tobias
6357c08bf1
- Pinned download URL for KESL 12.1.0-1297 (public Kaspersky CDN, 2024-07). - answer.txt updated to v12 autoinstall format: GROUP_CLEAN required, LOCALE=en_US.utf8 (en_US alone is rejected), INTERCEPTOR_MODE. - start.sh detects v10 (/etc/init.d/kesl-supervisor) vs v12 (/etc/init.d/kesl) and polls kesl-control until the daemon answers, because v12's first start runs an integrity check (~30s). - Modes (shell/version/scan/debug) and scan output format unchanged so existing parsers keep working. - README + build script point to tabledevil/kaspersky12. - test_smoke.sh validates image + version + EICAR; auto-skips on macOS (Rosetta blocks the daemon). Validated end-to-end on amd64 Linux: - 46 known-malicious files (LS26 detections) all flagged again - DetectSource=Local with --network=none + USE_KSN=No, no KSN calls Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
10 lines
369 B
Plaintext
10 lines
369 B
Plaintext
Kaspersky Endpoint Security for Linux 12 — offline on-demand scanner.
|
|
|
|
Modes (passed as the container CMD):
|
|
shell Start service, print this readme, drop to bash.
|
|
version Print KESL version + base /etc/issue.
|
|
scan Scan /data with --action Skip; print ThreatDetected events.
|
|
debug Bash without starting service.
|
|
|
|
Mount the target read-only at /data.
|