Configuring the Permissions of PARSEC (Astra Linux)

In operating systems equipped with the PARSEC security subsystem (mandate access control system), due to the variation in privilege levels required to access different files, the if the user works at any privilege level other than the zeroth, the command-line-based management tool Dr.Web Ctl for Dr.Web for UNIX Mail Servers cannot interact with the Dr.Web ConfigD configuration daemon, if they work at a different privilege level; access to the consolidated quarantine may also become unavailable.

To configure permissions, superuser permissions are required (i.e. privileges of the root user). To elevate your privileges, use the su command for changing the current user or the sudo command to execute the specified command with the privileges of another user.

Configuring the Correct Launch of Dr.Web for UNIX Mail Servers at Any Privilege Level

In order for all the components of Dr.Web for UNIX Mail Servers to be able to correctly interact with each other when they are launched with different privilege levels, modify the script that launches the Dr.Web ConfigD configuration daemon (drweb-configd):

1.Log into the system using the privilege level zero

2.Open the /etc/init.d/drweb-configd script file in any text editor (root privileges are required).

3.In this file find the definition of the start_daemon function and replace the line:

"$DAEMON" -d -p "$PIDFILE" >/dev/null 2>&1

with the line:

execaps -c 0x100 -- "$DAEMON" -d -p "$PIDFILE" >/dev/null 2>&1

4.In some OSes, (for example, Astra Linux SE 1.3), an additional indication of component launch dependence from the PARSEC subsystem could be required. In this case, it is also necessary to modify a string in the file:

# Required-Start: $local_fs $network

Change this string in the following way:

# Required-Start: $local_fs $network parsec

5.Save the file and reboot the operating system.