Доброго времени суток. На железке с proxmox живет lxc (ubuntu 16.04), где стоит 1С сервер, HASP драйвер и менеджер лицензий. Для ключа защиты софт брался здесь https://safenet-sentinel.ru/helpdesk/download-space/ по рекомендации в ИТС. Клиенты на другом компьютере в той же сети не могут получить лицензию. Взываю к админам 1Ски и не только для помощи. Спасибо!
На lxc:
root@1csrv1:~# systemctl status hasplmd.service
● hasplmd.service - Sentinel LDK Runtime Environment (hasplmd daemon)
Loaded: loaded (/etc/systemd/system/hasplmd.service; enabled; vendor preset: enabled)
Active: active (running) since Сб 2019-10-05 11:21:41 UTC; 1h 9min ago
Process: 185 ExecStart=/usr/sbin/hasplmd_x86_64 -s (code=exited, status=0/SUCCESS)
Main PID: 243 (hasplmd_x86_64)
CGroup: /system.slice/hasplmd.service
└─243 /usr/sbin/hasplmd_x86_64 -s
окт 05 11:21:41 1csrv1 systemd[1]: Starting Sentinel LDK Runtime Environment (hasplmd daemon)...
окт 05 11:21:41 1csrv1 systemd[1]: Started Sentinel LDK Runtime Environment (hasplmd daemon).
окт 05 11:21:41 1csrv1 hasplmd[243]: HASP LM v23.0.1.90971 loaded
root@1csrv1:~# systemctl status aksusbd.service
● aksusbd.service - Sentinel LDK Runtime Environment (aksusbd daemon)
Loaded: loaded (/etc/systemd/system/aksusbd.service; enabled; vendor preset: enabled)
Active: active (running) since Сб 2019-10-05 11:21:41 UTC; 1h 10min ago
Process: 160 ExecStart=/usr/sbin/aksusbd_x86_64 (code=exited, status=0/SUCCESS)
Main PID: 179 (aksusbd_x86_64)
CGroup: /system.slice/aksusbd.service
└─179 /usr/sbin/aksusbd_x86_64
окт 05 11:21:41 1csrv1 systemd[1]: Starting Sentinel LDK Runtime Environment (aksusbd daemon)...
окт 05 11:21:41 1csrv1 aksusbd[179]: loaded, daemon version: 7.100.1.88855, key API (USB) version: 3.88 (parallel driver not available)
окт 05 11:21:41 1csrv1 systemd[1]: Started Sentinel LDK Runtime Environment (aksusbd daemon).
root@1csrv1:~# ss -anp | grep -E 'hasp|usb'
u_str LISTEN 0 5 /tmp/.aksusb 4686911 * 0 users:(("aksusbd_x86_64",pid=179,fd=6))
u_dgr UNCONN 0 0 * 4686646 * 4683873 users:(("hasplm",pid=246,fd=0))
u_dgr UNCONN 0 0 * 4687060 * 4683873 users:(("hasplmd_x86_64",pid=243,fd=3))
u_dgr UNCONN 0 0 * 4686909 * 4683873 users:(("aksusbd_x86_64",pid=179,fd=3))
udp UNCONN 3584 0 *:475 *:* users:(("hasplm",pid=246,fd=3))
udp UNCONN 52992 0 *:1947 *:* users:(("hasplmd_x86_64",pid=243,fd=10))
tcp LISTEN 0 128 *:1947 *:* users:(("hasplmd_x86_64",pid=243,fd=9))
root@1csrv1:~# ps -A -o user,command | grep 'hasp'
root /usr/sbin/hasplmd_x86_64 -s
root /opt/hasplm/hasplm -c /etc/nhsrv.ini
root grep --color=auto hasp
root@1csrv1:~# cat /etc/nhsrv.ini
[NHS_SERVER]
NHS_USERLIST = 250 ; maximum number of concurrent logins
; to this LM (default=250, max = 65520)
; settings for the IP protocol
[NHS_IP]
NHS_USE_UDP = enabled ; enabled or disabled (default: enabled)
NHS_USE_TCP = enabled ; enabled or disabled (default: enabled)
NHS_IP_portnum = 475 ; IP port number (default: 475 (IANA registered))
; CAUTION: clients must use the same port !
NHS_IP_LIMIT = 172.25.1.*
; specifies the range of stations that are allowed to access the LM
; 10.24.2.18-99, 10.1.1.9/16, 194.0.*.*
; settings for the IPX protocol
[NHS_IPX]
NHS_USE_IPX = disabled
[NHS_NETBIOS]
NHS_USE_NETBIOS = disabled
root@1csrv1:~# lsusb -t
/: Bus 04.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/4p, 5000M
/: Bus 03.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/4p, 480M
|__ Port 2: Dev 2, If 0, Class=Vendor Specific Class, Driver=, 12M
/: Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/4p, 10000M
/: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/10p, 480M
|__ Port 2: Dev 2, If 0, Class=Vendor Specific Class, Driver=, 12M
root@1csrv1:~# ls -al /dev/bus/usb/001/002
crw-rw-r-- 1 root root 189, 1 окт 5 12:41 /dev/bus/usb/001/002
На хосте:
root@itghost1:~# cat /etc/pve/nodes/itghost1/lxc/105.conf
arch: amd64
cores: 4
hostname: 1csrv1
memory: 4096
net0: name=eth0,bridge=vmbr0,gw=172.25.1.1,hwaddr=16:D0:C9:E2:8C:52,ip=172.25.1.8/24,tag=70,type=veth
ostype: ubuntu
rootfs: disk-sdd:vm-105-disk-1,size=64G
swap: 512
lxc.cgroup.devices.allow = c *:* rwm
lxc.mount.entry = /dev/bus/usb dev/bus/usb none bind,optional,create=dir
root@itghost1:~# cat /var/log/lxc/105.log
lxc-start 105 20191003195710.255 ERROR lxc_conf - conf.c:run_buffer:347 - Script exited with status 1
lxc-start 105 20191003195710.255 ERROR lxc_start - start.c:lxc_fini:961 - Failed to run lxc.hook.post-stop for container "105"
-//-
Запросы от клиентов доходят и им даже отправляется ответ
root@1csrv1:~# tcpdump port 475
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
12:46:35.616476 IP 172.25.1.2.57149 > 1csrv1.localdomain.475: UDP, length 165
12:46:35.616647 IP 1csrv1.localdomain.475 > 172.25.1.2.57149: UDP, length 62
PS: Клиенты под вендой, брандмауэр отключен
