Settings in the configuration file for post-installation configuration

Kaspersky Embedded Systems Security for Linux

Support Send link

Installation and initial configuration of Kaspersky Embedded Systems Security > Installing and initially configuring the application using the command line > Settings in the configuration file for post-installation configuration

Settings in the configuration file for post-installation configuration

In the post-installation configuration file, you can specify the settings shown in the table below. The set of applicable settings depends on the application usage mode.

Settings in the configuration file for post-installation configuration

Setting	Description	Values
EULA_AGREED	Required setting. Acceptance of the terms of the End User License Agreement.	`yes` – accept the terms and conditions of the End User License Agreement. `no` – do not accept the terms and conditions of the End User License Agreement. The initial configuration of the application is aborted.
PRIVACY_POLICY_AGREED	Required setting. Acceptance of the terms of the Privacy Policy.	`yes`: accept the Privacy Policy to continue installing the application. `no` – do not accept the terms and conditions of the Privacy Policy. The initial configuration of the application is aborted.
USE_KSN	Required setting. Enabling Kaspersky Security Network usage: To enable the use of KSN, the terms of the Kaspersky Security Network Statement must be accepted.	`yes` – accept the terms of the Kaspersky Security Network Statement and enable the use of KSN. `no` – do not accept the Kaspersky Security Network Statement. Opting out of the KSN does not abort the initial configuration process. If KSN is enabled, the cloud mode is automatically enabled, in which Kaspersky Embedded Systems Security uses the lightweight version of malware databases.
GROUP_CLEAN	Required setting. Removing users from the kessadmin and kessaudit privileged groups.	`yes` - Remove users from the privileged groups. If the value is `yes` and there is no nogroup group, the installation will fail and you will be prompted to manually remove users from privileged groups. `no` - Do not remove users from the privileged groups.
LOCALE	Optional setting. The locale used for the texts of the End User License Agreement, the Privacy Policy and the Kaspersky Security Network Statement, as well as application events sent to Kaspersky Security Center.	The locale in the format specified by RFC 3066. If the `Locale` setting is not specified, the operating system locale is used. If the application fails to determine the operating system localization language or the operating system localization is not supported, the default value will be used – `en_US.utf8`. The locale of the graphical interface and the application command line depends on the value of the `LANG` environment variable. If the locale that is not supported by Kaspersky Embedded Systems Security is specified as the value of the `LANG` environment variable, the graphical interface and the command line are displayed in English.
INSTALL_LICENSE	Activation code or full path to the key file.
UPDATER_SOURCE	Update source for databases and application modules.	`SCServer` – use the Kaspersky Security Center Administration Server as the update source. `KLServers` – use Kaspersky servers as the update source. `<update source address>`.
PROXY_SERVER	Address of the proxy server used to connect to the Internet.	Address of the proxy server in one of the following formats: `<connection protocol>://<IP address of the proxy server>:<port number>` if the proxy server connection does not require authentication `<connection protocol>://<user name>:<password>@<IP address of the proxy server>:<port number>` if the proxy server connection requires authentication Connecting to a proxy server over HTTPS is not supported.
UPDATE_EXECUTE	Start the application database update task during the initial configuration.	`yes` – start update task. `no` – do not start update task.
KERNEL_SRCS_INSTALL	Automatically start the compilation of the kernel module when the File Threat Protection task is started on operating systems that do not support the fanotify technology.	`yes` – compile the kernel module when the File Threat Protection task starts. `no` – do not compile the kernel module.
ADMIN_USER	A user assigned the administrator role (admin).
CONFIGURE_SELINUX	Automatic configuration of SELinux for working with Kaspersky Embedded Systems Security.	`yes` – automatically configure SELinux to work with Kaspersky Embedded Systems Security. `no` – do not automatically configure SELinux to work with Kaspersky Embedded Systems Security.
DISABLE_PROTECTION	Disable protection components and scan tasks after the application is installed. An installation with protection components disabled can be convenient, for example, in order to reproduce a problem in the operation of the application and create a trace file. If you enable the necessary components and tasks after installing the application with the `DISABLE_PROTECTION=yes` parameter, the enabled components and tasks will continue to work after the application is restarted.	`yes` - Disable protection components and scan tasks when the application is started after installation. `no` - Do not disable protection components and scan tasks when the application is started after installation.

If you want to change the settings in the configuration file for initial setup of the application, specify the values of settings in the following format: <setting_name>=<setting_value> (the application does not process spaces between the name of a setting and its value).

Article ID: 197289, Last review: Mar 10, 2025

Page top