Issue:
I launched a manual scan(fsanalyze) as a non-root user in Linux Security 64(LS64) and it fails with the following error:
fsanalyze: failed to connect to pmd:failed to connect to ctrl socket: /opt/f-secure/linuxsecurity/var/lspmd/run/socket: Permission denied
Resolution:
When a non-root user executes the fsanalyze command, “Permission denied” is output, the file will still be scanned by the fsanalyze tool.
Here is a sample output:
[azlaaz@ip-192-168-175-229 Desktop]$ /opt/f-secure/linuxsecurity/bin/fsanalyze --list test.txt
fsanalyze: failed to connect to pmd:failed to connect to ctrl socket: /opt/f-secure/linuxsecurity/var/lspmd/run/socket: Permission denied
test.txt: result=clean
Engine versions: F-Secure Corporation Aquarius/18.0.790/2021-08-25_02 F-Secure Corporation Hydra/6.0.391/2021-08-25_01 F-Secure Corporation FMLib/17.0.607.475 (cf1875a)/2020-04-07_01 fsicapd/2.0.202
1 files scanned
The impact of this error is that alerts (scan errors and detections) will not be sent to the Policy Manager and syslog. Therefore for example, if a non-root user scans an eicar file using the fsanalyze tool, the detection log will not be sent to syslog and Policy Manager. It will only be shown on the terminal for this non-root user to see.
The known issue is also being recorded in the LS64 changelog under the latest component update on 18 Aug.
Known Issues:
・Scanning files as a non-root user using fsanalyze command-line utility cause error message to be shown.
Article no: 000015618