Gentlemen, we are now in a state of necessity, and necessity knows no law - Reich Chancellor Bethmann-Hollweg
AVG for Linux working, once properly installed
My favourite antivirus on Windows systems is AVG from Grisoft, as it's one of the more lean and it's not a CPU hog, the company also offers a free edition for non-commercial, home use. The firm quietly announced earlier this year the availability of a free edition also for desktop Linux users. Since I moved my daily work from Windows to Linux, and since I deal with executable win32 files even on my Linux box, I decided to give "AVG 7.1 for Linux" a try, here are the results.
AVG could improve installation docs
Quick: which one of the three RPMs do you need?
I did a Google and landed on this Free AVG page which lists versions for Windows and also for Linux. There are three RPM files for "i386" Linux, all similarly named, avg71flm-r30-a0791.i386.rpm, avg71flr-r30-a0791.i386.rpm, and avg71fls-r30-a0791.i386.rpm. Now, quick, dear reader, tell me what's the difference between them?. I didn't know either. So, at first glance I didn't even spot the single-character difference -there's 71fl m, 71fl r, and 71fl s. So I clicked and downloaded the first one... when I attempted to do the usual "rpm --install" dance as "superuser" (root), I received a message about some missing libraries "pygtk2.0", and "pygtk2.0-libglade". These are libs which allow programs written in the Python language to create nifty GUI buttons and windows using the ubiquitous and nice GTK 2.x API.
I checked with Synaptic, the graphical package management and installer/downloader in my distro, and both libraries showed up as already installed. Strange indeed. To make a long story short: it was my fault. I downloaded the "avg71flm-r30-a0791.i386.rpm" file, when I should have downloaded the "avg71flr-r30-a0791.i386.rpm" one. See, the "m" in the filename stands for "Mandriva" while the "r" stands for RedHat -I also assume the "s" in the last one stands for Suse. Since I run Blag a UK derivative of Red Hat's Fedora project, I had to download the "r" version. With that version, there was no error message. Shame on AVG for not putting little icons next to each file name, or at the very least a text explanation. Then some people wonder why non-techies get afraid of trying Linux.
Once again, even the RPM installation is not a complete one, you have to manually launch a "license update script" and a message tells you after the RPM install to "please launch the avggui_update_licinfo.sh" stored in /opt/grisoft/avggui/bin. I once again rolled my eyes and took a deep breath in exasperation about the sad state of Linux application installs. -And once again, NO I'm not asking for the elimination of RPM installs, those serve a purpose, but I complain about the lack of nifty GUI installers for these kind of applications. Hey, AVG, how about looking at how ATI did things?
More install annoyances
How nice!. A new icon on the Gnome launcher!. But see below...
To my surprise, the rpm install "automagically" created an "AVG for Linux Workstation" icon under the Gnome launcher, under "Accesories". I launched it and indeed the nice AVG for Linux GUI showed up. I clicked on "Service", then "Update" and was greeted with an error message: "Sorry, you do not have permission to launch avgupdate". Gee, I knew what was going on... AVG was installed as root, and I was launching AVG as a simple user. So I had two choices: either make avgupdate executable by anyone, by changing the permissions on the program file, or -even better in my opinion- make the updater run as root with "sudo" -it's sudo, not to be confused with our Fudo-, which allows programs to be run as another user -including root- after asking for a password. I tested it from the command line and indeed the AVG GUI and the updater worked fine, downloading a big virus signatures update file in the process.
Update didn't run from the automagically created icon on the Gnome desktop
What followed was a clear example of the problem with Linux from a user-friendly standpoint, because some must-have tools are often not part of the default installation. I created a new launcher object for "avggui" but this time changing the command from "avggui" to "sudo avggui". It didn't work... sudo is a text-mode utility, so when launched from a GUI the sudo password prompt asking for the root password cannot be seen, and nothing happens. I had to find a GUI equivalent to sudo. The Google God found me one, it's dubbed "gksu", of course. Linux needs no stinking easy to remember command names like "runasroot-visual" or "runasroot-prompt", or course!. Notice my sarcasm?. A Google search once again gave me RPMs of gksu, I downloaded it, only to find that gk version of sudo relies on two other libraries not present on my system: libgksu and libgksuui.
With GKSU you can make the system pop a dialogue asking for
the sysadmin password before running AVG as root
With the help of Google and rpmfind I had once again the required files for my system. After installing them all, I was able to change the avggui launcher to call instead "gksu avggui". It produced the result I expected. When launched by the end user, it pops up a GUI prompt asking for the root -administrator- password, and then launches the AVG with root privileges, which is able to download the updates just fine. You might be wondering: why can't an AVG installer do all this? Good question indeed!. If Grisoft expects people to run avggui while logged in as root, maybe they haven't been paying attention lately as this is a highly discouraged practice and most modern distros do not even allow you to start a graphic desktop session as root, and with good reasons.
With AVG-GUI run as root, everything works, even updates
After you install it properly, it runs!
Unless you enable "heuristics", the scanner is very fast, and was able to spot a virus in a win32 file that I downloaded but didn't ran, just fine. The program includes a "resident" -on demand- file scanner, that as explained here relies on an external kernel module -like, F-Secure, NOD32, Clam AV and lots of other Linux antivirus programs- which often means that the user must download kernel sources and compile a custom Dazuko" kernel module.
I didn't do it at this stage as I just wanted a simple scanner I could run on untrusted win32 applications before running those with Wine or transferring to my file server on the LAN.
Ahh, the magic of 'gksu'
Since Grisoft has a good reputation, efficient code and releases signature updates regularly, I found this program a must-have for my desktop Linux system(s). Installation could be much easier, as happens with lots of Linux software. Of course I'll be flamed by the hardcore slashdotters who think the world doesn't need too friendly installers and that anyone who does not want to lose time googling and "rpmfinding" around in order to make a software application work under Linux does not deserve to run the penguin OS. I give AVG for Linux - in 'on demand scanner' mode - three over five Fernandos in my one-to-five personal rating scale. ?
INQ helps debug Win4Lin PRO
ATI shows how to make a Linux installer
Windows is Microsoft's Trojan Horse
Microsoft: All your Linux antivirus are belong to us
Picasa for Linux is a good Windows application
IE for Linux hack gives one less reason to run Windows
Sign up for INQbot – a weekly roundup of the best from the INQ