search

amidaware / rmmagent

Tactical RMM Agent
https://github.com/amidaware/tacticalrmm
Other
129 stars 75 forks source link

Fresh Install of Agent 2.4.9 fails everytime #34

Closed 3gmgithub closed 1 year ago

3gmgithub commented 1 year ago

Tried multiple times on multiple PC's using Generated powershell script

Here is some log output:

time="2023-06-08T13:34:23-05:00" level=info msg="Agent service started" time="2023-06-08T13:34:34-05:00" level=error msg=EOF

3gmgithub commented 1 year ago

Agents that were already installed with older versions upgrade correctly and continue working.

3gmgithub commented 1 year ago

Using Windows client, this also happened on a Linux client will post the logs

wh1te909 commented 1 year ago

please do the following and paste the output (make sure to redact sensitive info): https://docs.tacticalrmm.com/troubleshooting/#from-agent-install

3gmgithub commented 1 year ago 
time="2023-06-08T16:42:44-05:00" level=debug msg="{Hostname:X-HIDE Arch: AgentID:X-HIDE BaseURL:https://X-HIDE ApiURL:X-HIDE Token:X-HIDE AgentPK:288 Cert: ProgramDir:C:\\Program Files\\TacticalAgent EXE:C:\\Program Files\\TacticalAgent\\tacticalrmm.exe SystemDrive:C: WinTmpDir:C:\\ProgramData\\TacticalRMM WinRunAsUserTmpDir:C:\\ProgramData\\TacticalRMM MeshInstaller:meshagent.exe MeshSystemEXE:C:\\Program Files\\Mesh Agent\\MeshAgent.exe MeshSVC:mesh agent PyBin:C:\\Program Files\\TacticalAgent\\py38-x64\\python.exe Headers:map[Authorization:Token X_HIDE Content-Type:application/json] Logger:0xc0000d4c00 Version:2.4.9 Debug:true rClient:0xc0001d41e0 Proxy: LogTo: LogFile:<nil> Platform:windows GoArch:amd64 ServiceConfig:0xc0000dc840 NatsServer:wss://X_HIDE:443 NatsProxyPath:natsws NatsProxyPort:443 NatsPingInterval:37 NatsWSCompression:true}\n"
time="2023-06-08T16:42:44-05:00" level=info msg="Agent service started"
time="2023-06-08T16:42:44-05:00" level=debug msg="&{Statistics:{InMsgs:0 OutMsgs:0 InBytes:0 OutBytes:0 Reconnects:0} mu:{w:{state:0 sema:0} writerSem:0 readerSem:0 readerCount:{_:{} v:0} readerWait:{_:{} v:0}} Opts:{Url: InProcessServer:<nil> Servers:[wss://X_HIDE:443] NoRandomize:false NoEcho:false Name:X-HIDE Verbose:false Pedantic:false Secure:true TLSConfig:0xc000138480 TLSCertCB:<nil> RootCAsCB:<nil> AllowReconnect:true MaxReconnect:-1 ReconnectWait:6s CustomReconnectDelayCB:<nil> ReconnectJitter:500ms ReconnectJitterTLS:4s Timeout:2s DrainTimeout:30s FlusherTimeout:0s PingInterval:37s MaxPingsOut:2 ClosedCB:<nil> DisconnectedCB:<nil> DisconnectedErrCB:0x1142da0 ConnectedCB:<nil> ReconnectedCB:0x1142c40 DiscoveredServersCB:<nil> AsyncErrorCB:0x1142ac0 ReconnectBufSize:-1 SubChanLen:65536 UserJWT:<nil> Nkey: SignatureCB:<nil> User:X-HIDE Password:X-HIDE Token: TokenHandler:<nil> Dialer:0xc000162690 CustomDialer:<nil> UseOldRequestStyle:false NoCallbacksAfterClientClose:false LameDuckModeHandler:<nil> RetryOnFailedConnect:true Compression:true ProxyPath:natsws InboxPrefix: IgnoreAuthErrorAbort:true SkipHostLookup:false} wg:{noCopy:{} state:{_:{} _:{} v:0} sema:0} srvPool:[0xc0001d2700] current:0xc0001d2700 urls:map[api.xtekrmm.com:443:{}] conn:0xc0001fe000 bw:0xc0001d27c0 br:0xc0001d2780 fch:0xc000086ae0 info:{ID:X-HIDE Name:X-HIDE Proto:1 Version:2.9.17 Host:0.0.0.0 Port:4222 Headers:true AuthRequired:true TLSRequired:true TLSAvailable:false MaxPayload:67108864 CID:426457 ClientIP:127.0.0.1 Nonce: Cluster: ConnectURLs:[] LameDuckMode:false} ssid:0 subsMu:{w:{state:0 sema:0} writerSem:0 readerSem:0 readerCount:{_:{} v:0} readerWait:{_:{} v:0}} subs:map[] ach:0xc0000a1620 pongs:[] scratch:[72 80 85 66 32 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0] status:3 statListeners:map[] initc:true err:<nil> ps:<nil> ptmr:<nil> pout:0 ar:false rqch:0xc000086b40 ws:true respSub: respSubPrefix: respSubLen:0 respScanf: respMux:<nil> respMap:map[] respRand:<nil> filters:map[]}\n"
time="2023-06-08T16:42:44-05:00" level=debug msg="{Url: InProcessServer:<nil> Servers:[wss://X-HIDE:443] NoRandomize:false NoEcho:false Name:X-HIDE Verbose:false Pedantic:false Secure:true TLSConfig:0xc000138480 TLSCertCB:<nil> RootCAsCB:<nil> AllowReconnect:true MaxReconnect:-1 ReconnectWait:6s CustomReconnectDelayCB:<nil> ReconnectJitter:500ms ReconnectJitterTLS:4s Timeout:2s DrainTimeout:30s FlusherTimeout:0s PingInterval:37s MaxPingsOut:2 ClosedCB:<nil> DisconnectedCB:<nil> DisconnectedErrCB:0x1142da0 ConnectedCB:<nil> ReconnectedCB:0x1142c40 DiscoveredServersCB:<nil> AsyncErrorCB:0x1142ac0 ReconnectBufSize:-1 SubChanLen:65536 UserJWT:<nil> Nkey: SignatureCB:<nil> User:X-HIDE Password:X-HIDE Token: TokenHandler:<nil> Dialer:0xc000162690 CustomDialer:<nil> UseOldRequestStyle:false NoCallbacksAfterClientClose:false LameDuckModeHandler:<nil> RetryOnFailedConnect:true Compression:true ProxyPath:natsws InboxPrefix: IgnoreAuthErrorAbort:true SkipHostLookup:false}\n"
time="2023-06-08T16:42:44-05:00" level=debug msg="CheckRunner() init sleeping for 19 seconds"
time="2023-06-08T16:42:44-05:00" level=debug msg="AgentSvc() sleeping for 15 seconds"
time="2023-06-08T16:42:54-05:00" level=error msg=EOF
wh1te909 commented 1 year ago

what about sudo systemctl status --full --no-pager nats.service on server side

3gmgithub commented 1 year ago

The service was not running.... The permissions on the X509 key was root for some reason. I guess I ran the cert update as Root instead of Tactical... Once I updated the permissions this worked just fine. Thanks for your direction.

wh1te909 commented 1 year ago

no problem, yea you need to run the update script with the force flag after renewing cert, as stated in the docs, that will set the correct permissions and restart necessary services: https://docs.tacticalrmm.com/update_server/#keeping-your-lets-encrypt-ssl-certificate-up-to-date