Closed vtacquet closed 7 months ago
krayon007
commented
3 years ago Can you run the agent in console mode, and report back what it says?
First stop te agent by running:
launchctl stop meshagent
Then just run the agent from the command line:
./meshagent
vtacquet
commented
3 years ago I stopped meshagent via launchctl and started manually on the console.
The path is /usr/local/mesh_services/meshagent/
./meshagent_osx64 said unable to open database (1/10) so the install was not completed successfully (although the installer said it was OK).
I did a sudo ./meshagent_osx64 and it started to install certificates and services.
It registered perfectly with MeshCentral and after killing the standalone process and starting it up as a service again with launchctl it was still registered with MeshCentral so all ok (Terminal access worked fine from the start).
To connect to the Desktop, the user had to enable the Screen Recording feature in Security & Privacy manually after connecting, so then I saw the screen but was unable to click or type and the user didn't get a popup to enable Full Access to the mac (the MeshAgent is not shown in the Accessibilty block of the Security & Privacy settings so the user can't give rights). After reconnecting to the Desktop for the 2nd time, the popup for Full Access is shown and the user had to manually enable access too.
So some manual actions by the user are needed after the install, this should be handled by the installer process because lots of users are non-technical.
Greetings and thanks ! Vince
On Wed, Nov 4, 2020 at 9:57 AM Bryan Roe notifications@github.com wrote:
Can you run the agent in console mode, and report back what it says?
First stop te agent by running: launchctl stop meshagent
Then just run the agent from the command line:
./meshagent
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Ylianst/MeshCentral/issues/1948#issuecomment-721601289, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABHEGBYCCMN7EHVCRP2B3JTSOEJQPANCNFSM4TJYIOVA .
krayon007
commented
3 years ago The db thing is normal, I forgot to mention you needed to run it with sudo.
It looks like the service simply didn't auto start when you installed it. Did you install the agent with the binary installer or with the package installer?
As far as the desktop thing, that's a limitation of Apple's security implementation. Tho I did file a bug with the UI, as apple is keying the UI by the file name but the permission by the file hash, which causes some other issues.
Have you tried the agent on Catalina, or are you only having issues with Big Sur?
vtacquet
commented
3 years ago I used the ZIP file with the package installer (it is the only Download I have for macOS in the portal).
For Catalina, the install works perfectly. For the user the access to Screen Recording and Full Access is the same and has to be done manually (so also with a second reconnect for the Full Access to be requested).
krayon007
commented
3 years ago When you download, you didn't have the option to select "Linux/BSD/macOS binary installer" as the type and "macOS/x86-64" as the architecture? If you are able to download that version, let me know if that works on Big Sur. I don't have any Big Sur machines at the moment, but I can try to set one up.
vtacquet
commented
3 years ago Oh boy, I never looked in the Linux / BSD / macOS Binary item in that list, I always presumed it was similar to the macOS item directly, sorry about that :/ If a next BigSur pops up, I will test it with the binary and let you know.
V
On Wed, Nov 4, 2020 at 11:46 AM Bryan Roe notifications@github.com wrote:
When you download, you didn't have the option to select "Linux/BSD/macOS binary installer" as the type and "macOS/x86-64" as the architecture? If you are able to download that version, let me know if that works on Big Sur. I don't have any Big Sur machines at the moment, but I can try to set one up.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Ylianst/MeshCentral/issues/1948#issuecomment-721657716, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABHEGB4DB23CWWOGAM6EVJTSOEWJPANCNFSM4TJYIOVA .
krayon007
commented
3 years ago I'm waiting for the official Big Sur release before I setup a test environment with it, since it's so close to release.
krayon007
commented
3 years ago OK, I was curious what was going on, so I setup a Big Sur beta machine... The issue is that the security in Big Sur is stricter than Catalina...
When using the package installer:
sudo launchctl kickstart -k system/meshagentWhen using the binary installer:
chmod 770 meshagentkrayon007
commented
3 years ago first enabled applications to be installed from anywhere in 2 steps:
- sudo spctl --master-enable
- selected "anywhere" in Settings - Security & Privacy - General
installed MeshAgent, installed successfully, no new agent pops up in trace files (other -Windows- agent on same location still works perfectly and registers as usual, so no networking issues
server version 0.6.77, behind Caddy Proxy with LetsEncrypt (offloaded to proxy)
By the way, are you sure you didn't mean:
sudo spctl --master-disable not enable? If you do enable, the "anywhere" option is not present.
Anyways, when I disabled it, and ran the package installer, it installed fine, but I got the same popup blocking execution of the agent, but this time there is an "Open" button... If you click the open button, the app is whitelisted, and the agent runs correctly, and showed up on the browser.
therealgreg
commented
3 years ago OK, I was curious what was going on, so I setup a Big Sur beta machine... The issue is that the security in Big Sur is stricter than Catalina...
When using the package installer:
- After you install the service, a popup shows, saying the execution was blocked.
- Open System Preferences => Security & Privacy
- You should see a button saying "Allow Anyway" for meshagent, click this button.
- The agent is now white-listed, but the service is not running. You can either reboot the machine, or you can open a terminal, and run the following command:
sudo launchctl kickstart -k system/meshagentWhen using the binary installer:
- Download the binary installer
- From a terminal, do:
chmod 770 meshagent- Run the binary...
- The same popup as above will popup... Allow the binary, the same way, by going to Security & Privacy from System Preferences.
- After allowing meshagent, run the binary again...
- From here, the installer will function as normal... Simply click the install button, and everything will work.
krayon007, I had the agent running fine prior to Big Sur upgrade. I'm not sure at which point after the upgrade it stopped working, but today I noticed that it was showing offline in meshcentral, even though I could see the service running in Activity Monitor.
So I uninstalled and reinstalled using the package installer method. Kickstarting it worked. But after reboot, it would again show offline, even though it shows running in Activity Monitor. At this point I have to either kickstart or stop/start the service to make it work.
I uninstalled again and reinstalled using the binary installer method. Same issue.
Any ideas?
Thanks, Greg
krayon007
commented
3 years ago If you run the following command, what does it show as the commit date?
./meshagent -info
I checked in a change on Jan 13th that should resolve this issue. The current version of the agent, will show the following info:
Compiled on: 10:23:26, Jan 18 2021
Commit Hash: 949b49257b41332dd3a8e8c5f4ad2825778eac01
Commit Date: 2021-Jan-17 21:48:07-0800
Using OpenSSL 1.1.1i 8 Dec 2020Thank you for your response!
It shows: Compiled on: 12:56:23, Jan 7 2021 Commit Hash: e0ec2a405dc422645036963592c5b895db894fc7 Commit Date: 2020-Dec-31 13:13:23-0800 Using OpenSSL 1.1.1i 8 Dec 2020
Server version: 0.7.46
Do I have to upgrade the server in order to upgrade the agent, I assume?
krayon007
commented
3 years ago Do I have to upgrade the server in order to upgrade the agent, I assume?
Yes, upgrading the server will automatically upgrade your agents.
zackrspv
commented
3 years ago To note, in order to get it to work on BigSur for me with the mpkg, I had to:
/usr/local/mesh_services/meshagent/ foldersudo ./meshagent_osx64sudo launchctl kickstart -k system/meshagentThen, go to the MeshCentral2 server, open the desktop connection, go back to the device:
/usr/local/mesh_services/meshagent/, and select the meshagent_osx64file, and add it to the listThen it installs w/o issue.
I'd recommend an updated installer that can do most of this during install (much like Zoho Assist or LogMeIn does it), this way it's not complicated. Honestly, I'd prefer an unattended installer for MacOS so we can just kick this off via our MDM software push, but i'm fine for what it is for now, with the above instructions.
gadgetusaf
commented
2 years ago I'd recommend an updated installer that can do most of this during install (much like Zoho Assist or LogMeIn does it), this way it's not complicated. Honestly, I'd prefer an unattended installer for MacOS so we can just kick this off via our MDM software push, but i'm fine for what it is for now, with the above instructions.
+1
This would be incredibility, incredibility useful.
si458
commented
7 months ago closing as stale, please update to the latest version 1.1.21 and use node 18 or above, if issue persists, please reply back
first enabled applications to be installed from anywhere in 2 steps:
installed MeshAgent, installed successfully, no new agent pops up in trace files (other -Windows- agent on same location still works perfectly and registers as usual, so no networking issues
server version 0.6.77, behind Caddy Proxy with LetsEncrypt (offloaded to proxy)