To make Dr.Web for Linux components with which the user interacts available in the user environment (when the user works at a privilege level other than zero), you need to make changes to the files containing PAM settings to ensure the automatic launch of the required Dr.Web for Linux components at the beginning of the user session and their termination at the end of the session. The module (the special pam_drweb_session.so PAM module by Doctor Web launches the drweb-session mediation component, which connects the local copies of components running in the user environment to the components operating with zero-level privileges and running automatically at the OS startup).
To change PAM settings, we recommend that you use the drweb-configure configuration utility included in Dr.Web for Linux, or you can make manual changes to the required configuration files.
|
Perform the following actions before introducing changes on Alt 8 SP 11100-02: 1.Log in as officer. 2.Gain superuser rights:
3.Install the policy:
4.Update file security contexts on the basis of the installed policy:
|
1. Using the drweb-configure utility
To make configuring complex parameters of Dr.Web for Linux more convenient, we have developed a dedicated auxiliary utility drweb-configure.
1.To enable or disable the automated launch of the required Dr.Web for Linux components in the environment of the user who has a privilege level other than zero, use the following command:
# drweb-configure session <mode> |
where <mode> may have one of the following values:
•enable—enable the automated launch of the necessary components during the user session with user privileges.
•disable—disable the automated launch of the required components during the user session with user privileges (this will render a number of Dr.Web for Linux functions unavailable).
2.Restart the operating system.
|
To use help on how to use drweb-configure for configuring PAM settings, run the following command:
|
2. Manual modification of PAM configuration
1.To change PAM configuration, you need to modify all configuration files in the /etc/pam.d directory that run the pam_namespace.so PAM module. You can get the full list of such files by performing the following command:
# grep -R pam_namespace.so /etc/pam.d |
Add the following records of the session type to all files from the list:
•Above the first record of the session type:
session optional pam_drweb_session.so type=close |
•After the last record of the session type:
session optional pam_drweb_session.so type=open |
2.Save the changed files.
3.Create a symbolic link to the pam_drweb_session.so file from the system directory containing PAM modules. The pam_drweb_session.so file is located in the Dr.Web for Linux library directory /opt/drweb.com/lib/ (for 64-bit operating systems, for instance, the path to the module is /opt/drweb.com/lib/x86_64-linux-gnu/pam/). A command example for 64-bit Alt 8 SP OS:
# ln -s /opt/drweb.com/lib/x86_64-linux-gnu/pam/pam_drweb_session.so /lib64/security/pam_drweb_session.so |
|
Perform the following additional actions on Alt 8 SP 11100-02 and Alt 8 SP 11100-03: 1.In the /etc/pam.d/newrole file, replace
with the following:
2.Edit the /etc/pam.d/su and /etc/pam.d/sudo files by adding the following string to the end:
3.Save the changed files. 4.Run the command:
|
4.Restart the operating system.