MyFavMirrors
/
MeshCentral
mirror of https://github.com/Ylianst/MeshCentral.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/Ylianst/MeshCentral

This commit is contained in:
Ylian Saint-Hilaire 2022-06-25 16:23:01 -07:00
parent 3b93d1adf7 8ef4603ac2
commit 2129ce067b
1 changed files with 95 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

100
docs/docs/meshcentral/debugging.md
View File

@ -6,7 +6,22 @@ Make sure you understand how MeshCentral works with your browser using chrome de
<iframe width="320" height="180" src="https://www.youtube.com/embed/3vI4URd3VzU" frameborder="0" allowfullscreen></iframe>
</div>
## Enabling trace in your browser Dev Tools
## MeshCentral Server
### Useful config.js settings
<https://github.com/Ylianst/MeshCentral/blob/master/meshcentral-config-schema.json>
```json
"AgentsInRAM": false,
"AgentUpdateBlockSize": 2048,
"agentUpdateSystem": 1,
"noAgentUpdate": 1,
"WsCompression": false,
"AgentWsCompression": false,
```
### Enabling trace in your browser Dev Tools
`Trace=1` as a parameter in chrome dev tools for debugging
@ -34,7 +49,7 @@ If you want to change node to meshcentral in journalctl, add this to /etc/system
SyslogIdentifier=meshcentral
```
## Server: Logging it all
### Logging it all
To log everything that's possible, prepare the log directory.
@ -84,7 +99,7 @@ You'll then have 3 files:
`log.txt` will now log everything in the Trace tab
## Restricting server to specific IP(s)
### Restricting server to specific IP(s)
When doing debugging on my development server, I use this line in the settings section to block all agent connections except the agent I want:
@ -94,16 +109,91 @@ When doing debugging on my development server, I use this line in the settings s
Of course, this is just for debugging.
## Finding system ID types
### Finding system ID types
<https://serverurl/meshagents> aka trying figure out what this is
![ID](images/determine-id.png)
## Determine Agent capabilities
### Pull down cert .crt file from internet
[See #1662](https://github.com/Ylianst/MeshCentral/issues/1662#issuecomment-666559391) We have run into this challenge before, where our .crt file expired and then all our agents were unable to connect. In our case, the TLS cert was available on the internet, and thus, we were able to use these commands to update it:
```bash
echo -n \| openssl s_client -connect yourdomain.com:443 2> /dev/null\| sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /opt/meshcentral/meshcentral-data/webserver-cert-public.crt
service meshcentral restart
```
## MeshAgent
### Determine Agent capabilities
On the server goto the agents console tab. Type:
```
info
```
### Useful MeshAgent.msh flags
<https://github.com/Ylianst/MeshAgent/blob/master/meshcore/agentcore.h#L190>
```json
controlChannelDebug=1
logUpdate=1
```
### Obtain generated .msh File
If you need a trick to get the .msh file, you can add ?debug=1 to the URL and click "Add Agent", there will be an extra link to download it.
### MeshAgent Commands
```
MeshAgent run
MeshAgent dbTool.js list
```
Forcing Core version from Cmdline
* Download meschore.js and rename to CoreModule.js and put it alongside MeshAgent.exe
* Stop MeshAgent service
* Run `MeshAgent.exe dbTool.js import CoreModule`
### On the fly Patching MeshAgent
[MeshAgent#89 (comment)](https://github.com/Ylianst/MeshAgent/issues/89#issuecomment-949901720)
There are two ways to do this... When debugging, and making changes, you can modify the .js file directly, and just save it in the same folder as the agent binary... The agent will use the .js file from disc if it's there, if it's newer than the one compiled in the binary. You don't even need to restart the agent. You can just clear the core, and reload the core.....
When you are satisfied with your changes to the .js file, you can use the clipboard, in the following fashion:
```bash
meshagent -exec "require('clipboard').nativeAddCompressedModule('foo');process.exit();"
```
if the file you modified isn't in the same folder as the agent binary, you can use the following command if you don't want to move the file, and edit it directly in the modules folder:
```bash
meshagent -exec "setModulePath('pathToFolder');require('clipboard').nativeAddCompressedModule('foo');process.exit();"
```
This command is just like the previous, except it searches for modules in the path specified.
Just substitute foo, with the name of the module that you modified. It will load the module from disc, compress it, and save it into the clipboard.. So you can just load up your editor for ILibDuktape_Polyfills.c, and find where that particular module is defined... and paste directly from the clipboard... The clipboard will contain all the necessary C code to uncompress and load the module.
If the compressed result is relatively long, it will auto break it up into multiple lines to work around an issue with visual studio's maximum string literal limitations.
### Agent Debugging using MeshCore JS Debugger
[(#119)](https://github.com/Ylianst/MeshAgent/issues/119) How to test changes to the meshagent and recompile them.
* Copy duktape-debugger.js to the mesh directory on the target machine.
* From the console tab of the agent, enter this command, substituting the port number you want to use instead of 9999
`eval "attachDebugger({ webport: 9999 })"`
Then open your browser to http://localhost:9999 or whatever port you used.
!!!note
If you pause the debugger, and happen to forget about it, the agent will automatically kill itself and restart because it will think that a thread is stuck. Default debugger timeout is 10 minutes, you may find a log entry saved to disk saying "Microstack Thread STUCK", or something similar.