• The Real-time protection task might not block access to the files in virtual pseudo file systems. We recommend that you use the mount command to connect network or local partitions.
• Mounting NTFS with the default_permissions option may cause the operating system stop responding. We recommend mounting NTFS partitions without the default_permissions option. If it is necessary to use this option, mount the NTFS partitions in the following way:

# mount /dev/NTFS-DEVICE /mnt/ntfs_disk
# mount /dev/NTFS-DEVICE /mnt/ntfs_disk -o remount,default_permissions

• When using NFS4, you can encounter hanging of the operating system. We recommend that you switch to NFS3.
• When using the CIFS (SMB V1) protocol, creating files in a network partition may take up to 30 seconds. We recommend that you disable CIFS oplocks and switch to the V2 version of the protocol:
  • Add the following to the smb.conf file on the server’s side: 
  • oplocks = False 
    level2 oplocks = False
  • Use the parameter vers=2.0 for connecting the network partition. For example: 
  • # mount //server_address/share /mnt/smb/ -o guest,vers=2.0

During the installation of the package, the following warnings may appear:

You can ignore these warnings. 

When the Real-time protection is running:

• Access to all files on the NFS4 network partition is blocked. 
• Access is blocked only to the files that are larger than 4 GB. 
• Multiple-thread processes may hang. 

We recommend that you upgrade to version SUSE Linux Enterpise Server 12.

When the Real-time protection is running:

• Access to all files on the NFS4 network partition is blocked. 
• Multiple-thread processes may hang. 

To solve this issue, we recommend doing the following:

1. Install and configure Kaspersky Endpoint Security 10 for Linux.
2. Run the command /etc/init.d/kesl-supervisor to stop Kaspersky Endpoint Security 10 for Linux.
3. Install the packages for compiling the kernel module.

$ sudo zypper in kernel-default-devel
$ sudo zypper in make gcc

4. Open the file /etc/opt/kaspersky/kesl/kesl.ini 
5. In the line with UseFanotify, change the value to false.
6. Launch Kaspersky Endpoint Security 10 for Linux and check the Real-time protection module.

Configuration and responses to commands before changes:

oes2015sp1:~ # cat /etc/opt/kaspersky/kesl/kesl.ini
[General]
MachineId=422a79df-157d-f147-f2e1-5ff772825c9c
PCID=57cf1598-50b3-4ca1-a84b-c3738c168230
Locale=en_US.utf8
UseFanotify=true
oes2015sp1:~ # kc --get-task-state 1
Name: File_Monitoring
ID : 1
Type : OAS
State : Started
oes2015sp1:~ # lsmod | grep kav
oes2015sp1:~ #

Configuration and responses to commands after changes:

oes2015sp1:~ # cat /etc/opt/kaspersky/kesl/kesl.ini
[General]
MachineId=422a79df-157d-f147-f2e1-5ff772825c9c
PCID=57cf1598-50b3-4ca1-a84b-c3738c168230
Locale=en_US.utf8
UseFanotify=false
oes2015sp1:~ # kc --get-task-state 1
Name: File_Monitoring
ID : 1
Type : OAS
State : Started
oes2015sp1:~ # lsmod | grep kav
kav4fs_oas 58588 5
redirfs 67272 1 kav4fs_oas,[permanent]
oes2015sp1:~ #