F-Secure Linux Security 11.00 known issues

This discussion has a more recent version.
Khairul_A Posts: 272 F-Secure Employee

This article lists down all the current known issues for F-Secure Linux Security 11.00.

  • Updates to the operating system kernel may cause compiling issues or malfunction of the Dazuko kernel driver (either due to updates including backports from upstream kernel, or significant kernel version upgrades). The following operating systems are known to be affected by this issue:
    • Ubuntu 12.04, where minor OS upgrades introduce new kernel versions, which are incompatible with the current Dazuko implementation.
    • RHEL/CentOS 6, where minor OS upgrade can contain a backported kernel patch, incompatible with Dazuko.

    For deployments that include any of the above-mentioned OS versions, we highly recommend that you verify the on-access scanning functionality in a separate testing environment before upgrading the product on any production machine.

  • Issue with Scheduled Scanning - Tasks for the Scheduled Scanning that are configured via Web UI may sometimes not run at the given times. This behavior has been observed at least with Ubuntu 14.04 and is due to Unix "cron" service scheduling being inconsistent with the system time changes. To solve this issue, restart cron.
  • Extending license of an expired PSB subscription - Requires running convert_to_full_installation.sh; from the expired installation:
    1. Revert the installation to standalone:
      /opt/f-secure/fsav/sbin/convert_to_full_installati on.sh
    2. Provide an empty key (press Enter on key request).
    3. Re-convert the installation to be PSB-managed via convert_to_full_installation.sh:
      /opt/f-secure/fsav/sbin/convert_to_full_installati on.sh --fspsbs=<psb_server_here> --keycode=<Enter your_keycode>
  • fsavd reports "compression-bomb" for archives that contain incorrect archive header information.
  • WebUI, Manual scanning: The maximum length of text in "Files and directories excluded from scanning" cannot exceed 4096 bytes.
  • WebUI, Known Files: The "Protect" option is not effective under FANotify and has been deprecated; it might be removed from the WebUI in future releases.
  • WebUI displays an error when entering Advanced mode > General > Communications and upgrading to PSB managed mode. The issue occurs only in the Web server and does not affect the upgrade operation. Reloading the Web page clears the error.
  • Policy Manager's Policy Value 90 ("90. Scan on EXE") and "Scan on execution" will not trigger if both "scanning on open" and "scanning on close" options are disabled (FANotify only).
  • Installer attempts to compile Dazuko kernel module on newer operating systems where FANotify should be used. This issue occurs only if a kernel version older than 3.8 has been left to the system by a distribution upgrade. For example, upgrading from Ubuntu 12.04 to 14.04 may leave 3.2 kernel installed while the system runs kernel 3.16 or newer. The solution is to uninstall the old kernel versions using the operating system package manager.
  • Policy Manager / Linux Security: "Disallow user changes" setting can be set only globally under the Settings directory. Any "Disallow user changes" under individual policy setting has no effect. To solve this issue, disallow all local changes for specific hosts. From Policy Manager Console:
    1. Select the machine.
    2. Go to the Policy tab, and select F-Secure Linux Security 11.0.
    3. Click Settings.
    4. Select the first setting called Local settings changed.
    5. Set the value to Disallow.