Appendix G. Building the Kernel Module for SpIDer Guard

Top  Previous  Next

 

This application can only be used with the products including the SpIDer Guard component.

 

If the operating system does not support the fanotify monitoring interface, SpIDer Guard uses a special loadable module operating in kernel space (Linux kernel module). By default, pre-compiled kernel modules are supplied together with SpIDer Guard for all the operating systems specified in the System Requirements section. Besides that, together with SpIDer Guard an archive file (in the tar.bz2 format) is supplied that contains source code files for the kernel module, so that you can build it yourself manually.

The loadable kernel module, used by SpIDer Guard, is intended for operation with GNU/Linux kernels 2.6.* and newer.

The archive with source codes is located in the share/drweb-spider-kmod/src subdirectory of the Dr.Web for UNIX base directory <opt_dir> (for Linux: /opt/drweb.com). The archive’s name is as follows: drweb-spider-kmod-<version>-<date>.tar.bz2.

The drweb-spider-kmod directory also contains the check-kmod-install.sh script. Run the script to check whether the used OS supports kernel versions included in the product. If not, a message prompting to manually build the module is displayed on the screen.

If the drweb-spider-kmod directory is missing at the specified path, install the drweb-spider-kmod package (from repository or using custom installation from universal package, depending on the method you selected to install the product). Installation methods are described in section “Product Installation” in Administrator Manual.

Full version of Administrator Manual for Dr.Web for UNIX is available

At Doctor Web official website http://download.drweb.com/doc/ (Internet connection is required).

You can view a PDF file in the <opt_dir>/share/doc directory (the suffix in the name indicates the language).

To build the loadable kernel module manually from the source code files, administrative (root) privileges are required. For that purpose, you can use the su command to switch to another user or the sudocommand to build the module as a different user.

Building the Kernel Module

1.Unpack the archive with source codes to any directory. For example, the following command

# tar -xf drweb-spider-kmod-<version>-<date>.tar.bz2

unpacks the source codes to the created directory. This directory has the archive’s name and is created in the same location where the archive resides.

2.Go to the created directory and execute the following command:

# make

If an error occurs during the make command execution, resolve the issue (see below) and restart compilation.

3.After successful command execution, enter the following commands:

# make install
# depmod

4.After the kernel module is successfully compiled and registered on the system, perform additional configuration of SpIDer Guard. Set the component to operate with the kernel module by executing the following command:

# drweb-ctl cfset LinuxSpider.Mode LKM

It is also possible to specify AUTO instead of LKM. In this case, SpIDer Guard will automatically try to use either the kernel module or the fanotify monitoring interface. For details, type the following command:

$ man drweb-spider

Possible Build Errors

While the make command is being executed, errors may occur. If so, check the following:

To ensure successful building of the module, Perl and GCC are required. If they are missing on the system, install them.

On certain OSes, you may need to install the kernel-devel package before starting the procedure.

On certain operating systems, the procedure can fail because the path to the directory with source codes was incorrectly defined. If so, specify the make command with the KDIR=<path to kernel source codes> parameter. Typically, the source codes are located in the /usr/src/kernels/<kernel_version> directory.

The kernel version returned by the uname -r command can differ from the directory name <kernel_version>.