Settings in the configuration file for post-installation configuration

In the post-installation configuration file, you can specify the settings shown in the table below.

The setting values are case-sensitive.

Setting	Description	Values
EULA_AGREED	Required setting. Acceptance of the terms of the End User License Agreement.	`Yes`: accept the terms of the End User License Agreement to continue the application installation. `No` – do not accept the terms and conditions of the End User License Agreement. The initial configuration of the application is aborted.
PRIVACY_POLICY_AGREED	Required setting. Acceptance of the terms of the Privacy Policy.	`Yes` – accept the Privacy Policy to continue installing the application. `No` – do not accept the terms and conditions of the Privacy Policy. The initial configuration of the application is aborted.
USE_KSN	Required setting. Enabling Kaspersky Security Network usage: To enable the use of KSN, the terms of the Kaspersky Security Network Statement must be accepted. If you enabled the use of KSN, the application automatically enters the cloud mode, in which Kaspersky Industrial CyberSecurity for Linux Nodes uses the light version of the anti-malware databases.	`Yes` – accept the terms of the Kaspersky Security Network Statement and enable the use of KSN. `No` – do not accept the Kaspersky Security Network Statement. Opting out of the KSN does not abort the initial configuration process.
GROUP_CLEAN	Required setting. Removing users from the kicsadmin and kicsaudit privileged groups before installing the application.	`Yes` - Remove users from the privileged groups. If the value is `Yes` and there is no nogroup group, the installation will fail and you will be prompted to manually remove users from privileged groups. `No` - Do not remove users from the privileged groups.
LOCALE	Optional setting. The locale used for the texts of the End User License Agreement, the Privacy Policy and the Kaspersky Security Network Statement, as well as application events sent to Kaspersky Security Center. The locale of the graphical interface and the application command line is taken from the `LANG` environment variable. If the application does not support this localization, it defaults to the English localization.	Locale in RFC 3066 format. Possible values: `de_DE.UTF-8` – German `en_US.UTF-8` – English `fr_FR.UTF-8` – French `ja_JP.UTF-8` – Japanese `ru_RU.UTF-8` – Russian `zh_TW.UTF-8` – Chinese Simplified `zh_CN.UTF-8` – Chinese Traditional If the `LOCALE` setting is not specified, the operating system locale is used. If the application cannot detect the locale of the operating system or this locale is not supported, English (en_US.UTF-8 in RFC 3066 format) is used to localize events.
INSTALL_LICENSE	Activation code or key file for adding a license key to the application.	<`activation code`> if you want to activate the application using an activation code during installation. <`full path to key file`> if you want to activate the application using a key file during installation. `None` if you do not want to activate the application during installation, for example, if you are installing the application in an isolated network segment without internet access.
UPDATER_SOURCE	Update source for databases and application modules.	`SCServer` – use the Kaspersky Security Center Administration Server as the update source. `KLServers` – use Kaspersky servers as the update source. <`update source address`>.
PROXY_SERVER	Address of the proxy server used to connect to the Internet.	Address of the proxy server in one of the following formats: `<connection protocol>://<IP address of the proxy server>:<port number>` if the proxy server connection does not require authentication. `<connection protocol>://<user name>:<password>@<IP address of the proxy server>:<port number>` if the proxy server connection requires authentication. Connecting to a proxy server over HTTPS is not supported.
UPDATE_EXECUTE	Start the application database update task during the initial configuration.	`Yes` – start update task. `No` – do not start update task.
KERNEL_SRCS_INSTALL	Automatic start of kernel module compilation when the File Threat Protection task is started (for operating systems that do not support the fanotify technology).	`Yes` – compile the kernel module when File Threat Protection starts. `No` – do not compile the kernel module.
ADMIN_USER	A user assigned the administrator role (admin).
CONFIGURE_SELINUX	Automatic configuration of SELinux to work with Kaspersky Industrial CyberSecurity for Linux Nodes.	`Yes` – automatically configure SELinux to work with Kaspersky Industrial CyberSecurity for Linux Nodes. `No` – do not automatically configure SELinux to work with Kaspersky Industrial CyberSecurity for Linux Nodes.
PROTECTION_MODE	The operating mode that the application enters immediately after installation.	`Disabled` – when the application is started after installation, all components of the application are disabled by default. Only service tasks that handle application activation and the functioning of Backup are started. `OAS_Notify` – when the application is started after installation, only the File Threat Protection component and service tasks that handle application activation and the functioning of Backup are automatically started. The File Threat Protection component operates in "Notify only" mode. Notify-only mode is an operation mode for the application in which, if a threat is detected, application components and tasks do not attempt to disinfect or delete malicious objects, deny access or block the activity of applications. Instead, the application only informs the user about the detected threat. `OAS_Block` – when the application is started after installation, only the File Threat Protection component and service tasks that handle application activation and the functioning of Backup are automatically started. When a threat is detected, the application performs the actions specified in the File Threat Protection settings.
DISABLE_FILEAV_ACTIONS	Disables the disinfection and file deletion functions for application components after its installation. If the disinfection and file deletion functions are disabled and a threat is detected, the application does not attempt to disinfect or delete the files in which a threat was detected, but only informs the user about a threat detection. After installing the application, you can enable the file disinfection and deletion functionality using the `DisableFileAvActions` parameter in the kics.ini configuration file.	`Yes`: disables the disinfection and file deletion functions when the application is started after the installation. `No`: does not disable the disinfection and file deletion functions when the application is started after the installation.
VENDOR_EXCLUDE_PROFILE_ID	Predefined industrial software exclusion profile. You can specify an exclusion profile code to import exclusions for processes, files, and directories associated with a certain type of industrial software into the application settings. If the selected exclusion profile contains mount point exclusions, you need to ensure that the excluded mount points exist, or add new mount point settings to the /etc/fstab configuration file. You can view the added mount point exclusions in the general application settings on the command line (the `ExcludedMountPoint.item_#` parameter).	`<predefined exclusion profile code>`

If you want to change the settings in the initial configuration file, specify the values of settings in the following format: <setting_name>=<setting_value> without spaces between the name of the setting and its value.

Page top