In this section:
•List of Supported Operating System Distributions.
•Required Additional Components and Packages.
•Compatibility with Components of Operating Systems.
•Compatibility with Security Subsystems.
You can use Dr.Web for Linux on a computer that meets the following requirements:
Component |
Requirement |
|---|---|
Platform |
Processors of the following architectures and command systems are supported: •Intel/AMD: 32-bit (IA-32, x86); 64-bit (x86-64, x64, amd64) •ARM64 •E2K (Elbrus) •IBM POWER (ppc64el) |
Random Access Memory (RAM) |
At least 500 MB of free RAM (1 GB or more recommended). |
Space on |
At least 2 GB of free disk space on the volume where Dr.Web for Linux directories are stored. |
Operating |
UNIX based on kernel ver. 2.6.37 or later, and using PAM and glibc library ver. 2.13 or later, systemd initialization system ver. 209 or later. The supported UNIX distributions are listed below. |
Other |
The following valid network connections: •An internet connection to download updates and for sending requests to the Dr.Web Cloud service (only if it is manually authorized by the user). •When operating in the centralized protection mode, connection to the server on the local network is enough; connection to the internet is not required. |
|
For the correct operation of SpIDer Gate, OS kernel must be built with inclusion of the following options: •CONFIG_NETLINK_DIAG, CONFIG_INET_TCP_DIAG; •CONFIG_NF_CONNTRACK_IPV4, CONFIG_NF_CONNTRACK_IPV6, •CONFIG_NETFILTER_NETLINK_QUEUE, The set of required options from the specified list can depend on your distribution kit of GNU/Linux. |
To ensure the correct operation of Dr.Web for Linux, open the following ports:
Purpose |
Direction |
Port numbers |
|---|---|---|
To receive updates |
outgoing |
80 |
To connect to the Dr.Web Cloud service |
outgoing |
2075 (including those for UDP), |
|
Dr.Web for Linux is incompatible with other anti-virus software programs. To avoid system errors and data loss that may occur when installing two anti-viruses on one computer, uninstall all other anti-virus programs from the computer before the Dr.Web for Linux installation. |
List of Supported Operating System Distributions
Dr.Web for Linux is supported for the following UNIX distributions:
Platform |
Supported GNU/Linux versions |
|---|---|
x86_64 |
•Astra Linux Special Edition 1.5 (with cumulative patch 20201201SE15), 1.6 (with cumulative patch 20200722SE16), 1.7 •Astra Linux Common Edition (Orel) 2.12 •Debian 9, 10 •Fedora 31, 32 •CentOS 7, 8 •Ubuntu 18.04, 20.04, 22.04 •ALT Workstation 9, 10 •ALT Server 9, 10 •ALT 8 SP •RED OS 7.2 MUROM, RED OS 7.3 MUROM •GosLinux IC6 •SUSE Linux Enterprise Server 12 SP3 •Red Hat Enterprise Linux 7, 8 |
x86 |
•CentOS 7 •Debian 10 •ALT Workstation 9, 10 •ALT 8 SP |
ARM64 |
•Ubuntu 18.04 •CentOS 7, 8 •ALT Workstation 9, 10 •ALT Server 9, 10 •ALT 8 SP •Astra Linux Special Edition (Novorossiysk) 4.7 |
E2K |
•Astra Linux Special Edition (Leningrad) 8.1 (with cumulative patch 8.120200429SE81) •ALT 8 SP •Elbrus-D MCST 1.4 •GS CS Elbrus 8.32 TVGI.00311-28 |
ppc64el |
•CentOS 8; •Ubuntu 20.04 |
|
In ALT 8 SP and GosLinux 7.1 mandatory access control is not supported. |
For other UNIX distributions that meet the abovementioned requirements full compatibility with Dr.Web for Linux is not guaranteed. If a compatibility issue occurs, contact technical support.
Required Additional Components and Packages
•To enable Dr.Web for Linux operation in graphical mode and startup of the program for installation and uninstallation in graphical mode, X Window System graphic shell and any window manager is required. Moreover, for correct operation of the indicator for Ubuntu Unity desktop environment, the additional library may be required (by default, the library named libappindicator1 is required).
•To start the installer or uninstaller, designed for the command line, in graphical mode, a terminal emulator (such as xterm, xvt, and so on) is required.
•To enable privileges elevation during installation or uninstallation, one of the following utilities is required: su, sudo, gksu, gksudo, kdesu, kdesudo. For correct operation of Dr.Web for Linux, PAM must be used in the operating system.
|
For convenient work with Dr.Web for Linux in the command line, you can enable command auto-completion in your command shell (if disabled).
If you encounter any problem with installation of additional packages and components, refer to manuals for your distribution of the operating system. |
Compatibility with Components of Operating Systems
•By default, SpIDer Guard uses the fanotify system mechanism, while on those operating systems on which the fanotify is not implemented or is unavailable for other reasons, the component uses a special LKM module, which is supplied in pre-built form within the product. The Dr.Web for Linux distribution has LKM modules for all GNU/Linux systems mentioned above. If required, you can build a kernel module independently from the distributed source codes for any OS that uses the kernel GNU/Linux of version 2.6.x and later.
For ARM 64 and E2K achitectures the work with the LKM is not supported.
|
Operation of SpIDer Guard via GNU/Linux (LKM module) is not supported for operating systems launched in the Xen hypervisor environment. An attempt to load the LKM module used by SpIDer Guard during the OS operation in the Xen environment can lead to a critical error of the kernel (so called “Kernel panic” error).
SpIDer Guard can operate in the enhanced (Paranoid) mode, which blocks access to the files that have not been scanned yet, only via fanotify and providing that an OS kernel is built with the enabled CONFIG_FANOTIFY_ACCESS_PERMISSIONS option. |
•SpIDer Gate may conflict with other firewalls installed in your system:
▫Conflict with Shorewall and SuseFirewall2 (for SUSE Linux Enterprise Server). In case of conflict with these firewalls, an error message of SpIDer Gate with a code x109 is displayed. A way to resolve this conflict is described in the Appendix "Known Errors".
▫Conflict with FirewallD (for Fedora, CentOS, Red Hat Enterprise Linux). In case of conflict with these firewall, the SpIDer Gate error message with a code x102 is displayed. A way to resolve this conflict is described in the Appendix "Known Errors".
•In case your OS includes the version of NetFilter less than 1.4.15, SpIDer Gate may operate incorrectly. This problem is related to the internal error of NetFilter, and looks like as follows: after disabling SpIDer Gate, the network connections are broken and cannot be re-established. If you face this problem, it is recommended that you upgrade your OS to a version that includes NetFilter 1.4.15 or above. The ways to resolve the problem are described in the section “Description of known errors”.
•Under normal operation, SpIDer Gate is compatible with all user applications that use network, including web browsers and mail clients. For the correct scanning of secured connections, it is necessary to add the certificate Dr.Web for Linux to the list of trusted certificates of those applications that use the secured connections (for example, web browsers and mail clients).
•After changing operation of SpIDer Gate (enabling of the previously disabled monitor, change of the scanning mode of secured connections), it is necessary to restart mail clients that use the IMAP protocol to receive email messages from the mail server.
Compatibility with Security Subsystems
By default, Dr.Web for Linux does not support SELinux. In addition, Dr.Web for Linux operates in reduced functionality mode in the GNU/Linux systems that use mandatory access models (for example, in systems supplied with the PARSEC mandatory access subsystem that appends different privilege levels to users and files).
To install Dr.Web for Linux on systems with SELinux (as well as systems that use mandatory access control models), you may require to configure a security subsystem, so that Dr.Web for Linux operates in full functionality mode. For details, refer to the section Configuring Security Subsystems.