cutemeli/server
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2adfbd9ea73fc04955d459a3e37101263067ebdb
server/opt/drweb/doc/updater/readme.update
cutemeli 2adfbd9ea7 .gitignore angepasst
2026-01-07 20:52:11 +01:00

534 lines
19 KiB
Plaintext
Raw Blame History

Doctor Web, Ltd.
Dr.Web(R) for Linux
Updating components
Administrator Manual
Version 6.0.2.9
====================================================================
All the materials published herein are the property of Doctor Web, Ltd.
and may not be reproduced in any form without written permission of
Doctor Web, Ltd. and proper attribution.
Dr.Web is a registered trademark of Doctor Web, Ltd.
Other product names mentioned herein are trademarks or registered
trademarks of their respective companies.
There might be further improvements and changes in the software not
described in this manual. The revised and amended versions of
this manual are available at www.drweb.com.
====================================================================
(C) 2003-2012 Doctor Web, Ltd.
Russia, Moscow - Saint Petersburg
http://www.drweb.com/
CONTENTS
1. INTRODUCTION
2. UPDATING SCRIPT OF THE PROGRAM AND THE VIRUS BASES
2.1. Running the updating script. Command line options
2.2. Blocking updates for selected components
2.3. Restoring updates
2.4. Configuration file. Updating parameters
3. CONTACTS
1. INTRODUCTION
Dr.Web program components require regular updating.
For successful operation of antivirus and traffic filtering modules, virus
bases of the known viruses and content-specific black and white lists must
be updated regularly.
For successful updating of virus bases a valid license key file is required.
It has limited term of use. Before each updating Dr.Web Updater checks how
many days are left before license expiration. If the number of days left is equal
to or less then the value of ExpiredTimeLimit parameter from the correspondingS
section of drweb32.ini configuration file, then Dr.Web Updater tries to renew
the license key file automatically (renewal attempts are made at every start
until successful renewal).
Note:
Dr.Web Updater performes license key file renewal in two modes: using SSL
protocol or using some other protocols. SSL mode is chosen when Net::SSLeay
perl module is installed to the system. Otherwise Non-SSL mode will be chosen.
Virus base contains several *.vdb files, representing separate parts
of it. On update servers these files are also stored in lzma-archives.
When new viruses appear, small files (only several Kbytes in size) with base
segments describing these viruses are released for amendment.
Add-ons are the same for all supported platforms. There are two types of them:
daily "hot" add-ons (drwtoday.vdb) and regular weekly updates (drwXXXYY.vdb -
where XXX is for untivirus version number, and YY is a sequential number,
beginning from 00).
"Hot" add-ons may be issued daily or even several times a day to provide
effective protection against new viruses. This type of add-ons must be
installed over the old ones: i.e. previous drwtoday.vdb file will be
overwritten.
When new regular add-on is released, all records from drwtoday.vdb are copied
to drwXXXYY.vdb, and new empty drwtoday.vdb file is issued.
If you want to update virus base manually, you must install all missing
regular add-ons first, and then overwrite drwtoday.vdb file.
To add the add-on to the main virus base place corresponding file to
/var/drweb/bases/ directory or to any other directory
specified in the configuration file.
Signatures for virus-like malicious programs (adware, dialers, hacktools,
etc.) are supplied in two additional files - drwrisky.vdb <20> drwnasty.vdb -
with the structure similar to virus bases. These files are also updated
regularly: dwrXXYYY.vdb and dwnXXYYY.vdb are for regular updates, and
dwrtoday.vdb and dwntoday.vdb are for "hot" updates.
From time to time (as brand new viruses and antivirus techniques appear),
new versions of the antivirus package are released, containing the updated
algorithms, implemented in the antivirus Engine. At the same time, all
released add-ons are brought together, and the new package version is
completed with the updated main virus base with descriptions of all known
viruses.
After regular updating, virus bases attain the following structure:
- drwebase.vdb - general virus database, received with the new version of the
package;
- drwXXXXX.vdb - regular weekly add-ons;
- drwtoday.vdb - "hot" add-ons issued daily or several times a day;
- drwnasty.vdb - general database of malware, received with the new version
of the package;
- dwnXXXYY.vdb - regular weekly add-ons;
- dwntoday.vdb - "hot" add-ons issued daily or several times a day;
- drwrisky.vdb - general database of riskware, received with the new version
of the package;
- dwrXXXYY.vdb - regular weekly add-ons;
- dwrtoday.vdb - "hot" add-ons issued daily or several times a day.
Content-specific black and white lists consist of files with *.dws extension.
Every file contains list of URLs access to which must be blocked or permitted.
On update servers these files can also be stored in lzma-archives.
- dwfXXXNN.dws - predefined black list, where XXX is for theme of the list
(e.g. "prn" means "porno", "mlw" means "malware"), and YY is a sequential
number of the list devoted to the specific theme.
- white_dwfXXX.dws - predefined white list, where XXX is for theme of the list.
If there is no need in updating these lists, then icap.drl file must be
removed or deleted from directory containing drl-files (path to this directory
is specified as a value of DrlDir parameter described below).
For automatic receipt and installation of the anti-virus add-ons and
content-specific black and white lists you must use a special updating module.
Please note, that the updating module requires the installed Perl 5.8.0 or higher.
2. UPDATING MODULE Dr.Web Updater
2.1. Running the updating module. Command line parameters
Updating module Dr.Web Updater is a script "update.pl" written in perl.
It can be found in directory containing executable program files.
Dr.Web Updater settings are stored in main configuration file (drweb32.ini
by default) from /etc/drweb directory.
To run the script use the following command:
> /opt/drweb/update.pl [parameters]
--help parameter is used to show brief usage summary.
To use another configuration file, specify full path to it with --ini command
line parameter. If the name of the configuration file is not specified,
/etc/drweb/drweb32.ini is used.
Example:
> /opt/drweb/update.pl -ini=/etc/drweb/drweb32.conf
--what command line parameter allows to temporarily override value of Section
parameter on Updater's launch. Parameter will take effect until next start of
the script. Possible values: scanner or daemon.
Example:
> /opt/drweb/update.pl --what=Scanner
--components parameter is used to view a list of all product components available
for update.
Example:
> /opt/drweb/update.pl --components
--not-need-reload parameter can also be specified as command line parameter.
It can be used in several ways:
a. If --not-need-reload parameter is not specified, maild, icapd and drwebd
daemons will be reloaded after update.pl script finishes its work.
(Note: daemons will be reloaded only if any of their components has been
updated/removed/added during script operation.)
b. If --not-need-reload parameter is specified, but no value is set for it,
maild, icapd, drwebd and lotusd daemons will not be reloaded after update.pl
script finishes its work.
c. Daemons names are used as values for --not-need-reload parameter. Several
names can be specified in one string, without white spaces and with comma,
used as delimiter. Values are case insensitive.
Daemons, which names are specified as parameter values, will not be
reloaded.
Allowed parameter values are: maild, icapd, drwebd, lotusd.
Examples:
1) /opt/drweb/update.pl --not-need-reload
2) /opt/drweb/update.pl --not-need-reload=maild,icapd
3) /opt/drweb/update.pl --not-need-reload=drwebd
The updating process includes the following stages:
- Dr.Web Updater reads the configuration file;
- Parameters to be used are located in [Updater] section of configuration
file, as well as the following:
EnginePath - serves both to determine the Daemon version and to specify
the directory, where updated drweb32.dll file is downloaded;
VirusBase - serves to specify the directory, where updated virus bases are
downloaded.
UpdatePath - serves to specify the directory, where all other updated files
are downloaded.
PidFile - serves to specify path to file, from which the drwebd process identifier
used for the reload of the Daemon reload is read.
- Dr.Web Updater requests the list of updates from the server, then tries to
download lzma-archives of the corresponding bases. If no lzma-archives are
found, it downloads necessary bases in *.vdb and *.dws formats. To extract
files from lzma-archives special lzma-utility is used, path to which is
specified by LzmaDecoderPath parameter value in the [Updater] section.
- Downloaded updates are placed to the corresponding directories as it is
described above. All files for the current Dr.Web version will be downloaded.
If some sections of any previous versions are found, only *.vdb files will
be downloaded.
2.2. Blocking updates for selected components
You can configure Updater to block updates for selected components of
your Dr.Web solution. To view the list of available components, use
--components command-line parameter.
Example:
# ./update.pl --components
Available Components:
agent
drweb (frozen)
icapd (frozen)
vaderetro_lib
If updates for any component are blocked, that component will be marked
as frozen. Frozen components will not be updated when Updater is ran.
2.2.1. Blocking updates
To block updates for specific component use --freeze=<components> command-
line parameter, where <components> is a comma-delimited list of names of
components to be frozen.
Example:
# ./update.pl --freeze=drweb
Updates for component 'drweb' are frozen.
Run command './updater --unfreeze=drweb' to start updates again.
2.2.2. Unblocking updates
To once again enable updates for a frozen component, use
--unfreeze=<components> command-line parameter, where <components> is a comma-
delimited list of names of components to be unfrozen.
Example:
# ./update.pl --unfreeze=drweb
Updates for component 'drweb' are no longer frozen.
Please note, that Unfreezing will not update the component.
2.3. Restoring updates
When updating components of your Dr.Web solution, back-up copies will be saved
in Updater working directory. It enables you to restore any component to its
previous state in case there are some problems with the update. To restore
component to a previous state, use --restore=<components> command-line parameter,
where <components> is a comma delimited list of components to be restored.
Example:
# ./update.pl --restore=drweb
Restoring backup for component 'drweb'...
Updates for component 'drweb' are frozen.
Run command './updater --unfreeze=drweb' to start updates again.
Backup for component 'drweb' has been restored!
Dr.Web (R) restore details:
Following files has been restored:
/var/drweb/bases/drwtoday.vdb
/var/drweb/bases/dwntoday.vdb
/var/drweb/bases/dwrtoday.vdb
/var/drweb/bases/timestamp
/var/drweb/updates/timestamp
Please note, that component will be automatically frozen after restoring. To enable
updates for a restored component you need to unfreeze it.
2.4. Configuration file. Parameters for updating module
The configuration file is a text file, therefore it can be edited by any text
editor. It has the following structure:
--- Beginning of file ---
[Name of section 1]
Parameter1 = value1, ..., valueK
.....
ParameterM = value1, ..., valueK
......
[Name of section X]
Parameter1 = value1, ..., valueK
.....
ParameterY = value1, ..., valueK
--- end of file ---
If the line begins with ";" or "#" symbols, it is considered to be the line of
comments. These lines are skipped when reading parameters from the
configuration file.
If any parameter is commented out or not specified, it does not mean
that this parameter has no value. In this case the hardcoded default value
will be used. Only some parameters are optional or do not have default values.
Every such case will be described separatedly.
Parameter values can be included in brackets (and must be included
in brackets when contain white spaces). Some parameters can have several
values, with comma used as delimiter. If values are included in {},
then the parameter may take only one value from the specified.
Settings for Dr.Web Updater module can be found in [Updater] section of the
main configuration file.
Updating script settings section name - [Updater].
The parameters will be described as follows:
ParameterName = ParameterPseudoValue
Parameter description
May have or not several values
Default value:
{value | unspecified}
Below you will find descriptions of all available parameters:
UpdatePluginsOnly = {Yes | No}
With Yes value specified Dr.Web Updater will not update
Daemon and Scanner. It will update only plug-ins.
Default value:
No
Section = {Daemon | Scanner}
Specifies from which section of configuration file Updater
will take settings to determine program version, paths to
virus databases, etc. Possible values: Scanner, Daemon.
Value of this parameter can be temporarily overriden by
--what command line parameter. Parameter will take effect
until next start of the script.
Default value:
Daemon
ProgramPath = {path to file}
Path to Daemon or Scanner. It is used by the Dr.Web
Updating System for getting the product version and API
information of the installed binary.
Default value:
/opt/drweb/drwebd
SignedReader = {path to file}
This program is used by the Dr.Web Updating System for
reading signed files.
Default value:
/usr/lib/drweb/read_signed (for FHS-compatible systems)
/usr/local/drweb/read_signed (for BSD-like systems)
/opt/drweb/read_signed (for other systems)
LzmaDecoderPath = {path to file}
Path to program used for unpacking of lzma-archives.
Default value:
/opt/drweb
LockFile = {path to file}
Path to lock file used to prevent sharing of certain files during
their processing by Dr.Web Updater.
Default value:
/var/drweb/run/update.lock
CronSummary = {Yes | No}
If Yes is specified, the updating script displays message on
each session results in stdout. The mode can be used for
notification of an administrator by email, if the script is
run by the cron daemon.
Default value:
Yes
DrlFile = {path to a file}
The path to a file containing list of accessible Dr.Web
updating servers. The script selects the server for updating
by random order from this list. This file is signed by
Doctor Web, Ltd. and should not be modified by a user. If
necessary, it is automatically corrected by the updating script.
Default value:
/var/drweb/bases/update.drl
CustomDrlFile = {path to file}
Path to the alternative *.drl file with the list of update servers.
This file is signed by Dr.Web and should not be modified by the user.
It is updated automatically.
Default value:
/var/drweb/bases/custom.drl
FallbackToDrl = {Yes | No}
Determines which *.drl file will be used first. If specified value
is Yes, Updater will attempt to use the file specified in
CustomDrlFile and then, if it fails, will attempt to use the
file specified in DrlFile.
Default value:
Yes
DrlDir = {path to directory}
Path to the directory containing drl files with lists of update
servers for each plug-in. These files are signed by Dr.Web and
should not be modified by the user.
Default value:
/var/drweb/drl/
Timeout = {number in seconds}
Timeout for updates to be downloaded The empty value or the
absence of the parameter mean unspecified value of the timeout.
Default value:
90
Tries = {numerical value}
Number of attempts to be made by Dr.Web Updater to establish a
connection with update server.
Default value:
3
ProxyServer = {proxy server name or IP}
If you use proxy server for Internet access specify its name or
IP-address.
Default value:
empty (the proxy is not used)
ProxyLogin = {name}
Sets the --proxy-user parameter value of the wget utility.
Default value:
empty (the proxy is not used)
ProxyPassword = {password}
Sets the --proxy-passwd parameter value of the wget utility.
Default value:
empty
LotusdPidFile = {path to file}
Path to Lotus Daemon PID file.
Default value:
/var/drweb/run/drweblotusd.pid
MaildPidFile = {path to file}
Path to drweb-maild PID file.
Default value:
/var/drweb/run/drweb-maild.pid
IcapdPidFile = {path to file}
Path to drweb-icapd PID file.
Default value:
/var/drweb/run/drweb_icapd.pid
BlacklistPath = {path to directory}
Path to directory with .dws files.
Default value:
/var/drweb/dws
AgentConfPath = {path to file}
Path to Agent configuration file.
Default value:
/etc/drweb/agent.conf
PathToVadeRetro = {path to file}
Path to libvaderetro.so library.
Default value:
/var/drweb/lib/libvaderetro.so
ExpiredTimeLimit = {number}
Number of days before license expiration during which Updater
will be attempting to update license key file.
Default value:
14
ESLockfile = {path to file}
Path to lock file. If the lock file exists, Dr.Web Updater will
not be automatically initialized by cron daemon.
Default value:
/var/drweb/es_updater.lock
Below go the updating log settings.
LogFileName = {filename}
Updating log filename.
Default value:
/var/log/drweb/updater.log (for FHS-compatible systems)
/var/drweb/log/updater.log (for other systems)
LogLevel = {Quiet | Debug | Verbose | Info | Warning | Error}
The log level degree.
Default value:
Verbose
SyslogFacility = {Daemon | Local0 .. Local7 | Kern | User | Mail}
Log type to be used by syslogd system service.
Default value:
Daemon
3. CONTACTS
Dr.Web program is developing permanently.
To get news and new information about updates, please visit our web-site:
http://www.drweb.com
Marketing dept.:
http://buy.drweb.com
e-mail: sales@drweb.com
You can contact technical support:
- by filling in the web-from in the corresponding section of the support site
at http://support.drweb.com ;
- by phone in Moscow: +7 (495) 789-45-86.
Please include the following information into your problem report:
- full name and version of your UNIX distribution;
- Dr.Web version that is logged during program start.
Reference in New Issue View Git Blame Copy Permalink