[6636] Pre-installation checklist for F-Secure Linux Security

Summary

This document provides information about the necessary steps required to successfully install F-Secure Linux Security.

Description

Some distributions and Linux installations may require certain workarounds to be applied before the product can be installed. This describes the most common configurations where the workarounds might be needed. The general idea is that during the installation you must have the compiler and kernel source installed because the real-time antivirus and IDS features depend on a kernel driver which is compiled during installation to fit the running kernel.

All 64-bit Distributions

Some 64-bit distributions do not install 32-bit compatibility libraries by default. Make sure that these libraries are installed. Compatibility library package naming varies. Therefore, check the exact package name from the distributions documentation. On the 64-bit Ubuntu, you have to install ia32-libs.

Distributions using prelink (such as Asianux)

Some distributions, such as Asianux, run prelink periodically from cron to reduce startup time of binaries using dynamic libraries. Prelinking modifies binaries and dynamic libraries on the disk. This conflicts with the purpose of Linux Security's Integrity Checker feature whose sole purpose is to detect modifications to system files.

We recommend that you disable automatic prelink runs from cron. On Asianux, this can be done by editing /etc/sysconfig/prelink and changing line

PRELINKING=yes

to

PRELINKING=no

Then run /etc/cron.daily/prelink. Now you can install F-Secure Linux Security and operate it normally.

If you have already installed F-Secure Linux Security, complete the following steps:

1. Turn on software installation mode by running /opt/f-secure/fsav/bin/fsims on. In software installation mode, Linux Security allows modifications to system files.
2. Edit /etc/sysconfig/prelink as described above and run /etc/cron.daily/prelink.
3. Turn off software installation mode by running /opt/f-secure/fsav/bin/fsims off.

When Linux Security software installation mode is turned off, the state of system files is stored in the Integrity Checker baseline, which is signed by interactively asking the administrator to enter a passphrase.

You can still use prelinking but you will have to turn on Linux Security software installation mode before prelinking, and turn software installation mode off when prelinking is finished. This allows prelink to make the changes in the system files in a controlled way. An example:

# /opt/f-secure/fsav/bin/fsims on
# prelink -a
# /opt/f-secure/fsav/bin/fsims off


Please note that this operation cannot be automated easily: When turning the software installation mode off, a new baseline is created and it is signed by interactively asking the administrator to enter a passphrase.

Red Hat Enterprise Linux

RHEL 3

The following packages are needed:

• gcc
• glibc-devel
• glibc-headers
• glibc-kernheaders
• kernel-source

The packages can be found on RHEL3 disc 3.

RHEL 4

The following steps are required to install F-Secure Linux Security on a computer running Red Hat Enterprise Linux 4 AS.

The following additional rpms are needed (compared to default installation) and can be found on RHEL 4 AS disc 3:

• gcc
• glibc-devel
• glibc-headers
• glibc-kernheaders

At least ONE of the following rpm packages are needed:

• kernel-devel
• kernel-hugemem-devel
• kernel-smp-devel

(see which kernel is in use with the following command: uname -r)

To make sure that the system tray applet, i.e. F-Secure icon, works, the following rpm packages are required:

• kdelibs
• compat-libstdc++

Install the rpms from RHEL4 CDs with command rpm -ivh, use Applications > System Settings > Add/Remove Applications or up2date.

Now you can install F-Secure Linux Client/Server Security normally.

RHEL 5

Make sure that the following packages are installed, by using, for example the Search tab in Applications > Add/Remove Software, or the rpm command:

• gcc
• glibc-devel
• glibc-headers
• kernel-devel

Debian 4.0 and Ubuntu 6.06

You need to install a compiler, kernel headers, RPM and possibly additional utilities to be able to install the product. To install them, enter the following command:

(for both Debian and Ubuntu): sudo apt-get install gcc rpm make libc6-dev psmisc

(for Ubuntu and Debian 4.0): sudo apt-get install linux-headers-'uname -r'

Ubuntu 7.10

sudo apt-get install rpm libc6-dev patch linux-libc-dev

Ubuntu 8.04

sudo apt-get install rpm libc6-dev patch linux-libc-dev

Ubuntu 8.04 Server

sudo apt-get install rpm libc6-dev patch linux-libc-dev make gcc

SuSE

These instructions have been tested and should work on (at least) the following SUSE versions: 9.1, 9.2, 9.3, 10.0, 10.1.

Make sure that packages "kernel-source", "make", "patch" and "gcc" are installed through YaST or other means. The FSAV installer will warn you during the installation if it cannot find the necessary components.

Turbolinux 10

You need to install the Development tools and Kernel recompile kit Turbolinux package groups to be able to compile the Dazuko kernel module.

The Turbolinux kernel sources are sometimes unconfigured and cannot be used to compile kernel drivers. This can be fixed by running command make oldconfig in the kernel source tree.

Turbolinux 11

For Dazuko kernel module compilation, you need to install the same packages as in Turbolinux 10 (?). The following commands need to be executed:

cd /usr/src/linux-2.major.minor
./SetupKernelSource.sh architecture

where major.minor is your kernel version and architecture either i686, i686smp64G or x86_64.

3/26/2009 12:08:21 PM