User Specific Configuration

The purpose of the User Specific Configuration mechanism is to provide a higher degree of customization and functionality. It allows the system administrator to define ESETS antivirus scanner parameters based on the user who is accessing file system objects.

A detailed description of this functionality can be found in the esets.cfg(5) man page. In this section we will provide only a short example of a user-specific configuration.

In this example, the goal is to use the esets_dac module to control the ON_OPEN and ON_EXEC access events for an external disc mounted under the /home directory. The module can be configured in the [dac] section of the ESETS configuration file. See below:

[dac]
agent_enabled = yes
event_mask = "open"
ctl_incl = "/home"
action_av = "scan"

To specify scan settings for an individual user, the ‘user_config’ parameter must specify the special configuration filename where the individual scanning rules will be stored. In the example shown here, the special configuration file is called ‘esets_dac_spec.cfg’ and is located within the ESETS configuration directory (This directory is based on your operating system. Please see Terminology and abbreviations page).

[dac]
agent_enabled = yes
event_mask = "open"
ctl_incl = "/home"
action_av = "scan"
user_config = "esets_dac_spec.cfg"

Once the ‘user_config’ file parameter is specified within the [dac] section, the ‘esets_dac_spec.cfg’ file must be created in the ESETS configuration directory. Finally, add the desired scanning rules.

[username]
action_av = "reject"

At the top of the special section, enter the username to which the individual rules will be applied. This configuration will allow all other users attempting to access the file-system to be processed normally. i.e., all file system objects accessed by other users will be scanned for infiltrations, except for the user ‘username’, whose access will be rejected (blocked).