This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Configuring File Server Scans for Linux

This Article Applies to:

  • Avast Business Antivirus for Linux

For full Linux-related documentation, see Avast Business Antivirus for Linux Technical Guide.

 

Avast-fss Manual Page

Avast-fss provides real-time scanning of files written to any of the monitored mountpoints. Avast-fss is based on the fanotify access notification system available on Linux kernels 2.6.37+.

The scan tool is a client that connects to the Avast scan service; it cannot work separately without a running scan service.

The manual scan page format is:

avast-fss [OPTIONS]

Options

  • -h: Print short usage info and exit
  • -v: Print the program version and exit
  • -c FILE: Set configuration file path to FILE. The default configuration file is /etc/avast/fss.conf
  • -n: Do not daemonize

Configuration File

The configuration file format is a .ini consisting of KEYWORD = VALUE entries, each on a separate line. Lines beginning with ";" are treated as comments and ignored. Keys may be grouped into arbitrarily named sections, where the section name appears on a line by itself in square brackets.

The configuration consists of two parts - the global configuration options and the monitoring configuration. The sample configuration below shows all available global configuration options and their default values followed by some examples of monitoring (and monitoring exclude) entries.

The following is a configuration file with explicitly defined default options:

; Avast configuration file

RUN_DIR = "/var/run/avast"
SOCKET = "/var/run/avast/scan.sock"
LOG_FILE = "/var/log/avast/fss.log"
CHEST = "/vvar/lib/avast/chest"
SCANNERS = 4
UNLIMITED_QUEUE = 0

[MONITORS]
SCAN = "/some/mountpoint/to/monitor"
SCAN = "/another/mountpoint/to/monitor"
EXCL = "/path/to/exclude/from/scan"

Global Parameters

  • RUN_DIR: Run directory. The PID file is stored here
  • SOCKET: Path to the Avast service UNIX socket
  • LOG_FILE: Path to the virus log file
  • CHEST: Path to the chest directory. The chest directory is where the detected malicious files are moved. If the chest directory is located on a monitored mountpoint, it is automatically added to the excluded paths on startup
  • SCANNERS: Number of parallel running scans. Set this option to the number of CPU cores to get the best performance
  • UNLIMITED_QUEUE: If set to 1, avast-fss disables the limit on the fanotify event queue size

Monitors

  • SCAN: A mountpoint (path) that shall be monitored by avast-fss. If the given path is not a system mountpoint, it is automatically converted to the corresponding mountpoint
  • EXCL: A path to be excluded from monitoring

 

Other Articles In This Section:

Configuring Antivirus Scans for Linux

Configuring Command-Line Scans for Linux

Related Articles:

Installing Antivirus for Linux

Licensing Antivirus for Linux