Kaspersky Anti-Virus 5.5 for Linux and FreeBSD Workstation and File Server MP2 CF1 (5.5.24) RELEASE NOTES ================================================================================ Released on (2006-12-12) Contents: * Fixed Problems * Product Overview * System Requirements * Product Installation & Upgrade * Known Issues & Workaround Fixed Problems -------------------------------------------------------------------------------- * (17350) It is impossible to use some programs at Linux 64 systems while kavmonitor is running. For example "vim", "file", "rpm". * (17696) It is impossible to compile qmail on the system running kav4fs/kav4ws. * (17740) Special types of FS: sysfs and devfs must be excluded from AV checking. * (17837) If a user configures an ftp server under chroot at the system protected by the kavmonitor, this ftp able to receive and send viruses to clients. * (17871) cvsup hangs until the kavmonitor is stopped. * (18155) ftp server at the system protected by the kavmonitor closes the connection if a user tries to download an infected file. Product Overview -------------------------------------------------------------------------------- Kaspersky Anti-virus for Linux and FreeBSD Workstation and File Server is designed to provide protection of file servers and workstations running Linux or FreeBSD operating systems. Kaspersky Anti-Virus for Linux and FreeBSD allows to: * Ensure real-time protection of the file system against malicious code: intercept and analyze attempts to access files, disinfect and delete infected objects. * Scan objects on-demand: search infected and suspicious files (including files in the specified scan scopes); analyze files; disinfect or delete infected objects. * Quarantine suspicious and corrupted objects: save suspicious files in the quarantine folder. * Create a copy of the infected object in the backup storage before attempting to disinfect or deleting such object for the possible restoration of the object if it contains valuable information. * Update the anti-virus database; the database is updated from the Kaspersky Lab's updates servers. The user can also configure the application so that the database is updated from the local folder. * Control and configure Kaspersky Anti-Virus using the application configuration file and web-based interface Webmin. System Requirements -------------------------------------------------------------------------------- Minimal hardware requirements: * Processor Intel Pentium 133 MHz or higher; * 64 MB RAM. * 100 MB free hard drive space for installation of the application and storage of temporary files. Software requirements: 1. Supported operating systems: a. 32-bit platforms: * RedHat Fedora Core 5. (kernel: 2.6.15-.2054) * Novell Linux Desktop 9. (kernel: 2.6.5-7.111) * RedHat Linux 9.0. (kernel: 2.4.20-8) * RedHat Enterprise Linux Advanced Server 4 UPD3. (kernel: 2.6.9-34EL (amd64)) * SUSE Linux Enterprise Server 9.0 SP3. (kernel: 2.6.5-7.97) * SUSE Linux Professional 10.1. (kernel: 2.6.16.13-4) * Debian GNU/Linux 3.1 R2. (kernel: 2.4.27-2) * Mandriva 2006. (kernel: 2.6.12-12mdksmp) * FreeBSD 4.11. (kernel: GENERIC/SMP) * FreeBSD 5.4. (kernel: GENERIC/SMP) * FreeBSD version 6.1. (kernel: GENERIC/SMP) b. 64-bit platforms: * RedHat Enterprise Linux Advanced Server 4 UPD3. (kernel: 2.6.9-34EL (amd64)) * RedHat Fedora Core 5. (kernel: 2.6.15-1.2054_FC5) * SUSE Linux Professional 10.1. (kernel: 2.6.16.13-4) * SUSE LES 9 SP3. (kernel: 2.6.5-7.97) 2. Perl interpreter - version 5.0 or higher (www.perl.org). 3. The which utility installed. 4. Software compilation packages installed (gcc, binutils, glibc-devel, make, ld) and preinstalled operating system kernel code for using the kavmonitor component. 5. [optional] Webmin package (www.webmin.com) - for remote administration of Kaspersky Anti-Virus. Product Installation & Upgrade -------------------------------------------------------------------------------- Installation from scratch: To install the product use the system specific command: on Linux/RPM: rpm -i .rpm on Linux/Debian: dpkg -i .deb on FreeBSD: pkg_add .tgz Upgrade from the previous version: IMPORTANT! Upgrade option is not supported by this product version. If you have previous version of the Kaspersky Anti-Virus for Linux and FreeBSD Workstation and File Server installed, please uninstall it first before installing new version. NOTE: If you have a previous version of the product installed, the kavmonitor must be stopped manually before the old version uninstallation Known Issues & Workarounds -------------------------------------------------------------------------------- * (15224) If you have a previous version of the product installed, the kavmonitor must be stopped manually before the old version uninstallation * (12500) Sometimes a warning displayed in console after the product installation from .rpm on FC5 and Mandriva-2006: useradd: warning: the home directory already exists. Not copying any file from skel directory into it. Kaspersky Anti-Virus for Unix has been installed successfully but needs to be properly configured before using. Unfortunately, RPM is not able to run scripts interactively, so please run /opt/kav/5.5/kav4unix/setup/postinstall.pl script by yourself to configure it. No workaround needed, please simply ignore this warning message. * (15037) Sometimes on FreeBSD 4.11 after pkg_add the product Webmin module does not appear in the section "Others" of the Webmin. The problem is in the Webmin itself and exists in Webmin versions from 1.90 to 1.170 inclusively. The Webmin installation script sets incorrect permissions for Webmin users. There are 2 possible workarounds: * To Upgrade your Webmin to V1.180 and to reinstall the product Webmin module * To correct Webmin permissions manually by setting required rights for appropriate webmin user in "Webmin->User Configuration" * (15225) vox.sh cannot be user as an Exec argument. It functions only as a standalone utility. * (15728) If a user disables the ichecker in the section [monitor.options] of the configuration file and makes the "kavmonitor reload", the ichecker still works. It is turned off only after the "kavmonitor restart". * The product is incompatible with SELinux * (17793) The kavmonitor cannot be compiled on the FC5 with latest kernel updates. * (17827) The product module kavmonitor is incompatible with capability.ko The workaround: 1. stop kavmonitor 2. modprobe capability 3. start kavmonitor * (17848) The kavmonitor can work quite slow and consume a lot of CPU. If it happens, please turn off the "Archives" configuration option in the [monitor.options] section of the product configuration file. For safety reasons this option is turned on by default. * (18212) The product is incompatible with unionfs at FreeBSD