Contents
Storage management task (Backup, ID:10)
The Storage is a list of backup copies of files that have been deleted or modified during the disinfection process. A backup copy is a copy of a file created before the first attempt to disinfect or delete this file. Backup copies of files are stored in a special format and do not pose a threat.
By default, the Storage is located in the /var/opt/kaspersky/kess/common/objects-backup/ directory. Files in the Storage may contain personal data. Root privileges are required to access files in the Storage.
Sometimes it is not possible to maintain the integrity of files during disinfection. If you partially or completely lose access to important information in a disinfected file after disinfection, you can attempt to restore the file from the disinfected copy to the file's original directory.
Storage management task settings
The table describes all available values and the default values of all the settings that you can specify for the Storage management task.
Storage management task settings
Setting |
Description |
Value |
|---|---|---|
|
Time period for storing objects in the Storage (in days). To remove the time limit for storing objects in the Storage, specify 0. |
0 – the time period for storing objects in the Storage is not limited. Default value: 90. |
|
Maximum size of the Storage (MB). When the maximum Storage size is reached, the application deletes the oldest objects. To remove the Storage size limit, specify 0. |
0–999999 0 – the Storage size is not limited. Default value: 0. |
|
Path to the Storage directory. You can specify a custom Storage directory that is different from the default directory. You can use directories on any device as the Storage. It is not recommended to assign directories that are located on remote devices, such as those mounted via the Samba and NFS protocols. Kaspersky Embedded Systems Security starts moving the objects to the specified directory after you change the settings and restart the application. If the specified directory does not exist or is unavailable, the application uses the default directory. |
Default value: /var/opt/kaspersky/kess/common/objects-backup/ Root privileges are required to access the default Storage directory. |
Viewing identifiers of the objects in Storage
When an object is placed in the Storage, the application assigns a numeric ID to it. This ID is used to perform actions on the object, such as restoring or removing the object from the Storage.
To view the IDs of the objects in the Storage, execute the following command:
kess-control -B --query
The object ID is displayed in the ObjectId string.
Restoring objects from the Storage
Kaspersky Embedded Systems Security stores objects in the Storage in encrypted form to keep the protected device safe from their potential harmful effects.
You can restore objects from Storage if necessary. You may need to restore objects, for example, if while disinfecting an infected file the application failed to preserve its integrity, which made the information in the file inaccessible. You can save the object under a new name when restoring it from the Storage. If a file has been deleted from an archive, restoring it will restore the entire original archive.
Restoring infected objects may lead to a device infection.
To restore an object under its original name to its original location, execute the following command:
kess-control [-B] --restore <object ID>
where <object ID> is the ID of the object in the Storage.
To restore an object under a new name to a specified directory, execute the following command:
kess-control [-B] --restore <object ID> --file <file name and path to the file directory>
If the specified directory does not exist, the application creates it.
Page topRemoving objects from the Storage
To remove an object from the Storage, execute the following command:
kess-control -B --mass-remove --query "ObjectId == '<object ID>'"
Example: To remove an object with ID=15:
|
To remove several objects from the Storage, execute the following command:
kess-control -B --mass-remove --query "<field> <logical expression> '<value>' [and <field> <logical expression> '<value>']"
Example: To remove objects that contain "test" in their names or paths:
|
To remove all objects from the Storage, execute one of the following commands:
kess-control -B --mass-remove
, or
kess-control -B --mass-remove --query