avast4guard and dazuko built-in kernel

Hi,
I want compile&install avast4guard and this need libdazuko.a, but I have dazuko built-in kernel, because default kernel in Debian stable (Lenny) not support capabilities as module.(I use patch from official dazuko site:patch-dazuko-linux-2.6.26.diff.gz)

If compiling standalone dazuko(not in kernel)then is occured error (I tested lot of parameters). If I use parametr --without-module configure not create Makefile. Where is this lib, or is possible created it from source?
I used package from official dazuko site version 2.3.7

Best regards,
Dizz.

Hallo,
some time ago I created a little note how-to build dazuko, so let’s copy-paste it here:

[i]
Just some notes for quick installation:

  1. install engine (libavastengine* package):
    rpm -i libavastengine-4.7.5-1.i586.rpm
    (might need to add perl-URI or perl-libwww-perl to satisfy all dependences, or use --nodeps, they serve for online updating only)

  2. install the scanning daemon (avast4server* package):
    rpm -i avast4server-3.1.5-1.i586.rpm
    (look at /etc/avastd.conf, the license= should point to License.dat, there’s by default only one section for the avastguard client)
    (you can test whether it works using: avastlite -a /var/run/avastguard/guardscanner.sock <some_path>)

  3. install the on-access avastguard client (avast4guard* package):
    rpm -i avast4guard-3.1.5-1.i586.rpm
    (depends on functional dazuko module in the kernel and running avastd daemon, you might look at /etc/avastguard.conf)
    (INCLUDEPATH in the config file determines the guarded sub-tree in your filesystem)


note: running dazuko on RHEL52 might be a bit tricky:

  • in the case of Dazuko building problems, have a look here, paragraph 2.3:
    http://www.dazuko.org/tgen.shtml
  • for proper stacking, kernel w/o hardcoded Capabilites support is necessary, here are RHEL kernel-building notes:
    http://fedoraproject.org/wiki/Docs/CustomKernel
  • when building custom RHEL-like kernel with new uname, the initramfs should be updated too (contains versioned modules)
  • when having Capabilities as module, load it after the dazuko is loaded
  • some people use --disable-stacking, when ./configuring Dazuko - then, omit the Capabilities entirely

In the case of any problem, feel free to ask me for additional details.

Best regards,
Pavel Cimbal
ALWIL Software
[/i]

maybe it will give you a clue :).

regards,
pc

Thanks for quick response.

I download avast4guard.rpm and with alien converted to deb and install it.
All seems ok but /var/run/avastguard/guardscanner.sock isn’t created.
What is wrong?

Best regards,
Dizz.

The socket is created by avastd (and its location and properties specified in avastd.conf). avastguard is just a thin client, which is listening on dazuko subsystem, and passes selected events through this socket to the avastd for further processing/scanning.

so, avastd is responsible for the socket creation, and avastguard just connects to it (~ it must exist before).

regards,
pc