Prerequisites for Linux scan host
In addition to the prerequisites listed in Prerequisites for a scan host, ensure that you meet the following requirements for Linux platform:
For a Linux scan host the default login shell must be bash.
For RHEL 9 (and above) scan host, ensure that the SCP Linux command is not disabled.
Install the following:
For NFS share type:
nfs-utilsFor SMB share type:
cifs-utilsFor NetBackup malware detection utility to run on scan host, install
libnsl.so.1library on scan host. If the latest version oflibnsllibrary file is present (for example,/usr/lib64/libnsl.so.2), then create a soft link file/usr/lib64/libnsl.so.1which points to/usr/lib64/libnsl.so.2file.Example to create a soft link file:
# cd /usr/lib64 # ln -sf libnsl.so.2 libnsl.so.1
Note:
For assistance on installing the
libnsl* library file, contact operating system administrator.(Optional) A new variable entry (
$TMPDIR) having a value equal to the desired location can be added for malware scan temp directory in the scan user's bashrc file.For example,
$TMPDIR=/mytempdirectory/malwareto overwrite the default/tmp/malwaretemporary location. If user specifies$TMPDIR=/home/scanuseras the temporary directory, then/home/scanuser/tmp/malwaredirectory would be used as the temporary directory for all the malware related files.Note:
Ensure that the scanuser has the required permissions to
$TMPDIRfolder for performing the malware scan successfully.For a non-root user on Linux:
Allow the
sshconnection with a non-root user.For example: Add the Allow Users root scanuser entry in the
/etc/ssh/sshd_configfile.Note:
A scan user is a non-root user that is created in the system.
Provide user permission to mount and umount. Add the user permission entry in
sudoersfile.For example: In the
/etc/sudoersfile add one of the following:scanuser ALL=(ALL) NOPASSWD:ALL
scanuser ALL=(ALL) NOPASSWD:/bin/umount, /bin/mount
Configure the malware tool with a non-root user on the scan host.
Note:
If scanning is done using the root user, then change the permission of the
/tmp/malwarefolder to provide write permissions to the non-root user.For example: chmod a+rwx /tmp/malware
Note:
For VMware and Cloud workload policy scanning, UID and GID mapping must be set to 0.
(If scan host is created in Azure or AWS from marketplace images) Enable root access for scan host as follows:
Change the root password using the following command:
- sudo -i passwd
Change
/etc/ssh/sshd_configfile to provide the permit for root login as follows:"PermitRootLogin yes" "PasswordAuthentication yes"
Restart the service with the following command:
- service sshd reload
Change
/etc/cloud/cloud.cfgfile as follows to enable root user:disable_root 0