Linux Commands and Outputs

  • 4 minute(s) read
Prev Next

The following commands are supported on the Enterprise Agent:

  • catchpoint start: Start all Catchpoint Enterprise Node services
  • catchpoint stop: Stop all Catchpoint Enterprise Node services
  • catchpoint restart: Restart all Catchpoint Enterprise Node services
  • catchpoint status: Show the status of all Catchpoint Enterprise Node services
  • catchpoint update: Update Catchpoint Enterprise Agent to the latest version
  • catchpoint machine-id -n: Generates new MAC address for Hostname created to add the machine into the portal.

<command> -y, --assumeyes: For the previous commands, assume that the answer to any prompt the command would generate is yes.

  • pid <service name>: Show PID of Catchpoint Enterprise Node service. <servicename> can be cprapi or cpsns. Default: cpsns
  • catchpoint proxy -l, --list: Display current proxy settings. This is the default behavior of the proxy command if no argument is included.
  • catchpoint proxy -<argument1> -<argument2>... Set up a proxy for Catchpoint Enterprise Node. Proxy settings must be set configured using all of the arguments listed below (i.e. even if you are just changing the PAC url, you will need to re-enter the username, password, hostname, etc.)
    • -t <proxy_type>, --type=<proxy_type>: Proxy type, DIRECT (default, no proxy), STATIC, or PAC
    • -h <hostname>, --host=<hostname>: Set the proxy location, format depends on proxy type
    • DIRECT: - DIRECT proxy type does not require location option.
    • STATIC: - Supply hostname & port for Proxy Location. Use hostname or IPv4 IP address or IPv6 IP address.
    • PAC: - Supply the URL for PAC (Proxy Auto Config) file.
    • -P <port>, --port=<port>: STATIC - Supply port for Proxy Location.
    • -u <username>, --user=<username>: Proxy server Username when using a Static Proxy. The username will be encrypted and saved locally.
    • -p[password], --password=[password]: Proxy server password when using a Static Proxy. The password will be encrypted and saved locally. The password must follow -p without space. If no password is provided; you will be prompted for the password.
    • -b, --bypass-local-urls: Enable bypassing of local URLs, default to disabled. Use when specifying all proxy settings.
    • -B=[bypass_urls], --bypass-urls=<bypass_urls>: Set a list of URLs for the fixed proxy to bypass, separated by a semi-colons(;). Use when specifying all proxy settings.
    • dns: Displays or set DNS for Catchpoint Enterprise Node
    • -r, --restore: Restores DNS settings from DHCP or Network Manager.
    • [<DNS server[s]>]: Set DNS server; provide multiple IP addresses separated by a comma (,).
    • cert: Import certficates, by default "catchpoint cert" tries to import /etc/pki/ca-trust/source/anchors/catchpoint.crt
    • -i, --import: Specify location of the certificate file that will be imported.
    • log: Show the output of Catchpoint Enterprise Node service log to STDOUT, similar to 'tail -f'.
    • -c, --color: Shows a Colorized output of Catchpoint Enterprise Node service log to STDOUT.
    • -s, --snapshot: Creates a snapshot of all logs related to Catchpoint Enterprise Node; and saves it to /var/tmp/catchpoint/log
    • -d <number_of_days>, --days=<number_of_days>: Creates a snapshot of all logs related to Catchpoint Enterprise Node for the # of days specified; and saves it to /var/tmp/catchpoint/ Only valid with the snapshot option. Default: 1
  • [<service name>]: Show the output of Catchpoint Enterprise Node logs to STDOUT, similar to 'tail -f'. Only valid without the snapshot option.
    • can be cprapi, cpsns. Default: cpsns
  • packet-capture: Runs tcpdump to capture network packets; helpful for troubleshooting Catchpoint Enterprise Node.
  • cc: Catchpoint Command & Control configuration of Enterprise Node.
  • -l, --list: Shows a list of all C&C configurations the Synthetic Agent communicates with.
    • This is also the default option.
  • -S, --status: Check if the Synthetic Agent is able to communicate with C&C using the following three methods:
    • method 1: using curl command
    • method 2: using Agent SNO test
    • method 3: using Agent http client (mono)
  • -s, --static: Shows a list of all static C&C configuration.
  • node-gateway: Catchpoint Node Gateway configuration of Enterprise Node.
  • -l, --list: Shows the address of Node Gateway the Synthetic Agent communicates with.
    • This is also the default option.
  • -S, --status: Check if the Synthetic Agent is able to communicate with Node Gateway using the following three methods:
    • method 1: using curl command
    • method 2: using Agent SNO test
    • method 3: using Agent http client (mono)
  • -a, --add: Add the address of the Node Gateway to the Enterprise Node.
  • -h, --host: Address of the Node Gateway.
    • Note: value of '--host' must be Node Gateway base URL starting with 'https', for example: https://your.gateway.server
  • -r, --remove: Remove Node Gateway configuration.
  • env: Displays the Catchpoint Enterprise Node's environment variables.
  • os: Changes system settings.
    • --enable-port=/ Unblock port. Example: --enable-port=443/tcp
    • --disable-port=/ Block port.
  • --set-selinux=<state>: Set SELinux state, state can only be Enforcing/Permissive/Disabled
  • info: Displays activation information
  • eula: Displays End-user license agreement.
  • -p, --plain: Displays plain EULA on STDOUT.
  • check-prerequisites: Checks if system prerequisites for Catchpoint Enterprise Node installation are met
  • view-chrome-switches: Displays custom chrome switches configuration file location and contents
  • FOLDERS: /opt/catchpoint/ Binaries and configurations /opt/3genlabs/ Chrome binaries and extension, and mono registry /var/3genlabs/ Runtime files and logs
  • SUDOERS: Catchpoint utilizes the sudoers functionality for executing a small number of behaviors securely. Depending on how /etc/sudoers is configured, the installer will automatically update the /etc/sudoers file or use the specified #includedir to create a catchpoint_agent specific sudoers file containing the currently supported commands. These commands are secured from tampering with SHA512 hashes. The commands listed are scripts that can be found in the /opt/catchpoint/bin/ folder all beginning with cpsudo_* as the filenames. These can be reviewed for security, and none of them take command line arguments, to prevent certain types of shell escaping attacks, and instead utilize stdin and stdout via JSON, with strict input validation.
    • KNOWN ISSUES "catchpoint cc -S" fails as expected when Synthetic Agent is configured with Node Gateway.