Search:  
Gentoo Wiki

Avira_AntiVir

This article is part of the HOWTO series.
Installation Kernel & Hardware Networks Portage Software System X Server Gaming Non-x86 Emulators Misc

Contents

Introduction

AntiVir PersonalEdition Classic for Linux is a software package that offers protection and security against viruses, worms, Trojan horses, dialers and other assorted unwanted intruders. It is comprised of a resident (on-access) scanner, an automatic internet updater, and a command line scanner. The resident antivirus scanner is referred to as AntiVir Guard (or AvGuard for short).

The private, non-commercial use of AntiVir Workstation for Linux / FreeBSD / Solaris is free. The licence file is now included in the download tar file. More information on this subject can be found in the Terms of Agreement. AntiVir PersonalEdition is easy to install and run, yet is very feature rich and has many configuration options available via both the GUI and command line.

You can configure AvGuard to scan files as they are opened, closed, and/or executed. Concerning files can be cleaned, renamed or moved to another directory for further analysis. All scanning activity is logged through syslog and logged into a specified file. If a virus or unwanted file is found and cannot be removed, access to the file is blocked.

The automatic internet updater runs as a daemon and has the responsibility of making sure the AntiVir software is up-to-date (internet access is required). Although the automatic internet updater is provided with AntiVir for UNIX, it is also possible to start updates manually using a command line instruction.

Note: The AntiVir daemon can really slow down your whole system. Even with my quadcore, the emerge time had doubled.

Goals

The goal of this HOWTO is to illustrate one type of installation method that automates much of the configuration requirements and functionality, and provides the user with a quick path to getting the software running properly and effectively protecting their computer.

Even though this tutorial will demonstrate a more rapid and basic install process, it should be noted that an easy to navigate GUI is available within the program to adjust the software configuration further (with even some advanced menus) during post-installation, or you may simply open the text config files which are named avguard.conf and avupdater.conf, and perform the same adjustments in that format.

Requirements

AntiVir for UNIX utilizes Dazuko, a free software project that provides a simple interface for 3rd-party file access control. Dazuko is used as the basis for AvGuard, the on-access scanner available with the AntiVir for UNIX package. Dazuko consists of a device driver that captures file access operations and passes this information to one of the running AvGuard daemons. The daemon scans the file and if no viruses are found and if the file is not an unwanted file, allows the operation to proceed.

In order to install AntiVir and have it run with intended functionality you need to have Java (Blackdown or Sun) >= 1.4.x on your system and the Dazuko module properly installed and running. Dazuko is a masked package in portage so you will need to make the applicable entry into package.keywords. The exact flavor of Java you wish to use is up to you, but some examples of a typical emerge process are listed below.

# emerge blackdown-jdk
# emerge dazuko

In order for Dazuko to be installed and loaded on your system you may need to enable some of the kernel security modules and recompile the kernel. Please note that you must not compile the security capabilities directly into the kernel.

CONFIG_SECURITY=y
CONFIG_SECURITY_CAPABILITIES=m

Once Dazuko is installed go ahead and make sure it is running.

# modprobe dazuko

Installation Steps

Download / Extract Software

The AntiVir Download Page will provide you with a link to the tarball package, or you may simply click here for a direct link. Extract the tarball to your desired location and then cd to the directory. You will need to have either root or sudo privileges in order to complete the installation. There is a manual located in the doc folder which covers much more than this short how-to, and provides many different configuration options which will not be covered here.

# cd ~/antivir-workstation-pers-version

Installation Script

Once in the directory of the extracted tarball it is time to run the install script. It will provide a detailed walkthrough of the entire process on a step by step basis. Specifically, the script will do the following:

# ./install

If you are upgrading from a previous installation, simply run the install script (as if you were installing for the first time). The install script will identify a previous installation and automatically update the necessary components.

Sample Installation Questions

Would you like AvGuard to start automatically? [y]
Would you like the internet update daemon to start automatically? [y]

If you choose 'y' to the above choices the installer will automagically setup the proper files (avguard and avupdater) in your /etc/init.d directory to start both the AvGuard and AvUpdate daemon on each system boot. This step also eliminates the need for you to perform a 'rc-update add' command for these daemons.

There are several ways in which you can install AvGuard.
module - Dazuko will be loaded by the avguard script
kernel - Dazuko is always loaded
(and should not be loaded by the avguard script)
no install - do not install AvGuard at this time
available options: m k n
How should AvGuard be installed? [n] k

I would suggest selecting 'k' as the preferred option here since you may want to use the dazuko module apart from AntiVir. Basically, all you need to do is add dazuko to the list of modules to be started at boot to your /modules.autoload.d/kernel-2.x file. You should have already modprobed dazuko as mentioned earlier, or have it presently running from an prior installation so at this stage there should be no issue with the subject.

Would you like to configure the AntiVir updater now? [y]

This will walk you through the basic configuration of the software.

 Note: It is highly recommended that you perform an update now to"
 This can be done by running: "antivir --update"

Do this now to update your virus definitions and program. Further updates will be performed automagically if you selected to install the update daemon and chose the update frequency during the basic configuration mentioned above.

Running and Configuring the Software

Add yourself to the antvir group

# groupadd antivir
# gpasswd -a USERNAME antivir

To start the Antivir GUI use the command below.

# antivir-gui

The automatic internet updater is started and stopped by running the avupdater script with the "start" and "stop" arguments. Using the "status" argument will show the current status of the automatic internet updater.

# /usr/lib/AntiVir/avupdater start
# /usr/lib/AntiVir/avupdater stop
# /usr/lib/AntiVir/avupdater status

If you chose during the installation process to have the applicable daemons automagically installed you can use the more familiar commands below to perform the same function.

# /etc/init.d/avupdater start
# /etc/init.d/avupdater stop
# /etc/init.d/avupdater restart
# /etc/init.d/avupdater status

You can configure the automatic internet updater at any time using the provided script:

# /usr/lib/AntiVir/configantivir

You do not need to install the automatic internet updater in order to make internet updates. It is also possible to make internet updates using the --update argument on the command line. This gives users the freedom to use scripts and/or cron jobs for updates.

AvGuard is started and stopped by running the avguard script with the "start" and "stop" arguments. Using the "status" argument will show the current status of AvGuard.

# /usr/lib/AntiVir/avguard start
# /usr/lib/AntiVir/avguard stop
# /usr/lib/AntiVir/avguard status

If you chose during the installation process to have the applicable daemons automagically installed you can use the more familiar commands below to perform the same function.

# /etc/init.d/avguard start
# /etc/init.d/avguard stop
# /etc/init.d/avguard restart
# /etc/init.d/avguard status
Note: You need to configure AvGuard to fit your needs. The default settings are more than likely not exactly what you want. Configuration can be done with the GUI or by editing the avguard.conf file with the directives as described in the extracted PDF doc and the release notes.

Manual Configuration

Although the Java GUI allows to configure AntiVir for UNIX, users may choose to manually set options. If you prefer to manually configure AntiVir for UNIX instead of using the provided GUI setup frontend, it is very simple. Two configuration files are read by the AntiVir programs on startup. Empty lines and lines starting with "#" are ignored.

This file contains all the flags and options specific to the updater.

This file contains all the flags and options specific to AvGuard.

If you change any of the configuration files, the AntiVir programs must be restarted. The Email options are not available in the free version

Command Line Scanner

The command line scanner can be run with the command:

# antivir

For a list of available options, use the --help flag.

The command line scanner was designed such that it could be used with scripts by returning useful exit codes. This allows users to write their own scripts and/or create cron jobs with AntiVir. Using --help will show the list of exit codes.

Keep in mind that if you are using AvGuard (i.e. you are already scanning files as they are opened, closed, and/or executed) then using the command line scanner could cause the files to be scanned twice. The file would first be scanned by AvGuard as the command line scanner tries to open the file. Then the command line scanner would scan the file. Concerning files with alerts will first be handled by AvGuard which means that the command line scanner may not be able to access and scan these files.

Screenshots

Retrieved from "http://www.gentoo-wiki.info/Avira_AntiVir"

Last modified: Wed, 20 Aug 2008 16:01:00 +0000 Hits: 11,183