How to Install McAfee Agent on Linux?

Leave a comment

This article helps to Install McAfee agent on Linux. Most Importantly provides step by step command line (CLI) guide for McAfee agent Installation and verification. For demonstration purpose Ubuntu 18 (Bionic) and McAfee agent version 5.6.3 used here. Kindly note, this method of Installation suitable only for ePO environment.

Step1: Get the McAfee agent package from ePO

Use any one of below method to get the McAfee Agent Installation package from ePO.

From Console:

System Tree -> New systems -> Select “Create and download agent installation package” -> Click on “Non Windows” -> Select version and “OK”

From ePO Server:

Login to ePO server RDP session and navigate to below path.

ePO Installation directory\McAfee\ePolicy Orchestrator\DB\Software\Current\EPOAGENT3700LYNX\Install\0409

Then copy following files to the target systems.

install.sh
installrpm.sh
installdeb.sh

Step2: Install McAfee Agent

Firstly extract the archive and execute the Installer.

bash#> unzip -d MA-linux EPO_Linux_MA_563.zip && cd MA-linux
bash#> sudo sh install.sh -i

Secondly verify the McAfee agent service status.

bash#> sudo systemctl enable cma
bash#> sudo systemctl start cma
bash#> sudo systemctl status cma

Step3 (Optional): Set Custom Properties

This step is optional. Therefore If your organization demands to set custom properties, you may refer these commands. Actually Linux Installation command do not accept custom properties as arguments. Since you must set it manually after McAfee agent Installation.

bash#> sudo /opt/McAfee/agent/bin/maconfig -custom -prop1 "Region" -prop2 "Country" -prop3 "Department"

--Note-- Kindly change the propx values according to your organization settings.

--Verify--
bash#> /opt/McAfee/agent/bin/cmdagent -i

After that Initiate ASC (Agent Server Communication) to ePO manually, so the changes made to custom properties get updated to ePO database Immediately.

bash#> /opt/McAfee/agent/bin/cmdagent -p
--output--
2020-02-02 18:07:53.606 (5956.5956) cmdagent.Info: Properties collect and send command initiated by cmdagent.

That’s all, McAfee agent Installation completed. Based on my experience, would like to share troubleshooting tips for agent connection Issues.

Troubleshooting Tips

Issue: McAfee agent not reporting to ePO. And logs shows server response code as empty and reports connectivity error.

2019-11-11 18:08:01.682 (5715.5715) ahclient.Info: Network library rc = <1008>, Agent handler reports response code <>.

Solution: Verify network connectivity to ePO server on required port.

  • Find ePO server and port details
bash#> /opt/McAfee/agent/bin/cmdagent -i |egrep 'EpoServerList|EpoPortList'
--output--
EpoServerList: 10.20.30.10|epo-server-1|epo-server-1.sunt.com|10.20.30.20|epo-server-2|epo-server-2.sunt.com
EpoPortList: 443|443
  • After that check connectivity to the ePO server. In other word server IP’s Identified from result of above command. There might be multiple servers in the list. But agent should be able to reach any one ePO server.
bash#> nc -zv 10.20.30.10 443
  • If the connection could not be established, might be the firewall blocking traffic. Once its fixed agent should talk to ePO. And McAfee agent logs shows success response code “200” similar to below.
$ tail -50f /var/McAfee/agent/logs/masvc_<hostname>.log
--output--
2019-11-11 18:07:59.645 (5715.5715) ahclient.Info: Initiating spipe connection to site https://10.20.30.10:443/spipe/pkg?AgentGuid={7axyzafc-0476-11ea-35f3-080027262248}&Source=Agent_3.0.0.
2019-11-11 18:07:59.646 (5715.5715) ahclient.Info: connection initiated  to site https://10.20.30.10:443/spipe/pkg?AgentGuid={7axyzafc-0476-11ea-35f3-080027262248}&Source=Agent_3.0.0.
2019-11-11 18:08:01.682 (5715.5715) ahclient.Info: Network library rc = <1008>, Agent handler reports response code <200>.
2019-11-11 18:08:01.682 (5715.5715) ahclient.Info: Agent handler reports spipe package received. response code 200.
2019-11-11 18:08:01.682 (5715.5715) ahclient.Info: Spipe connection response received, network return code = 1008, response code 200.

Hope this article helps you to Install McAfee agent on Linux. Request you to post your queries and thoughts at comments section. Happy working on Linux !!

Leave a Reply

Your email address will not be published. Required fields are marked *