/mysql/mysql.conf.d/innodb.cnf [mysqld] innodb_log_file_size = 300M innodb_log_files_in_group = 3 EOF ``` Setup MySQL: Create user for ERA, Setup the user and Root passwords ``` mysql -e "CREATE USER \"${MYSQL_ERA_USER}\"@'localhost' IDENTIFIED BY \"${MYSQL_ERA_USER_PASSWORD}\"" mysql -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY \"${MYSQL_ROOT_PASSWORD}\"" ``` Restart MySQL ``` systemctl restart mysql ``` Install ODBC 5.2 (ESMC Works with ODBC 5.2 only) ``` wget https://dev.mysql.com/get/Downloads/Connector-ODBC/5.2/mysql-connector-odbc-5.2.7-linux-glibc2.5-x86-64bit.tar.gz tar xvf mysql-connector* mkdir -p /usr/local/lib/odbc cp mysql-connector*/bin/* /usr/local/bin cp mysql-connector*/lib/* /usr/local/lib/odbc rm -rf mysql-connector* ``` Configurate ODBC Driver For Ubuntu the file is etc/odbc.ini ``` cat <<\EOF> /etc/odbcinst.ini [MySQL] Description = ODBC for MySQL Driver = /usr/local/lib/odbc/libmyodbc5w.so FileUsage = 1 Server = 127.0.0.1 Port = 3306 EOF ``` Download ESET EEA Installation ``` wget -N https://download.eset.com/com/eset/apps/business/era/server/linux/latest/server-linux-x86_64.sh chmod +x server-linux-x86_64.sh ``` Setup ESMC ``` ./server-linux-x86_64.sh \ --disable-imp-program \ --db-admin-username root \ --db-admin-password "${MYSQL_ROOT_PASSWORD}" \ --db-name era \ --db-user-username "${MYSQL_ERA_USER}" \ --db-user-password "${MYSQL_ERA_USER_PASSWORD}" \ --server-root-password "${ERA_ADMINISTRATOR_WEBCONSOLE_PASSWORD}" \ --skip-license \ --db-driver=MySQL \ --db-hostname=127.0.0.1 \ --db-port=3306 \ --cert-auth-path "/eset/ca.der" \ --server-cert-path "/eset/era-server.p12" \ --server-cert-password "${ERA_P12_SERVER_PASSWORD}" \ --skip-cert \ --server-port "${ERA_AGENT_PORT}" \ --console-port "${ERA_CONSOLE_PORT}" ``` Setup WebConsole ``` systemctl stop tomcat7 rm -rf /var/lib/tomcat7/webapps/ROOT wget -N https://download.eset.com/com/eset/apps/business/era/webconsole/latest/era.war unzip era.war -d /var/lib/tomcat7/webapps/ROOT find /var/lib/ -iname "EraWebServerConfig.properties" -exec sed -i "s/server_port=2223/server_port=${ERA_CONSOLE_PORT}/" {} \; ``` Enable TCP Port for HTTPS ``` touch /etc/authbind/byport/443 chmod 500 /etc/authbind/byport/443 chown tomcat7 /etc/authbind/byport/443 sed -iE "s/.*AUTHBIND.*/AUTHBIND=yes/" /etc/default/tomcat7 ``` Setup HTTPS for Tomcat7 for debian10 use `Http11Protocol` instead of `Http11NioProtocol` ``` sed -iE '//,//c\ \ \ ' /etc/tomcat7/server.xml ``` Restart Tomcat ``` systemctl restart tomcat7 ```