The normal installation and uninstallation procedures are contained in the
Endpoint Security for Linux Threat Prevention Installation Guide. This article describes more installation and uninstallation options.
ENSLTP has the following parameters that can be specified as installation options for both standalone and ePolicy Orchestrator (ePO) deployment.
| Parameter |
Description |
| alttmppath |
Allows ENSLTP to change the default folder location from where ENSLTP is installed. In the absence of this option, ENSLTP is installed from the /tmp folder by default. |
| apoff |
Allows ENSLTP to be installed with Access Protection disabled. mfeaack.ko isn't loaded or unloaded in or from memory if Access Protection is disabled, except in certain cases. For more information, see KB91044 - Behavior of kernel modules. |
| apon |
Allows ENSLTP to be installed with Access Protection enabled. mfeaack.ko isn't loaded if this option isn't specified.
NOTE: During an upgrade from Host Intrusion Prevention (Host IPS) for Linux to ENSLTP, you need to specify the apon option for both standalone and ePO-managed installations. |
| gtioff |
Allows ENSLTP to be installed with Global Threat Intelligence (GTI) disabled. |
| nocontentupdate |
Disables the first-time content update that runs after ENSLTP startup. ENSLTP 10.6.7 introduces this option.
ENSLTP 10.6.7 and later are shipped with a DAT that's of minimal size named 999 DAT. The version of this DAT is 999.0. The DAT has a single signature. This DAT can only detect EICAR. To be antivirus-compliant, ENSLTP runs the default update task after installation. The default update task (task index 3) shipped with ENSLTP runs automatically after installation once the product startup is complete. If this DAT update fails because of any reason, ENSLTP doesn't reattempt the update. The DAT is only updated during the next scheduled update or if you manually run the task. |
| oasoff |
Allows ENSLTP to be installed with on-access scan (OAS) disabled. |
| silent |
Allows ENSLTP to be installed or uninstalled without user interaction (silent mode). The normal command-line standalone installation requires some interaction for the user to accept the End User License Agreement (EULA). Similarly, the normal command-line standalone uninstallation procedure requires some interaction for the user to confirm the uninstall.
NOTE: For VirusScan Enterprise for Linux, you can perform a silent mode installation with the nails.options file. But, ENSLTP doesn't support using the nails.options file. |
| usefanotify |
Allows ENSLTP to be installed with the preference to use Fanotify for OASs for supported systems. ENSLTP uses Fanotify instead of using kernel modules. |
NOTE: The options
alttmppath=/alternateTmpFolderPath,
apoff,
apon,
gtioff,
nocontentupdate,
oasoff, and
usefanotify are only honored for fresh installations. If an upgrade is detected, the options specified are ignored and the existing settings are retained. For example, suppose that Access Protection is enabled in the current version during an upgrade. The new version keeps the settings enabled even if installation options are supplied.
Examples:
NOTE: You can perform an ePO-managed installation with the above options. Type the supported installation options in the McAfee Agent (MA) command-line parameter text box in the deployment task page. The supported options are
alttmppath=/alternateTmpFolderPath,
apoff,
apon,
gtioff,
nocontentupdate,
oasoff, and
usefanotify. Make sure that you type the options separated by a space.
