Author Topic: avast4guard and dazuko built-in kernel  (Read 5793 times)

0 Members and 1 Guest are viewing this topic.

dizz

  • Guest
avast4guard and dazuko built-in kernel
« on: November 23, 2009, 05:13:39 PM »
Hi,
I want compile&install avast4guard and this need libdazuko.a, but I have dazuko built-in kernel, because default kernel in Debian stable (Lenny) not support capabilities as module.(I use patch from official dazuko site:patch-dazuko-linux-2.6.26.diff.gz)

If compiling standalone dazuko(not in kernel)then is occured error (I tested lot of parameters). If I use parametr --without-module  configure not create Makefile. Where is this lib, or is possible created it from source?
I used package from official dazuko site version 2.3.7

Best regards,
Dizz.


Offline zilog

  • Avast team
  • Advanced Poster
  • *
  • Posts: 957
  • or #f0; daa; add a,#a0; adc a,#40
Re: avast4guard and dazuko built-in kernel
« Reply #1 on: November 23, 2009, 05:22:30 PM »
Hi,
I want compile&install avast4guard and this need libdazuko.a, but I have dazuko built-in kernel, because default kernel in Debian stable (Lenny) not support capabilities as module.(I use patch from official dazuko site:patch-dazuko-linux-2.6.26.diff.gz)

If compiling standalone dazuko(not in kernel)then is occured error (I tested lot of parameters). If I use parametr --without-module  configure not create Makefile. Where is this lib, or is possible created it from source?
I used package from official dazuko site version 2.3.7

Best regards,
Dizz.
Hallo,
some time ago I created a little note how-to build dazuko, so let's copy-paste it here:


Just some notes for quick installation:
-----------------------------------------------------

1) install engine (libavastengine* package):
    rpm -i libavastengine-4.7.5-1.i586.rpm
        (might need to add perl-URI or perl-libwww-perl to satisfy all dependences, or use --nodeps, they serve for online updating only)

2) install the scanning daemon (avast4server* package):
    rpm -i avast4server-3.1.5-1.i586.rpm
        (look at /etc/avastd.conf, the license= should point to License.dat, there's by default only one section for the avastguard client)
        (you can test whether it works using: avastlite -a /var/run/avastguard/guardscanner.sock <some_path>)

3) install the on-access avastguard client (avast4guard* package):
    rpm -i avast4guard-3.1.5-1.i586.rpm
        (depends on functional dazuko module in the kernel and running avastd daemon, you might look at /etc/avastguard.conf)
        (INCLUDEPATH in the config file determines the guarded sub-tree in your filesystem)

-------
note: running dazuko on RHEL52 might be a bit tricky:
- in the case of Dazuko building problems, have a look here, paragraph 2.3:
    http://www.dazuko.org/tgen.shtml
- for proper stacking, kernel w/o hardcoded Capabilites support is necessary, here are RHEL kernel-building notes:
    http://fedoraproject.org/wiki/Docs/CustomKernel
- when building custom RHEL-like kernel with new uname, the initramfs should be updated too (contains versioned modules)
- when having Capabilities as module, load it after the dazuko is loaded
- some people use --disable-stacking, when ./configuring Dazuko - then, omit the Capabilities entirely

In the case of any problem, feel free to ask me for additional details.

Best regards,
Pavel Cimbal
ALWIL Software


maybe it will give you a clue :).

regards,
pc
May's Law: Software efficiency halves every 18 months, compensating Moore's Law. (David May, INMOS)

dizz

  • Guest
Re: avast4guard and dazuko built-in kernel
« Reply #2 on: November 24, 2009, 03:32:25 PM »
Thanks for quick response.

I download avast4guard.rpm and with alien converted to deb and install it.
All seems ok but /var/run/avastguard/guardscanner.sock isn't created.
What is wrong?

Best regards,
Dizz.

Offline zilog

  • Avast team
  • Advanced Poster
  • *
  • Posts: 957
  • or #f0; daa; add a,#a0; adc a,#40
Re: avast4guard and dazuko built-in kernel
« Reply #3 on: November 25, 2009, 11:07:35 AM »
Thanks for quick response.

I download avast4guard.rpm and with alien converted to deb and install it.
All seems ok but /var/run/avastguard/guardscanner.sock isn't created.
What is wrong?

Best regards,
Dizz.

The socket is created by avastd (and its location and properties specified in avastd.conf). avastguard is just a thin client, which is listening on dazuko subsystem, and passes selected events through this socket to the avastd for further processing/scanning.

so, avastd is responsible for the socket creation, and avastguard just connects to it (~ it must exist before).

regards,
pc
« Last Edit: November 25, 2009, 11:11:31 AM by zilog »
May's Law: Software efficiency halves every 18 months, compensating Moore's Law. (David May, INMOS)