McAfee VirusScan Enterprise for Linux, v1.6

McAfee VirusScan Enterprise for Linux, v1.6
Installation Guide
COPYRIGHT
Copyright © 2010 McAfee, Inc. All Rights Reserved.
No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form
or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies.
TRADEMARK ATTRIBUTIONS
AVERT, EPO, EPOLICY ORCHESTRATOR, FOUNDSTONE, GROUPSHIELD, INTRUSHIELD, LINUXSHIELD, MAX (MCAFEE SECURITYALLIANCE
EXCHANGE), MCAFEE, NETSHIELD, PORTALSHIELD, PREVENTSYS, SECURITYALLIANCE, SITEADVISOR, TOTAL PROTECTION, VIRUSSCAN,
WEBSHIELD are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee Red in
connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property
of their respective owners.
LICENSE INFORMATION
License Agreement
NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED,
WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH
TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS
THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET,
A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU
DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN
THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND.
2
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
Contents
Introducing McAfee VirusScan Enterprise for Linux. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Product Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
What’s new in this release. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
System Requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Hardware and software requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Supported kernels. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Red Hat Enterprise Linux and CentOS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
SuSE Enterprise Linux. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Ubuntu. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Fedora. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Creating 2.6 kernel modules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Installing McAfee VirusScan Enterprise for Linux. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Manual installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Silent installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Running McAfee VirusScan Enterprise for Linux. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Handling old certificates. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Removing the software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Upgrading from previous LinuxShield versions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Integrating with ePolicy Orchestrator. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
3
Introducing McAfee VirusScan Enterprise for
Linux
McAfee VirusScan Enterprise for Linux (previously known as LinuxShield) detects and removes
viruses and other potentially unwanted software on Linux-based systems.
NOTE: This information is intended for network administrators who are responsible for their
company’s anti-virus and security program.
Contents
Product Features
What’s new in this release
Product Features
McAfee VirusScan Enterprise for Linux software has the following features:
• Support for 64-bit AMD64/Intel EM64T operating systems.
• The latest version (5400) of the McAfee anti-virus engine.
• Incremental Virus Signature (DAT) updates.
• Mod-versioning for automatic kernel support.
• Scanning
• Comprehensive on-access anti-virus scanning and cleaning using the McAfee scanning
engine.
• On-access scanning for local file systems, NFS and Samba.
• Kernel-level scan cache for improved performance.
• Scheduling of on-demand scans.
• Scheduling of updates for scanning engine and virus definition files.
• Administration
• Remote administration using browser-based interface.
• Secure browser interface with authentication and HTTPS (SSL) support.
• Remote administration and reporting using ePolicy Orchestrator.
• Reporting
• Real-time statistics.
• Detailed database for detected items and system events.
• Ability to query the database by date range or individual field values, for example, virus
name. Results of query can be exported to a CSV file.
4
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
Introducing McAfee VirusScan Enterprise for Linux
What’s new in this release
• Configurable email notification for detected items, out-of-date virus definition files,
configuration changes, and system events.
• Diagnostic report for use when reporting a problem with the product.
Features not supported
• Support for 2.4 kernels.
What’s new in this release
This release of VirusScan Enterprise for Linux includes the following new enhancements:
• Support for SuSE Linux Enterprise Server/Desktop 11
• Support for CentOS 4.x
• Support for CentOS 5.x
• Support for Fedora Core 10, 11, and 12
• Support for Ubuntu 8.04, 9.04, and 9.10 (Desktop/Server edition)
• Regular expression based exclusions for On-access scan and On-demand scan from the user
interface.
• The latest version (5400) of the McAfee anti-virus engine.
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
5
System Requirements
This section describes the software and hardware requirements to install VirusScan Enterprise
for Linux.
Contents
Hardware and software requirements
Supported kernels
Creating 2.6 kernel modules
Hardware and software requirements
The following hardware and software are required:
Supported operating systems (32-bit/64-bit)
• SuSE Linux Enterprise Server 9.x
• SuSE Linux Enterprise Server/Desktop 10.x
• SuSE Linux Enterprise Server/Desktop 11
• Red Hat Enterprise 4.x Advanced Server, Workstation, Enterprise Server, Desktop
• Red Hat Enterprise 5.x Advanced Platform, Desktop
• CentOS 4.x
• CentOS 5.x
• Fedora Core 10, 11, and 12
• Ubuntu 8.04, 9.04, and 9.10 (Desktop/Server edition)
NOTE: On-access scanning is not supported for the following file systems:
• SLES 10 SP2, 10 SP3, and 11— ext2, isofs
• RHEL 5.x — ext2, isofs
• CentOS 5.x — ext2, isofs
• Ubuntu 9.04 — ext2, ext3, ext4, isofs
• Ubuntu 9.10 — ext2, ext3, ext4
• Fedora Core 10, 11, and 12 — ext3, ext4, isofs
Supported processors
• Intel x86 architecture-based processor
• Intel x64 architecture-based processor that supports Intel Extended Memory 64 Technology
(Intel EM64T)
6
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
System Requirements
Supported kernels
• AMD x64 architecture-based processor with AMD 64-bit technology
Memory
• Minimum: 256 MB
• Recommended: 1 GB
Disk space
• Minimum: 500 MB
Supported browsers
• Microsoft Internet Explorer 5.5, 6.0, 7.0 and 8.0
• Konqueror 3.5.1 and 4.1.3
• Mozilla 0.9.9, 1.0.1, 1.2.1, 1.4, 1.6, 1.7.8, 1.8.x and 1.9.x
• Firefox 1.0, 1.5, 2.0, 3.0, 3.5 and 3.6
Supported McAfee Management software
• McAfee ePolicy Orchestrator 4.0
• McAfee ePolicy Orchestrator 4.5
Supported McAfee Agent software
• McAfee Agent 4.5 Patch 1 (Build 1470)
Display
Monitor screen with a recommended minimum resolution of 1024 x 768.
Supported kernels
The following kernel modules are provided in this release, for 32-bit and 64-bit (x86_64)
operating systems. If your kernel is not listed here, see About kernel support section and
Creating kernel modules section.
About kernel support
The VirusScan Enterprise for Linux installation includes on-access kernel modules for the versions
of RedHat, SuSE, and Ubuntu that we support. See the tables in Supported kernels section to
get the full list of kernels. We provide these modules for the original kernel versions that are
shipped with the distribution, and for the latest official kernel updates provided by Red Hat,
SuSE, and Ubuntu at the time of this release. Our updates for their later kernels will be available
from http://mysupport.nai.com.
Source code for the kernel modules is also available on your product CD, or from our product
download site. The availability of this source code allows you to respond to security patches as
quickly as your specific environment and company policy dictates. However, we are unable to
provide support for customized kernel modules because we cannot test them or reproduce
specific issues.
NOTE: To view an updated list of supported kernels associated with this release, see KB68859
in the McAfee Support online KnowledgeBase: https://mysupport.mcafee.com.
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
7
System Requirements
Supported kernels
Supported Kernels for:
Red Hat Enterprise Linux and CentOS
SuSE Enterprise Linux
Ubuntu
Fedora
Red Hat Enterprise Linux and CentOS
Supported Kernels for Red Hat Enterprise Linux and CentOS 4.x
Red Hat Enterprise Linux 4.x and CentOS 4.x (EL, ELsmp, ELhugemem)
2.6.9-5
2.6.9-67.0.4
2.6.9-22.0.1
2.6.9-67.0.7
2.6.9-22.0.2
2.6.9-67
2.6.9-34
2.6.9-78.0.1
2.6.9-34.0.1
2.6.9-78.0.13
2.6.9-34.0.2
2.6.9-78.0.17
2.6.9-42
2.6.9-78.0.22
2.6.9-42.0.2
2.6.9-78.0.5
2.6.9-42.0.3
2.6.9-78.0.8
2.6.9-42.0.8
2.6.9-78
2.6.9-42.0.10
2.6.9-89.0.11
2.6.9-55
2.6.9-89.0.15
2.6.9-55.0.2
2.6.9-89.0.16
2.6.9-55.0.6
2.6.9-89.0.18
2.6.9-55.0.9
2.6.9-89.0.19
2.6.9-55.0.12
2.6.9-89.0.20
2.6.9-67.0.1
2.6.9-89.0.23
2.6.9-67.0.15
2.6.9-89.0.3
2.6.9-67.0.20
2.6.9-89.0.7
2.6.9-67.0.22
2.6.9-89.0.9
2.6.9-89
Supported Kernels for Red Hat Enterprise Linux 5.x and CentOS 5.x
Red Hat Enterprise Linux 5.x and CentOS 5.x (el5, el5PAE, xen)
8
2.6.18-8
2.6.18-92.1.18
2.6.18-8.1.1
2.6.18-92.1.22
2.6.18-8.1.3
2.6.18-128
2.6.18-8.1.4
2.6.18-128.1.1
2.6.18-8.1.6
2.6.18-128.1.6
2.6.18-8.1.8
2.6.18-128.1.10
2.6.18-53
2.6.18-128.1.14
2.6.18-53.1.4
2.6.18-128.1.16
2.6.18-53.1.6
2.6.18-128.2.1
2.6.18-53.1.13
2.6.18-128.4.1
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
System Requirements
Supported kernels
Red Hat Enterprise Linux 5.x and CentOS 5.x (el5, el5PAE, xen)
2.6.18-53.1.14
2.6.18-128.7.1
2.6.18-53.1.4.19
2.6.18-164
2.6.18-53.1.4.21
2.6.18-164.2.1
2.6.18-92
2.6.18-164.6.1
2.6.18-92.1.1
2.6.18-164.9.1
2.6.18-92.1.6
2.6.18-164.10.1
2.6.18-92.1.10
2.6.18-164.11.1
2.6.18-92.1.13
2.6.18-164.15.1
2.6.18-92.1.17
2.6.18-194.
SuSE Enterprise Linux
Supported Kernels for SuSE Enterprise Linux 9.x
SuSE Enterprise Linux 9.x (default, smp, bigsmp)
2.6.5-7.97
2.6.5-7.202.7
2.6.5-7.111
2.6.5-7.244
2.6.5-7.139
2.6.5-7.252
2.6.5-7.145
2.6.5-7.257
2.6.5-7.147
2.6.5-7.267
2.6.5-7.151
2.6.5-7.276
2.6.5-7.191
2.6.5-7.282
2.6.5-7.193
2.6.5-7.283
2.6.5-7.201
2.6.5-7.286
2.6.5-7.287.3
SuSE Enterprise Linux 9.x (default, smp, bigsmp, xen)
2.6.5-7.308
2.6.5-7.316
2.6.5-7.311
2.6.5-7.317
2.6.5-7.312
2.6.5-7.318
2.6.5-7.314
2.6.5-7.319
2.6.5-7.315
2.6.5-7.322
Supported Kernels for SuSE Enterprise Linux 10.x
SuSE Enterprise Linux 10.x (default, smp, bigsmp, xen)
2.6.16-21.0.8
2.6.16.60-0.25
2.6.16-21.0.15
2.6.16.60-0.37
2.6.16-21.0.25
2.6.16.60-0.39.3
2.6.16-27.0.6
2.6.16.60-0.42.4
2.6.16-27.0.9
2.6.16.60-0.42.5
2.6.16-46.0.12
2.6.16.60-0.42.7
2.6.16-46.0.14
2.6.16.60-0.42.8
2.6.16.53-0.8
2.6.16.60-0.42.9
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
9
System Requirements
Supported kernels
SuSE Enterprise Linux 10.x (default, smp, bigsmp, xen)
2.6.16.53-0.16
2.6.16.60-0.54.5
2.6.16.53-0.18
2.6.16.60-0.57.1
2.6.16.54-0.2.10
2.6.16.60-0.58.1
2.6.16.54-0.2.11
2.6.16.60-0.59.1
2.6.16.60-0.21
2.6.16.60-0.60.1
2.6.16.60-0.23
Supported Kernels for SuSE Enterprise Linux 11
SuSE Enterprise Linux 11 (default, xen, PAE)
2.6.27.19-5.1
2.6.27.37-0.1.1
2.6.27.21-0.1.2
2.6.27.39-0.3.1
2.6.27.23-0.1.1
2.6.27.42-0.1.1
2.6.27.25-0.1.1
2.6.27.45-0.1.1
2.6.27.29-0.1.1
Ubuntu
Supported Kernels for Ubuntu 8.04
Ubuntu 8.04 (generic, server)
2.6.24-16
2.6.24-22
2.6.24-18
2.6.24-23
2.6.24-19
2.6.24-24
2.6.24-20
2.6.24-25
2.6.24-21
2.6.24-26
2.6.24-27
Supported Kernels for Ubuntu 9.04
Ubuntu 9.04 (generic, server)
2.6.28-11
2.6.28-15
2.6.28-12
2.6.28-16
2.6.28-13
2.6.28-17
2.6.28-14
2.6.28-18
Supported Kernels for Ubuntu 9.10
Ubuntu 9.10 (generic, server)
2.6.31-14
2.6.31-18
2.6.31-15
2.6.31-19
2.6.31-16
2.6.31-20
2.6.31-17
10
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
System Requirements
Creating 2.6 kernel modules
Fedora
Supported Kernels for Fedora 10
Fedora 10 (default, PAE)
2.6.27.41-170.2.117
2.6.27.5-117
Supported Kernels for Fedora 11
Fedora 11 (default, PAE)
2.6.29.4-167
2.6.30.10-105
Supported Kernels for Fedora 12
Fedora 12 (default, PAE)
2.6.31.5-127
2.6.31.9-174
Creating 2.6 kernel modules
To build a VirusScan Enterprise for Linux kernel module from source, you need the source for
your kernel. Most vendor-supplied kernels include a kernel source package, that usually installs
the source into /usr/src/linux-<kernel version>. If you are not familiar with building the Linux
kernel, we recommend that you refer to tutorials available on the Internet.
1
Put your source tree into a known clean state to remove any generated files and any
non-standard configuration. To do this, run make mrproper from the top-level directory of
your kernel source tree:
cd <kernel source directory>
make mrproper
2
Configure the kernel source. You need the configuration file that was used to compile your
kernel.
NOTE: If you are using a vendor-supplied kernel, the /boot directory normally contains a
copy of the configuration file, which has a config- prefix or a .config extension.
3
Copy the configuration file to the file .config in the top-level directory of your kernel source
tree, and run make oldconfig:
cp <kernel config file> .config
make oldconfig
If asked for any configuration items, your configuration file is incomplete, and you need
to ask the supplier about the correct answers.
4
Check the version information in the top-level kernel Makefile. In particular, check that
EXTRAVERSION is set appropriately. Sometimes the version information is set to a custom
value in vendor-supplied source. The definition for KERNELRELEASE when expanded should
match the contents of /proc/sys/kernel/osrelease assuming that you are building modules for
the kernel that is currently running. The standard definition for KERNELRELEASE is:
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
11
System Requirements
Creating 2.6 kernel modules
KERNELRELEASE=$(VERSION).$(PATCHLEVEL).$(SUBLEVEL)$(EXTRAVERSION)$(EXTRAVERSION)
5
Build the kernel by typing make bzImage. This creates generated files that are necessary
for module compilation.
NOTE: You are now ready to build the VirusScan Enterprise for Linux kernel modules. The
Makefile provided to build the VirusScan Enterprise for Linux modules requires 3.80 or later
of GNU Make. Check your version of make by using make --version. If you have version 3.79
or earlier, you need to upgrade it to 3.80 or later.
6
Unpack the source files into an empty directory, and use the kernel build system to build
the modules:
cd <VirusScan Enterprise for Linux source directory>
make -C <kernel source dir> SUBDIRS='pwd' modules
If there are no errors, you will have two kernel modules — lshook.ko and linuxshield.ko.
7
Copy these modules into your VirusScan Enterprise for Linux module directory. The default
path is: /opt/NAI/LinuxShield/lib/modules.
If you have multiple kernels that cannot be distinguished by the contents of
/proc/sys/kernel/osrelease (the same as the output of uname -r), you need to use the file
kernel.version in the same directory. This file can contain multiple lines, each having the
form:
<prefix>:<build version>
Here <prefix> is a unique string that is derived from the kernel version. Given a version
of 2.6.nn<extra>, the prefix is 2.6.nn<unique tag><extra>, where the unique tag does
not contain ":".
For example, 2.6.9-ls-xyz:#1 SMP Sun May 16 12:27:32 UTC2004
Here <build version> is the contents of /proc/sys/kernel/version (or the output of uname -v)
when the matching kernel is running.
During VirusScan Enterprise for Linux startup, if kernel modules are identified as matching
the running kernel, symbolic links are created in the directory /lib/modules/`uname -r`/nai.
The targets of these links can determine which module files have been loaded.
8
12
Rename the modules to have .o extension instead of .ko extension.
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
Installing McAfee VirusScan Enterprise for
Linux
You can install McAfee VirusScan Enterprise for Linux manually on hosts (see Manual installation)
or you can use a script (see Silent installation).
Download and extract the McAfee VirusScan Enterprise for Linux, version 1.6 package
(McAfeeVSEForLinux-1.6.0-<build>-release.noarch.tar.gz) on to a temporary directory.
Contents
Manual installation
Silent installation
Running McAfee VirusScan Enterprise for Linux
Removing the software
Upgrading from previous LinuxShield versions
Integrating with ePolicy Orchestrator
Manual installation
During installation, you are prompted to supply a password and other information. For most of
the questions, you can accept the default value that is offered. To set up email notification for
alerts if it is required, you need a Mail Transfer Agent (MTA) configured, and the following
information:
• Email address of the VirusScan administrator
• Address for the SMTP host
• TCP/IP port number for the SMTP host
Pre-requisites:
• Ensure that there is no user named as "nails" or group named as "nailsgroup" on the
computer.
• Ensure that you have root privileges to install McAfee VirusScan Enterprise for Linux, version
1.6.
1
To install McAfee Runtime, type the following command in the terminal window:
rpm -ivh MFErt.i686.rpm
2
To install McAfee Agent (MA), type the following command in the terminal window:
rpm -ivh MFEcma.i686.rpm
3
To confirm that the McAfee Agent is running correctly, type the following command in the
terminal window:
/etc/init.d/cma status
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
13
Installing McAfee VirusScan Enterprise for Linux
Manual installation
4
To install McAfee VirusScan Enterprise for Linux, type the following command in the terminal
window:
rpm -ivh McAfeeVSEForLinux-1.6.0-<build>.noarch.rpm
5
Answer the questions when prompted. Accept the default values, or specify your own.
6
When prompted to start the VirusScan services, select the default option Y.
7
To confirm that VirusScan Enterprise for Linux is installed and running correctly, type the
following command in the terminal window:
/etc/init.d/nails status
Installing on Novell Open Enterprise Server 1 or 2
Use this task to install VirusScan Enterprise for Linux on Novell Open Enterprise Server 1 or 2.
Task
1
From the Novell eDirectory server, use iManager and create a user called "nails" and a
group called "nailsgroup".
2
Add the user "nails" a member of the "nailsgroup". Enable the user and group using the
Linux User Management.
3
Provide "nails" user with administrative privileges on all the NSS volumes.
rights -f /media/nss/<VOL-name> -r s trustee nails.<context>.<tree>
NOTE: You need to provide administrative privileges to the "nails" user, every time a new
NSS volume is created.
4
Install McAfee Runtime and McAfee Agent using the following commands:
rpm -ivh MFErt.i686.rpm
rpm -ivh MFEcma.i686.rpm
5
To install McAfee VirusScan Enterprise for Linux, type the following command in the terminal
window:
rpm -ivh McAfeeVSEForLinux-1.6.0-<build>.noarch.rpm
6
Type nailsgroup for the Linux group for VirusScan administrator.
7
Type nails for the VirusScan user.
8
Answer the questions when prompted. Accept the default values, or specify your own.
9
When prompted to start the VirusScan services, select the default option Y.
Installing on Ubuntu 8.04, 9.04, and 9.10 (Desktop/Server
edition)
Use this task to install VirusScan Enterprise for Linux on Ubuntu Server 8.04, 9.04, and 9.10.
Before you begin
If you are installing VirusScan Enterprise for Linux on a 64-bit Ubuntu system, ensure that you
perform the following steps before installation:
14
1
Copy pam_unix.so from /lib/security of a 32-bit ubuntu system to a temporary directory
(/tmp) on the 64-bit ubuntu system.
2
In the root directory, create a folder pam32lib.
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
Installing McAfee VirusScan Enterprise for Linux
Silent installation
3
Execute the following command to copy pam_unix32.so to the pam32lib directory:
cp /tmp/pam_unix.so /pam32lib/pam_unix32.so
Task
1
Install McAfee Runtime and McAfee Agent using the following commands:
dpkg -i MFErt.i686.deb
dpkg -i MFEcma.i686.deb
2
Type the following at the command prompt:
dpkg -i McAfeeVSEForLinux-1.6.0-<build>.noarch.deb
3
Answer the questions when prompted. Accept the default values, or type your own.
4
When prompted to start the VirusScan services, select the default option Y.
5
To confirm that VirusScan Enterprise for Linux is installed and running correctly, type the
following at the command prompt:
/etc/init.d/nails status
Silent installation
Pre-requisites:
• Before installing VirusScan Enterprise for Linux, make sure that there is no user as "nails"
and no group as "nailsgroup" in the computer.
• Before installing McAfee VirusScan Enterprise for Linux, you must have McAfee Runtime and
McAfee Agent already installed on the computer.
Use this section to install McAfee VirusScan Enterprise for Linux in silent mode.
1
Create a file "nails.options" in the root home directory.
For example:
SILENT_ACCEPTED_EULA=”yes”
SILENT_INSTALLDIR=”/opt/NAI/LinuxShield”
SILENT_RUNTIMEDIR=”/var/opt/NAI/LinuxShield”
SILENT_ADMIN=”admin@example.com”
SILENT_HTTPHOST=”192.168.255.200”
SILENT_HTTPPORT=”55443”
SILENT_MONITORPORT=”65443”
SILENT_SMTPHOST=”example.example.com.”
SILENT_SMTPPORT=”25”
SILENT_NAILS_USER=”nails”
SILENT_NAILS_GROUP=”nailsgroup”
SILENT_CREATE_USER=”no”
SILENT_CREATE_GROUP=”no”
SILENT_RUN_WITH_MONITOR=”yes”
SILENT_QUARANTINEDIR=”/quarantine”
SILENT_START_PROCESSES=”yes”
SILENT_CONTINUE_INSTALL_ON_PAM_ERROR=”no”
NOTE:
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
15
Installing McAfee VirusScan Enterprise for Linux
Silent installation
Use SILENT_CONTINUE_INSTALL_ON_PAM_ERROR only when 32-bit PAM libraries are not
present.
If you set this flag to yes and continue without Pluggable Authentication Module (PAM)
libraries, the installation of VirusScan Enterprise for Linux monitor component is skipped,
and the web interface will not be available. However, you can still manage the VirusScan
Enterprise for Linux host using ePolicy Orchestrator or the web interface of some other
VirusScan Enterprise for Linux host. See information about configuring VirusScan Enterprise
for Linux in the Product Guide.
2
As root, create a user "nails" as a member of a group "nailsgroup".
3
To install McAfee VirusScan Enterprise for Linux, type the following command in the terminal
window:
rpm -ivh McAfeeVSEForLinux-1.6.0-<build>.noarch.rpm
4
After performing the installation, use the command passwd to assign a password to the
user "nails".
Installing on Novell Open Enterprise Server 1 or 2 in silent mode
Use this task to install on Novell Open Enterprise server 1 or 2 in silent mode.
Task
1
From the Novell eDirectory server, use iManager and create a user called "nails" and a
group called "nailsgroup".
2
Add the user "nails" a member of the "nailsgroup", enable the user and group using the
Linux User Management.
3
Provide "nails" user with administrative privileges on all the NSS volumes.
rights -f /media/nss/<VOL-name> -r s trustee nails.<context>.<tree>
NOTE: You need to provide administrative privileges to the "nails" user, every time a new
NSS volume is created.
4
In the "nails.options" file, check if the following parameters are available:
SILENT_NAILS_USER="nails"
SILENT_NAILS_GROUP="nailsgroup"
5
From the terminal window, type: rpm -ivh McAfeeVSEForLinux-1.6.0-<build>.noarch.rpm
6
After performing the installation, use the command passwd to assign a password to the
user "nails".
Installing on Ubuntu 8.04, 9.04, and 9.10 (Desktop/Server
edition) in silent mode
Use this task to install on Ubuntu 8.04, 9.04, and 9.10 (Desktop/Server edition) in silent mode.
Task
1
In the "nails.options" file, check if the following parameters are available:
SILENT_NAILS_USER="nails"
SILENT_NAILS_GROUP="nailsgroup"
2
16
Type the following at the command prompt:
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
Installing McAfee VirusScan Enterprise for Linux
Running McAfee VirusScan Enterprise for Linux
dpkg -i McAfeeVSEForLinux-1.6.0-<build>.noarch.deb
3
After performing the installation, use the command passwd to assign a password to the
user nails.
Running McAfee VirusScan Enterprise for Linux
Use this task to open the McAfee VirusScan Enterprise for Linux user interface.
1
From a supported web-browser, go to https://<hostname or IP address>:<port number>
Specify the hostname or IP address of the computer, on which VirusScan Enterprise for
Linux is installed. By default, the port number is "55443".
For example:
https://192.168.200.200:55443 (or) https://server1:55443
2
On the log on page, type the user name as nails and type the password that you specified
during installation.
NOTE: If you see messages caused by the use of certificates, see Handling old certificates.
Handling old certificates
Use this task if you see messages caused by the use of certificates.
VirusScan Enterprise for Linux has its own certificate that it adds to the browser the first time
that you connect. If you add this certificate permanently, then install a new version of VirusScan
Enterprise for Linux, you might experience an error, stating that the certificate that the site is
providing is not correct.
This happens because the certificate is different from the one stored in your browser. Every
installation creates a specific certificate for the host, and associates the certificate with the IP
address or the name that you have provided. If the certificate does not match the stored
certificate, the browser displays an error.
To fix this, remove the old certificate and accept the new one when prompted. The steps are
described for each supported browser.
Konqueror
1
Open Konqueror.
2
At Settings, select Configure Konqueror.
3
At the new window, click the icon on the left side, called Crypto.
4
On the right pane, click the Peer SSL Certificate tab to display every certificate that you
have saved.
5
Select and remove the Network Associates certificate.
When you log on again, you are prompted with the new certificate.
Mozilla
1
Open Mozilla.
2
Select Edit | Preferences.
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
17
Installing McAfee VirusScan Enterprise for Linux
Removing the software
3
Expand Privacy & Security.
4
Select Certificate on the left side, and click Manage Certificates from the right pane.
5
On the new window, select the Authority tab and scroll to find Network Associates.
6
Expand this, and find the certificate displaying the IP address of the host or the host name.
Select the certificate and delete it.
These steps should remove the certificate, and allow you to import the new certificate associated
with the host.
Internet Explorer
• Microsoft Internet Explorer does not save the certificate, but it will prompt you to accept
the certificate every time that you log on.
Removing the software
Use this task to remove McAfee VirusScan Enterprise for Linux from your computer.
1
To uninstall VirusScan Enterprise for Linux, type the following at the command prompt:
rpm -e McAfeeVSEForLinux
rpm -e MFEcma
rpm -e MFErt
If you want to uninstall from a Ubuntu server, type:
dpkg --purge McAfeeVSEForLinux
dpkg --purge MFEcma
dpkg --purge MFErt
2
Reboot the computer to remove the VirusScan Enterprise kernel modules.
NOTE: You do not have to reboot the computer immediately, because the VirusScan
Enterprise for Linux kernel modules does not interrupt functioning of any other running
service.
Upgrading from previous LinuxShield versions
Use this task to upgrade your previous LinuxShield version 1.5 or 1.5.1 to McAfee VirusScan
Enterprise for Linux, version 1.6.
NOTE: If you have "NWA (Non-Windows Agent)" installed on this computer, make sure to
uninstall NWA before proceeding to the next step.
1
To install McAfee Runtime, type the following command in the terminal window:
rpm -ivh MFErt.i686.rpm
2
To install McAfee Agent (MA), type the following command in the terminal window:
rpm -ivh MFEcma.i686.rpm
3
To confirm that the McAfee Agent is running correctly, type the following command in the
terminal window:
/etc/init.d/cma status
18
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
Installing McAfee VirusScan Enterprise for Linux
Integrating with ePolicy Orchestrator
4
To install McAfee VirusScan Enterprise for Linux, type the following command in the terminal
window:
rpm -Uvh McAfeeVSEForLinux-1.6.0-<build>.noarch.rpm
5
Answer the questions when prompted. Accept the default values, or specify your own.
6
When prompted to start the VirusScan services, select the default option Y.
7
To confirm that VirusScan Enterprise for Linux is installed and running correctly, type the
following command in the terminal window:
/etc/init.d/nails status
Integrating with ePolicy Orchestrator
Use this task to integrate McAfee VirusScan Enterprise for Linux with ePolicy Orchestrator.
1
Download and extract the McAfee VirusScan Enterprise for Linux, version 1.6 package
(McAfeeVSEForLinux-1.6.0-<build>-release.noarch.tar.gz) on to a temporary
directory on the ePolicy Orchestrator server.
NOTE: Before deploying McAfee VirusScan Enterprise for Linux using ePolicy Orchestrator,
remove any previous versions of the LinuxShield software from the client computer.
2
Check in the McAfee Agent (MSA-LNX_4.5.0_Package.ZIP) bundled with this package
on to the ePolicy Orchestrator Master repository.
3
Check in McAfeeVSEForLinux-1.6.0-<build>-EPO.ZIP on to the ePolicy Orchestrator
Master repository.
4
Check in the following extensions on to the ePolicy Orchestrator "Extensions":
• EPOAGENTMETA.ZIP
• LYNXSHLD1600.ZIP
• LYNXSHLD1600PARSER.ZIP
5
From the ePolicy Orchestrator server, copy INSTALL.SH and INSTALLDEB.SH from
C:\Program Files\McAfee\ePolicy
Orchestrator\DB\Software\Current\EPOAGENT3700LYNX\Install\0409 to your
Linux client.
6
From the Linux terminal, execute the following command:
sh install.sh –i
Incase of Ubuntu operating system, type sh installdeb.sh -i
This will establish a connection between ePolicy Orchestrator and the Linux client computer.
7
Create a Product Deployment Task on ePolicy Orchestrator to deploy McAfee VirusScan
Enterprise for Linux, version 1.6.
NOTE: For more detailed information on how to integrate and configure McAfee VirusScan
Enterprise for Linux using ePolicy Orchestrator, see the McAfee VirusScan Enterprise for
Linux, version 1.6 — Configuration Guide.
McAfee VirusScan Enterprise for Linux software, version 1.6 — Installation Guide
19