Policy Files (snapvol.cfg)

Policy file (snapvol.cfg) is a configuration file that consists of keywords which must not be modified by users and those that can be customized. Policy keywords are used in specifying inclusions and exclusions for a file system, processes, and registry.

VMware provides a default set of policy files with the App Volumes Agent. These files are located in the base virtual machine at \CloudVolumes\Agent\Config\Default. For more information about the Default and Custom folders, see Default and Custom Configuration Files.

To customize a policy file, a Custom folder is required. You can also add your custom policy file within the Writable Volume. For more information about updating Writable Volumes, see Update Writable Volumes.

Keywords

The following keyword values must not be modified:

virtualize
virtualize_registry
virtualize_registry_notify_change
reverse_replicate_file
delete_local_profile

The following table contains keywords that can be used to customize in the policy for application packages and Writable Volumes:

Keyword	Description	Examples
`exclude_path`	During a read or write operation, App Volumes excludes looking for any file or folder in the path specified in this keyword in either the application package or the Writable Volume. Instead, if the file or folder specified in the path is present in the base image, then the read or write operation is performed in the base image. Note: Any file or folder starting with the prefix value specified in the keyword is excluded.	`exclude_path`=\ProgramData\VMware App Volumes excludes looking for VMware in either the application package or Writable Volume. Instead, if VMware is present in the base image then the read or write operation on the folder is performed in the base image.
`include_path`	App Volumes reads any file or folder in the path specified in this keyword in the following order: Writable Volumes, application package, and the base image. Any write operation in this path is performed on the Writable Volume. Note: Any file or folder starting with the prefix value specified in the keyword is included.	`include_path`=\Users App Volumes reads all subfolders of Users from all the volumes: Writable Volume, application package, and the base image. If an end user creates a folder or file within Users, then the file or folder is created on the Writable Volume.
`exclude_registry`	During a read or write operation, App Volumes excludes looking for any registry key or registry value in the path specified in this keyword in either the application package or Writable Volume. Instead, if the registry key or registry value specified in the path is present in the base image, then the read or write operation is performed in the base image. Note: Any registry key or registry value starting with the prefix value specified in the keyword is excluded.	`exclude_registry`=\REGISTRY\MACHINE\SOFTWARE\Policies App Volumes excludes looking for any registry key or registry value specified within Policies in either the application package or Writable Volume. Instead if the path is present in the base image, then the read or write operation is performed on the registry key or registry value in the base image.
`include_registry`	App Volumes reads any registry key or registry value in the path specified in this keyword in the following order: Writable Volume, application package, and the base image. Any write operation in this path is performed on the Writable Volume. Note: Any registry key or registry value starting with the prefix value specified in the keyword is included.	`include_registry`=\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows Search App Volumes reads all registry keys and registry values at \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows Search from all volumes: Writable Volume, application package, and base image. If a registry key or registry value is created at this path, then this operation is performed on the Writable Volume.
`exclude_process_path`	All processes that are run from an executable file in this path or subpath only see the file system and registry content from the base image. Note: This rule is not applicable to the child processes. Any process name starting with the prefix value specified in the keyword is excluded.	`exclude_process_path`=\Program Files\VMWare\AppCapture Any executable file run from the AppCapture folder or its subfolders only sees the file system and registry content from the base image. If the process spawns a new child process, the child process sees contents from the Writable Volume, AppStack, and base image.
`include_process_name`	The process specified in this keyword sees the file system and registry content from the Writable Volume, AppStack, and base image. Note: This rule is not applicable to the child processes.	`include_process_name`=SearchIndexer.exe The SearchIndexer process sees the file system and registry content from all volumes.
`exclude_process_name`	The process specified in this keyword sees the file system and registry content only from the base image. Note: This rule is not applicable to the child processes.	`exclude_process_name`=chkdsk.exe The chkdsk process sees the file system and registry content only from the base image.

The following table contains keywords that can be used to customize in the policy for Writable Volumes only:

Keyword Description Examples

Keyword	Description	Examples
`exclude_uwv_file`	App Volumes reads any file or folder in the path specified in this keyword in the following order: Writable Volume, application package, and the base image. Any write operation to the file or folder in this path is performed on the Writable Volume, which persists for that particular session, but gets deleted when the user logs off from the computer. Note: Any file or folder starting with the prefix value specified in the keyword is excluded. The path specified in this keyword must be terminated by using \\.	`exclude_uwv_file`=%USERPROFILE%\AppData\Local\Temp\\ App Volumes reads any content present within the Temp folder from all volumes: Writable Volume, application package, and base image. If an end-user creates a file example.txt within Temp, then the file persists for that session. When the end user logs off, example.txt is deleted.
`exclude_uwv_reg`	App Volumes reads any registry key or registry value in the path specified in this keyword in the following order: Writable Volume, application package, and the base image. Any write operation to the registry key or registry value in this path is performed on the Writable Volume, which persists for that particular session, but gets deleted when the user logs off from the computer. Note: Any registry key or registry value starting with the prefix value specified in the keyword is excluded. The path specified in this keyword must be terminated by using \\.	`exclude_uwv_reg`=\REGISTRY\MACHINE\SOFTWARE\McAfee\\ App Volumes reads any registry key or registry value within McAfee from all the volumes: Writable Volume, application package, and the base image. If a new registry key or registry value is created within McAfee, the new key or value persists for that particular session. When the end user logs off, the key or value is deleted.

exclude_uwv_file

App Volumes reads any file or folder in the path specified in this keyword in the following order: Writable Volume, application package, and the base image.

Any write operation to the file or folder in this path is performed on the Writable Volume, which persists for that particular session, but gets deleted when the user logs off from the computer.

Note:

Any file or folder starting with the prefix value specified in the keyword is excluded.
The path specified in this keyword must be terminated by using \\.

exclude_uwv_file=%USERPROFILE%\AppData\Local\Temp\\

App Volumes reads any content present within the Temp folder from all volumes: Writable Volume, application package, and base image.

If an end-user creates a file example.txt within Temp, then the file persists for that session. When the end user logs off, example.txt is deleted.

exclude_uwv_reg

App Volumes reads any registry key or registry value in the path specified in this keyword in the following order: Writable Volume, application package, and the base image.

Any write operation to the registry key or registry value in this path is performed on the Writable Volume, which persists for that particular session, but gets deleted when the user logs off from the computer.

Note:

Any registry key or registry value starting with the prefix value specified in the keyword is excluded.
The path specified in this keyword must be terminated by using \\.

exclude_uwv_reg=\REGISTRY\MACHINE\SOFTWARE\McAfee\\

App Volumes reads any registry key or registry value within McAfee from all the volumes: Writable Volume, application package, and the base image.

If a new registry key or registry value is created within McAfee, the new key or value persists for that particular session. When the end user logs off, the key or value is deleted.