1.3 Installing using the command line

Preliminary notes

Before you begin the installation, please ensure that the system requirements are met.

If the MetaDefender for Secure Storage installer package dependencies are not installed on your system the installer will attempt to automatically download them over the internet.

Acquire the package

In order to acquire the package please visit https://www.opswat.com/solution

Advanced installation

We recommend that production deployments use an external database and ensure that web traffic is encrypted. Click here for detailed information on how to configure an external database or HTTPS.

Debian / Ubuntu package (.deb)

  1. Update your packages

    sudo apt-get update

  2. Move to the folder containing the installer and install it

    sudo dpkg -i <name of the file>.deb || sudo apt-get install -f

  3. After the installation is completed, check if everything went fine

    man mdss

    or using the help menu

    sudo mdss -h

  4. Run the following command in order to initialize MetaDefender for Secure Storage

    sudo mdss -u init

  5. Start the service

    sudo mdss -c start

  6. Optionally, you can check the status using the following command:

    sudo mdss -c status

  7. Open a browser and navigate to the web interface: http://<server> to configure your deployment.

Red Hat Enterprise Linux / CentOS package (.rpm)

  1. Update your packages

    sudo yum -y update

  2. Move to the folder containing the installer and install it

    sudo yum install -y <name of the file>.rpm

  3. After the installation is completed, check if everything went fine

    sudo man mdss

    or using the help menu

    sudo mdss -h

  4. Run the following command in order to initialize MetaDefender for Secure Storage

    sudo mdss -u init

    Note: If you don’t have docker already installed, the installer will do that for you, but you will be prompted to sign out and and sign back in. This is necessary because your current user needs to be added to the docker group.

  5. Start the service

    sudo mdss -c start

  6. Optionally, you can check the status using the following command:

    sudo mdss -c status

  7. Open a browser and navigate to the web interface: http://<server> to configure your deployment.

  8. If you are using firewalld (on CentOS8 and RHEL 8) you may need to update it’s policies:

    # Check what interface docker is using, e.g. 'docker0'
    ip link show
     
    # Check available firewalld zones, e.g. 'public'
    sudo firewall-cmd --get-active-zones
     
    # Check what zone the docker interface it bound to, most likely 'no zone' yet
    sudo firewall-cmd --get-zone-of-interface=docker0
     
    # So add the 'docker0' interface to the 'public' zone. Changes will be visible only after firewalld reload
    sudo nmcli connection modify docker0 connection.zone public
     
    # Masquerading allows for docker ingress and egress (this is the juicy bit)
    sudo firewall-cmd --zone=public --add-masquerade --permanent
    # Optional open required incomming ports (wasn't required in my tests)
    # sudo firewall-cmd --zone=public --add-port=443/tcp
    # Reload firewalld
    sudo firewall-cmd --reload
    # Reload dockerd
    sudo systemctl restart docker