trefy 0 Posted June 1, 2018 Share Posted June 1, 2018 Dear all, We have ESET File Security for Linux/BSD with enabled PAC agent installed on our Linux servers. We definied the directories with option ctl_incl = "" that need to be scanned real time by PAC agent. That works fine. We would like to make exclusion as well. To elaborate the exclusion: We definied for e.g. the /home/ directory to be scanned by PAC agent. We would like to make exclusion for certain files or directories within the /home directory. For e.g., we do not want to scan /home/user/.ssh directory. We tried to make exclusion with PAC option ctl_excl="". Doesn't work. We tried to make exclusion with Common option av_exclude="". Doesn't work. An example for [pac] settings regarding inclusion and exclusion: ctl_incl = "/home" ctl_excl = "/home/*/.ssh" - where the * sign would be any of the directories within /home. Does anyone has experience with similar setup? If so, we would really appreciate your suggestions. Thank you in advance and best regards! Link to comment Share on other sites More sharing options...
Administrators Marcos 4,706 Posted June 1, 2018 Administrators Share Posted June 1, 2018 Wildcards can be used only in file names at the end of the path, ie. not to substitute folder names unless a specific threat you want not to be detected is specified. Why is it a problem if /home/*/.ssh is scanned? How many folders are under the /home folder? If you don't use a wildcard, does the exclusion work alright? Link to comment Share on other sites More sharing options...
trefy 0 Posted June 4, 2018 Author Share Posted June 4, 2018 Hi Marcos, Thank you for your explanation. We have almost 300 folders under /home. We'd like to exclude few directories, where we do not expect to many changes therefore AV scanning not really needed. Anyway, if that does not work, then we should live with it. Thank you and best regards. Link to comment Share on other sites More sharing options...
Recommended Posts