Hello
Few days ago I wanted to start a forum discussion here to request assistance on how to get updates for SAV for Linux (or SAVFL) via LiveUpdate Administrator 2.x, but this morning I could finally do it so I'm sharing this experience with you. Below are the steps that worked for me:
Thanks to the many articles I had to read in order to get things together and working.
I hope this helps!
Good Article.
Yes that does make sense !
To the best of my knowledge and memory, no it won't ask for a restart.
-Moh-
Hey,
Does this installation requires restart?
Thanks,
Good article !
thanks for sharing.
Hi Mick2009
With the same process but this time trying to download from the DCLinux directory updates for my
Exchange 2010 Server which has Symantec Mail Security for Microsoft Exchange.
I paste the liveupdate.log to see if you can spot the error and help me find out.
The article I followed is
http://www.symantec.com/business/support/index?page=content&id=TECH96018
to download updates for the symantec product via as well with ftp from my DC 172.22.117.11
Excellent news, Stratus! Glad to help. &: )
Thank you Mick you were absolutely right. I did not put the DCLinux in the Distribution Center, I created new Liveupdt.hst and Bang it played as a charm.
Yep. Give it a try then post the log from that session.
Nov 6, 2012 11:52:19 AM Connecting to 172.22.117.11 via FTP ... Nov 6, 2012 11:52:19 AM Connected to 172.22.117.11
That definitely looks like it's trying via FTP..... (?)
Sorry about that
In the same directory ( dclinux ) I put updates for my Exchange 2010 Anti Spam & Anti Virus Symantec Mail Security for Exchange. product. Do you think that there is a problem with that?
I was meaning in the same folder!!
If I clearly understood yoy say Give it a try without the dclinux in the URL:hosts/0/url=http://172.22.117.11/
The distribution center I use is UNC path.
I have seen similar issues solved by leaving "root directory" blank. Here's an article that may have some tips:
Troubleshooting "Connection Failed" Messages when Configuring LiveUpdate Administrator 2.x Distribution Centers http://www.symantec.com/docs/TECH176188
Give it a try without the dclinux in the URL:
hosts/0/url=http://172.22.117.11/
No, there's no inherent problem with that at all. Some companies put update files for every product in the one Distribution Center. Other companies use many DC's. (Does SMSMSE update correctly using a client settings file exported from this LUA server?)
Thanks for the answer. When I describe the distribution center in Live Update Administrator where resides in DMZ btw I put details for Location name:secsrv Hostname/IP Adress: 172.22.117.11 and root directory: dclinux.
Is that something wrong in that? Should I write something else?
This may be wrong, but have you double checked your path in the conf file?
The failed connection from JLU log is looking for dclinux directory:
... /dclinux/minitri.flg from server
The ftp lists the contents of the root directory of 172.22.117.11 instead of a /dclinux/ subdirectory or virtual directory.
Name (172.22.117.11:root): ftpuser 331 Password required for ftpuser. Password: 230 User logged in. Remote system type is Windows_NT. ftp> ls
Moreover results to test if my installation works ok...via export setting I exported the liveupdt.hst with the settings of our Live update Administrator that resides in DMZ. If you see the log file my linux box worked perfectly. I do not now understand what is the problem when I export settings for my linux box in order to get updates from a windows 2008 machine with unc of ftp method.
Are you using the unlimited strength policy?
I did the article exactly as it mention as well as the unlimited strength policy
I am using java:
Hi Stratus,
There may be a problem with the version of Java that is in use. Are you using the unlimited strength policy?
What versions of Java are compatible with Symantec AntiVirus for Linux?http://www.symantec.com/docs/TECH104703
The more likely problem, judging from the bottom log, is with access or credentials to that Distribution Center on 172.22.117.11. Can you open ftp://172.22.117.11/dclinux via teh command line or with a browser?
Hi all.
I follow the How to Install SAV for Linux (SAVFL) and Update It Using LUA 2.x (2.3.0.71) article but I have no success. I am trying to connect from my linux machine to windows 2008 server share and when I run the ./sav liveupdate -u got this error
Thanks for the compliment Mick! What I forgot to clearly mention here is that most of the points above are just a summarization and re-ordering of many many places (Symantec KB articles, Symantec forum posts and Tim Boyer's!) I had to read, among them are posts from you personally ;-)
So thanks goes to everyone helped me to come up with the above.
And Mick thanks also for beefing up the article with that part related to Ubuntu/Debian and recommended articles, because I'm no Linux expert at all :-/
- Moh
An excellent article, Mohammad! Many thanks for sharing your experience on this forum.
To supplement what you have created for installs using RPM, here is an illustration of how the install goes with Ubuntu Linux distros (based on Debian). It's slightly different.
MR14 gave me UNSUPPORTED error messages after running sudo dpkg -i *.i386.deb but these were overcome within a few minutes by compiling my own AP module. The steps from the KB below worked perfectly.
Here's some articles on how to compile AP modules for Ubuntu and other distro's:
Guide to building AutoProtect kernel modules for Symantec AntiVirus for Linux 1.0 Article URL http://www.symantec.com/docs/TECH132773 Symantec AntiVirus for Linux: How to Compile Auto-Protect Kernel Modules under Ubuntu Article URL http://www.symantec.com/docs/TECH95496 How to Compile and Install Auto-Protect Kernel Modules for use in your local SUSE Linux environment Article URL http://www.symantec.com/docs/TECH97037
Guide to building AutoProtect kernel modules for Symantec AntiVirus for Linux 1.0 Article URL http://www.symantec.com/docs/TECH132773
Symantec AntiVirus for Linux: How to Compile Auto-Protect Kernel Modules under Ubuntu Article URL http://www.symantec.com/docs/TECH95496
How to Compile and Install Auto-Protect Kernel Modules for use in your local SUSE Linux environment Article URL http://www.symantec.com/docs/TECH97037
Readers of this article may also be interested in this SAVFL one:
SAV for Linux Scanning Best Practices: A (Somewhat) Illustrated Guide https://www-secure.symantec.com/connect/articles/sav-linux-scanning-best-practices-somewhat-illustrated-guide
and this LUA 2.x set of recommendations:
LiveUpdate Administrator 2.x Server Connection Recommendations https://www-secure.symantec.com/connect/articles/liveupdate-administrator-2x-server-connection-recommendations
Definitely do upgrade that LUA to 2.3.2, and definitely do continue to create excellent content like this! &: )
With thanks and best regards,
Mick
I know exactly what it feels like when Tech Support answers sometimes put you in infinite loops and make you spin around yourself, but from my personal experience it is quite rare. The good part however is that you can always escalate or find someone to complain to.
Good luck with that...
Thanks for the reply. I should have been more clear and complete. I'm actually looking for SAVFL 1.0 mr 14 as that is the version that lists RHEL 6.3 both 32 and 64-bit versions as being supported. This is per the Symantec documentation. SAVFL 1.0 mr13 only lists RHEL 6.2. I'm requesting the software to provide the RH admin the most recent version that is supposed to work on 6.3 but the support peronnel at Symantec can't seem to find that version. It's not that it doesn't work per se, we're building a new system and want the supported version of the software so we can actually call in case of a problem. When we've tried this before, the support personnel always say upgrade to the latest package listing the running kernel number.
Sorry for not clearly stating the version I'm using. It is SAV 1.0 MR13 - just the same as yours. But what do you exactly mean by "won't work"? Do you mean the Auto-Protect package? If so, then I'm sure you're using a non-supported kernel, so you have to install savap-legacy instead (found in the same folder). See the attached screenshot. But as the name says, please note this is 'unsupported' installation so do it at your own risk (I'm using it nevertheless to protect my Redhat server...)
To uninstall this package you can use the command: rpm -e savap-legacy
Good luck!
What version of SAVFL are you using? I'm looking for SAVFL 1.0 mr14 and although I've been on the phone with support forever, several days, and downloaded the files they suggest, it's always mr13 that won't work with RHEL 6.3.
Hello,
I would request all the Users to Migrate LUA from their older version to Liveupdate Administrator 2.3.2 -
LiveUpdate Administrator (LUA) version 2.3.2 is now available
Also, would suggest to check these Articles below:
A Helpful LiveUpdate Administrator 2.x Analogy
Managing LiveUpdate Administrator 2.x Space Usage
How Big are Current Symantec Endpoint Protection Definitions?
Using IIS Logs to Check LiveUpdate Administrator 2.x Health
LiveUpdate Administrator 2.x Server Connection Recommendations
Hope that helps!!!