This Article Applies to:
- Avast Business Antivirus
Avast-fss manual page
Avast-fss provides real-time scanning of files written to any of the monitored mountpoints. Avast-fss is based on the fanotify access notification system available on Linux kernels 2.6.37+.
The scan tool is a client that connects to the Avast scan service; it cannot work separately without a running scan service.
The manual scan page format is:
-h: Print short usage info and exit
-v: Print the program version and exit
-c FILE: Set configuration file path to FILE. The default configuration file is
-n: Do not daemonize
The configuration file format is a .ini consisting of KEYWORD = VALUE entries, each on a separate line. Lines beginning with ";" are treated as comments and ignored. Keys may be grouped into arbitrarily named sections, where the section name appears on a line by itself in square brackets.
The configuration consists of two parts - the global configuration options and the monitoring configuration. The sample configuration below shows all available global configuration options and their default values followed by some examples of monitoring (and monitoring exclude) entries.
The following is a configuration file with explicitly defined default options:
; Avast configuration file
RUN_DIR = "/var/run/avast"
SOCKET = "/var/run/avast/scan.sock"
LOG_FILE = "/var/log/avast/fss.log"
CHEST = "/vvar/lib/avast/chest"
SCANNERS = 4
UNLIMITED_QUEUE = 0
SCAN = "/some/mountpoint/to/monitor"
SCAN = "/another/mountpoint/to/monitor"
EXCL = "/path/to/exclude/from/scan"
RUN_DIR: Run directory. The PID file is stored here
SOCKET: Path to the Avast service UNIX socket
LOG_FILE: Path to the virus log file
CHEST: Path to the chest directory. The chest directory is where the detected malicious files are moved. If the chest directory is located on a monitored mountpoint, it is automatically added to the excluded paths on startup
SCANNERS: Number of parallel running scans. Set this option to the number of CPU cores to get the best performance
UNLIMITED_QUEUE: If set to 1, avast-fss disables the limit on the fanotify event queue size
SCAN: A mountpoint (path) that shall be monitored by avast-fss. If the given path is not a system mountpoint, it is automatically converted to the corresponding mountpoint
EXCL: A path to be excluded from monitoring
Other Articles In This Section: