[opensuse] A BIG "show stopper" for openSUSE at the corporate level anyway!!
I rec'd a call from a sys. admin. out int he mid-west. He was looking to replace RH on a LARGE number of desktops AND servers, until he tried to install Antivir which has a dependency of dazuko. Now, if you want to be the "top dog" in the corporate world, you DON'T make it impossible or nearly so to run Antivir on openSUSE 11.0 by not allowing dazuko to run, nor be able to compile it. It appears to me and to MANY others that only one security module is allowed to run on openSUSE 11.0 and that is it's own AppArmor. Now, is all this correct or not?! IF not, then why did openSUSE 11.0 ship with a defective dazuko?! Antivir may not be critical for me, but it sure is for businesses of mixed environment. Someone had to know that this was defective before release. Fred -- This message originated from a Linux computer using Open Source software: openSuSE Linux 11.0 No Gates, no Windows....just Linux - STABLE & SECURE! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Fred A. Miller wrote:
I rec'd a call from a sys. admin. out int he mid-west. He was looking to replace RH on a LARGE number of desktops AND servers, until he tried to install Antivir which has a dependency of dazuko. Now, if you want to be the "top dog" in the corporate world, you DON'T make it impossible or nearly so to run Antivir on openSUSE 11.0 by not allowing dazuko to run, nor be able to compile it. It appears to me and to MANY others that only one security module is allowed to run on openSUSE 11.0 and that is it's own AppArmor.
Now, is all this correct or not?! IF not, then why did openSUSE 11.0 ship with a defective dazuko?! Antivir may not be critical for me, but it sure is for businesses of mixed environment. Someone had to know that this was defective before release.
Fred
I tried to overcome this handicap. I compiled a vanilla 2.6.25.9 kernel with all LSM's disabled (you cannot choose "make as module"). Installed antivir successfully. I then tried the SuSE dazuko--no go; still burps on redirfs on module load. Tried with downloaded redirfs, still a no go. Removed SuSE dazuko and redirfs; tried latest of each from the web. It appears there is no way to active ON-ACCESS antivir on SuSE 11.0. My $.02 worth. Ed -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Ed Harrison wrote:
Fred A. Miller wrote:
I rec'd a call from a sys. admin. out int he mid-west. He was looking to replace RH on a LARGE number of desktops AND servers, until he tried to install Antivir which has a dependency of dazuko. Now, if you want to be the "top dog" in the corporate world, you DON'T make it impossible or nearly so to run Antivir on openSUSE 11.0 by not allowing dazuko to run, nor be able to compile it. It appears to me and to MANY others that only one security module is allowed to run on openSUSE 11.0 and that is it's own AppArmor.
Now, is all this correct or not?! IF not, then why did openSUSE 11.0 ship with a defective dazuko?! Antivir may not be critical for me, but it sure is for businesses of mixed environment. Someone had to know that this was defective before release.
Fred
I tried to overcome this handicap.
I compiled a vanilla 2.6.25.9 kernel with all LSM's disabled (you cannot choose "make as module").
Installed antivir successfully.
I then tried the SuSE dazuko--no go; still burps on redirfs on module load. Tried with downloaded redirfs, still a no go.
Removed SuSE dazuko and redirfs; tried latest of each from the web.
It appears there is no way to active ON-ACCESS antivir on SuSE 11.0.
Confirmed! And, this IS why it's a "show stopper" for business.....AND some individuals as well. There's no excuse for it not working from the openSUSE repositories......period. Fred -- This message originated from a Linux computer using Open Source software: openSuSE Linux 11.0 No Gates, no Windows....just Linux - STABLE & SECURE! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
2008/7/5 Fred A. Miller
I rec'd a call from a sys. admin. out int he mid-west. He was looking to replace RH on a LARGE number of desktops AND servers, until he tried to install Antivir which has a dependency of dazuko. Now, if you want to be the "top dog" in the corporate world, you DON'T make it impossible or nearly so to run Antivir on openSUSE 11.0 by not allowing dazuko to run, nor be able to compile it. It appears to me and to MANY others that only one security module is allowed to run on openSUSE 11.0 and that is it's own AppArmor.
Now, is all this correct or not?! IF not, then why did openSUSE 11.0 ship with a defective dazuko?! Antivir may not be critical for me, but it sure is for businesses of mixed environment. Someone had to know that this was defective before release.
Fred
Hmm... A show stopper at the corporate level would be the lacking of fiber channel / storage tools... Something like fcinfo in solaris and definitevely better documentation (not even a mention of /sys/class/fc_host)... Ciro -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Ciro Iriarte wrote:
Now, is all this correct or not?! IF not, then why did openSUSE 11.0 ship with a defective dazuko?! Antivir may not be critical for me, but it sure is for businesses of mixed environment. Someone had to know that this was defective before release.
Fred
Hmm... A show stopper at the corporate level would be the lacking of fiber channel / storage tools... Something like fcinfo in solaris and definitevely better documentation (not even a mention of /sys/class/fc_host)...
LOL! For the corporate world, there is SLES and SLED, look into it... Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Joe Sloan wrote: Hi, I started to try to use the Antivir program for linux when I was first learning to use linux with Suse 10.1. I did this because I had used the Antivir program with Windows succesfully and was familiar with it. I first tried to install the rpm that Suse provided, but found that one had to obtain an hbdv key from Antivir to activate the program. A little research told me that it was practically impossible to obtain the key for the suse rpm. It was easier to get the tarball from antivir and install it, as it comes equipped with the key. I researched the installation and found that in order to get it to have real time antivirus protection, I had to install dazuko. Also, there are some issues to consider when installing it on suse that are known issues. I installed both dazuko and antivir, but it ended up that there were some problems with the installation and I spent a couple of months on the antivir forum trying to get them worked out. I was making some progress, but then I had to go away from home for an intensive three month school for my job so I gave up on the process. I did get it to work successfully as a manually controlled scanner. You may download the zipped file for antivir from here: http://www.free-av.de/en/download/download_servers.php Dazuko is include with the zipped file, but it isn't the latest version. The latest version of dazuko may be found here: http://www.dazuko.org/downloads.shtml Here is a list of instructions for installing dazuko: http://www.dazuko.org/howto-install.shtml Here are some special instructions for a dazuko suse installation, which allow you to use apparmor and dazuko at the same time: http://www.dazuko.org/tgen.shtml#SUSE Here is a list of the FAQ's for dazuko installation: http://www.dazuko.org/faq.shtml#10 Here is a list of available support sources for dazuko: http://www.dazuko.org/support.shtml Here is a list of available support sources for antivir: http://www.free-av.de/en/support/index.html I hope that these instructions will help you to succeed in successfully installing dazuko and antivir on your computers, and allow the show to go on. Regards, Mark Misulich -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
I never wrote any of this - why do you attribute it to me? Joe Mark Misulich wrote:
Joe Sloan wrote:
Hi, I started to try to use the Antivir program for linux when I was first learning to use linux with Suse 10.1. I did this because I had used the Antivir program with Windows succesfully and was familiar with it. I first tried to install the rpm that Suse provided, but found that one had to obtain an hbdv key from Antivir to activate the program. A little research told me that it was practically impossible to obtain the key for the suse rpm. It was easier to get the tarball from antivir and install it, as it comes equipped with the key. I researched the installation and found that in order to get it to have real time antivirus protection, I had to install dazuko. Also, there are some issues to consider when installing it on suse that are known issues. I installed both dazuko and antivir, but it ended up that there were some problems with the installation and I spent a couple of months on the antivir forum trying to get them worked out. I was making some progress, but then I had to go away from home for an intensive three month school for my job so I gave up on the process. I did get it to work successfully as a manually controlled scanner.
You may download the zipped file for antivir from here:
http://www.free-av.de/en/download/download_servers.php
Dazuko is include with the zipped file, but it isn't the latest version. The latest version of dazuko may be found here:
http://www.dazuko.org/downloads.shtml
Here is a list of instructions for installing dazuko:
http://www.dazuko.org/howto-install.shtml
Here are some special instructions for a dazuko suse installation, which allow you to use apparmor and dazuko at the same time:
http://www.dazuko.org/tgen.shtml#SUSE
Here is a list of the FAQ's for dazuko installation:
http://www.dazuko.org/faq.shtml#10
Here is a list of available support sources for dazuko:
http://www.dazuko.org/support.shtml
Here is a list of available support sources for antivir:
http://www.free-av.de/en/support/index.html
I hope that these instructions will help you to succeed in successfully installing dazuko and antivir on your computers, and allow the show to go on.
Regards, Mark Misulich
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Joe Sloan wrote:
I never wrote any of this - why do you attribute it to me?
Joe
Mark Misulich wrote:
Joe Sloan wrote:
Hi, I started to try to use the Antivir program for linux when I was first learning to use linux with Suse 10.1. I did this because I had used the Antivir program with Windows succesfully and was familiar with it. I first tried to install the rpm that Suse provided, but found that one had to obtain an hbdv key from Antivir to activate the program. A little research told me that it was practically impossible to obtain the key for the suse rpm. It was easier to get the tarball from antivir and install it, as it comes equipped with the key. I researched the installation and found that in order to get it to have real time antivirus protection, I had to install dazuko. Also, there are some issues to consider when installing it on suse that are known issues. I installed both dazuko and antivir, but it ended up that there were some problems with the installation and I spent a couple of months on the antivir forum trying to get them worked out. I was making some progress, but then I had to go away from home for an intensive three month school for my job so I gave up on the process. I did get it to work successfully as a manually controlled scanner.
You may download the zipped file for antivir from here:
http://www.free-av.de/en/download/download_servers.php
Dazuko is include with the zipped file, but it isn't the latest version. The latest version of dazuko may be found here:
http://www.dazuko.org/downloads.shtml
Here is a list of instructions for installing dazuko:
http://www.dazuko.org/howto-install.shtml
Here are some special instructions for a dazuko suse installation, which allow you to use apparmor and dazuko at the same time:
http://www.dazuko.org/tgen.shtml#SUSE
Here is a list of the FAQ's for dazuko installation:
http://www.dazuko.org/faq.shtml#10
Here is a list of available support sources for dazuko:
http://www.dazuko.org/support.shtml
Here is a list of available support sources for antivir:
http://www.free-av.de/en/support/index.html
I hope that these instructions will help you to succeed in successfully installing dazuko and antivir on your computers, and allow the show to go on.
Regards, Mark Misulich
Hi Joe, I didn't attribute this to you, it was my answer to you. The way it posted on the list, it posted my name on top of yours, on top of my reply to you. The quote lines on the side are missing as well. Please take time to read the post that I wrote, don't get hung up in some small detail of the post that didn't format correctly. The answer is intended to help you find a solution for the problem that you raised. Mark -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Mark Misulich wrote:
Hi Joe, I didn't attribute this to you, it was my answer to you. The way it posted on the list, it posted my name on top of yours, on top of my reply to you. The quote lines on the side are missing as well.
OK, so you a mistake in attribution, no problem - but exactly what question of mine were you answering? A snippet of my original post, if it exists, would be useful to determine context.
Please take time to read the post that I wrote, don't get hung up in some small detail of the post that didn't format correctly. The answer is intended to help you find a solution for the problem that you raised.
Interesting - I don't recall posting about any sort of problem - what sort of problem did you think I was having? Your post seems to indicate that I was asking about antivirus products, which would be rather unusual since I have no need for them. At any rate, I'm sure someone here may find it useful, but I'm still not sure how my name got connected with your answer. Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Your name got caught up in http://lists.opensuse.org/opensuse/2008-07/msg00669.html Because when Mr. Misulich snipped the comments, he must have inadvertently missed the add Joe Sloan wrote: Because you're original message is http://lists.opensuse.org/opensuse/2008-07/msg00674.html in reference to emc power path At least that's my best late night e-mail CSI skills. Thought I'd try to ave you both the time of figuring out what happened. -- Michael S. Dunsavage -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Michael S. Dunsavage wrote:
Your name got caught up in
http://lists.opensuse.org/opensuse/2008-07/msg00669.html
Because when Mr. Misulich snipped the comments, he must have inadvertently missed the add Joe Sloan wrote:
Because you're original message is
http://lists.opensuse.org/opensuse/2008-07/msg00674.html in reference to emc power path
At least that's my best late night e-mail CSI skills. Thought I'd try to ave you both the time of figuring out what happened.
Good work! Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Saturday 2008-07-05 at 20:20 -0700, Joe Sloan wrote:
I never wrote any of this - why do you attribute it to me?
I don't see it as attributed to you. Your text is missing: ]> LOL! For the corporate world, there is SLES and SLED, look into it... - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIcJyUtTMYHG2NR9URAu7iAJ4zv518tiRJ1PyQOF+evOwOT1r5LQCfVNfJ +E4JXX58VZF6zuVhzKc/da8= =HzXk -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Wednesday 2008-03-05 at 19:45 -0500, Mark Misulich wrote:
I first tried to install the rpm that Suse provided, but found that one had to obtain an hbdv key from Antivir to activate the program. A little research told me that it was practically impossible to obtain the key for the suse rpm.
Not true. I used the suse rpm and obtained my personal key very easily for several generations of suse. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIcJ1AtTMYHG2NR9URAv17AJ9ePVKbWm3OV3ayQluSwWkYiwpp1QCdFpAP 60EAv/++XwZk63Y9/SfSSMY= =y1VC -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
2008/7/5 Joe Sloan
Ciro Iriarte wrote:
Now, is all this correct or not?! IF not, then why did openSUSE 11.0 ship with a defective dazuko?! Antivir may not be critical for me, but it sure is for businesses of mixed environment. Someone had to know that this was defective before release.
Fred
Hmm... A show stopper at the corporate level would be the lacking of fiber channel / storage tools... Something like fcinfo in solaris and definitevely better documentation (not even a mention of /sys/class/fc_host)...
LOL! For the corporate world, there is SLES and SLED, look into it...
Joe
We use SLES, it's as lacking as opensuse in that field (storage administration/troubleshooting)... Ciro -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Ciro Iriarte wrote:
2008/7/5 Joe Sloan
: Ciro Iriarte wrote:
Now, is all this correct or not?! IF not, then why did openSUSE 11.0 ship with a defective dazuko?! Antivir may not be critical for me, but it sure is for businesses of mixed environment. Someone had to know that this was defective before release.
Fred
Hmm... A show stopper at the corporate level would be the lacking of fiber channel / storage tools... Something like fcinfo in solaris and definitevely better documentation (not even a mention of /sys/class/fc_host)... LOL! For the corporate world, there is SLES and SLED, look into it...
Joe
We use SLES, it's as lacking as opensuse in that field (storage administration/troubleshooting)...
Interesting... We have sles file servers hooked up to emc storage over fiber channel, nary a bit of trouble with it. Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Ciro Iriarte wrote:
2008/7/5 Joe Sloan
: Ciro Iriarte wrote:
Now, is all this correct or not?! IF not, then why did openSUSE 11.0 ship with a defective dazuko?! Antivir may not be critical for me, but it sure is for businesses of mixed environment. Someone had to know that this was defective before release.
Fred
Hmm... A show stopper at the corporate level would be the lacking of fiber channel / storage tools... Something like fcinfo in solaris and definitevely better documentation (not even a mention of /sys/class/fc_host)... LOL! For the corporate world, there is SLES and SLED, look into it...
Joe
We use SLES, it's as lacking as opensuse in that field (storage administration/troubleshooting)...
Interesting... We have sles file servers hooked up to emc storage over fiber channel, nary a bit of trouble with it.
Joe Hi Joe, here is the original post that I answered. It was simply a random choice that chose to enter the thread at this point. I hope that this will make it all clear to you now. Too bad the formatting mistake got in the way and made the post too difficult to understand, but in any event no one should have occasion to attribute anything to you now. / Mark Misulich wrote Hi, I started to try to use the Antivir program for linux when I was first learning to use linux with Suse 10.1. I did this because I had used the Antivir program with Windows succesfully and was familiar with it. I first tried to install the rpm that Suse provided, but found that one had to obtain an hbdv key from Antivir to activate the program. A
Joe Sloan wrote: little research told me that it was practically impossible to obtain the key for the suse rpm. It was easier to get the tarball from antivir and install it, as it comes equipped with the key. I researched the installation and found that in order to get it to have real time antivirus protection, I had to install dazuko. Also, there are some issues to consider when installing it on suse that are known issues. I installed both dazuko and antivir, but it ended up that there were some problems with the installation and I spent a couple of months on the antivir forum trying to get them worked out. I was making some progress, but then I had to go away from home for an intensive three month school for my job so I gave up on the process. I did get it to work successfully as a manually controlled scanner. You may download the zipped file for antivir from here: http://www.free-av.de/en/download/download_servers.php Dazuko is include with the zipped file, but it isn't the latest version. The latest version of dazuko may be found here: http://www.dazuko.org/downloads.shtml Here is a list of instructions for installing dazuko: http://www.dazuko.org/howto-install.shtml Here are some special instructions for a dazuko suse installation, which allow you to use apparmor and dazuko at the same time: http://www.dazuko.org/tgen.shtml#SUSE Here is a list of the FAQ's for dazuko installation: http://www.dazuko.org/faq.shtml#10 Here is a list of available support sources for dazuko: http://www.dazuko.org/support.shtml Here is a list of available support sources for antivir: http://www.free-av.de/en/support/index.html I hope that these instructions will help you to succeed in successfully installing dazuko and antivir on your computers, and allow the show to go on. Regards, Mark Misulich / As far as answering the question raised in the post, what I was answering was how to use dazuko and apparmor at the same time. You or anyone else will find the subject of apparmor and dazuko in the body of my answer, this will be found under suse installation issues. As you can see, I didn't address the issue of fiber optic tools. Mark -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Mark Misulich wrote:
Joe Sloan wrote:
Interesting... We have sles file servers hooked up to emc storage over fiber channel, nary a bit of trouble with it.
Joe
Hi Joe, here is the original post that I answered. It was simply a random choice that chose to enter the thread at this point. I hope that this will make it all clear to you now. Too bad the formatting mistake got in the way and made the post too difficult to understand, but in any event no one should have occasion to attribute anything to you now.
Sorry, miscommunication. There was nothing hard to understand in your thoughtful and well documented post. What I could not make sense of, was how my name got attributed to a posting on a subject of no relevance to me. Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
2008/7/5 Joe Sloan
Ciro Iriarte wrote:
2008/7/5 Joe Sloan
: Ciro Iriarte wrote:
We use SLES, it's as lacking as opensuse in that field (storage administration/troubleshooting)...
Interesting... We have sles file servers hooked up to emc storage over fiber channel, nary a bit of trouble with it.
Joe
It works, the problem is there are no diagnostic tools nor documentation.... I previous versions you got HBA info from /proc/scsi/lpfc (emulex) or /proc/scsi/qlaxxx (qlogic), new driver stores info on /sys/class/fc_host and had to find that out in forums... There's no info about that in the documentation... Also, how would you list all the visible luns per HBA (to check presentation issues)?, there's no documentation either, nor tools that do that.... Regards, Ciro -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Ciro Iriarte wrote:
2008/7/5 Joe Sloan
: Ciro Iriarte wrote:
2008/7/5 Joe Sloan
: Ciro Iriarte wrote: We use SLES, it's as lacking as opensuse in that field (storage administration/troubleshooting)... Interesting... We have sles file servers hooked up to emc storage over fiber channel, nary a bit of trouble with it.
Joe
It works, the problem is there are no diagnostic tools nor documentation.... I previous versions you got HBA info from /proc/scsi/lpfc (emulex) or /proc/scsi/qlaxxx (qlogic), new driver stores info on /sys/class/fc_host and had to find that out in forums... There's no info about that in the documentation...
Also, how would you list all the visible luns per HBA (to check presentation issues)?, there's no documentation either, nor tools that do that....
Well, we use emc powerpath, so the included utilities do what we need. Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Saturday 05 July 2008 04:24:22 pm Fred A. Miller wrote: ...
Now, is all this correct or not?! IF not, then why did openSUSE 11.0 ship with a defective dazuko?! Antivir may not be critical for me, but it sure is for businesses of mixed environment. Someone had to know that this was defective before release.
If you don't ask how to fix dazuko than the antivir discussion belongs to: - opensuse-security@opensuse.org security concerns for not working antivir, - opensuse-testing@opensuse.org for lack of testing and to see how one can help for 11.1 release, - opensuse-marketing@opensuse.org for market impact of antivir failure - opensuse-offtopic@opensuse.org for those that did not take time to test antivir before release and now find everyone else guilty ie. rants It might be good to consider: - http://en.opensuse.org/Antivir for those that want to contribute article about antivir, as it doesn't exist yet. See: http://en.opensuse.org/Special:Search?search=antivir&fulltext.x=44&fulltext.y=9&fulltext=Search and http://en.opensuse.org/Category:Security -- Regards, Rajko http://en.opensuse.org/ needs helpful hands. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sun, Jul 6, 2008 at 2:54 AM, Fred A. Miller
Now, is all this correct or not?! IF not, then why did openSUSE 11.0 ship with a defective dazuko?! Antivir may not be critical for me, but it sure is for businesses of mixed environment. Someone had to know that this was defective before release.
If antivirus is what you need, use clamAV + samba-vscan for "mixed environment", amavais+clamd+postfix for mail server. I was under the impression that dazuko is not the good way just to get anti-virus. Cheers -J -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
CyberOrg wrote:
On Sun, Jul 6, 2008 at 2:54 AM, Fred A. Miller
wrote: Now, is all this correct or not?! IF not, then why did openSUSE 11.0 ship with a defective dazuko?! Antivir may not be critical for me, but it sure is for businesses of mixed environment. Someone had to know that this was defective before release.
If antivirus is what you need, use clamAV + samba-vscan for "mixed environment", amavais+clamd+postfix for mail server.
I was under the impression that dazuko is not the good way just to get anti-virus.
I'm sure dazuko is not the greatest app. to access files via antivir. ClamAV also uses dazuko and WON'T run out-of-the-box in openSUSE 11.0 either. :( Antivir, by the way, is a much better application than ClaimAV and is what the particular state agency, I called a "firm" uses presently with a diff. Linux distro. If dazuko isn't written properly, then it's time it was fixed for a good replacement was found and used. Fred -- This message originated from a Linux computer using Open Source software: openSuSE Linux 11.0 No Gates, no Windows....just Linux - STABLE & SECURE! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, 07 Jul 2008 11:17:55 -0400, Fred A. Miller wrote:
If dazuko isn't written properly, then it's time it was fixed for a good replacement was found and used.
It's not that dazuko is written badly, it's just that some kernel developers think that on-access scanning isn't needed for Linux with the only exception being windows partitions/shares and there you can combine samba with a virus scanner. Philipp -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Monday 07 July 2008 16:28, Philipp Thomas wrote:
...
It's not that dazuko is written badly, it's just that some kernel developers think that on-access scanning isn't needed for Linux with the only exception being windows partitions/shares and there you can combine samba with a virus scanner.
Offhand, it seems like a fairly defensible position. On-access scanning is a horrible performance drain, especially for the class of applications that frequently access many different files in their normal operation. Two examples of such applications near and dear to my heart are servers (Web, file, etc.) and IDEs.
Philipp
Randall Schulz -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Philipp Thomas wrote:
On Mon, 07 Jul 2008 11:17:55 -0400, Fred A. Miller wrote:
If dazuko isn't written properly, then it's time it was fixed for a good replacement was found and used.
It's not that dazuko is written badly, it's just that some kernel developers think that on-access scanning isn't needed for Linux with the only exception being windows partitions/shares and there you can combine samba with a virus scanner.
Well, I disagree with them. On-access IS needed now and even more in the future! Fred -- This message originated from a Linux computer using Open Source software: openSuSE Linux 11.0 No Gates, no Windows....just Linux - STABLE & SECURE! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Monday 2008-07-07 at 20:30 -0400, Fred A. Miller wrote:
Philipp Thomas wrote:
If dazuko isn't written properly, then it's time it was fixed for a good replacement was found and used.
It's not that dazuko is written badly, it's just that some kernel developers think that on-access scanning isn't needed for Linux with the only exception being windows partitions/shares and there you can combine samba with a virus scanner.
Well, I disagree with them. On-access IS needed now and even more in the future!
But it is not needed for linux. It is only needed for linux boxes doing file serving for windows boxes! Ie, it can be better handled directly from samba, not from the kernel. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIcrmmtTMYHG2NR9URAnsdAKCB0w+8fUI9xGqadmAlxjW26ifikgCeIZKU +BOkPSsZXzaMC3EI+GUq3Kc= =fYQl -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Tue, 2008-07-08 at 02:49 +0200, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Monday 2008-07-07 at 20:30 -0400, Fred A. Miller wrote:
Philipp Thomas wrote:
If dazuko isn't written properly, then it's time it was fixed for a good replacement was found and used.
It's not that dazuko is written badly, it's just that some kernel developers think that on-access scanning isn't needed for Linux with the only exception being windows partitions/shares and there you can combine samba with a virus scanner.
Well, I disagree with them. On-access IS needed now and even more in the future!
But it is not needed for linux. It is only needed for linux boxes doing file serving for windows boxes! Ie, it can be better handled directly from samba, not from the kernel.
Excuse me, Aren't you aware that there _are_ files that are harmfull for linux/slowarez etc etc???? Rootkits, backdoors and all sort of nice "features" that can be included into usefull programs, Just waiting to be excecuted once as root. Some consider it "fun" to discreted a sloppy sysadmin... -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 09 Jul 2008 00:03:10 +0200, Hans Witvliet wrote:
Aren't you aware that there _are_ files that are harmfull for linux/slowarez etc etc???? Rootkits, backdoors and all sort of nice "features" that can be included into usefull programs, Just waiting to be excecuted once as root.
Guess why there are things like Apparmor? And to detect rootkits it doesn't need permanent on-access scanning which is, like Randall wrote, a terrible performance drain. Philipp -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Wednesday 2008-07-09 at 00:03 +0200, Hans Witvliet wrote:
Well, I disagree with them. On-access IS needed now and even more in the future!
But it is not needed for linux. It is only needed for linux boxes doing file serving for windows boxes! Ie, it can be better handled directly from samba, not from the kernel.
Excuse me, Aren't you aware that there _are_ files that are harmfull for linux/slowarez etc etc???? Rootkits, backdoors and all sort of nice "features" that can be included into usefull programs, Just waiting to be excecuted once as root.
But how would on-access-scan protect against that? - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIc/N3tTMYHG2NR9URAtohAJ4/ldh6Arn88N1lvdBBwpQPP2nPyACfcJjU /J6fBAh82uIzsVSFE/dk7ts= =5/YX -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 2008-07-09 at 01:08 +0200, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Wednesday 2008-07-09 at 00:03 +0200, Hans Witvliet wrote:
Well, I disagree with them. On-access IS needed now and even more in the future!
But it is not needed for linux. It is only needed for linux boxes doing file serving for windows boxes! Ie, it can be better handled directly from samba, not from the kernel.
Excuse me, Aren't you aware that there _are_ files that are harmfull for linux/slowarez etc etc???? Rootkits, backdoors and all sort of nice "features" that can be included into usefull programs, Just waiting to be excecuted once as root.
But how would on-access-scan protect against that?
side remark, we've limited the area where people can put their downloads.. As soon as one tries to open any file there, or move it, "onaccess" should step-in and check wether or not the file is safe. if not, the file is replaced by an empty one, with the extension ".contained_virus" hw -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Wednesday 2008-07-09 at 08:08 +0200, Hans Witvliet wrote:
"features" that can be included into usefull programs, Just waiting to be excecuted once as root.
But how would on-access-scan protect against that?
side remark, we've limited the area where people can put their downloads..
As soon as one tries to open any file there, or move it, "onaccess" should step-in and check wether or not the file is safe. if not, the file is replaced by an empty one, with the extension ".contained_virus"
It would be more efficient to have the download program check what its downloads automatically. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIdIp5tTMYHG2NR9URAukFAJ0XEepgqA+NRgRxMWLvGbeqlt0VPwCfSPLk JaNTBb9uI09exlB3R64+yqA= =DOVG -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
The Wednesday 2008-07-09 at 08:08 +0200, Hans Witvliet wrote:
side remark, we've limited the area where people can put their downloads..
As soon as one tries to open any file there, or move it, "onaccess" should step-in and check wether or not the file is safe. if not, the file is replaced by an empty one, with the extension ".contained_virus"
It would be more efficient to have the download program check what its downloads automatically.
Yes but then you have to know all the download mechanisms that all your users use and know that none of them are compromised. Hans' method lets you centralise the checking so you can be more sure of it. Cheers, Dave -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Wednesday 2008-07-09 at 11:00 +0100, Dave Howorth wrote:
It would be more efficient to have the download program check what its downloads automatically.
Yes but then you have to know all the download mechanisms that all your users use and know that none of them are compromised. Hans' method lets you centralise the checking so you can be more sure of it.
Yes, but... I can download to any directory. I would have to activate on-scan-access on my entire /home, which is some thing I refuse to endure for the loss of perfomance it means. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIdJBytTMYHG2NR9URAlkNAJ4gFZGW4wvj1Ve7Df+MWyAAEeFVBQCdEnmM Bms7/KtxdeBrQ+K+cIWmin0= =TlMj -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
The Wednesday 2008-07-09 at 11:00 +0100, Dave Howorth wrote:
It would be more efficient to have the download program check what its downloads automatically.
Yes but then you have to know all the download mechanisms that all your users use and know that none of them are compromised. Hans' method lets you centralise the checking so you can be more sure of it.
Yes, but... I can download to any directory. I would have to activate on-scan-access on my entire /home, which is some thing I refuse to endure for the loss of perfomance it means.
I guess you have different use cases. I suspect you care about a single user who you would trust to make correct use just of certified download programs. I suspect Hans has lots of users that he doesn't really trust at all (to be good, knowledgeable and careful :) Limiting the download area is IMHO a good option to be able to enforce a security policy with only slight inconvenience for users (one extra copy operation) and no requirement for perfect behaviour from the users'. Cheers, Dave -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 09 Jul 2008 12:18:26 +0200, Carlos E. R. wrote:
Yes, but... I can download to any directory. I would have to activate on-scan-access on my entire /home, which is some thing I refuse to endure for the loss of perfomance it means.
But Carlos, just because that's not a hit you're not willing to take doesn't mean nobody should have the option to have it. As Dave said, you have a different use case than other users. It works for you. It doesn't work for everyone. Jim -- Jim Henderson Please keep on-topic replies on the list so everyone benefits -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Jim Henderson wrote:
On Wed, 09 Jul 2008 12:18:26 +0200, Carlos E. R. wrote:
Yes, but... I can download to any directory. I would have to activate on-scan-access on my entire /home, which is some thing I refuse to endure for the loss of perfomance it means.
But Carlos, just because that's not a hit you're not willing to take doesn't mean nobody should have the option to have it.
As Dave said, you have a different use case than other users. It works for you. It doesn't work for everyone.
Linux, if it's about anything, it's about CHOICE! I don't appreciate being put into a box like with MickySoft. Neither do nor will newbies. But, software MUST work out-of-the-box with easy installs, or Linux WON'T ever gain much more traction on the desktop. That is not only a shame, but is just pure WRONG. A failure that will be propagated by a bunch of boneheaded elitists who can't see beyond the end of their noses. Fred -- This message originated from a Linux computer using Open Source software: openSuSE Linux 11.0 No Gates, no Windows....just Linux - STABLE & SECURE! -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
[This is my last mail on this topic - Period.] On Wed, 09 Jul 2008 16:42:50 -0400, Fred A. Miller wrote:
But, software MUST work out-of-the-box with easy installs, or Linux WON'T ever gain much more traction on the desktop.
Even those Windows antivirus programs I know need a bit of configuration before they work, so it's not a drop-in situation.
A failure that will be propagated by a bunch of boneheaded elitists who can't see beyond the end of their noses.
Could you possibly stop with personal insults for those people that don't share your POV? The only thing you'll achieve by that is populating kill filters, at least mine has a new entry now because I won't accept being insulted for having a different opinion. In a way your behavior is similar to that of Aaron. Philipp -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On July 9, 2008 02:34:14 pm Philipp Thomas wrote:
[This is my last mail on this topic - Period.]
On Wed, 09 Jul 2008 16:42:50 -0400, Fred A. Miller wrote:
But, software MUST work out-of-the-box with easy installs, or Linux WON'T ever gain much more traction on the desktop.
Even those Windows antivirus programs I know need a bit of configuration before they work, so it's not a drop-in situation.
A few days ago I had to install a small Windows partition to deal with some MS Access stuff I maintain. Naturally I added an antivirus program, as well as anti-spyware stuff. I used AVG's free version and there's no effort to configuring anything - answer a couple of questions and you're done. Certainly no more effort than adding Clam AV to my openSuse 11 partition. Both of them are essentially drop in situations. Bob -- bob@rsmits.ca -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 09 Jul 2008 16:42:50 -0400, Fred A. Miller wrote:
Jim Henderson wrote:
On Wed, 09 Jul 2008 12:18:26 +0200, Carlos E. R. wrote:
Yes, but... I can download to any directory. I would have to activate on-scan-access on my entire /home, which is some thing I refuse to endure for the loss of perfomance it means.
But Carlos, just because that's not a hit you're not willing to take doesn't mean nobody should have the option to have it.
As Dave said, you have a different use case than other users. It works for you. It doesn't work for everyone.
Linux, if it's about anything, it's about CHOICE! I don't appreciate being put into a box like with MickySoft. Neither do nor will newbies. But, software MUST work out-of-the-box with easy installs, or Linux WON'T ever gain much more traction on the desktop. That is not only a shame, but is just pure WRONG.
I don't disagree. But I have to again state: There is no need to engage in name calling to try to make your point. Doing so certainly doesn't help make a well-reasoned argument. Jim -- Jim Henderson Please keep on-topic replies on the list so everyone benefits -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Wed, 2008-07-09 at 12:18 +0200, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Wednesday 2008-07-09 at 11:00 +0100, Dave Howorth wrote:
It would be more efficient to have the download program check what its downloads automatically.
Yes but then you have to know all the download mechanisms that all your users use and know that none of them are compromised. Hans' method lets you centralise the checking so you can be more sure of it.
Yes, but... I can download to any directory. I would have to activate on-scan-access on my entire /home, which is some thing I refuse to endure for the loss of perfomance it means.
Well, besides that in my case, everything *should* first go i to an dedicated dl-directory before the users can access it, the main point is, that if the kernel gives a signal that a file has be closed/changed you can feed that info tho the virus-scanner, Isn't that what dazoku was intended to provide? You don't need an daemon to scan in order to tell you what is changed in a particular directory, as the kernel allread knows what is going on in any F.S. Just like the info obtained through lsof. Not? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Thursday 2008-07-10 at 00:03 +0200, Hans Witvliet wrote:
Well, besides that in my case, everything *should* first go i to an dedicated dl-directory before the users can access it, the main point is, that if the kernel gives a signal that a file has be closed/changed you can feed that info tho the virus-scanner, Isn't that what dazoku was intended to provide?
I think that info can be obtained from "famd". At least for a directory. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIdULZtTMYHG2NR9URAlfTAJ4sYTJ1TlEhTJDQ4i0pV0Er/8/ovACfbxkI oLdis6kIeGoZjEpU1boK5dY= =h9CK -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Thursday 2008-07-10 at 00:03 +0200, Hans Witvliet wrote:
Well, besides that in my case, everything *should* first go i to an dedicated dl-directory before the users can access it, the main point is, that if the kernel gives a signal that a file has be closed/changed you can feed that info tho the virus-scanner, Isn't that what dazoku was intended to provide?
I think that info can be obtained from "famd". At least for a directory. Well, nowadays you'd use inotify, which is built into the kernel, and essentially replaced dnotify, and famd is pretty well deprecated for
Carlos E. R. wrote: linux at this point, IIUC. FWIW inotify can provide verbose notification of any type of file access. I'm just starting to develop some scripts which use inotify to trigger certain actions in response to ftp file uploads. Joe Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Wednesday 2008-07-09 at 16:08 -0700, J Sloan wrote:
I think that info can be obtained from "famd". At least for a directory. Well, nowadays you'd use inotify, which is built into the kernel, and essentially replaced dnotify, and famd is pretty well deprecated for linux at this point, IIUC.
Interesting. Suse still runs famd. I had a bugzilla closed yesterday about famd that I opened months ago.
FWIW inotify can provide verbose notification of any type of file access. I'm just starting to develop some scripts which use inotify to trigger certain actions in response to ftp file uploads.
Interesting :-) - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIdUnQtTMYHG2NR9URAhKkAJ94DY8TObiZ1zTORxXINQ7+iYoloQCfc29G CQdGLkdigld5u0gP7QpflHQ= =g7/j -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Carlos E. R. wrote:
Interesting. Suse still runs famd. I had a bugzilla closed yesterday about famd that I opened months ago. Interesting, suse still ships famd? inotify has been included in the kernel since 2.6.13, and thus shipping in suse since 10.0 and sles since 10 -
Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Wednesday 2008-07-09 at 16:44 -0700, J Sloan wrote:
Carlos E. R. wrote:
Interesting. Suse still runs famd. I had a bugzilla closed yesterday about famd that I opened months ago. Interesting, suse still ships famd? inotify has been included in the kernel since 2.6.13, and thus shipping in suse since 10.0 and sles since 10 -
It does: nimrodel:/ # rpm -q -f `which famd` fam-server-2.7.0-106 nimrodel:/ # chkconfig fam fam off That's my chrooted factory partition (11.0). And in my main 10.3: nimrodel:~ # rpm -q -f `which famd` fam-server-2.7.0-70 nimrodel:~ # chkconfig fam fam on Interestingly, it is not activated in 11.0, but I dunno if that is an error or is correct. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIdVA5tTMYHG2NR9URAiz5AJ9afZZppMYL50Rd5YqNAhnA3UTq2QCfWvsE 7xe1waDnJZCnwlvguPDo4KI= =DbzB -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Fred A. Miller wrote:
I rec'd a call from a sys. admin. out int he mid-west. He was looking to replace RH on a LARGE number of desktops AND servers, until he tried to install Antivir which has a dependency of dazuko. Now, if you want to be the "top dog" in the corporate world, you DON'T make it impossible or nearly so to run Antivir on openSUSE 11.0 by not allowing dazuko to run, nor be able to compile it. It appears to me and to MANY others that only one security module is allowed to run on openSUSE 11.0 and that is it's own AppArmor.
Now, is all this correct or not?! IF not, then why did openSUSE 11.0 ship with a defective dazuko?! Antivir may not be critical for me, but it sure is for businesses of mixed environment. Someone had to know that this was defective before release.
Fred
Fred, dazuko already can run on 11.0 https://bugzilla.novell.com/show_bug.cgi?id=401920 Ivayllo -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (17)
-
Carlos E. R.
-
Ciro Iriarte
-
CyberOrg
-
Dave Howorth
-
Ed Harrison
-
Fred A. Miller
-
Hans Witvliet
-
J Sloan
-
Jim Henderson
-
Joe Sloan
-
Mark Misulich
-
Michael S. Dunsavage
-
Philipp Thomas
-
Rajko M.
-
Randall R Schulz
-
Rhaddamant
-
Robert Smits