Qualys Cloud for Linux Intel 6.4
August 23, 2024 (Updated September 02, 2024)
New Features
Alternate Folder for Cloud Agent Installation
With this feature, we are providing an option to select an alternate installation folder for RPM-based Cloud Agent packages. You can now configure the installation path for your Cloud Agent as either /usr/local or /opt. This flexibility helps you adapt to different system environments and set preferences for RPM-based package distribution. When you install the Cloud Agent in an alternate folder (/opt), the symbolic links (symlinks) are not created in the /usr/local.
A Cloud Agent installed in the alternate folder does not support QIDs related to GitHub log4j scripts and spring findings. For vulnerability data related to these QIDs, use Software Composition Analysis (SwCA).
New Cloud Agents installed in /opt directory do not support Qualys Endpoint Protection Platform (EPP) and Extended Detection and Response (XDR) features.
Following are the commands to manage the Cloud Agent in the alternate folder.
- Installation of agent in
/opt
rpm -ivh --relocate /usr/local=/opt QualysCloudAgent.rpm - Provisioning of Agent
/opt/qualys/cloud-agent/bin/qualys-cloud-agent.sh ActivationId=9xxx6-aa6b-d-axxx-dxxx customerId=9a8xx58x-29xx-7xx0-81a7-2xed1dxx3a ServerUri=https://qagpxxx.qualys.com/CloudAgent/ - Uninstalling Cloud Agent from
/opt
sudo /opt/qualys/cloud-agent/bin/qagent_uninstall.sh
The alternate installation path is supported only for Qualys Cloud Agent for Linux 6.4 and later.
We recommend installing Cloud Agent only in /usr/local and /opt folders. Installing Cloud Agent at other paths may cause undefined behavior.
This feature is currently supported for the following operating system versions:
| OS Architecture | Version |
|---|---|
| Red Hat Enterprise Linux (RHEL) | 6.x, 7.x, 8.x, 9.x |
| Oracle Enterprise Linux (OEL) | 6.x, 7.x, 8.x |
| CentOS | 6.x, 7.x, 8.x |
If you have installed Cloud Agent for Linux version earlier to 6.4 in non-standard directories using relocation, you can upgrade to Linux Agent 6.4. However, the existing symlinks are not deleted from the /usr/local directory as changing the default behavior may disrupt the Cloud Agent setup.
Cloud Agent Enhancement
Added Language support for SwCA
With the existing languages (NodeJS, DotNet, Python, Java, Ruby, Rust, Go, and PHP), we added support for C/C++ language. The following table shows the added language support for Software Composition Analysis.
| Language | File | Package Manager |
|---|---|---|
| C++ | conan.lock | Conan |
Patch Management (PM) Enhancement
Patch Installation Date and Time support in Patch Management UI
With this enhancement, the date and time for patch installation are displayed with the status of the patch job in the Patch Management user interface. The patch installation date and time are shown according to your browser (user profile) timezone and the UTC timezone.
For patch deployment jobs, we are now providing patch installation dates for all the patches installed by Qualys. This feature helps you verify whether the patches are installed by Qualys Patch Management or other patching tools. This improves transparency and accountability and ensures accurate reporting.
| Required Application Version | Patch Management 2.11.0.0 |
Behavior Changes
There are no behavior changes in this release.
Platform Coverage Support
There is no new platform coverage support added for this release.
Issues Addressed
The following are the issues addressed in this release.
| CRM-111080 | We fixed an issue where Cloud Agent could not complete the middleware scan due to invalid XML. |
| CRM-119555 | For assets with the Systemd, Cloud Agent displayed the missing files error CID-9676 result section. We fixed this issue by preventing Cloud Agent from creating extra files. |
| CRM-118216 | We fixed an issue in which the Cloud Agent displayed public-facing IP addresses instead of private IPv4 addresses in the CSAM, VM, and PC applications when configured with a loopback proxy (127.0.0.1). |
Known Issues, Limitations, and Workarounds
You must restart the Cloud Agent service when you switch user privileges from non-root to root.