Updating DrWeb Antivirus to the Version 5.0.1 on Plesk Control Panel Versions Earlier than 8.6.0 1. Install the new DrWeb packages into the server's operating system. Use the way that suits your operating system: * Install RPM packages via yum. # wget http://autoinstall.plesk.com/DRWEB_5.0.1/drweb5.repo -O /etc/yum.repos.d/drweb5.repo # yum install drweb-base drweb-bases drweb-common drweb-daemon drweb-updater * Install Deb packages via apt-get. # wget http://autoinstall.plesk.com/DRWEB_5.0.1/drweb5.list -O /etc/apt/sources.list.d/drweb5.list # apt-get update # apt-get install drweb-base drweb-bases drweb-common drweb-daemon drweb-updater * Install Pkg packages. Copy all packages from 5x or 6x directories to the server and issue the command: # pkg_add psa-drweb5-5.0.1_285237.tbz You can also install the packages manually using the dpkg or RPM utilities. 2. If you are using Plesk Control Panel version 7.5.4, apply the missing DrWeb key handler. On Rpm-based systems, issue the following commands: # wget http://autoinstall.plesk.com/DRWEB_5.0.1/app-key-handler.antivir-drweb-4 -O /usr/local/psa/bin/app-key-handler.antivir-drweb-4 # chmod 755 /usr/local/psa/bin/app-key-handler.antivir-drweb-4 On Deb package-based systems, issue the following commands: # wget http://autoinstall.plesk.com/DRWEB_5.0.1/app-key-handler.antivir-drweb-4 -O /opt/psa/bin/app-key-handler.antivir-drweb-4 # chmod 755 /opt/psa/bin/app-key-handler.antivir-drweb-4 3. Switch off using DrWeb as antivirus service, and turn it on again. * Using control panel GUI: a. Go to Server > Mail. b. Select None under Antivirus Preferences. c. Click OK. d. Again, go to Server > Mail. e. Select Dr.Web under Antivirus Preferences. f. Click OK. * Using Plesk CLI: Issue the following commands: # /usr/local/psa/bin/mailserver.sh --set-virusfilter none # /usr/local/psa/bin/mailserver.sh --set-virusfilter drweb 4. If you are using FreeBSD, restart the DrWeb daemon by issuing the following command: # /usr/local/etc/rc.d/drwebd restart If you are using SELinux, and it prevents the new DrWeb version from running, you should configure it to allow DrWeb to operate: 1. Determine which file is used as an audit log. It can be either /var/log/messages, /var/log/syslog, or /var/log/audit/audit.log. 2. Make sure that SELinux is operating in the enforcing mode. # getenforce Enforcing If the mode is permissive, you need to switch it: # setenforce 1 3. Locate in the audit log the strings that prevent DrWeb from starting. a. In one console, issue the command 'tail -f $AUDIT_LOG_FILE'. b. In another console, issue the command '/etc/init.d/drweb start'. c. Find the new lines in the audit log file, and save them to the file ~/DRWEB_DENY. The lines should look like the following: ------------------------------------------------ type=AVC msg=audit(1250614593.159:398): avc: denied { execheap } for pid=25920 comm="drwebd.real" scontext=root:system_r:initrc_t:s0 tcontext=root:system_r:initrc_t:s0 tclass=process type=SYSCALL msg=audit(1250614593.159:398): arch=40000003 syscall=125 success=no exit=-13 a0=8aed000 a1=200 a2=7 a3=8ae66d0 items=0 ppid=25919 pid=25920 auid=0 uid=111 gid=2526 euid=111 suid=111 fsuid=111 egid=2526 sgid=2526 fsgid=2526 tty=pts0 ses=30 comm="drwebd.real" exe="/opt/drweb/drwebd.real" subj=root:system_r:initrc_t:s0 key=(null) ------------------------------------------------ 4. Create a SELinux module that allows DrWeb to start: # audit2allow -M drwebdaemon -l -i ~/DRWEB_DENY The following new files will appear in the current directory: drwebdaemon.pp and drwebdaemon.te. 5. Load the created policy: # semodule -i drwebdaemon.pp 6. Make sure it is registered: # semodule -l | grep drwebdaemon drwebdaemon 1.0 7. Start the DrWeb antivirus again. It should start without any errors. 8. Switch off using DrWeb as antivirus service, and turn it on again. * Using control panel GUI: a. Go to Server > Mail. b. Select None under Antivirus Preferences. c. Click OK. d. Again, go to Server > Mail. e. Select Dr.Web under Antivirus Preferences. f. Click OK. * Using Plesk CLI: Issue the following commands: # /usr/local/psa/bin/mailserver.sh --set-virusfilter none # /usr/local/psa/bin/mailserver.sh --set-virusfilter drweb