Configuring global exclusions in the command line

Support

Support for business applications

Kaspersky Endpoint Security 12 for Linux

Advanced application settings

Configuring global exclusions

Configuring global exclusions in the command line

July 22, 2024

ID 261162

Get as PDF

You can define mount point exclusions in the command line via the ExcludedMountPoint.item_# option in the general application settings.

You can edit the setting using command line options or a configuration file that contains all general application settings.

The ExcludedMountPoint.item_# option accepts the following values:

AllRemoteMounted — Exclude all remote directories mounted on the device using SMB and NFS protocols from file operation interception.
Mounted:NFS — Exclude all remote directories mounted on the device using the NFS protocol from file operation interception.
Mounted:SMB — Exclude all remote directories mounted on the device using the SMB protocol from file operation interception.
Mounted:<file system type> — Exclude all mounted directories with the specified file system type from file operation interception.
/mnt — Exclude objects in the /mnt mount point (including subdirectories) from file operation interception. This directory is used as the temporary mount point for removable drives.
<path that contains the /mnt/user* or /mnt/**/user_share> — Exclude objects in mount points whose names contain the specified mask from file operation interception.
You can use the * (asterisk) character to create a file or directory name mask.

You can indicate a single * character to represent any set of characters (including an empty set) preceding the / character in the file or directory name. For example, /dir/*/file or /dir/*/*/file.

You can indicate two consecutive * characters to represent any set of characters (including an empty set and the / character) in the file or directory name. For example, /dir/**/file*/ or /dir/file**/.

The ** mask can be used only once in a directory name. For example, /dir/**/**/file is an incorrect mask.

To exclude the mount point /dir, you need to specifically indicate /dir (no asterisk).

The mask /dir/* excludes all mount points at the level below /dir but not /dir itself. The /dir/** mask excludes all mount points below the level of /dir but not /dir itself.

You can use a single ? character to represent any one character in the file or directory name.

You can specify several mount points to exclude from scanning.

Mount points must be specified in the same way as they are displayed in the mount command output.

Kaspersky Endpoint Security for Linux: High protection without performance compromising

Detects and blocks advanced threats. Buy as part of Endpoint Security for Business Advanced.

Kaspersky Premium Support (MSA): High‑priority incident processing

Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.