Установка KSC 14.2 на Ubuntu 22.04

a.cor · March 5, 2023

Добрый день!
После успешной установки KSC по этой инструкции https://support.kaspersky.com/KSCLinux/14.2/ru-RU/166764.htm не могу попасть в консоль -- страница не открывается.

 sudo ss -tulpn
Netid            State             Recv-Q            Send-Q                       Local Address:Port                          Peer Address:Port            Process
udp              UNCONN            0                 0                                  0.0.0.0:13000                              0.0.0.0:*                users:(("klserver",pid=732,fd=87))
udp              UNCONN            0                 0                            127.0.0.53%lo:53                                 0.0.0.0:*                users:(("systemd-resolve",pid=707,fd=13))
udp              UNCONN            0                 0                                     [::]:13000                                 [::]:*                users:(("klserver",pid=732,fd=88))
tcp              LISTEN            0                 2048                               0.0.0.0:19170                              0.0.0.0:*                users:(("klserver",pid=732,fd=85))
tcp              LISTEN            0                 2048                               0.0.0.0:13000                              0.0.0.0:*                users:(("klserver",pid=732,fd=81))
tcp              LISTEN            0                 2048                               0.0.0.0:17000                              0.0.0.0:*                users:(("klactprx",pid=731,fd=21))
tcp              LISTEN            0                 511                              127.0.0.1:1329                               0.0.0.0:*                users:(("node",pid=904,fd=19))
tcp              LISTEN            0                 511                              127.0.0.1:2001                               0.0.0.0:*                users:(("node",pid=721,fd=21))
tcp              LISTEN            0                 2048                               0.0.0.0:13299                              0.0.0.0:*                users:(("klserver",pid=732,fd=83))
tcp              LISTEN            0                 511                              127.0.0.1:2003                               0.0.0.0:*                users:(("node",pid=719,fd=19))
tcp              LISTEN            0                 511                              127.0.0.1:2005                               0.0.0.0:*                users:(("node",pid=718,fd=19))
tcp              LISTEN            0                 4096                         127.0.0.53%lo:53                                 0.0.0.0:*                users:(("systemd-resolve",pid=707,fd=14))
tcp              LISTEN            0                 128                                0.0.0.0:22                                 0.0.0.0:*                users:(("sshd",pid=795,fd=3))
tcp              LISTEN            0                 4096                             127.0.0.1:4150                               0.0.0.0:*                users:(("nsqd",pid=720,fd=7))
tcp              LISTEN            0                 100                                0.0.0.0:13111                              0.0.0.0:*                users:(("ksnproxy",pid=1045,fd=35))
tcp              LISTEN            0                 4096                             127.0.0.1:4151                               0.0.0.0:*                users:(("nsqd",pid=720,fd=8))
tcp              LISTEN            0                 346                              127.0.0.1:5432                               0.0.0.0:*                users:(("postgres",pid=843,fd=5))
tcp              LISTEN            0                 4096                             127.0.0.1:4152                               0.0.0.0:*                users:(("nsqd",pid=720,fd=9))
tcp              LISTEN            0                 2048                             127.0.0.1:30522                              0.0.0.0:*                users:(("klserver",pid=732,fd=89))
tcp              LISTEN            0                 2048                               0.0.0.0:8060                               0.0.0.0:*                users:(("klcsweb",pid=734,fd=21))
tcp              LISTEN            0                 2048                               0.0.0.0:8061                               0.0.0.0:*                users:(("klcsweb",pid=734,fd=23))
tcp              LISTEN            0                 2048                                  [::]:19170                                 [::]:*                users:(("klserver",pid=732,fd=86))
tcp              LISTEN            0                 2048                                  [::]:13000                                 [::]:*                users:(("klserver",pid=732,fd=82))
tcp              LISTEN            0                 2048                                  [::]:17000                                 [::]:*                users:(("klactprx",pid=731,fd=22))
tcp              LISTEN            0                 511                                      *:8080                                     *:*                users:(("node",pid=926,fd=31))
tcp              LISTEN            0                 2048                                  [::]:13299                                 [::]:*                users:(("klserver",pid=732,fd=84))
tcp              LISTEN            0                 128                                   [::]:22                                    [::]:*                users:(("sshd",pid=795,fd=4))
tcp              LISTEN            0                 2048                                  [::]:8060                                  [::]:*                users:(("klcsweb",pid=734,fd=22))
tcp              LISTEN            0                 2048                                  [::]:8061                                  [::]:*                users:(("klcsweb",pid=734,fd=24))

Ошибок при старте сервисов нет:

● KSCWebConsoleManagement.service - Kaspersky Security Center Web Console Management Service
     Loaded: loaded (/etc/systemd/system/KSCWebConsoleManagement.service; enabled; vendor preset: enabled)
     Active: active (running) since Sun 2023-03-05 18:29:55 +05; 16min ago
   Main PID: 719 (node)
      Tasks: 18 (limit: 9327)
     Memory: 52.2M
        CPU: 1.295s
     CGroup: /system.slice/KSCWebConsoleManagement.service
             ├─719 /var/opt/kaspersky/ksc-web-console/node /var/opt/kaspersky/ksc-web-console/pm.updates-manager.js
             └─904 /var/opt/kaspersky/ksc-web-console/node ./updates-manager.js

Mar 05 18:41:01 km12 env[904]: Time monitor { rawNumber: 30029 }
Mar 05 18:41:31 km12 env[904]: Time monitor { rawNumber: 30031 }
Mar 05 18:42:01 km12 env[904]: Time monitor { rawNumber: 30027 }
Mar 05 18:42:31 km12 env[904]: Time monitor { rawNumber: 30029 }
Mar 05 18:43:01 km12 env[904]: Time monitor { rawNumber: 30012 }
Mar 05 18:43:31 km12 env[904]: Time monitor { rawNumber: 30006 }
Mar 05 18:44:01 km12 env[904]: Time monitor { rawNumber: 30011 }
Mar 05 18:44:31 km12 env[904]: Time monitor { rawNumber: 30030 }
Mar 05 18:45:01 km12 env[904]: Time monitor { rawNumber: 30006 }
Mar 05 18:45:31 km12 env[904]: Time monitor { rawNumber: 30032 }

● KSCWebConsolePlugin.service - Kaspersky Security Center Web Console Plugin
     Loaded: loaded (/etc/systemd/system/KSCWebConsolePlugin.service; enabled; vendor preset: enabled)
     Active: active (running) since Sun 2023-03-05 18:29:55 +05; 16min ago
   Main PID: 721 (node)
      Tasks: 32 (limit: 9327)
     Memory: 95.1M
        CPU: 3.159s
     CGroup: /system.slice/KSCWebConsolePlugin.service
             ├─721 /var/opt/kaspersky/ksc-web-console/node /var/opt/kaspersky/ksc-web-console/pm.plugin.js
             ├─927 /var/opt/kaspersky/ksc-web-console/node ./server/plugins/plugin-server.js admin_agent
             ├─930 /var/opt/kaspersky/ksc-web-console/node ./server/plugins/plugin-server.js admin_server
             └─946 /var/opt/kaspersky/ksc-web-console/node ./server/plugins/plugin-server.js irp

Mar 05 18:29:55 km12 systemd[1]: Started Kaspersky Security Center Web Console Plugin.
Mar 05 18:29:59 km12 env[721]: PM API started at port 2001

● KSCWebConsole.service - Kaspersky Security Center Web Console
     Loaded: loaded (/etc/systemd/system/KSCWebConsole.service; enabled; vendor preset: enabled)
     Active: active (running) since Sun 2023-03-05 18:29:55 +05; 16min ago
   Main PID: 718 (node)
      Tasks: 32 (limit: 9327)
     Memory: 107.8M
        CPU: 4.001s
     CGroup: /system.slice/KSCWebConsole.service
             ├─718 /var/opt/kaspersky/ksc-web-console/node /var/opt/kaspersky/ksc-web-console/pm.js
             ├─926 /var/opt/kaspersky/ksc-web-console/node ./index.js
             ├─928 /bin/sh -c "\"/var/opt/kaspersky/ksc-web-console/vendor/nsq_to_file\" -nsqd-tcp-address=127.0.0.1:4150 -channel logs#ephemeral -topic logs-admin_agent-server#ephemeral -topic logs-admin_age>
             └─949 /var/opt/kaspersky/ksc-web-console/vendor/nsq_to_file -nsqd-tcp-address=127.0.0.1:4150 -channel logs#ephemeral -topic logs-admin_agent-server#ephemeral -topic logs-admin_agent-client#epheme>
● KSCWebConsoleMessageQueue.service - Kaspersky Security Center Web Console Message Queue
     Loaded: loaded (/etc/systemd/system/KSCWebConsoleMessageQueue.service; enabled; vendor preset: enabled)
     Active: active (running) since Sun 2023-03-05 18:29:55 +05; 16min ago
   Main PID: 720 (nsqd)
      Tasks: 11 (limit: 9327)
     Memory: 16.8M
        CPU: 17.948s
     CGroup: /system.slice/KSCWebConsoleMessageQueue.service
             └─720 /var/opt/kaspersky/ksc-web-console/vendor/nsqd -tls-cert=../nsq-server.crt -tls-key=../nsq-server.key -tls-required=1 -tls-min-version=tls1.2 -tls-root-ca-file=../KLRootCA.crt -max-msg-size>

Mar 05 18:30:04 km12 env[720]: [nsqd] 2023/03/05 18:30:04.098296 INFO: NSQ: persisting topic/channel metadata to nsqd.dat
Mar 05 18:30:04 km12 env[720]: [nsqd] 2023/03/05 18:30:04.099875 INFO: NSQ: persisting topic/channel metadata to nsqd.dat
Mar 05 18:30:04 km12 env[720]: [nsqd] 2023/03/05 18:30:04.102078 INFO: NSQ: persisting topic/channel metadata to nsqd.dat
Mar 05 18:30:04 km12 env[720]: [nsqd] 2023/03/05 18:30:04.104769 INFO: NSQ: persisting topic/channel metadata to nsqd.dat
Mar 05 18:30:04 km12 env[720]: [nsqd] 2023/03/05 18:30:04.106499 INFO: NSQ: persisting topic/channel metadata to nsqd.dat
Mar 05 18:30:04 km12 env[720]: [nsqd] 2023/03/05 18:30:04.108626 INFO: NSQ: persisting topic/channel metadata to nsqd.dat
Mar 05 18:30:04 km12 env[720]: [nsqd] 2023/03/05 18:30:04.111278 INFO: NSQ: persisting topic/channel metadata to nsqd.dat
Mar 05 18:30:04 km12 env[720]: [nsqd] 2023/03/05 18:30:04.113568 INFO: NSQ: persisting topic/channel metadata to nsqd.dat
Mar 05 18:30:04 km12 env[720]: [nsqd] 2023/03/05 18:30:04.116351 INFO: NSQ: persisting topic/channel metadata to nsqd.dat
Mar 05 18:30:04 km12 env[720]: [nsqd] 2023/03/05 18:30:04.119418 INFO: NSQ: persisting topic/channel metadata to nsqd.dat

OS: Ubuntu 22.04.2 LTS

DB: PostgreSQL 15.2.

Подскажите, пожалуйста, куда ещё можно посмотреть?

mike 1 · March 5, 2023

Здравствуйте, а в файле /etc/ksc-web-console-setup.json какой порт у вас указан?

a.cor · March 6, 2023

Порт 8080.

Вот содержимое файла:

cat /etc/ksc-web-console-setup.json
{
  "address": "127.0.0.1",
  "port": 8080,
  "trusted": "127.0.0.1|13299|/var/opt/kaspersky/klnagent_srv/1093/cert/klserver.cer|KSC Server",
  "acceptEula": true,
  "enableLog": true
}

mike 1 · March 6, 2023

У вас должна быть прописана учетная запись от которой будет запускаться веб консоль.

Пример настройки:

a.cor · March 11, 2023

Добрый день!

Спасибо за ответ!

Я последовал вашей рекомендации, после заново запустил установку из пакета web-консоли, перезагрузил сервисы (и сервер тоже), но, к сожалению, не помогло.

После перезагрузки ошибок в логах старта всех сервисов (консоли и самого KSC) нет.

Вот содержимое файлов setup и conf.

cat /etc/ksc-web-console-setup.json
{
  "address": "127.0.0.1",
  "port": 8080,
  "defaultLangId": 1049,
  "enableLog": false,
  "trusted": "127.0.0.1|13299|/var/opt/kaspersky/klnagent_srv/1093/cert/klserver.cer|KSC Server",
  "acceptEula": true,
  "certPath": "/var/opt/kaspersky/klnagent_srv/1093/cert/klserver.cer",
  "webConsoleAccount": "kladmins:ksc",
  "managementServiceAccount": "kladmins:ksc",
  "serviceWebConsoleAccount": "kladmins:ksc",
  "pluginAccount": "kladmins:ksc",
  "messageQueueAccount": "kladmins:ksc"
}

cat /etc/ksc-web-console.conf
{
  "address": "127.0.0.1",
  "port": 8080,
  "defaultLangId": 1033,
  "enableLog": false,
  "trusted": "127.0.0.1|13299|/var/opt/kaspersky/klnagent_srv/1093/cert/klserver.cer|KSC Server",
  "acceptEula": true,
  "certPath": "/var/opt/kaspersky/klnagent_srv/1093/cert/klserver.cer",
  "webConsoleAccount": "kladmins:ksc",
  "managementServiceAccount": "kladmins:ksc",
  "serviceWebConsoleAccount": "kladmins:ksc",
  "pluginAccount": "kladmins:ksc",
  "messageQueueAccount": "kladmins:ksc"
}

mike 1 · March 12, 2023

Уточните, консоль удаленно открываете так https://192.168.0.10:8080/ ? Порт доступен, если до него постучаться, например, через telnet с удаленной машины?

a.cor · March 13, 2023

Да, всё верно.

Вот скриншот из браузера:

nmap km12.km.local -p 8080
Starting Nmap 7.80 ( https://nmap.org ) at 2023-03-13 09:19 +05
Nmap scan report for km12.km.local (192.168.0.12)
Host is up (0.018s latency).

PORT     STATE SERVICE
8080/tcp open  http-proxy

Nmap done: 1 IP address (1 host up) scanned in 1.20 seconds

mike 1 · March 13, 2023

А так тоже не заходит?

https://192.168.0.12:8080

a.cor · March 20, 2023

К сожалению, нет, я по доменному имени пытаюсь обратиться с самого начала.

Установка KSC 14.2 на Ubuntu 22.04

Recommended Posts

a.cor

Link to comment

Share on other sites

mike 1

Link to comment

Share on other sites

a.cor

Link to comment

Share on other sites

mike 1

Link to comment

Share on other sites

a.cor

Link to comment

Share on other sites

mike 1

Link to comment

Share on other sites

a.cor

Link to comment

Share on other sites

mike 1

Link to comment

Share on other sites

a.cor

Link to comment

Share on other sites

Please sign in to comment

Forum

Products

Support

Personal Account