FSAVD not installing on debian in Docker container

Scholar

FSAVD not installing on debian in Docker container

Hi,

 

I am currently evaluating F-Secure as an option for on-demand scanning as part of some back-end files processing.

 

I have a debian docker container, and I've got to the point now where I can install F-Secure and run FSAV command line to scan files - but this is much slower than I hoped.

 

I want to use it with the FSAVD daemon, as I anticipate this would be faster.  However, it's not installled.

 

To perform my installation, I have used: 

./fsls-11.10.68         --auto standalone

Which seems to install most things.

 

If look at the contents of the /opt/f-secure/fsav/bin directory;

fsav-compile-drivers  fsavpmd  fsavpmd-alert.pl  fsdiag  fsfwc  fsfwd  fsfwd.run  fsic  fsicv  fsims  fslistfiles  fssetlanguage  fstatusd  licensetool  nrbcopy  scheduled-fsav  send-report  uninstall-fsav

And look at running processes;

 

USER        PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root          1  0.0  0.0   4272   604 ?        Ss   07:53   0:00 tail -f /dev/null /bootstrap.sh
root        243  0.0  0.1  20268  2688 pts/0    Ss   10:28   0:00 /bin/bash
fsaua     22666  1.2  0.1  12956  2952 ?        Ss   11:30   0:12 /opt/f-secure/fsaua/bin/fsaua
fsma      23283  0.0  0.1   4688  2700 ?        Ss   11:32   0:00 /opt/f-secure/fsma/bin/fvch
fsma      23305  0.0  0.0   5444     0 ?        S    11:32   0:00 /opt/f-secure/common/perl/bin/perl /opt/f-secure/fsav/sbin/fsadhd
fsma      23306  0.0  0.1   2792  2092 ?        S    11:32   0:00 /opt/f-secure/fsav/libexec/fsadhd -n
root      23336  0.0  0.1   5440  2528 ?        S    11:32   0:00 /opt/f-secure/fsav/perl/bin/perl -w /opt/f-secure/fsav/libexec/fslmalerter
root      23337  0.0  0.1   7972  3088 ?        S    11:32   0:00 /opt/f-secure/fsav/perl/bin/perl -w /opt/f-secure/fsav/bin/fsavpmd
root      23347  0.0  0.1   8916  3160 ?        S    11:32   0:00 /opt/f-secure/fsav/perl/bin/perl -w /opt/f-secure/fsav/bin/fsavpmd
root      23375  0.0  0.0   4336     0 pts/0    S    11:32   0:00 /bin/sh /opt/f-secure/fssp/libexec/fsupdated.rc start
root      23378  0.0  0.1   4128  3092 pts/0    S    11:32   0:00 /opt/f-secure/fssp/libexec/fsupdated -f
root      23402  0.5  7.7 2702400 157984 pts/0  Sl   11:32   0:04 /opt/f-secure/fsav/java/bin/java -Djava.util.logging.config.file=/opt/f-secure/fsav/tomcat/conf/logging.properties -Xms128m -Xmx256m -Djava.net.prefe
fsma      23403  0.0  0.0   4336   636 ?        S    11:32   0:00 /bin/sh /opt/f-secure/common/postgresql/bin/startup.sh
fsma      23405  0.0  0.5 150092 11960 ?        S    11:32   0:00 /opt/f-secure/common/postgresql/bin/postmaster -D /var//opt/f-secure/common/postgresql/data/
fsma      23412  0.0  0.2 150200  4580 ?        Ss   11:32   0:00 postgres: checkpointer process
fsma      23413  0.0  0.0 150092  1144 ?        Ss   11:32   0:00 postgres: writer process
fsma      23414  0.0  0.0 150092  1080 ?        Ss   11:32   0:00 postgres: wal writer process
fsma      23415  0.0  0.1 150380  3240 ?        Ss   11:32   0:00 postgres: autovacuum launcher process
fsma      23416  0.0  0.1   7600  2136 ?        Ss   11:32   0:00 postgres: stats collector process
fsma      23423  0.0  0.2 150884  4948 ?        Ss   11:32   0:00 postgres: fsalerts fsalerts [local] idle
root      23424  0.0  0.0 282324    92 ?        Ss   11:32   0:00 /opt/f-secure/fsav/bin/fstatusd
fsma      23430  0.0  0.2 150892  5096 ?        Ss   11:32   0:00 postgres: fsalerts fsalerts [local] idle
root      32000  0.0  0.1  17500  2148 pts/0    R+   11:46   0:00 ps aux

When I run FSAV with the --status option, I get 'F-Secure Anti-Virus daemon is not running'

 

Can you help?

 

Thanks,

 

Richard

 

 

 

Tags (2)
1 REPLY 1
Superuser

Re: FSAVD not installing on debian in Docker container

Hello,

> FSAVD not installing on debian in Docker container ...
> I am currently evaluating F-Secure as an option for on-demand scanning

F-Secure Linux Security 11.10 readme says:

"On-access scanning is not supported on Debian 8, because its kernel configuration has fanotify only partially enabled."

Best Regards: Tamas Feher, Hungary.