-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy pathINSTALL
244 lines (146 loc) · 5.69 KB
/
INSTALL
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
This software is GPL2!
This program is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
more details.
You MUST check your antivirus licence for the use with HAVP. Maybe you are
not allowed to use it with HAVP. We don't take ANY WARRANTY!!
UPGRADING
=========
Just install HAVP normally. Your config will be preserved, but check
havp.config for possible new options. Templates are overwritten, so if
you have your own, make sure it is not in any default directory.
BASIC INSTALLATION
==================
HAVP has been tested only with GCC 3.4+.
Other compilers like Sun Studio have some problems currently.
Installation:
# ./configure (if you don't want /usr/local, use --prefix=/other/path)
# make
# make install
You can use the following path options in configure:
--prefix base directory, default "/usr/local"
--sbindir location of havp-binary, default "$prefix/sbin"
--sysconfdir location of etc, default "$prefix/etc" (+ /havp)
--localstatedir location of pidfile, default "/var" (+ /run/havp)
Also "make install DESTDIR=/tmp/havp" is supported for helping
in creating packages etc.
It is recommended to create a havp user:
# groupadd havp
# useradd -g havp havp
Check the configfile: /usr/local/etc/havp/havp.config
If Linux is used, you need to enable mandatory locking for the partition
where your tempfiles are located. Solaris supports mandatory locking
without these extra steps:
If you only have root partition available, you can enable mandatory
locking support like this:
# mount -o remount,mand /
You can naturally use this for /var or any other partition. Also add
mand-option to /etc/fstab so it will stay after reboot.
Using tmpfs might have some problems, make sure you test it properly.
NOTE: Mandatory locking could make it possible for evil local accounts
to hang the system. You should run HAVP anyway on non-public server.
Make sure the directories you are using have correct permissions:
# chown havp /var/tmp/havp /var/log/havp /var/run/havp
# chmod 700 /var/tmp/havp /var/log/havp /var/run/havp
Start havp:
# /usr/local/sbin/havp -c /path/to/config
You can also install rc-script to your system from sources etc/init.d.
If you have problems check the logfiles:
/var/log/havp/havp.log
/var/log/havp/access.log
More information and help can be found at HAVP forum: http://havp.hege.li/
OS SPECIFIC INSTRUCTIONS
========================
Linux:
------
Use GCC 3.4+.
Solaris 9:
----------
You may need lots of swap space if you use library scanners (ClamAV and
Trophie). It wants to reserve it even when it is not really used. If there
is not enough, you will get fork errors. Worst case formula: (20MB *
USEDLIBRARYSCANNERS) * (USEDSCANNERS + 1) * SERVERNUMBER.
GCC 3.4.2 from sunfreeware.com is recommended.
You may need to fix GCC headers like this:
# cd /usr/local/libexec/gcc/*/3.4.2/install-tools
# ./mkheaders
Solaris 10:
-----------
Swap space is not an issue anymore.
Use GCC 3.4.x that comes bundled at /usr/sfw/bin/gcc.
It is installed from SUNWgcc package.
FreeBSD:
--------
Use GCC 3.4+ from ports. FreeBSD does not support mandatory locking, which
means KEEPBACK settings can not be used (only TRICKLING is supported). This
means everything is first downloaded fully and only then sent to client.
You need to use --disable-locking option to compile.
SCANNER SPECIFIC INSTRUCTIONS
=============================
ClamAV
------
Library is used directly, so there is no need for clamd running.
If you choose to use clamd (which is not recommended as library support has
less overhead), you need to enable AllowSupplementaryGroups in clamd.conf,
and add clamav user to havp group.
== NOTICE: ==
You must check your antivirus license before using HAVP with commercial
scanners. Usage might not be allowed. We do not give any warranty!
Kaspersky
---------
Tested with aveserver daemon found in Linux File Server and Linux Mail
Server package.
You should set ReportLevel=1 at [aveserver.report] section, so log will not
fill disk.
Trend Micro (Trophie)
---------------------
/etc/iscan must point to the directory where libvsapi.so and
virus patterns are located. Create link if necessary.
Trend library is used directly, so daemon is not required to be running.
You should naturally run some pattern update script, if Trend itself is
not running.
AVG
---
Recommended changes to avg.conf (version 7.5):
[AvgCommon]
heuristicAnalysis = 1
processesArchives = 1
[AvgDaemon]
# Raise number of daemons atleast equal to SERVERNUMBER/MAXSERVERS
numOfDaemons = xx
F-Prot
------
Supported.
NOD32
-----
Tested with Linux Mail Server and Linux File Server packages.
File Server version can not display virus names.
For version 3.0+, see settings in /etc/esets/esets.cfg (num_thrd etc). Also
you want to disable syslogging.
Sophos (Sophie)
---------------
You need to make sure Sophie is working first, you can get it from:
http://www.clanfield.info/sophie/
Change user or group to havp user in sophie.cfg, so it can read tempfiles.
Also change maxproc value to atleast SERVERNUMBER/MAXSERVERS value!
Avast!
------
Linux/Unix Servers version is required.
Recommended changes to avastd.conf:
# Raise number to atleast equal of SERVERNUMBER
daemoncount = XX
# Raise number to atleast equal of MAXSERVERS
maxdaemoncount = XX
archivetype = A
testall = 1
testfull = 0
Arcavir
-------
Start arcavird with enough processes, like "arcavird 16".
DrWeb
-----
Recommended changes to drweb32.ini:
; Raise number to atleast equal of SERVERNUMBER
MaxChildren = xx
PreFork = Yes