========================================================================== Release Notes for F-Secure Policy Manager 9.00, Linux version ========================================================================== This document contains last-minute information about the product. Please refer to the product manual for more information. The manual is available in Adobe Acrobat PDF format on the installation media. Printed copies of the manual can be ordered from your F-Secure business partner. F-Secure Web Club World-wide web: http://www.f-secure.com/webclub/ F-Secure Web Club is open to all F-Secure customers. Web Club pages contain a great deal of useful information on latest software versions, user documentation, release notes, etc. Technical Support World-wide web: http://support.f-secure.com/enu/corporate/ Your local contact: @f-secure.com F-Secure contact: Anti-Virus-Support@F-Secure.com Sales World-wide web: http://www.f-secure.com/products/ Your local contact: @f-secure.com F-Secure contact: Anti-Virus-Sales@F-Secure.com F-Secure USA F-Secure Europe F-Secure Inc. F-Secure Corporation 100 Century Center Court, Suite 700 Tammasaarenkatu 7 San Jose, CA 95112, USA PL24, FIN-00181 Helsinki, Finland tel (888) 432-8233 tel +358 9 2520 0700 fax (408) 350-2339 fax +358 9 2520 5001 http://www.f-secure.com/f-secure/contact_information.html Please do not call F-Secure directly if you have a local F-Secure Sales Partner in your area. For an up-to-date listing of F-Secure Sales Partners world-wide, see http://www.f-secure.com/partners/sales_partners/. ========================================================================== Contents ========================================================================== In this document you will find the following information: o Introduction o What's New in this Version? o Installation o Frequently Asked Questions o Product Documentation o F-Secure License Terms o Copyrights ========================================================================== Introduction ========================================================================== F-Secure Policy Manager provides a scalable way to manage the security of multiple applications on multiple operating systems, from one central location. It can be used to keep security software up-to-date, manage configurations, oversee enterprise compliance, and scale to handle even the largest, most mobile workforce. The F-Secure Policy Manager is comprised of three components: the F-Secure Policy Manager Console, F-Secure Policy Manager Server and F-Secure Policy Manager Web Reporting. They provide the upper layers on the management architecture and are seamlessly integrated with the F-Secure Management Agents that handle all management functions on local hosts. F-Secure Policy Manager Console provides a centralized management console for the security of the managed hosts in the network. It enables the administrator to organize the network into logical units for sharing policies. The policies are defined in F-Secure Policy Manager Console and then distributed to the workstations through the F-Secure Policy Manager Server. F-Secure Policy Manager Console offers integrated GUI for first time deployments, updates, policy based management, status monitoring, alerting and reporting. F-Secure Policy Manager Server is the repository for policies and software packages distributed by the administrator and for status information and alerts sent by the managed hosts. It provides scalability by working as an extension to the Apache web server. Communication between F-Secure Policy Manager Server and the managed hosts is accomplished through the standard HTTP protocol, which ensures trouble-free performance on the LAN and WAN. Note that Apache included as part of Policy Manager Server should not be used for any other purposes. Using it for other purposes will cause functionality and performance problems in the Policy Manager Server installation. Security -------- The most up to date information on security issues related to Operating Systems and Apache web server can be found at CERT's web site: http://www.cert.org. A list of all known vulnerabilities in the "default installation" of Apache is available at: http://www.apacheweek.com/features/security-13. To the best of our knowledge none of the vulnerabilities present in the "default installation" of Apache are present in the release of this version of F-Secure Policy Manager Server. Note that Apache is used only as a "part" or a technology component in Policy Manager Server, with further security improvements from the actual Apache Web Server release. F-Secure Policy Manager Web Reporting is an enterprise-wide graphical reporting system included in F-Secure Policy Manager Server. The detailed graphical reports in F-Secure Policy Manager Web Reporting allow the administrator to identify computers that are unprotected or vulnerable to virus outbreaks before they actually occur. It also gives the administrator visibility when the administrator wants to view the security settings and find the weak points of the network. With F-Secure Policy Manager Web Reporting the administrator can quickly create interactive long-term graphical reports based on historical trend data using an intuitive web based interface. The administrator can produce a wide range of useful reports and queries from F-Secure Client Security events, alerts and status information sent by the agent to the F-Secure Policy Manager Server. The administrator can export reports in HTML file format. F-Secure Policy Manager Web Reporting provides over thirty pre-defined reports, which makes locating unprotected PCs, tracking virus outbreaks, validating security settings or presenting current security status in visual format very easy and quick. Reports can be created, printed or exported as pie charts, line graphs, tables and three-dimensional bar charts. The administrator can easily create graphical and visual reports from executive summaries to very detailed information on F-Secure Client Security events. F-Secure Policy Manager Web Reporting is integrated with a powerful SQL database, which guarantees its suitability for every size of a company. F-Secure Policy Manager Proxy offers a solution to bandwidth problems in distributed installations of F-Secure products by significantly reducing load on networks with slow connections by retrieving database updates from a local update repository rather than from the F-Secure Policy Manager Server. F-Secure Policy Manager Proxy resides on a computer in the remote network. There should be one Policy Manager Proxy in every network that is behind slow network lines, retrieving database updates from F-Secure Policy Manager Server and distributing them locally to the workstations. Workstations in remote offices communicate with the Policy Manager Server in the main office directly too, but this communication is restricted to remote management and alerting. The heavy database updates are redirected to the Policy Manager Proxy in the same local network. Supported Functionality ======================= F-Secure Policy Manager differences between the Windows and Linux versions: * Push Installation and Microsoft Windows Installer (MSI) package support features are available only when F-Secure Policy Manager Console is running on Windows platforms. ========================================================================== What's New in this Version? ========================================================================== This section describes the new features, enhancements and most important problems that were fixed. Fixed issues in 9.00 compared to 8.11 ------------------------------------- * Policy Manager Web Reporting: domain tree is not reloaded from the server each time when admin browses reports for the same domain or host, which reduces the amount of data to be transferred and improves performance. * #69168 - Automatic Update Agent: it could die silently, mostly on the systems with the small amount of memory and configured to check for Virus Definitions updates every 5 minutes. Changes in 9.00 compared to 8.11 -------------------------------- * F-Secure Client Security 9.00 and other anti-virus 9.00 products support: o New database updates o Remote quarantine management was implemented. The new Settings > Quarantine management tab is now available in the Policy Manager Console Anti-Virus Mode. Two actions Release and Delete can be performed over quarantined objects. Actions created by administrator are automatically removed from policies after they are accomplished. Action is considered to be accomplished when there are no longer quarantined objects reported from hosts which are affected by the corresponding action. o Browsing protection support was implemented. The new Settings > Browsing protection tab is now available in the Policy Manager Console Anti-Virus Mode. Browsing Protection component installation status can be viewed from Policy Manager Anti-Virus Mode > Status > Installed Software table and Policy Manger Web Reporting 'Component Details' report. o Policy Manager Console Anti-Virus Mode: * Settings > Real-time scanning tab was modified to support CS9 clients. Some new settings were added, the ones not needed for CS9 were moved to a secondary dialog, which can be opened with 'Settings for older clients (7.x, 8.x)' link. * Settings > Spyware control: the settings duplicating the ones on 'Real-time scanning' and 'Manual scanning' tabs were removed. * Settings > Application control: 'Automatic decisions' group was * Settings > Real-time scanning: 'Boot sector scanning' group was removed. * Settings > Automatic updates: two settings which control fallback to Policy Manager Server and F-Secure update server in case Policy Manager Proxies are inaccessible were added. * Platforms support changes: o New platforms: - SuSE Linux Enterprise Server 11 32/64-bit - SuSE Linux Enterprise Desktop 11 32/64-bit - openSUSE 11.2 32/64-bit - Debian GNU Linux 5.0 (Lenny) 32/64-bit o Dropped platforms: - Red Hat Enterprise Linux 3 32/64-bit - openSUSE 10.3 32/64-bit - Debian GNU Linux 4.0 (Etch) 32/64-bit * Policy Manager was re-branded and its Look & Feel was adjusted to comply with the new F-Secure brand and client products. Also, Advanced UI mode layout was refreshed. * There is no separate F-Secure Policy Manager Web Reporting package anymore. Web Reporting functionality is now included into F-Secure Policy Manager Server package. It is enabled and disabled through the Policy Manager Server configuration script. * Policy Manager Server: modules configuration settings such as port numbers for Host, Administration and Web Reporting Modules are no longer configured through the Apache's 'httpd.conf'. Now, modules configuration should be done using Policy Manager Server configuration script. The configuration settings are stored in '/etc/opt/f-secure/fspms/fspms.conf' configuration file. * Apache HTTP server is no longer listening for client requests on ports used for external communication, now Jetty Web server is used for that. Thus, "Allow" directive configurable in Apache 'httpd.conf' can no longer be used for filtering inbound requests. * Policy Manager Server: the layout of some database and log files was changed in order to comply with the File Hierarchy Standard: o All server logs except Firebird database log file are now stored in one place at '/var/opt/f-secure/fspms/logs' folder. Some logs has been renamed to be easily grouped and distinguished. o Firebird database files have been moved from '/opt/f-secure/fspmwr/firebird/data/' to '/var/opt/f-secure/fspms/firebird/data/' folder. * Policy Manger Console: Web Club Area settings were removed from Preferences dialog. * Policy Manager Console: Security News (Anti-Virus mode > Outbreak tab) feature has been removed. * Policy Manager Console and Web Reporting: support for SNMP Agent has been removed. * Policy Manager Console: CDE/Motif/GTK+ look-and-feel support has been removed. Registering Policy Manager installation -------------------------------- Policy Manger installation now collects statistical data about the usage of F-Secure products which can be registered with the customer number for better support. It's possible to enter customer number during Policy Manager installation, or enter/edit it later on from the Policy Manager Console Help > Register menu. * Why does F-Secure collect data? In order to improve our service, we collect statistical information regarding the use of F-Secure products. To help F-Secure provide better service and support, you can allow us to link this information to your contact information. To allow this, please enter the customer number from your license certificate during the installation of Policy Manager. * What information is sent? We collect information that cannot be linked to the end user or the use of the computer. The collected information includes F-Secure product versions, operating system versions, the number of managed hosts and the number of disconnected hosts. The information is transferred in a secure and encrypted format. * What do I benefit from submitting information to F-Secure? When you contact our support, we can provide a solution to your problem more quickly based on the information collected. In addition, with this information we can further develop our product and services to match the needs of our customers even better. * Where is the information stored and who can access it? The data is stored in F-Secure highly secured data center, and only F-Secure's assigned employees can access the data. Known issues ------------ * Host having latest dbupdates may be reported as having recent not latest ones. * Policy Manager Web Reporting may stop refreshing policy domain tree until Policy Manager Server is restarted. * Policy Manager Console automatic alert clean up setting is console specific instead of server specific. So if there are several Consoles used to access the same server, there's a need to configure every PMC to use same settings. * Policy Manager Console: when defining a connection to a server, only DNS valid names can be used. If double-byte characters are used in server addresses, the communication with the server will not function properly. * #30080 - FSPMS VM usage problem when there are lots of alerts in commdir. * #46490 - Policy Manager Server does not start properly after dirty shutdown on Debian * #44881 - Issue with "useradd" in Policy Manager debian packages, can cause problems if UID / GID spaces are synchronized between several servers. As a workaround you may create Policy Manager users/groups manually before installation. * On some platforms with Japanese language selected there might be problems with accepting user input in the Policy Manager Console text fields. The workaround is to open file chooser dialog or make any message box appear. ========================================================================== Installation ========================================================================== Key Codes for Installation ========================== This product does not require a Key Code in order to be installed. System Requirements for Server ============================== * P4 2 GHz, 512GB RAM (1GB is recommended). Managing more than 5000 hosts requires minimum of P4 3 GHz level processor and 2GB RAM. * One of the following Linux platforms: o Red Hat Enterprise Linux 4 32/64-bit o Red Hat Enterprise Linux 5 32/64-bit o SuSE Linux Enterprise Server 9 32/64-bit o SuSE Linux Enterprise Server 10 32/64-bit o SuSE Linux Enterprise Desktop 10 32/64-bit o SuSE Linux Enterprise Server 11 32/64-bit o SuSE Linux Enterprise Desktop 11 32/64-bit o openSUSE 11.2 32/64-bit o Debian GNU Linux 5.0 (Lenny) 32/64-bit o Ubuntu 8.04 (Hardy) 32/64-bit Note: The product may also work on other Linux versions however none of those are supported officially. * Minimum of 5 GB of free hard disk space; 8 GB or more is recommended. System Requirements for Console =============================== * P4 2 GHz, 512MB RAM. Managing more than 5000 hosts requires 1GB RAM and P4 3 GHz level processor. * One of the following Linux platforms: o Red Hat Enterprise Linux 4 32/64-bit o Red Hat Enterprise Linux 5 32/64-bit o SuSE Linux Enterprise Server 9 32/64-bit o SuSE Linux Enterprise Server 10 32/64-bit o SuSE Linux Enterprise Desktop 10 32/64-bit o SuSE Linux Enterprise Server 11 32/64-bit o SuSE Linux Enterprise Desktop 11 32/64-bit o openSUSE 11.2 32/64-bit o Debian GNU Linux 5.0 (Lenny) 32/64-bit o Ubuntu 8.04 (Hardy) 32/64-bit Note: The product may also work on other Linux versions however none of those are supported officially. * Minimum 16-bit color display with resolution of 1024x768, 1280x1024 or higher resolution with 32-bit color recommended. * 200 MB of free hard disk space. Compatibility with Other F-Secure Products ========================================== When installing F-Secure Policy Manager 9.00 and F-Secure Linux Security 7.0x please note: * F-Secure Linux Security should be installed before F-Secure Policy Manager 9.00. Installing Policy Manager 9.00 includes a more recent version of Automatic Update Agent. Note: when installing Policy Manager Server on Debian and Ubuntu distributions F-Secure Automatic Update Agent installed with F-Secure Linux Security is not detected. If F-Secure Linux Security is to be managed by this Policy Manager installation, Linux Security needs to be installed in stand-alone mode first. Then, after Policy Manager is installed, run Linux Security configuration script again to switch it to centralized management mode. * While uninstalling Policy Manager / Linux Security, if the other product is still installed, do not remove Automatic Update Agent component. * While uninstalling the last product, which uses Automatic Update Agent, on Debian or Ubuntu remove Automatic Update Agent from both RPM and Debian packaging systems. Installation and Start up ========================= Server ------ Red Hat, SuSE ------------- Enter the following commands as 'root' user: Install the packages: # rpm -i f-secure-automatic-update-agent-8.24.3406-1.i386.rpm # rpm -i f-secure-policy-manager-server-9.00.31248-1.i386.rpm Configure Automatic Update Agent and Policy Manager Server: # /opt/f-secure/fspms/bin/fspms-config Note: on some platforms libstdc++ compatibility library is required. Please install the following packages before installing the Server: * on Red Hat Enterprise Linux 4 and 5 install compat-libstdc++-33 package; * on openSUSE 11.2 32-bit install libstdc++33 package; * on openSUSE 11.2 64-bit install libstdc++33-32bit package. Note: when installing the Server on 64-bit platform version, the 64-bit version of the installation package should be used. Debian ------ Enter the following commands as 'root' user: Install the packages: # dpkg -i f-secure-automatic-update-agent_8.24.3406_i386.deb # dpkg -i f-secure-policy-manager-server_9.00.31248_i386.deb Configure Automatic Update Agent and Policy Manager Server: # /opt/f-secure/fspms/bin/fspms-config Note: Policy Manager Server requires libstdc++ compatibility library, please install libstdc++5 package before installing the Server. If Policy Manager Server installation was not completed due to compatibility library absence, please install it and then use 'apt-get install -f' command to finish the Server installation. Note: when installing the Server on 64-bit platform version, the following specifics apply: o ia32-libs and lib32nss-mdns packages with runtime libraries for the ia32/i386 architecture should be installed first. o Policy Manager Automatic Update Agent package should be installed with '--force-architecture' option specified. o Policy Manager Server should be installed using 64-bit installation package. Ubuntu ------ Enter the following commands as a normal user (added to /etc/sudoers): Install the packages: # sudo dpkg -i f-secure-automatic-update-agent_8.24.3406_i386.deb # sudo dpkg -i f-secure-policy-manager-server_9.00.31248_i386.deb Configure Automatic Update Agent and Policy Manager Server: # sudo /opt/f-secure/fspms/bin/fspms-config Note: Policy Manager Server requires libstdc++ compatibility library, please install libstdc++5 package before installing the Server. If Policy Manager Server installation was not completed due to compatibility library absence, please install it and then use 'apt-get install -f' command to finish the Server installation. Note: when installing the Server on 64-bit platform version, the following specifics apply: o ia32-libs and lib32nss-mdns packages with runtime libraries for the ia32/i386 architecture should be installed first. o Policy Manager Automatic Update Agent package should be installed with '--force-architecture' option specified. o Policy Manager Server should be installed using 64-bit installation package. You can check server components' status by entering as a normal user: # /etc/init.d/fsaua status # /etc/init.d/fspms status or by directing your browser to: http://localhost - Policy Manager Server status http://localhost/B - Automatic Update Server status http://localhost:8081 - Policy Manager Web Reporting Console ------- Red Hat, SuSE ------------- To install the Console, enter as 'root' user: # rpm -i f-secure-policy-manager-console-9.00.31248-1.i386.rpm Note: when installing the Console on 64-bit platform version, the 64-bit version of the installation package should be used. Debian ------ To install the Console, enter as 'root' user: # dpkg -i f-secure-policy-manager-console_9.00.31248_i386.deb Note: when installing the Console on 64-bit platform version, the 64-bit version of the installation package should be used. Ubuntu ------ To install the Console, enter as a normal user (added to /etc/sudoers): # sudo dpkg -i f-secure-policy-manager-console_9.00.31248_i386.deb Note: when installing the Console on 64-bit platform version, the 64-bit version of the installation package should be used. F-Secure Policy Manager Console installs to /opt/f-secure/fspmc/ directory. A new "fspmc" user group is created automatically. After installation you should add users to the "fspmc" user group to provide permissions to use F-Secure Policy Manager Console by entering (as the "root" user): # /usr/sbin/usermod -G Note: The comma separated group list is an absolute list and not an addition. You can list all groups to which a user is a member by entering: # groups Then, you can start the F-Secure Policy Manager Console by clicking corresponding item in F-Secure group in programs menu. Policy Manager Console can also be started from the command line by entering: # sg fspmc -c /opt/f-secure/fspmc/fspmc Red Hat Enterprise Linux 4 -------------------------------- On RHEL 4 you need to re-login before using programs menu item. Also, since 'sg' command does not accept argument, you can use 'newgrp' on the command line: # newgrp fspmc # /opt/f-secure/fspmc/fspmc Upgrade ======= 1. First, create a full backup of Policy Manager data (communication directory, keys, preferences etc). Consult Policy Manager Administrator's Guide, "Backing Up & Restoring F-Secure Policy Manager Console Data" section, for instructions on how to create a full backup. 2. To upgrade Policy Manager components: Red Hat, SuSE ------------- enter the following commands as the 'root' user: # rpm -U f-secure-automatic-update-agent-8.24.3406-1.i386.rpm # rpm -U f-secure-policy-manager-server-9.00.31248-1.i386.rpm # rpm -U f-secure-policy-manager-console-9.00.31248-1.i386.rpm Note: when upgrading from the Policy Manager 8.x series with Web Reporting component installed, Web Reporting package should be uninstalled before upgrading the Policy Manager Server. To uninstall Web Reporting component enter the following command as the 'root' user: # rpm -e f-secure-policy-manager-web-reporting Note: when upgrading on 64-bit platform version Policy Manager Console and Policy Manager Server should be upgraded using 64-bit installation packages. Debian ------ enter the following commands as the 'root' user: # dpkg -i f-secure-automatic-update-agent_8.24.3406_i386.deb # dpkg -i f-secure-policy-manager-server_9.00.31248_i386.deb # dpkg -i f-secure-policy-manager-console_9.00.31248_i386.deb Note: when upgrading from the Policy Manager 8.x series with Web Reporting component installed, Web Reporting package should be uninstalled before upgrading the Policy Manager Server. To uninstall Web Reporting component enter the following command as the 'root' user: # dpkg -r f-secure-policy-manager-web-reporting Note: when upgrading on 64-bit platform version, the following specifics apply: o Policy Manager Automatic Update Agent should be upgraded with '--force-architecture' option specified. o Policy Manager Console and Policy Manager Server should be upgraded using 64-bit installation packages. Ubuntu ------ enter the following commands as a normal user (added to /etc/sudoers): # sudo dpkg -i f-secure-automatic-update-agent_8.24.3406_i386.deb # sudo dpkg -i f-secure-policy-manager-server_9.00.31248_i386.deb # sudo dpkg -i f-secure-policy-manager-console_9.00.31248_i386.deb Note: when upgrading from the Policy Manager 8.x series with Web Reporting component installed, Web Reporting package should be uninstalled before upgrading the Policy Manager Server. To uninstall Web Reporting component enter the following command as a normal user (added to /etc/sudoers): # sudo dpkg -r f-secure-policy-manager-web-reporting Note: when upgrading on 64-bit platform version, the following specifics apply: o Policy Manager Automatic Update Agent should be upgraded with '--force-architecture' option specified. o Policy Manager Console and Policy Manager Server should be upgraded using 64-bit installation packages. Uninstallation ============== Red Hat, SuSE ------------- To uninstall Policy Manager components enter the following commands as the 'root' user: # rpm -e f-secure-policy-manager-server # rpm -e f-secure-automatic-update-agent # rpm -e f-secure-policy-manager-console Debian ------ To uninstall Policy Manager components enter the following commands as the 'root' user: # dpkg -r f-secure-policy-manager-server # dpkg -r f-secure-automatic-update-agent # dpkg -r f-secure-policy-manager-console Ubuntu ------ To uninstall Policy Manager components enter the following commands as a normal user (added to /etc/sudoers): # sudo dpkg -r f-secure-policy-manager-server # sudo dpkg -r f-secure-automatic-update-agent # sudo dpkg -r f-secure-policy-manager-console Note: to prevent accidentally deleting potentially irreproducible data created by Policy Manager components - namely log files, MIB files, domain tree, policies, configuration files and preferences - the uninstallation procedure will not remove the directories listed below. If you wish to completely remove the software you should do it manually by entering the following commands under 'root' user: # rm -rf /var/opt/f-secure/fspms # rm -rf /var/opt/f-secure/fsaus # rm -rf /etc/opt/f-secure/fspms # rm -rf /etc/opt/f-secure/fsaus # rm -rf /opt/f-secure/fspmc BE CAREFUL NOT TO DESTROY KEYS THAT MAY BE NEEDED IN THE FUTURE! ========================================================================== Frequently Asked Questions ========================================================================== 1) Where are the log files, configuration files and communication directory located in the Linux version? Files Location -------------- The Policy Manager Server communication directory containing the data is located at: /var/opt/f-secure/fspms/commdir You can list all files and their places by entering the following commands as a normal user: Red Hat, SuSE: # rpm -ql f-secure- Debian, Ubuntu: # dpkg -L f-secure- Log Files --------- Policy Manager Console: /opt/f-secure/fspmc/lib/Administrator.error.log Automatic Update Agent logs runtime errors, warnings and other information via syslog, typically in /var/log/messages. Policy Manager Server: /var/opt/f-secure/fspms/logs /var/opt/f-secure/fsaus/log Configuration Files ------------------- Policy Manager Console: /opt/f-secure/fspmc/lib/Administrator.properties Automatic Update Agent: /etc/opt/f-secure/fsaua/fsaua_config Policy Manager Server: /etc/opt/f-secure/fspms/fspms.conf 2) Why are the files located so unusually? All files for Policy Manager have their own location according to the File Hierarchy Standard. For more information available on FHS please see http://www.pathname.com/fhs/. 3) Why doesn't Policy Manager Server start? Make sure you have run the configuration script: # /opt/f-secure/fspms/bin/fspms-config You can also check that the ports configured for Policy Manager Server are active by logging in as 'root' and running the 'netstat -lnpt' command. 4) How can I start, stop, restart or check the status of Policy Manager components? Automatic Update Agent: # /etc/init.d/fsaua {start|stop|restart|status} Policy Manager Server: # /etc/init.d/fspms {start|stop|restart|status} 5) How can I specify an HTTP Proxy? You can run the configuration script # /opt/f-secure/fsaua/bin/fsaua-config or edit the configuration file manually. The directive is http_proxies=http://address:port/ Remember to restart F-Secure Automatic Update Agent in order to take the new settings into use. 6) How can I change the default ports (80 and 8080) in which Policy Manager Server listens for requests? These ports are configured with the configuration script: # /opt/f-secure/fspms/bin/fspms-config 7) How can I change the default port (8081) in which Web Reporting listens for requests? The Web Reporting port is configured with the configuration script: # /opt/f-secure/fspms/bin/fspms-config 8) How can I change the default port (3050) that Web Reporting uses to access the Firebird database? For example, to change port 3050 to 3051: 1. Change the line containing "RemoteServicePort = 3050" to "RemoteServicePort = 3051" under the "# TCP Protocol Settings" category in the '/opt/f-secure/fspms/firebird/firebird.conf' file. 2. Change the line "firebird_port=3050" to "firebird_port=3051" in the '/opt/f-secure/fspms/firebird/tools/fspmwr-db-cleanup.sh' file. After changing the configuration files, you need to restart Policy Manager Server for the new configuration to take effect. 9) Can I setup my own schedule for updating F-Secure virus definitions? Yes. Automatic updates are achieved by using the operating system's own scheduling daemon, cron. Just edit or add your own scheduling entry to the /etc/crontab file. For example, to schedule virus definitions updates in every 10 minutes, add this line to /etc/crontab: */10 * * * * fspms /opt/f-secure/fspms/bin/fsavupd For more on configuring automatic updates using cron, see 'man cron' and 'man 5 crontab'. In most of the cases you can configure the scheduled updating of F-Secure virus definitions with the /opt/f-secure/fspms/bin/fspms-config command. 10) How can I update F-Secure virus definitions manually? Run the updating tool as 'fspms' user by entering: # sudo -u fspms /opt/f-secure/fspms/bin/fsavupd --debug Optional '--debug' flag forces more verbose diagnostic messages. 11) How can I publish F-Secure virus definitions manually from latest fsdbupdate package? Download latest fsdbupdate.run tool from http://download.f-secure.com/latest/fsdbupdate.run Run this tool as a root: # ./fsdbupdate.run This will update all databases in Automatic Update Agent. After this, you need to publish these updates to Automatic Update Server and to Policy Manager Server by either having the fsavupd scheduling in crontab or by manually running the fsavupd command: # sudo -u fspms /opt/f-secure/fspms/bin/fsavupd 12) Is there any diagnostic tool I can use? Yes. Please use 'fsdiag' to collect information about your system and related packages. When logged in as root, run: # /opt/f-secure/fspms/bin/fsdiag All relevant information will be stored into the archive 'fsdiag.tar.gz' located in the current directory. You can then send that file to F-Secure Customer Support by request. 13) I get the warning '...Another Automatic Update Server was found...' during startup. What should I do? Check if another Automatic Update Server is running and still using the TCP sockets: # netstat -anp | grep bwserver # ps axuww | grep bwserver Stop the other Automatic Update Server by running: # kill `pidof bwserver` # kill -9 `pidof bwserver` Restart Policy Manager Server: # /etc/init.d/fspms stop # rm -f /var/lock/subsys/fsaus /var/opt/f-secure/fsaus/log/fsaus.pid # /etc/init.d/fspms start 14) How can I maintain a Firebird database that is being used by Web Reporting when this is a noticeable degradation of speed in generating reports? In such cases, you can use the 'fspmwr-db-cleanup.sh' script, which is provided with Policy Manage. This script checks database integrity, creates database backup and tries to fixes database problems, if any. To maintain Firebird database run the script as a root: # /opt/f-secure/fspms/firebird/tools/fspmwr-db-cleanup.sh Note: when running Policy Manager Server will be automatically stopped and then started when maintenance completes. 15) How can I reset a corrupted Firebird database being used by Web Reporting? Stop Policy Manager Server as follows: # /etc/init.d/fspms stop Then you need to replace the corrupted Firebird database file with the empty database file provided using the following commands: # cd /var/opt/f-secure/fspms/firebird/data # cp /opt/f-secure/fspms/firebird/data/fspmwr.fdb.empty fspmwr.fdb # chown firebird:firebird fspmwr.fdb Start Policy Manager Server as follows: # /etc/init.d/fspms start 16) How can I install software to remote hosts from Policy Manager Console on Linux? You can export installation packages to JAR files and use ilaunchr.exe tool to install software to hosts, for example by using logon scripts. Please follow the process defined in the manual (section 5.4.3 "Local Installation and Updates with Pre-Configured Packages"). You will find the ilaunchr.exe tool in the '/opt/f-secure/fspmc/bin' directory. 17) How can I configure Policy Manager for use in large environments? - Increase 'Incoming packages polling interval' and 'Outgoing packages update interval' values to 30-60 minutes in Policy Manager Console. - Use Policy Manager Proxy installation(s) to minimize the load on Policy Manager Server caused by serving database updates to clients. - If ext3 file system is used on partition where '/var/opt/f-secure/fspms/commdir' resides, enable directory indexing (dir_index ext2/ext3 feature), if it's not enabled yet. Also, you may consider turning off atime on that partition. See detailed description at http://en.opensuse.org/Speeding_up_Ext3 ========================================================================== Product Documentation ========================================================================== The product documentation can be found on our web site: http://www.f-secure.com/en_EMEA/downloads/documentation/online-help/pm/900/. ========================================================================== F-Secure License Terms ========================================================================== Below are the F-Secure license terms. They are also included in the software. You must read and accept them before you can install the software. F-SECURE(r) LICENSE TERMS IMPORTANT - BEFORE INSTALLING OR USING THE F-SECURE SOFTWARE, CAREFULLY READ THE FOLLOWING LEGAL TERMS ("TERMS"). BY SELECTING THE ACCEPTING OPTION BELOW, OR BY INSTALLING, COPYING OR USING THE SOFTWARE YOU (EITHER AN INDIVIDUAL OR AN ENTITY) AGREE THAT YOU HAVE READ THESE TERMS, UNDERSTAND THEM AND AGREE TO BE LEGALLY BOUND BY THEM. IF YOU DO NOT AGREE TO ALL OF THE TERMS, SELECT THE REJECTING OPTION AND DO NOT INSTALL, USE OR COPY THE SOFTWARE. These Terms cover any and all F-Secure programs and/or web applications licensed by or made available to you, including related documentation and any update and upgrade of the programs delivered or otherwise made available to you under the purchased license or any related service agreement as defined in the documentation and any copy of these items (together the "Software"). You acknowledge and accept that the Software is subject to specific limitations such as purpose of use and certain technical requirements including but not limited to operating system, storage space or space required by the system. COMMERCIAL LICENSE Subject to the payment of applicable license fees and subject to the following terms and conditions, you have been granted a non-exclusive, non-transferable right to use the specified Software for a specified time period as separately agreed between yourself and F-Secure or its distributors. F-Secure and its licensors reserve any and all rights not expressly granted to you. You may: A) install and use the Software only on as many units (typically handheld devices, personal computers, servers or other hardware, jointly referred to as "Device") as stated in the Software, F-Secure License Certificate, applicable invoice, product packaging or agreement where these Terms have been appended. If the Software and/or its services are shared through a network or the Software is used to filter traffic at servers, firewalls or gateways, you must have a license for either scanning capacity or for the total number of users whom the Software provides services to. In such cases you may install the Software on as many units as needed; B) create copies of the Software for installation and backup purposes only; and C) extend the number of licenses by purchasing additional licenses. You may not: A) install and use the Software against these Terms, the F-Secure License Certificate or other related documentation; B) distribute copies of the Software to a third party, electronically transfer the Software to a computer belonging to a third party, or permit a third party to copy the Software; C) modify, adapt, translate, rent, lease, resell, distribute or create derivative works based upon the Software and/or related files (including but not limited to databases, news, descriptions or any other content) or any part thereof; D) decompile, reverse engineer, disassemble, or otherwise reduce the Software and/or related files (including but not limited to databases, news, descriptions or any other content) to any human-perceivable form (except to the limited extent permitted under mandatory copyright legislation) as the Software contains or may contain trade secrets of F-Secure and its licensors; E) use the documentation for any purpose other than to support your use of the Software; F) disclose the license authorization code provided for the program installation (including but not limited to key code, subscription number and registration key) to any third party; G) use the Software or any portion thereof to implement any product or service to operate on or in connection with the Software for any other purpose than granted herein; or H) where the Software includes an Automatic Update Agent component, use such component to publish, distribute and/or obtain software or content (i) not specifically related to F-Secure products and/or services and (ii) not security-related (or any updates to any such software or content). Please contact F-Secure directly if you are interested in any other rights to the Software than those granted in these Terms. EVALUATION LICENSE An Evaluation License is applicable when you download or install an evaluation version of the Software or you are granted a time limited, non-exclusive and non-transferable license by F-Secure or its distributors for evaluation purposes. The Software is licensed to you for the sole purpose of evaluating the Software and only for a specified evaluation period, which will begin on the date that the Software is first downloaded by or delivered to you. After the specified time period, you must either purchase the Software license from F-Secure or its distributor, or destroy and stop using the Software. If you purchase a license for the Software before the expiration of the evaluation time and register the Software, you have a valid license and you do not need to destroy the Software. F-Secure shall have no obligation to provide support or maintenance services for Evaluation Licenses. For the avoidance of doubt, the Evaluation License is also subject to restrictions set out above as items A-H. F-Secure and its licensors reserve any and all rights not expressly granted to you. NON-COMMERCIAL LICENSE A Non-Commercial License is applicable when you download or install a free (other than evaluation) version of Software made available to you by F-Secure or its distributor. Such Software is licensed to you only for a limited period as a non-exclusive, non-transferable license and is intended only as a supplementary tool (not for ongoing content security - or other - purposes). F-Secure reserves the right to discontinue the ability to use this type of Software at any time and is under no obligation to provide support or maintenance services for Non-Commercial Licenses. For the avoidance of doubt, the Non-Commercial License is also subject to restrictions set out above as items A-H. F-Secure and its licensors reserve any and all rights not expressly granted to you. OPEN SOURCE LICENSES You acknowledge that certain components of the Software may be covered by so-called "open source" software licenses, which means any software licenses approved as open source licenses by the Open Source Initiative or any substantially similar licenses, including without any limitation any license that, as a condition of distribution of the software licensed under such license, requires that the distributor make the software available in source code format ("Open Source Components"). To the extent expressly required by the licenses covering Open Source Components, the terms of such licenses shall apply in lieu of the terms of this Agreement to the respective Open Source Component. To the extent the applicable terms of such licenses prohibit any of the restrictions in these Terms such restrictions will not apply to such respective Open Source Components. Such deviating license terms for Open Source Components are located at the installation directory of the Software or such other place as indicated in the Software. TITLE Title, ownership rights, and intellectual property rights in the Software shall remain with F-Secure and/or its licensors. The Software is protected by copyright laws and international copyright and other intellectual property treaties. LIMITED WARRANTY AND DISCLAIMERS Limited Warranty on Media. F-Secure warrants the physical media, if any, produced by F-Secure on which the Software is recorded to be free from defects in material and workmanship under normal use for 30 days from the date of delivery. F-Secure does not give any warranties on media if the Software is delivered bundled in or with a third party device. Any implied warranties on the media, including implied warranties of merchantability and fitness for a particular purpose, are limited in duration to 30 days from the date of delivery. F-Secure will, at its option, replace the media or refund the purchase price of the media. F-Secure shall have no responsibility to replace or refund the purchase price of media which is damaged by accident, abuse, or misapplication. Disclaimer of Warranty on Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND. F-SECURE, ITS LICENSORS AND DISTRIBUTORS EXPRESSLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF TITLE, AVAILABILITY, PERFORMANCE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. F-Secure, its licensors and distributors do not guarantee the Software or related documentation in terms of their correctness, accuracy, reliability, or otherwise. You assume the entire risk as to the results and performance of the Software and related documentation. Complete Statement of Warranty. The limited warranty on media provided in the paragraph above is the only warranty of any kind that is made by F-Secure. No oral or written information or advice given by F-Secure, its dealers, distributors, agents, or employees shall create a warranty or in any way increase the scope of the foregoing limited warranty, and you may not rely on any such information or advice. Some jurisdictions do not allow the limitation or exclusion of express or implied warranties, so the above exclusion may not apply to you, and you may have other rights, which may vary from jurisdiction to jurisdiction. Limitation of Liability. IN NO EVENT AND UNDER NO LEGAL THEORY, INCLUDING BUT NOT LIMITED TO TORT OR CONTRACT SHALL F-SECURE, ITS EMPLOYEES, ITS LICENSORS, ITS DISTRIBUTORS OR ITS SUPPLIERS BE LIABLE TO YOU FOR ANY SPECIAL, CONSEQUENTIAL, INCIDENTAL OR INDIRECT DAMAGES, INCLUDING, BUT NOT LIMITED TO, LOSS OF REVENUE OR PROFIT, LOST OR DAMAGED DATA, DEVICE OR APPLICATION FAILURE OR MALFUNCTION OR OTHER COMMERCIAL OR ECONOMIC LOSS, ARISING OUT OF THE USE OF, OR INABILITY TO USE, THE SOFTWARE OR RELATED DOCUMENTATION, EVEN IF F-SECURE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, UNLESS OTHERWISE EXPLICITLY STATED IN TERMS RELATED TO SPECIFIC SOFTWARE. OUR MAXIMUM AGGREGATE LIABILITY TO YOU FOR ACTUAL DAMAGES FOR ANY CAUSE WHATSOEVER SHALL IN NO EVENT EXCEED THE AMOUNT PAID BY YOU FOR THE SOFTWARE. Nothing contained in these Terms shall prejudice the statutory rights of any party dealing as a consumer. F-Secure is acting also on behalf of its employees, distributors, licensors, suppliers and affiliates for the purpose of disclaiming, excluding, and/or restricting obligations, warranties, and liability as provided in these Terms, but in no other respects and for no other purpose. Some jurisdictions do not allow the limitation or exclusion of liability for incidental or consequential damages so the above limitation or exclusion may not apply to you or may apply to you only partially. Limitation of Liability under German and Austrian Laws. In respect of licenses purchased by consumers residing in Germany or Austria, concerning the limitation of liability the following applies: Concerning claims for damages, claims for compensation of expenses and other liability claims, whether arising in contract, tort, breach of statutory duty or otherwise under this license the following applies: F-Secure, its licensors, its distributors or its suppliers shall be liable without restriction for i) damage caused intentionally or through gross negligence, ii) for claims according to the German/Austrian Product Liability Act and iii) in the case of violating life, body or health. In the event of simple negligence, the following applies: F-Secure, its licensors, its distributors or its suppliers shall only be liable insofar as it has breached an essential contractual obligation (cardinal contractual obligation). This liability shall be restricted to the contractually typical and foreseeable damage in the case of material and pecuniary damages. EXPORT RESTRICTIONS 1. If the Software or any part thereof is shipped or otherwise distributed to you from the United States of America: You acknowledge that the Software and the maintenance and support services including without limitation technical services and technical data (e.g., manuals, blueprints, plans, diagrams, models, formulae, tables, engineering designs and specifications and instructions written or recorded) and any other such technical services and technical data ("the Services") are of U.S. origin for purposes of U.S. export control laws, regulations, administrative acts or Executive Orders, and any amendments thereof, including without limitation the Export Administration Act of 1979, as amended (the "Act"), and the regulations promulgated thereunder (the "U.S. Export Control Laws"). You agree to comply with all applicable U.S. Export Control Laws and any applicable international laws and regulations that apply to the Software and to the Services, including without limitation the Act as well as end-user, end-use and destination restrictions issued by the U.S. and other governments. 2. If the Software is shipped or otherwise distributed to you from a country other than the United States of America: You agree to comply with the local regulations regarding exporting and/or using cryptographic software. In all cases, F-Secure will not be liable for any illegal export of its Software or any part thereof and/or use of its cryptographic software by you. U.S. GOVERNMENT RIGHTS If this license is acquired for or on behalf of the United States of America, its agencies and/or instrumentalities ("U.S. Government"), you acknowledge that the Software and the documentation are "commercial computer software" and respectively "commercial computer software documentation" as those terms are defined for purposes of the Federal Acquisition Regulations (FARs) in the case of procurement by civilian agencies (48 C.F.R. 2.101) and the Department of Defense Federal Acquisition Regulation Supplement (DFARS) in the case of procurement by units of the Department of Defense (48 C.F.R. 252.227-7014(a)(1) and (5)). Consistent with 48 C.F.R. 12.212 of FARs and 48 C.F.R. 227.7202 of DFARS and other applicable regulations, any use, modification, reproduction, release, performance, display, disclosure or distribution of the Software and documentation by or for the U.S. Government shall be governed solely by these Terms and shall be prohibited except to the extent expressly permitted by these Terms. HIGH RISK ACTIVITIES The Software is not fault-tolerant unless expressly stated in product documentation and is not designed, manufactured or intended for use or resale as control equipment in hazardous environments requiring fail-safe performance, such as in the operation of nuclear facilities, aircraft navigation or communication systems, air traffic control, direct life support machines, or weapons systems, in which the failure of the Software could lead directly to death, personal injury, or severe physical or environmental damage ("High Risk Activities"). F-Secure and its suppliers specifically disclaim any express or implied warranty of fitness for High Risk Activities. SUBMISSION AND PROCESSING OF DATA AND PERSONAL DATA YOU ACKNOWLEDGE AND CONSENT THAT TO ENABLE F-SECURE TO PROVIDE YOU WITH THE SERVICES RELATED TO THE SOFTWARE, THE SOFTWARE MAY COLLECT AND SUBMIT DATA RELATING TO SOFTWARE APPLICATIONS, INTERNET, YOUR DEVICE OR USE OF THE ABOVE. THE DATA SO COLLECTED MAY INCLUDE i) SECURITY RELATED DATA, TECHNICAL, STATISTICAL AND ANALYSIS DATA AND OTHER SIMILAR DATA WHICH ARE PROCESSED BY DEFAULT IN A NON PERSONALLY IDENTIFIABLE MANNER AND/OR ii) CONTACT INFORMATION AND OTHER DATA YOU ACTIVELY SUBMIT THROUGH THE SOFTWARE, LICENSE/ DEVICE/ SOFTWARE INFORMATION, INFORMATION DISCLOSED TO SOLVE A SUPPORT ISSUE, INFORMATION ON RELATED SERVICES AND OTHER SIMILAR DATA WHICH ARE PROCESSED BY DEFAULT IN A PERSONALLY IDENTIFIABLE MANNER. MORE DETAILED INFORMATION ON COLLECTED PERSONAL DATA AND PROCESSING THEREOF CAN BE FOUND AT F-SECURE PRIVACY POLICY. ANY TRANSFER OF DATA IS DONE IN A SECURE MANNER. YOU AGREE THAT F-SECURE MAY FURTHER DISCLOSE OR TRANSFER ANY OF THE ABOVE DATA TO ITS AFFILIATES, SUB-CONTRACTORS, DISTRIBUTORS AND PARTNERS AND THAT SUCH PARTIES MAY BE LOCATED IN THE EEA OR OUTSIDE THE EEA. YOU CONSENT AND AGREE TO F-SECURE'S PROCESSING OF DATA AND PERSONAL DATA AS SET OUT ABOVE. To inquire about the processing of identifiable personal data concerning you and correct such data or cancel your consent, the contact information for personal data stored by F-Secure is located at the end of these Terms. GENERAL The Software is subject to certain functional restrictions as informed by F-Secure (or by F-Secure's distributor from whom you have acquired this license) from time to time. F-Secure reserves the right to alter these requirements in the context of any updates or upgrades of the Software. You hereby acknowledge and confirm that, prior to registering for the Software, you have checked its suitability for your own requirements. You are informed and hereby accept that all or part of the Software may be temporarily unavailable / nonoperational for the purpose of repairs, upgrading, maintenance or for reasons beyond F-Secure's reasonable control (force majeure). F-Secure, its licensors or its distributors shall not be held liable for the consequences of such interruptions and shall undertake to restore the availability / operation of the Software as rapidly as reasonably possible, depending on the technical constraints encountered. F-Secure reserves the right to modify features or functionality of the Software in order to adjust it to changes in the market or regulations, to take into account any subsequent technical constraints or for reasons of providing you with better products or services. Without prejudice to any other rights of termination, your license to the Software will terminate immediately without notice if you are in breach of any of these Terms. You shall not be entitled to a refund from F-Secure or any of its distributors as a result of termination. The Terms concerning restrictions on use shall survive any termination. F-Secure may revise these Terms at any time and the revised Terms shall automatically apply to the corresponding versions of the Software distributed with the revised Terms. If any part of these Terms is found void and unenforceable, it will not affect the validity of rest of the Terms, which shall remain valid and enforceable. Unless otherwise stated below, these Terms shall be governed under the laws of Finland without regard to conflict of laws rules and principles and without regard to the United Nations Convention of Contracts for the International Sale of Goods. The courts of Finland shall have the exclusive jurisdiction and venue to adjudicate any dispute arising out of these Terms. In the case of licenses purchased within or on behalf of licensees residing within the United States or operating under the laws of the United States the governing law of these Terms shall be the laws of the State of California without regard to conflict of laws rules and principles and without regard to the United Nations Convention of Contracts for the International Sale of Goods. In such cases, the exclusive jurisdiction and venue to adjudicate any dispute arising out of these Terms shall be of the federal and state courts located in California. In respect of licenses purchased by consumers residing outside Finland or the United States, these Terms may be governed by the mandatory local laws of such jurisdictions. Where F-Secure should elect not to insist upon enforcing its rights in accordance with these Terms, this shall not be interpreted as a waiver of F-Secure's right to enforce the same in the future. If you have any questions concerning these Terms or the processing of your personal data or if you would like to contact F-Secure for any other reason, please write: F-Secure Corporation, PL24, FI-00181 Helsinki, Finland, e-mail: helsinki@f-secure.com or call: +358 9 2520 0700. November 2009, F-Secure Corporation ========================================================================== Copyrights ========================================================================== F-Secure Policy Manager ======================= Copyright (c) 2002-2010 F-Secure Corporation. All rights reserved. This product may be covered by one or more F Secure patents, including the following: GB2353372 GB2366691 GB2366692 GB2366693 GB2367933 GB2368233 GB2374260 F-Secure Policy Manager Console =============================== Copyright (c) 1997-2010 F-Secure Corporation. All rights reserved. Uses Java (tm) runtime environment 1.6.0_x This product includes software developed by the Apache Software Foundation (). Uses Apache Commons. Uses Spring framework. F-Secure Automatic Update Agent =============================== Copyright (c) 2004-2010 F-Secure Corporation. All Rights Reserved. F-Secure Policy Manager Server ============================== Copyright (c) 2001-2010 F-Secure Corporation. All rights reserved. Uses Java (tm) runtime environment 1.6.0_x This product includes software developed by the Apache Software Foundation (). Uses Jetty, Copyright Mort Bay Consulting Pty. Ltd. Uses Firebird, Portions created by Inprise Corporation are Copyright (C) Inprise Corporation. All Rights Reserved Uses Apache Commons and log4j. Uses Spring framework. Uses H2 database engine. Uses Google Gson. Apache Web Server ================= Copyright (C) 1999-2003 The Apache Software Foundation. All rights reserved. Redistribution and use in source and binary forms, with or without modifica- tion, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The end-user documentation included with the redistribution, if any, must include the following acknowledgment: "This product includes software developed by the Apache Software Foundation (http://www.apache.org/)." Alternately, this acknowledgment may appear in the software itself, if and wherever such third-party acknowledgments normally appear. 4. The names "Apache Cocoon" and "Apache Software Foundation" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact apache@apache.org. 4. The names "Jakarta", "Xalan", "Xerces", "Batik", "LogKit", "Commons", "The Jakarta Project", "Jakarta", "Jakarta-Regexp", "Apache Avalon", "Tomcat", "Avalon Excalibur", "Avalon Framework" and "Apache Software Foundation" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact apache@apache.org. 5. Products derived from this software may not be called "Apache", nor may "Apache" appear in their name, without prior written permission of the Apache Software Foundation. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLU- DING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This software consists of voluntary contributions made by many individuals on behalf of the Apache Software Foundation and was originally created by Stefano Mazzocchi . For more information on the Apache Software Foundation, please see . Portions of this software are based upon public domain software originally written at the National Center for Supercomputing Applications, University of Illinois, Urbana-Champaign. JISP - Java Index Serialization Package ======================================= COPYRIGHT NOTICE, DISCLAIMER, and LICENSE: Copyright 2001 Scott Robert Ladd. All rights reserved, except as noted herein. This computer program source file is supplied "AS IS". Scott Robert Ladd (hereinafter referred to as "Author") disclaims all warranties, expressed or implied, including, without limitation, the warranties of merchantability and of fitness for any purpose. The Author assumes no liability for direct, indirect, incidental, special, exemplary, or consequential damages, which may result from the use of the PNG Reference Library, even if advised of the possibility of such damage. Firebird ======== INTERBASE PUBLIC LICENSE Version 1.0 1. Definitions. 1.0.1. "Commercial Use" means distribution or otherwise making the Covered Code available to a third party. 1.1. "Contributor" means each entity that creates or contributes to the creation of Modifications. 1.2. "Contributor Version" means the combination of the Original Code, prior Modifications used by a Contributor, and the Modifications made by that particular Contributor. 1.3. "Covered Code" means the Original Code or Modifications or the combination of the Original Code and Modifications, in each case including portions thereof. 1.4. "Electronic Distribution Mechanism" means a mechanism generally accepted in the software development community for the electronic transfer of data. 1.5. "Executable" means Covered Code in any form other than Source Code. 1.6. "Initial Developer" means the individual or entity identified as the Initial Developer in the Source Code notice required by Exhibit A. 1.7. "Larger Work" means a work which combines Covered Code or portions thereof with code not governed by the terms of this License. 1.8. "License" means this document. 1.8.1. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein. 1.9. "Modifications" means any addition to or deletion from the substance or structure of either the Original Code or any previous Modifications. When Covered Code is released as a series of files, a Modification is: A. Any addition to or deletion from the contents of a file containing Original Code or previous Modifications. B. Any new file that contains any part of the Original Code or previous Modifications. 1.10. "Original Code" means Source Code of computer software code which is described in the Source Code notice required by Exhibit A as Original Code, and which, at the time of its release under this License is not already Covered Code governed by this License. 1.10.1. "Patent Claims" means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by grantor. 1.11. "Source Code" means the preferred form of the Covered Code for making modifications to it, including all modules it contains, plus any associated interface definition files, scripts used to control compilation and installation of an Executable, or source code differential comparisons against either the Original Code or another well known, available Covered Code of the Contributor's choice. The Source Code can be in a compressed or archival form, provided the appropriate decompression or de-archiving software is widely available for no charge. 1.12. "You" (or "Your") means an individual or a legal entity exercising rights under, and complying with, all of the terms of, this License or a future version of this License issued under Section 6.1. For legal entities, "You" includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. 2. Source Code License. 2.1. The Initial Developer Grant. The Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license, subject to third party intellectual property claims: (a) under intellectual property rights (other than patent or trademark) Licensable by Initial Developer to use, reproduce, modify, display, perform, sublicense and distribute the Original Code (or portions thereof) with or without Modifications, and/or as part of a Larger Work; and (b) under Patents Claims infringed by the making, using or selling of Original Code, to make, have made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Code (or portions thereof). (c) the licenses granted in this Section 2.1(a) and (b) are effective on the date Initial Developer first distributes Original Code under the terms of this License. (d) Notwithstanding Section 2.1(b) above, no patent license is granted: 1) for code that You delete from the Original Code; 2) separate from the Original Code; or 3) for infringements caused by: i) the modification of the Original Code or ii) the combination of the Original Code with other software or devices. 2.2. Contributor Grant. Subject to third party intellectual property claims, each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license (a) under intellectual property rights (other than patent or trademark) Licensable by Contributor, to use, reproduce, modify, display, perform, sublicense and distribute the Modifications created by such Contributor (or portions thereof) either on an unmodified basis, with other Modifications, as Covered Code and/or as part of a Larger Work; and (b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: 1) Modifications made by that Contributor (or portions thereof); and 2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combination). (c) the licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first makes Commercial Use of the Covered Code. (d) Notwithstanding Section 2.2(b) above, no patent license is granted: 1) for any code that Contributor has deleted from the Contributor Version; 2) separate from the Contributor Version; 3) for infringements caused by: i) third party modifications of Contributor Version or ii) the combination of Modifications made by that Contributor with other software (except as part of the Contributor Version) or other devices; or 4) under Patent Claims infringed by Covered Code in the absence of Modifications made by that Contributor. 3. Distribution Obligations. 3.1. Application of License. The Modifications which You create or to which You contribute are governed by the terms of this License, including without limitation Section 2.2. The Source Code version of Covered Code may be distributed only under the terms of this License or a future version of this License released under Section 6.1, and You must include a copy of this License with every copy of the Source Code You distribute. You may not offer or impose any terms on any Source Code version that alters or restricts the applicable version of this License or the recipients' rights hereunder. However, You may include an additional document offering the additional rights described in Section 3.5. 3.2. Availability of Source Code. Any Modification which You create or to which You contribute must be made available in Source Code form under the terms of this License either on the same media as an Executable version or via an accepted Electronic Distribution Mechanism to anyone to whom you made an Executable version available; and if made available via Electronic Distribution Mechanism, must remain available for at least twelve (12) months after the date it initially became available, or at least six (6) months after a subsequent version of that particular Modification has been made available to such recipients. You are responsible for ensuring that the Source Code version remains available even if the Electronic Distribution Mechanism is maintained by a third party. 3.3. Description of Modifications. You must cause all Covered Code to which You contribute to contain a file documenting the changes You made to create that Covered Code and the date of any change. You must include a prominent statement that the Modification is derived, directly or indirectly, from Original Code provided by the Initial Developer and including the name of the Initial Developer in (a) the Source Code, and (b) in any notice in an Executable version or related documentation in which You describe the origin or ownership of the Covered Code. 3.4. Intellectual Property Matters (a) Third Party Claims. If Contributor has knowledge that a license under a third party's intellectual property rights is required to exercise the rights granted by such Contributor under Sections 2.1 or 2.2, Contributor must include a text file with the Source Code distribution titled "LEGAL" which describes the claim and the party making the claim in sufficient detail that a recipient will know whom to contact. If Contributor obtains such knowledge after the Modification is made available as described in Section 3.2, Contributor shall promptly modify the LEGAL file in all copies Contributor makes available thereafter and shall take other steps (such as notifying appropriate mailing lists or newsgroups) reasonably calculated to inform those who received the Covered Code that new knowledge has been obtained. (b) Contributor APIs. If Contributor's Modifications include an application programming interface and Contributor has knowledge of patent licenses which are reasonably necessary to implement that API, Contributor must also include this information in the LEGAL file. (c) Representations. Contributor represents that, except as disclosed pursuant to Section 3.4(a) above, Contributor believes that Contributor's Modifications are Contributor's original creation(s) and/or Contributor has sufficient rights to grant the rights conveyed by this License. 3.5. Required Notices. You must duplicate the notice in Exhibit A in each file of the Source Code. If it is not possible to put such notice in a particular Source Code file due to its structure, then You must include such notice in a location (such as a relevant directory) where a user would be likely to look for such a notice. If You created one or more Modification(s) You may add your name as a Contributor to the notice described in Exhibit A. You must also duplicate this License in any documentation for the Source Code where You describe recipients' rights or ownership rights relating to Covered Code. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Code. However, You may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You must make it absolutely clear than any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of warranty, support, indemnity or liability terms You offer. 3.6. Distribution of Executable Versions. You may distribute Covered Code in Executable form only if the requirements of Section 3.1-3.5 have been met for that Covered Code, and if You include a notice stating that the Source Code version of the Covered Code is available under the terms of this License, including a description of how and where You have fulfilled the obligations of Section 3.2. The notice must be conspicuously included in any notice in an Executable version, related documentation or collateral in which You describe recipients' rights relating to the Covered Code. You may distribute the Executable version of Covered Code or ownership rights under a license of Your choice, which may contain terms different from this License, provided that You are in compliance with the terms of this License and that the license for the Executable version does not attempt to limit or alter the recipient's rights in the Source Code version from the rights set forth in this License. If You distribute the Executable version under a different license You must make it absolutely clear that any terms which differ from this License are offered by You alone, not by the Initial Developer or any Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer. 3.7. Larger Works. You may create a Larger Work by combining Covered Code with other code not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Covered Code. 4. Inability to Comply Due to Statute or Regulation. If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Code due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be included in the LEGAL file described in Section 3.4 and must be included with all distributions of the Source Code. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. 5. Application of this License. This License applies to code to which the Initial Developer has attached the notice in Exhibit A and to related Covered Code. 6. Versions of the License. 6.1. New Versions. Inprise Corporation ("Inprise") may publish revised and/or new versions of the License from time to time. Each version will be given a distinguishing version number. 6.2. Effect of New Versions. Once Covered Code has been published under a particular version of the License, You may always continue to use it under the terms of that version. You may also choose to use such Covered Code under the terms of any subsequent version of the License published by Inprise. No one other than Inprise has the right to modify the terms applicable to Covered Code created under this License. 6.3. Derivative Works. If You create or use a modified version of this License (which you may only do in order to apply it to code which is not already Covered Code governed by this License), You must (a) rename Your license so that the phrases "Mozilla", "MOZILLAPL", "MOZPL", "Netscape", "MPL", "NPL", "Inprise", "ISC", "InterBase", "IB" or any confusingly similar phrase do not appear in your license (except to note that your license differs from this License) and (b) otherwise make it clear that Your version of the license contains terms which differ from the Mozilla Public License and Netscape Public License. (Filling in the name of the Initial Developer, Original Code or Contributor in the notice described in Exhibit A shall not of themselves be deemed to be modifications of this License.) 6.4 Origin of the InterBase Public License. The InterBase Public License V 1.0 is based on the Mozilla Public License V 1.1 with the following changes: 1. The license is published by Inprise Corporation. Only Inprise Corporation can modify the terms applicable to Covered Code. 2. The license can be modified and used for code which is not already governed by this license. Modified versions of the license must be renamed to avoid confusion with Netscape's or Inprise Corporation's public license and must include a description of changes from the InterBase Public License. 3. The name of the license in Exhibit A is the "InterBase Public License". 4. The reference to an alternative license in Exhibit A has been removed. 5. Amendments I, II, III, V, and VI have been deleted. 6. Exhibit A, Netscape Public License has been deleted 7. A new amendment (II) has been added, describing the required and restricted rights to use the trademarks of Inprise Corporation. 7. DISCLAIMER OF WARRANTY. COVERED CODE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED CODE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED CODE IS WITH YOU. SHOULD ANY COVERED CODE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED CODE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. 8. TERMINATION. 8.1. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. All sublicenses to the Covered Code which are properly granted shall survive any termination of this License. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive. 8.2. If You initiate litigation by asserting a patent infringement claim (excluding declaratory judgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor against whom You file such action is referred to as "Participant") alleging that: (a) such Participant's Contributor Version directly or indirectly infringes any patent, then any and all rights granted by such Participant to You under Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice from Participant terminate prospectively, unless if within 60 days after receipt of notice You either: (i) agree in writing to pay Participant a mutually agreeable reasonable royalty for Your past and future use of Modifications made by such Participant, or (ii) withdraw Your litigation claim with respect to the Contributor Version against such Participant. If within 60 days of notice, a reasonable royalty and payment arrangement are not mutually agreed upon in writing by the parties or the litigation claim is not withdrawn, the rights granted by Participant to You under Sections 2.1 and/or 2.2 automatically terminate at the expiration of the 60 day notice period specified above. (b) any software, hardware, or device, other than such Participant's Contributor Version, directly or indirectly infringes any patent, then any rights granted to You by such Participant under Sections 2.1(b) and 2.2(b) are revoked effective as of the date You first made, used, sold, distributed, or had made, Modifications made by that Participant. 8.3. If You assert a patent infringement claim against Participant alleging that such Participant's Contributor Version directly or indirectly infringes any patent where such claim is resolved (such as by license or settlement) prior to the initiation of patent infringement litigation, then the reasonable value of the licenses granted by such Participant under Sections 2.1 or 2.2 shall be taken into account in determining the amount or value of any payment or license. 8.4. In the event of termination under Sections 8.1 or 8.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or any distributor hereunder prior to termination shall survive termination. 9. LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED CODE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. 10. U.S. GOVERNMENT END USERS. The Covered Code is a "commercial item," as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer software" and "commercial computer software documentation," as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Covered Code with only those rights set forth herein. 11. MISCELLANEOUS. This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by California law provisions (except to the extent applicable law, if any, provides otherwise), excluding its conflict-of-law provisions. With respect to disputes in which at least one party is a citizen of, or an entity chartered or registered to do business in the United States of America, any litigation relating to this License shall be subject to the jurisdiction of the Federal Courts of the Northern District of California, with venue lying in Santa Clara County, California, with the losing party responsible for costs, including without limitation, court costs and reasonable attorneys' fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. 12. RESPONSIBILITY FOR CLAIMS. As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability. 13. MULTIPLE-LICENSED CODE. Initial Developer may designate portions of the Covered Code as "Multiple-Licensed". "Multiple-Licensed" means that the Initial Developer permits you to utilize portions of the Covered Code under Your choice of the IPL or the alternative licenses, if any, specified by the Initial Developer in the file described in Exhibit A. EXHIBIT A - InterBase Public License. ``The contents of this file are subject to the InterBase Public License Version 1.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.Inprise.com/IPL.html Software distributed under the License is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for the specific language governing rights and limitations under the License. The Original Code was created by Inprise Corporation and its predecessors. Portions created by Inprise Corporation are Copyright (C) Inprise Corporation. All Rights Reserved. Contributor(s): ______________________________________. AMENDMENTS I. Inprise and logo. This License does not grant any rights to use the trademarks "Inprise", "InterBase," "Java" or "JavaScript" even if such marks are included in the Original Code or Modifications. II. Trademark Usage. II.1. Advertising Materials. All advertising materials mentioning features or use of the covered Code must display the following acknowledgement: "This product includes software developed by Inprise Corporation. " II.2. Endorsements. The names "Inprise," "InterBase," "ISC," and "IB" must not be used to endorse or promote Contributor Versions or Larger Works without the prior written permission of Inprise. II.3. Product Names. Contributor Versions and Larger Works may not be called "Inprise" or "InterBase" nor may the words "Inprise" or "InterBase" appear in their names without the prior written permission of Inprise Corporation. Java(tm) Runtime Environment Version 1.6.0_x ============================================ Sun Microsystems, Inc. Binary Code License Agreement for the JAVA SE RUNTIME ENVIRONMENT (JRE) VERSION 6 SUN MICROSYSTEMS, INC. ("SUN") IS WILLING TO LICENSE THE SOFTWARE IDENTIFIED BELOW TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS BINARY CODE LICENSE AGREEMENT AND SUPPLEMENTAL LICENSE TERMS (COLLECTIVELY "AGREEMENT"). PLEASE READ THE AGREEMENT CAREFULLY. BY DOWNLOADING OR INSTALLING THIS SOFTWARE, YOU ACCEPT THE TERMS OF THE AGREEMENT. INDICATE ACCEPTANCE BY SELECTING THE "ACCEPT" BUTTON AT THE BOTTOM OF THE AGREEMENT. IF YOU ARE NOT WILLING TO BE BOUND BY ALL THE TERMS, SELECT THE "DECLINE" BUTTON AT THE BOTTOM OF THE AGREEMENT AND THE DOWNLOAD OR INSTALL PROCESS WILL NOT CONTINUE. 1. DEFINITIONS. "Software" means the identified above in binary form, any other machine readable materials (including, but not limited to, libraries, source files, header files, and data files), any updates or error corrections provided by Sun, and any user manuals, programming guides and other documentation provided to you by Sun under this Agreement. "Programs" mean Java applets and applications intended to run on the Java Platform, Standard Edition (Java SE) on Java-enabled general purpose desktop computers and servers. 2. LICENSE TO USE. Subject to the terms and conditions of this Agreement, including, but not limited to the Java Technology Restrictions of the Supplemental License Terms, Sun grants you a non-exclusive, non-transferable, limited license without license fees to reproduce and use internally Software complete and unmodified for the sole purpose of running Programs. Additional licenses for developers and/or publishers are granted in the Supplemental License Terms. 3. RESTRICTIONS. Software is confidential and copyrighted. Title to Software and all associated intellectual property rights is retained by Sun and/or its licensors. Unless enforcement is prohibited by applicable law, you may not modify, decompile, or reverse engineer Software. You acknowledge that Licensed Software is not designed or intended for use in the design, construction, operation or maintenance of any nuclear facility. Sun Microsystems, Inc. disclaims any express or implied warranty of fitness for such uses. No right, title or interest in or to any trademark, service mark, logo or trade name of Sun or its licensors is granted under this Agreement. Additional restrictions for developers and/or publishers licenses are set forth in the Supplemental License Terms. 4. LIMITED WARRANTY. Sun warrants to you that for a period of ninety (90) days from the date of purchase, as evidenced by a copy of the receipt, the media on which Software is furnished (if any) will be free of defects in materials and workmanship under normal use. Except for the foregoing, Software is provided "AS IS". Your exclusive remedy and Sun's entire liability under this limited warranty will be at Sun's option to replace Software media or refund the fee paid for Software. Any implied warranties on the Software are limited to 90 days. Some states do not allow limitations on duration of an implied warranty, so the above may not apply to you. This limited warranty gives you specific legal rights. You may have others, which vary from state to state. 5. DISCLAIMER OF WARRANTY. UNLESS SPECIFIED IN THIS AGREEMENT, ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT THESE DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. 6. LIMITATION OF LIABILITY. TO THE EXTENT NOT PROHIBITED BY LAW, IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF OR RELATED TO THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. In no event will Sun's liability to you, whether in contract, tort (including negligence), or otherwise, exceed the amount paid by you for Software under this Agreement. The foregoing limitations will apply even if the above stated warranty fails of its essential purpose. Some states do not allow the exclusion of incidental or consequential damages, so some of the terms above may not be applicable to you. 7. TERMINATION. This Agreement is effective until terminated. You may terminate this Agreement at any time by destroying all copies of Software. This Agreement will terminate immediately without notice from Sun if you fail to comply with any provision of this Agreement. Either party may terminate this Agreement immediately should any Software become, or in either party's opinion be likely to become, the subject of a claim of infringement of any intellectual property right. Upon Termination, you must destroy all copies of Software. 8. EXPORT REGULATIONS. All Software and technical data delivered under this Agreement are subject to US export control laws and may be subject to export or import regulations in other countries. You agree to comply strictly with all such laws and regulations and acknowledge that you have the responsibility to obtain such licenses to export, re-export, or import as may be required after delivery to you. 9. TRADEMARKS AND LOGOS. You acknowledge and agree as between you and Sun that Sun owns the SUN, SOLARIS, JAVA, JINI, FORTE, and iPLANET trademarks and all SUN, SOLARIS, JAVA, JINI, FORTE, and iPLANET-related trademarks, service marks, logos and other brand designations ("Sun Marks"), and you agree to comply with the Sun Trademark and Logo Usage Requirements currently located at http://www.sun.com/policies/trademarks. Any use you make of the Sun Marks inures to Sun's benefit. 10. U.S. GOVERNMENT RESTRICTED RIGHTS. If Software is being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), then the Government's rights in Software and accompanying documentation will be only as set forth in this Agreement; this is in accordance with 48 CFR 227.7201 through 227.7202-4 (for Department of Defense (DOD) acquisitions) and with 48 CFR 2.101 and 12.212 (for non-DOD acquisitions). 11. GOVERNING LAW. Any action related to this Agreement will be governed by California law and controlling U.S. federal law. No choice of law rules of any jurisdiction will apply. 12. SEVERABILITY. If any provision of this Agreement is held to be unenforceable, this Agreement will remain in effect with the provision omitted, unless omission would frustrate the intent of the parties, in which case this Agreement will immediately terminate. 13. INTEGRATION. This Agreement is the entire agreement between you and Sun relating to its subject matter. It supersedes all prior or contemporaneous oral or written communications, proposals, representations and warranties and prevails over any conflicting or additional terms of any quote, order, acknowledgment, or other communication between the parties relating to its subject matter during the term of this Agreement. No modification of this Agreement will be binding, unless in writing and signed by an authorized representative of each party. SUPPLEMENTAL LICENSE TERMS These Supplemental License Terms add to or modify the terms of the Binary Code License Agreement. Capitalized terms not defined in these Supplemental Terms shall have the same meanings ascribed to them in the Binary Code License Agreement . These Supplemental Terms shall supersede any inconsistent or conflicting terms in the Binary Code License Agreement, or in any license contained within the Software. A. Software Internal Use and Development License Grant. Subject to the terms and conditions of this Agreement and restrictions and exceptions set forth in the Software "README" file incorporated herein by reference, including, but not limited to the Java Technology Restrictions of these Supplemental Terms, Sun grants you a non-exclusive, non-transferable, limited license without fees to reproduce internally and use internally the Software complete and unmodified for the purpose of designing, developing, and testing your Programs. B. License to Distribute Software. Subject to the terms and conditions of this Agreement and restrictions and exceptions set forth in the Software README file, including, but not limited to the Java Technology Restrictions of these Supplemental Terms, Sun grants you a non-exclusive, non-transferable, limited license without fees to reproduce and distribute the Software, provided that (i) you distribute the Software complete and unmodified and only bundled as part of, and for the sole purpose of running, your Programs, (ii) the Programs add significant and primary functionality to the Software, (iii) you do not distribute additional software intended to replace any component(s) of the Software, (iv) you do not remove or alter any proprietary legends or notices contained in the Software, (v) you only distribute the Software subject to a license agreement that protects Sun's interests consistent with the terms contained in this Agreement, and (vi) you agree to defend and indemnify Sun and its licensors from and C. Java Technology Restrictions. You may not create, modify, or change the behavior of, or authorize your licensees to create, modify, or change the behavior of, classes, interfaces, or subpackages that are in any way identified as "java", "javax", "sun" or similar convention as specified by Sun in any naming convention designation. D. Source Code. Software may contain source code that, unless expressly licensed for other purposes, is provided solely for reference purposes pursuant to the terms of this Agreement. Source code may not be redistributed unless expressly provided for in this Agreement. E. Third Party Code. Additional copyright notices and license terms applicable to portions of the Software are set forth in the THIRDPARTYLICENSEREADME.txt file. In addition to any terms and conditions of any third party opensource/freeware license identified in the THIRDPARTYLICENSEREADME.txt file, the disclaimer of warranty and limitation of liability provisions in paragraphs 5 and 6 of the Binary Code License Agreement shall apply to all Software in this distribution. F. Termination for Infringement. Either party may terminate this Agreement immediately should any Software become, or in either party's opinion be likely to become, the subject of a claim of infringement of any intellectual property right. G. Installation and Auto-Update. The Software's installation and auto-update processes transmit a limited amount of data to Sun (or its service provider) about those specific processes to help Sun understand and optimize them. Sun does not associate the data with personally identifiable information. You can find more information about the data Sun collects at http://java.com/data/. For inquiries please contact: Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, U.S.A. Apache Commons, Apache log2j, Jetty, Spring framework and Google Gson ================================================================ Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS ========================================================================== End of README ==========================================================================