ESET FILE SECURITY, Руководство по установке

Страница: 19 / 32

19
All opened, closed and executed files are scanned by the ESETS daemon for viruses. Based on
the result of such scans, access to given files is denied or allowed.
5.3.2. Installation and configuration
The
libesets_pac.so
library module is installed using a standard installation mechanism of
the preloaded libraries. One has just to define the environment variable ‘LD_PRELOAD‘ with the
absolute path to the
libesets_pac.so
library. For more information, please refer to the ld.so(8)
man page.
NOTE:
It is important that the ‘LD_PRELOAD‘ environment variable is defined only for the network
server daemon processes (ftp, Samba, etc.) that will be under control of the On-access scanner.
Generally, preloading LIBC calls for all operating system processes is not recommended, as this
can dramatically slow the performance of the system or even cause the system to hang. In this
sense, the ‘/etc/ld.so.preload‘ file should not be used, nor should the ‘LD_PRELOAD‘ environment
variable be exported globally. Both would override all relevant LIBC calls, which could lead to
system hang-up during initialization.
To ensure that only relevant file access calls within a given file system are intercepted,
executable statements can be overridden using the following line:
LD_PRELOAD=/path/to/libesets_pac.so COMMAND COMMAND-ARGUMENTS
where ‘COMMAND COMMAND-ARGUMENTS‘ is the original executable statement.
Review and edit the [global] and [pac] sections of the ESETS configuration file (esets.cfg). In
order for the On-access scanner to function correctly, you must define the file system objects
(i.e. directories and files) that are required to be under control of the preload library. This can be
achieved by defining the parameters of the ‘ctl_incl‘ and ‘ctl_excl‘ options in the [pac] section
of the esets.cfg configuration file. After making changes to the esets.cfg file, you can force the
newly created configuration to be re-read by reloading the ESETS daemon.
5.3.3. Tips
In order to activate the On-access scanner immediately after file system start-up, the ‘LD_
PRELOAD‘ environment variable must be defined within the appropriate network file server
initialization script.
EXAMPLE: Let‘s assume we want to have the On-access scanner to monitor all file system access
events immediately after starting the Samba server. Within the Samba daemon initialization
script (/etc/init.d/smb), we would replace the statement
daemon /usr/sbin/smbd $SMBDOPTIONS
with the following line:
LD_PRELOAD=/path/to/libesets_pac.so daemon /usr/sbin/smbd $SMBDOPTIONS
In this way, selected file system objects controlled by Samba will be scanned at system start-
up.
chapter 5
Integration with File System services