Linux Scanning FAQ

I get an error when running Installer

Please check the following

  • If the server to be installed is under a proxy, please refer to proxy settings. Download binary failuer.[type: linux_x86_64]

  • Install with root privileges.

Scan results are not reflected.

Check the following.

  • Check if the owner of the files under /opt/vuls-saas/ is vuls-saas.

The following log file is generated on the server to be scanned.

  • /opt/vuls-saas/scan.log
  • /opt/vuls-saas/report.log

If you are unable to resolve this issue, please contact support.

Can I scan manually at any time?

Yes, you can.

Running the Scanner on the server

Run the following command on the host where the scanner is installed.

sudo -H -u vuls-saas /opt/vuls-saas/ > /dev/null 2>&1

If you run the command as root user and get permission denied error, please refer to here.

Rescanning from on-screen.

In released on 1/28/2021, it is now possible to rescan on the screen. The new feature was added.

How much load is placed on the server?

Almost no load. If you are concerned, please check the list of commands running during the scan. None of these will place a high load on the server.

What is the file size of the scanner?

The scanner is deployed under /opt/vuls-saas. As of March 2021, the scanner is about 22MB.

What is the file size of the logs and other files generated by the scan?

It depends on the distribution and debug mode, but a rough estimate is as follows. For accuracy, please refer to the size of the file generated during the scan.

The latest version of the scanner no longer requires the following file modification process. Reference: released on 4/16/2021

  • JSON files (about 100KB - 1MB) under /opt/vuls-saas/results.
  • Log files overwritten under /opt/vuls-saas/ (scan.log, report.log less than 10KB each).
  • Logs in /var/log/vuls.

I want to know the list of commands running during Scan.

The following command will show you the commands executed on the server to be scanned during Scan. If you execute the command as a user other than vuls-saas, the owner of config.toml will be changed and the command will be permission denied and cannot be executed. and cannot be scanned).

$ su - vuls-saas
$ pwd
$ . /vuls scan --debug 2>&1 | grep Executing

If you want to see what commands scanner executes and the results of its output, run it with the –debug option.

$ su - vuls-saas
$ pwd
$ . /vuls scan --debug 

If you want scanner to save the commands it executes and their output to a file, do the following

$ su - vuls-saas
$ pwd
$ . /vuls scan --debug 2> /tmp/vuls-output.txt

To view the file saved above in a shell, run the following.

$ cat /tmp/vuls-output.txt | sed ':a;N;$!ba;s/\n/\n/g' |less -R

## Cannot scan with permission denied in scan.log

<div class="alert 

The latest version of the scanner has been improved so that config.toml is not overwritten when scanning. We recommend [scanner update](/en/setting/update/).

Manual scan from terminal as root user will recreate `/opt/vuls-saas/config.toml` and the owner of the file will be changed to root. If a vuls-saas user scans the file in this state, a permission error will occur. (config.toml is created every time due to specification)

### Solution.

Change the entire owner under `/opt/vuls-saas` to the vuls-saas user.

root@dev:/opt/vuls-saas# chown -R vuls-saas:vuls-saas /opt/vuls-saas/

### Cause

Owner in config.toml was vuls-saas, but when scanning as root, owner is root.

root@dev:/opt/vuls-saas# ls -alh config.toml
-rw------- 1 vuls-saas vuls-saas 1

## Creation of yum cache files

The Linux scanner provided by FutureVuls retrieves package repository update information during processing, and may generate yum cache files under ```/var/tmp/```.

Note that the size of the cache files may vary depending on the number of installed packages and repositories.

### Workaround

By using the [OFFLINE scan mode](/en/setting/scanmode/#change-to-offline), you can prevent the creation of cache files.

### Notes

In OFFLINE mode, the following information will be missing as it is unable to retrieve update information (latest version) for each package:

- "Updatable" column in the software list page
- "Latest Version" column in the software list page

Please be reassured that the number of detected vulnerabilities and the results of automatic triage will not be affected.