Sophos Anti-Virus for Linux, version 6 installation notes --------------------------------------------------------- www.sophos.com Contents -------- 1 System requirements 2 Install or upgrade Sophos Anti-Virus across a network 3 Install or upgrade Sophos Anti-Virus on a single computer 4 Start or stop on-access scanning 5 Scan the computer immediately 6 Uninstall Sophos Anti-Virus Technical support 1 System requirements ------------------------- See Sophos support knowledgebase article 14377 (www.sophos.com/support/knowledgebase/article/14377.html). 2 Install or upgrade Sophos Anti-Virus across a network ----------------------------------------------------------- You INSTALL Sophos Anti-Virus on networked Linux computers as follows: * Create a central installation directory (CID) on a server. This is a set of files that includes everything needed for installation. * Install Sophos Anti-Virus across the network from the CID. You UPGRADE Sophos Anti-Virus on networked Linux computers as follows: * Upgrade the central installation directory (CID) on the server. When the computers next update, they will download the latest version from the CID. 2.1 Create or upgrade the CID on the server You can use one of the following methods: * download and use a tarball (section 2.1.1) * use the "Sophos Standalone Install CD" (section 2.1.2). 2.1.1 Download and use a tarball 1. Log on to your Linux server as root. 2. Download the Sophos Anti-Virus for Linux tarball from the Sophos Anti-Virus for Linux, version 6 download web page to a temporary directory. 3. Change to the temporary directory and untar the tarball: tar -xzvf 4. Run the install script: ./sophos-av/install.sh 5. If you are upgrading Sophos Anti-Virus, when prompted for the installation location, you must enter the same one as you used for version 5. 6. When prompted for the type of auto-update you require, select "Sophos". Enter the username and password that are included with your licence. 7. Sophos Anti-Virus is installed or upgraded in the directory that you selected. The commands in these notes assume that you have installed Sophos Anti-Virus in /opt/sophos-av. If you haven’t, you must substitute the installation directory that you are using. For version 6 of Sophos Anti-Virus, the CID is created by default in /opt/sophos-av/update/cache/Primary. For version 5 of Sophos Anti-Virus, the CID was originally created by default in /opt/sophos-av/update/LOCAL/PACKAGE. NOTE Sophos recommends that you ensure that other computers will have only read access to the CID. 8. Run the update script to download the central installation files from Sophos: /opt/sophos-av/bin/savupdate The CID will update itself automatically from Sophos. By default, it will do this every 60 minutes, provided that the computer is connected to the internet. If you are UPGRADING Sophos Anti-Virus, you have completed the process. When the computers next update, they will download the latest version from the CID. To continue INSTALLING Sophos Anti-Virus, go to section 2.2. 2.1.2 Use the "Sophos Standalone Install CD" 1. Log on to your Linux server as root. 2. Mount the "Sophos Standalone Install CD". The exact command will vary according to your flavour of Linux, but it will look like this: mount /dev/cdrom /mnt/cdrom 3. Change to the sav-linux directory on the CD and run the install script: cd sav-linux ./install.sh 4. If you are upgrading Sophos Anti-Virus, when prompted for the installation location, you must enter the same one as you used for version 5. 5. When prompted for the type of auto-update you require, select "Sophos". Enter the username and password that are included with your licence. 6. Sophos Anti-Virus is installed or upgraded in the directory that you selected. The commands in this guide assume that you have installed Sophos Anti-Virus in /opt/sophos-av. If you haven’t, you must substitute the installation directory that you are using. For version 6 of Sophos Anti-Virus, the CID is created by default in /opt/sophos-av/update/cache/Primary. For version 5 of Sophos Anti-Virus, the CID was originally created by default in /opt/sophos-av/update/LOCAL/PACKAGE. NOTE Sophos recommends that you ensure that other computers will have only read access to the CID. 7. Run the update script to download the central installation files from Sophos: /opt/sophos-av/bin/savupdate The CID will update itself automatically from Sophos. By default, it will do this every 60 minutes, provided that the computer is connected to the internet. If you are UPGRADING Sophos Anti-Virus, you have completed the process. When the computers next update, they will download the latest version from the CID. To continue INSTALLING Sophos Anti-Virus, continue to section 2.2. 2.2 Install Sophos Anti-Virus from the CID Having created the CID, you install Sophos Anti-Virus on the rest of the network as follows: * Create a distribution package that can be used to install Sophos Anti-Virus on other computers. * Install Sophos Anti-Virus on each computer using the distribution package. 2.2.1 Create a distribution package You can use the mkinstpkg script to create a distribution package for your end-users. This script uses the same display as the install script, and the answers gathered are inserted into the distribution package. When the end-user installs from the distribution package, it will not ask them any questions and will set up both the update location and credentials for them correctly. You can create a package in tar or RPM format. 1. Log on to your Linux server as root. 2. If you created the CID in a Windows share, mount this directory. (To enable this directory to be mounted automatically on system boot, use distribution-specific tools for doing so, or edit /etc/fstab.) 3. Change to the CID. To create a distribution package in tar format, called savinstpkg.tgz, run ./mkinstpkg.sh To create a distribution package in RPM format, called savinstpkg-0.0-1.i586.rpm, run ./mkinstpkg.sh -r NOTE The filename might be slightly different depending on the RPM setup. 4. Use your own tools to copy this package to the computers where you want to install Sophos Anti-Virus. 2.2.2 Install Sophos Anti-Virus using the distribution package On each Linux computer, do as follows. 1. Log on as root. 2. Ensure that root is able to access the CID, for example by mounting the share. 3. Place the distribution package in a temporary directory and change to that directory. 4. To untar the tar package and run the manual update script, enter tar -zxvf savinstpkg.tgz ./sophos-av/install.sh To install from the RPM package, enter rpm -i This copies the necessary files from the server and installs Sophos Anti-Virus. From now on, Sophos Anti-Virus will be updated automatically on each Linux computer whenever the CID is updated. 3 Install or upgrade Sophos Anti-Virus on a single computer --------------------------------------------------------------- You can use one of the following methods: * download and use a tarball (section 3.1) * use the "Sophos Standalone Install CD" (section 3.2). 3.1 Download and use a tarball 1. Log on to your Linux computer as root. 2. Download the Sophos Anti-Virus for Linux tarball from the Sophos Anti-Virus for Linux, version 6 download web page to a temporary directory. 3. Change to the temporary directory and untar the tarball: tar -xzvf 4. Run the install script: ./sophos-av/install.sh 5. If you are upgrading Sophos Anti-Virus, when prompted for the installation location, you must enter the same one as you used for version 5. By default, this was /opt/sophos-av. 6. When prompted for the type of auto-update you require, select "Sophos". Enter the username and password that are included with your licence. 7. Sophos Anti-Virus is installed or upgraded in the directory that you selected. The commands in these notes assume that you have installed Sophos Anti-Virus in /opt/sophos-av. If you haven’t, you must substitute the installation directory that you are using. Sophos Anti-Virus will update itself automatically from Sophos. By default, it will do this every 60 minutes, provided that the computer is connected to the internet. 3.2 Use the "Sophos Standalone Install CD" 1. Log on to your Linux computer as root. 2. Mount the "Sophos Standalone Install CD". The exact command will vary according to your flavour of Linux, but it will look like this: mount /dev/cdrom /mnt/cdrom 3. Change to the sav-linux directory on the CD and run the install script: cd sav-linux ./install.sh 4. If you are upgrading Sophos Anti-Virus, when prompted for the installation location, you must enter the same one as you used for version 5. By default, this was /opt/sophos-av. 5. When prompted for the type of auto-update you require, select "Sophos". Enter the username and password that are included with your licence. 6. Sophos Anti-Virus is installed or upgraded in the directory that you selected. The commands in these notes assume that you have installed Sophos Anti-Virus in /opt/sophos-av. If you haven’t, you must substitute the installation directory that you are using. Sophos Anti-Virus will update itself automatically from Sophos. By default, it will do this every 60 minutes, provided that the computer is connected to the internet. 4 Start or stop on-access scanning -------------------------------------- By default, on-access scanning starts every time the computer is started. However, you can start and stop on-access scanning manually. You can do this in the GUI or at the command line. 4.1 Start or stop on-access scanning in the GUI 1. Open the Sophos Anti-Virus GUI. At the home page, click "Control". 2. If on-access scanning is off, click "Enable On-access Scanning" to start it. If it is on, click "Disable On-access Scanning" to turn it off. NOTE In some web browsers, the page must be manually refreshed for changes in status to be displayed. 4.2 Start or stop on-access scanning from the command line To start on-access scanning, type /opt/sophos-av/bin/savdctl enable To stop on-access scanning, type /opt/sophos-av/bin/savdctl disable 5 Scan the computer immediately ----------------------------------- If you accepted the default settings, the computer is automatically protected by on-access scanning for viruses/spyware. You can also scan the computer at any time by using the on-demand scanner. The scanner is called savscan and it is installed in /usr/local/bin. 5.1 Scan the computer To scan the whole computer for viruses/spyware, type savscan / 5.2 Scan a directory To scan a particular directory or file for viruses/spyware, specify the path to the item to be scanned: savscan /usr/mydirectory 5.3 Get help with the on-demand scanner For help using the on-demand scanner, view the man page or type savscan -h 6 Uninstall Sophos Anti-Virus --------------------------------- To uninstall Sophos Anti-Virus, go to each Linux computer and run the uninstall script: /opt/sophos-av/uninstall.sh If the savd daemon is running, the script will prompt you to stop it. The uninstall script deletes * sav-protect from the system startup * the Sophos Anti-Virus man pages in /usr/share/man * the savscan on-demand scanner in /usr/local/bin * /opt/sophos-av and its contents. Technical support ----------------- For technical support, visit www.sophos.com/support. If you contact technical support, provide as much information as possible, including the following: * Sophos software version number(s) * Operating system(s) and patch level(s) * The exact text of any error messages