Installation in Docker container

javadeveloper

I'd like to use F-Secure Linux Security inside Ubuntu 20.04 docker container. Managed to get past the missing systemctl by using a slightly customized docker-systemctl-replacement, because of ExecStart=@ ...

Now i am stuck at this output:

Selecting previously unselected package f-secure-linuxsecurity.
(Reading database ... 5476 files and directories currently installed.)
Preparing to unpack .../f-secure-linuxsecurity.deb ...
Unpacking f-secure-linuxsecurity (12.0.26-1) ...
Setting up f-secure-linuxsecurity (12.0.26-1) ...

Installing F-Secure Linux Security...
Installing F-Secure BaseGuard...
2021-02-19 10:35:54 src/fsbootstrap.c:433[7] executing '/opt/f-secure/fsbg/download/fsbg-100-linux-x86_64/1611223694/content/setup' failed, result 256
2021-02-19 10:35:54 src/fsbootstrap.c:220[7] install failed
2021-02-19 10:35:54 src/fsbootstrap.c:433[7] executing '/opt/f-secure/linuxsecurity/download/linuxsecurity-1200-linux-x86_64/1612250987/content/setup' failed, result 256
2021-02-19 10:35:54 src/fsbootstrap.c:220[7] install failed
activate: fsbootstrap failed (exit status 2)

Could you please tell me, what could cause "result 256"? Thank you.

Domo

Hi

I want to do the same thing (in fact I am forced to because Linux Security 11 is end of life).

I got the Installation working using the jrei/systemd-ubuntu docker image as base.

The real Problem is to get the fsma2.service to run. It tries to do a fuse mount on startup. This only works when the docker container runs in privileged mode (or has SYS_ADMIN capabilities) and the /dev/fuse device is mounted.

But unfortunately I can't do privileged mode. Is there any chance to avoid the fuse mount? All I need is the fsanalyze command to scan some files. No real time protection, tamper protection or other fancy stuff.