For ALT 8 SP and other distributions using pam_namespace

To make Dr.Web Security Space components with which the user interacts available in the user environment, you need to make changes to the files containing PAM settings to ensure the automatic start of the required Dr.Web Security Space components at the beginning of the user session and their termination at the end of the session.

On ALT 8 SP, changes are required for all privilege levels, and on other OSes using pam_namespace—when the user works at a privilege level other than zero.

The custom pam_drweb_session.so PAM module developed by the Doctor Web company starts the drweb-session mediation component, which connects the local instances of components running in the user environment to the components operating with zero-level privileges and running automatically at OS startup.

To change PAM settings, we recommend that you use the drweb-configure configuration utility included in Dr.Web Security Space; alternatively, you can edit the required configuration files manually.

Perform the following actions before introducing changes on ALT 8 SP 11100-02:

1.Log in as officer.

2.Gain superuser rights:

$ su -

3.Install the policy:

# semodule -i /opt/drweb.com/share/drweb.pp

4.Update file security contexts on the basis of the installed policy:

# restorecon -r /opt/drweb.com

1.Using the drweb-configure tool

To make configuring complex parameters of Dr.Web Security Space more convenient, we have developed a dedicated auxiliary utility drweb-configure.

1.To enable or disable the automated launch of the required Dr.Web Security Space components in the environment of the user who has a privilege level other than zero, use the following command:

# drweb-configure session <mode>

where <mode> may have one of the following values:

enable—enable the automated launch of the necessary components during the user session with user privileges.

disable—disable the automated launch of the required components during the user session with user privileges (this will render a number of Dr.Web Security Space functions unavailable).

2.Restart the operating system.

To use help on how to use drweb-configure for configuring PAM settings, run the following command:

$ drweb-configure --help session

2.Editing PAM configuration files manually

1.To change PAM configuration, you need to edit all configuration files in the /etc/pam.d directory that call the pam_namespace.so PAM module. You can get the full list of such files by performing the following command:

# grep -R pam_namespace.so /etc/pam.d

Add the following records of the session type to all files from the list:

Above the first record of the session type:

session optional pam_drweb_session.so type=close

After the last record of the session type:

session optional pam_drweb_session.so type=open

2.Save the changed files.

3.Create a symbolic link to the pam_drweb_session.so file from the system directory containing PAM modules. The pam_drweb_session.so file is located in the Dr.Web Security Space library directory /opt/drweb.com/lib/ (for 64-bit operating systems, for instance, the path to the module is /opt/drweb.com/lib/x86_64-linux-gnu/pam/). A command example for 64-bit ALT 8 SP OS:

# ln -s /opt/drweb.com/lib/x86_64-linux-gnu/pam/pam_drweb_session.so /lib64/security/pam_drweb_session.so

Perform the following additional actions on ALT 8 SP 11100-02 and ALT 8 SP 11100-03:

1.In the /etc/pam.d/newrole file, replace

session optional pam_drweb_session.so type=close

with the following:

session optional pam_drweb_session.so type=cleanup

2.Edit the /etc/pam.d/su and /etc/pam.d/sudo files by adding the following string to the end:

session optional pam_drweb_session.so type=close

3.Save the changed files.

4.Run the command:

# cp /opt/drweb.com/share/drweb-session/drweb-session.sh /etc/profile.d/

4.Restart the operating system.