This section describes the values of the general container and namespace scan settings (see the table below). Integration with Docker container management system, CRI-O framework, and Podman and runc utilities is supported.
Namespace and container scans can be enabled using the NamespaceMonitoring
setting described in the general application settings.
General container and namespace scan settings
Setting |
Description |
Values |
---|---|---|
|
Action to be performed on a container when an infected object is detected. The default settings of the File Threat Protection task are used for a scan. The action performed on a container when an infected object is detected also depends on the File Threat Protection task settings (see the table below). |
|
|
Use the Docker environment. |
|
|
Docker socket path or URI (Universal Resource Identifier). |
Default value: /var/run/docker.sock. |
|
Use the CRI-O environment. |
|
|
Path to the CRI-O configuration file. |
Default value: /etc/crio/crio.conf. |
|
Use the Podman utility. |
|
|
Path to the Podman utility executable file. |
Default value: /usr/bin/podman. |
|
Path to the root directory of the container storage. |
Default value: /var/lib/containers/storage. |
|
Use the runc utility. |
|
|
Path to the runc utility executable file. |
Default value: /usr/bin/runc. |
|
Path to the root directory of the container state storage. |
Default value: /run/runc-ctrs. |
Actions performed on a container when an infected object is detected may vary depending on the specified values of the FirstAction
/ SecondAction
settings of the File Threat Protection task and on the value of the InterceptorProtectionMode
setting, one of the general application settings (see the table below).
Dependence of actions performed on containers on the specified actions performed on infected objects
Value of the FirstAction / SecondAction or the InterceptorProtectionMode setting |
Action that the application performs on the container when the StopContainerIfFailed action is selected |
---|---|
|
Stop the container if disinfection of an infected object fails. |
|
Stop the container if an infected object removal fails. |
|
Do not perform any action on containers when an infected object is detected. |