Follow the relevant procedure below.
Use ePolicy Orchestrator (ePO) to update to Scan Engine version 6400.9594:
Use an ePO Endpoint Deployment Kit (EEDK) to update to Scan Engine version 6400.9594 with ENSLTP.
- Download the Endpoint Security for Linux Threat Prevention EEDK file in the Attachment section of this article. The name of the file is ENSLEEDK6400.zip.
- Log on to the ePO console.
- Go to Master Repository, and click Check In Package.
- Click Browse and select the file that you downloaded in step 1. Click Next and Save to check in the EEDK file.
- Go to System Tree and select the group or client system. Create a product deployment task to update the Engine to 6400 and push it to clients.
- Wait for the deployment task to complete. Check the Engine version details in the ENSLTP version details:
- For ENSLTP 10.6.6 and later, execute the following command:
/opt/McAfee/ens/tp/bin/mfetpcli --v
- For ENSLTP 10.6.5 and earlier, execute the following command:
/opt/isec/ens/threatprevention/bin/isecav --v
- Go to System Tree and select the group or client system. Click Wake Up Agents. This step makes sure to get the updated Engine version reflected in the ePO product properties.
Manually update to Scan Engine version 6400.9594:
Use the following steps to update to Scan Engine version 6400.9594 on a standalone system (unmanaged system) with ENSLTP.
- Download the Endpoint Security for Linux Threat Prevention EEDK file in the Attachment section of this article. The name of the file is ENSLEEDK6400.zip.
- Extract (unzip) ENSLEEDK6400.zip.
- Check the installed ENSLTP version:
- For ENSLTP 10.6.6 and later, execute the following command:
/opt/McAfee/ens/tp/bin/mfetpcli --v
- For ENSLTP 10.6.5 and earlier, execute the following command:
/opt/isec/ens/threatprevention/bin/isecav --v
- Set the Engine paths and prefs.xml path for the installed ENSLTP version from the table below:
ENGINE_PATH_32_BIT
ENGINE_PATH_64_BIT
DEFAULT_PREFS_PATH
RUNTIME_PREFS_PATH
Installed ENSLTP Version |
32-bit Engine Path
(ENGINE_PATH_
32_BIT) |
64-bit Engine Path
(ENGINE_PATH_
64_BIT) |
Default Prefs.xml Path
(DEFAULT_PREFS
_PATH) |
Runtime Prefs.xml Path
(RUNTIME_PREFS
_PATH) |
If 10.6.5 or earlier |
/opt/isec/ens/
threatprevention/
var/engine/lib32 |
/opt/isec/ens/
threatprevention/
var/engine/lib |
/opt/isec/ens/
threatprevention/
var/etc/prefs.xml |
/opt/isec/ens/
threatprevention/
var/prefs.xml |
If between 10.6.6 and 10.6.10 (both inclusive) |
/var/McAfee/ens/
tp/engine/
lib/32 |
/var/McAfee/ens/
tp/engine/lib/64 |
/opt/McAfee/ens/
tp/etc/prefs.xml |
/var/McAfee/ens/
tp/prefs.xml |
If 10.6.11 or later |
/opt/McAfee/ens/
tp/var/
engine/lib/32 |
/opt/McAfee/ens/
tp/var/engine/lib/64 |
/opt/McAfee/ens/
tp/etc/prefs.xml |
/var/McAfee/ens/
tp/prefs.xml |
Examples:
- If the system is running with ENSLTP 10.6.5:
export ENGINE_PATH_32_BIT="/opt/isec/ens/threatprevention/var/engine/lib32"
export ENGINE_PATH_64_BIT="/opt/isec/ens/threatprevention/var/engine/lib"
export DEFAULT_PREFS_PATH="/opt/isec/ens/threatprevention/var/etc/prefs.xml"
export RUNTIME_PREFS_PATH="/opt/isec/ens/threatprevention/var/prefs.xml"
- If the system is running with ENSLTP 10.6.9:
export ENGINE_PATH_32_BIT="/var/McAfee/ens/tp/engine/lib/32"
export ENGINE_PATH_64_BIT="/var/McAfee/ens/tp/engine/lib/64"
export DEFAULT_PREFS_PATH="/opt/McAfee/ens/tp/etc/prefs.xml"
export RUNTIME_PREFS_PATH="/var/McAfee/ens/tp/prefs.xml"
- If the system is running with ENSLTP 10.7.3:
export ENGINE_PATH_32_BIT="/opt/McAfee/ens/tp/var/engine/lib/32"
export ENGINE_PATH_64_BIT="/opt/McAfee/ens/tp/var/engine/lib/64"
export DEFAULT_PREFS_PATH="/opt/McAfee/ens/tp/etc/prefs.xml"
export RUNTIME_PREFS_PATH="/var/McAfee/ens/tp/prefs.xml"
- Stop the ENSLTP services:
- For ENSLTP 10.6.6 and later, execute the following command:
/opt/McAfee/ens/tp/init/mfetpd-control.sh stop
- For ENSLTP 10.6.5 and earlier, execute the following command:
/opt/isec/ens/threatprevention/bin/isectpdControl.sh stop
- Create a 64-bit Engine folder (6400.9594) in the 64-bit Engine path (see step 4). Execute the following command:
mkdir -p ${ENGINE_PATH_64_BIT}/6400.9594
- Extract (Untar) the 64-bit Engine file sl646400.tar into a temporary directory. Copy av_sdk/signlic.txt and av_sdk/lib/* to the 64-bit Engine folder (6400.9594) created in the previous step.
mkdir -p /tmp/64bit/
tar -xvf sl646400.tar -C /tmp/64bit/
cp -rf /tmp/64bit/av_sdk/signlic.txt ${ENGINE_PATH_64_BIT}/6400.9594/
cp -rf /tmp/64bit/av_sdk/lib/* ${ENGINE_PATH_64_BIT}/6400.9594/
- Set permissions for the 64-bit folders/files by executing the following commands:
chmod 700 ${ENGINE_PATH_64_BIT}/6400.9594
chmod 600 ${ENGINE_PATH_64_BIT}/6400.9594/*
- Create a 32-bit Engine folder (6400.9594) in the 32-bit Engine path (see step 4). Execute the following command:
mkdir -p ${ENGINE_PATH_32_BIT}/6400.9594
- Extract (Untar) the 32-bit Engine file slp46400.tar into a temporary directory. Copy av_sdk/lib/config.dat, av_sdk/lib/liblnxfv.so, av_sdk/lib/liblnxfv.so.4, and av_sdk/signlic.txt to the 32-bit Engine folder (6400.9594) created in the previous step.
mkdir -p /tmp/32bit/
tar -xvf slp46400.tar -C /tmp/32bit/
cp -rf /tmp/32bit/av_sdk/signlic.txt ${ENGINE_PATH_32_BIT}/6400.9594/
cp -rf /tmp/32bit/av_sdk/lib/* ${ENGINE_PATH_32_BIT}/6400.9594/
- Set permissions for the 32-bit folders/files by executing the following commands:
chmod 700 ${ENGINE_PATH_32_BIT}/6400.9594
chmod 600 ${ENGINE_PATH_32_BIT}/6400.9594/*
- Create an Engine symlink.
- Go to the 64-bit Engine directory. Execute the following command:
cd ${ENGINE_PATH_64_BIT}/6400.9594
- Create a symlink. Execute the following command:
ln -sf liblnxfv.so.4 liblnxfv.so
- Go to the 32-bit Engine directory. Execute the following command:
cd ${ENGINE_PATH_32_BIT}/6400.9594
- Create a symlink. Execute the following command:
ln -sf liblnxfv.so.4 liblnxfv.so
- Take a backup of the runtime ($RUNTIME_PREFS_PATH) and default ($DEFAULT_PREFS_PATH) prefs.xml files before proceeding to update these files.
- Update both the runtime and default prefs.xml files with the 6400 Engine version. Execute the following commands:
sed -i "s:<MajorEngineVersion>.*</MajorEngineVersion>:<MajorEngineVersion>6400</MajorEngineVersion>:g" ${RUNTIME_PREFS_PATH}
sed -i "s:<MinorEngineVersion>.*</MinorEngineVersion>:<MinorEngineVersion>9594</MinorEngineVersion>:g" ${RUNTIME_PREFS_PATH}
sed -i "s:<IncrementalUpdateEngineVersion>.*</IncrementalUpdateEngineVersion>:<IncrementalUpdateEngineVersion>6400.9594</IncrementalUpdateEngineVersion>:g" ${RUNTIME_PREFS_PATH}
sed -i "s:<MajorEngineVersion>.*</MajorEngineVersion>:<MajorEngineVersion>6400</MajorEngineVersion>:g" ${DEFAULT_PREFS_PATH}
sed -i "s:<MinorEngineVersion>.*</MinorEngineVersion>:<MinorEngineVersion>9594</MinorEngineVersion>:g" ${DEFAULT_PREFS_PATH}
sed -i "s:<IncrementalUpdateEngineVersion>.*</IncrementalUpdateEngineVersion>:<IncrementalUpdateEngineVersion>6400.9594</IncrementalUpdateEngineVersion>:g" ${DEFAULT_PREFS_PATH}
- Remove the older 64-bit and 32-bit Engine directory.
- Start the ENSLTP services and check the updated Engine version details:
- For ENSLTP 10.6.6 and later, execute the following command:
/opt/McAfee/ens/tp/init/mfetpd-control.sh start
- For ENSLTP 10.6.5 and earlier, execute the following command:
/opt/isec/ens/threatprevention/bin/isectpdControl.sh start