Release 1.36.0

January 24, 2025 

Qualys strongly recommends upgrading your Qualys Container Security Sensor to 1.36.0 version to avail the latest features and enhancements. 

What's New?

Added Compatibility for CS Registry Sensor with Podman Runtime 

With this release, Qualys Container Security Sensor supports CS Registry Sensor installation on a host having Podman Runtime. 

Prerequisites 

  • Sensor needs podman.socket.
    sudo systemctl enable --now podman.socket
    sudo systemctl start --now podman.socket
  • Sensor needs to run as a root (sudo) user
  • Minimum podman version: 4.9.4 and above   

Sensor installation on podman runtime can be performed through installsensor.sh with these additional parameters.

Entity Arguments
installsensor.sh ContainerRuntime=podman

StorageDriverType=overlay

You can also install the sensor using 'podman run'. To do this, follow the instructions  mentioned here - Qualys Enterprise TruRisk™ Platform > Sensors > Download Sensor > Choose 'Registry' > Standalone > DockerHub. 

Default Scanning using 'Overlay' Storage Driver on 'containerd' runtime

With this release, the scaning will be performed by default using overlay storage driver. Earlier, to use the Overlay Storage Driver you were needed to mention the -- storage-driver-type argument, in the yaml file (cssensor-containerd-ds.yml).
["-k8s-mode", "container-runtime", "containerd", "-- storage-driver-type", "overlay"]

With this release, the --storage-driver-type: overlay argument is mentioned by default.
["-k8s-mode", "container-runtime", "containerd", "-- storage-driver-type", "overlay", "--optimize-storage-scan"]

In the downloaded yaml file, under the Volumemounts section,  the following section is uncommented.
#- mountPath: /var/lib/containerd
# name: containerd-root-dir
# readOnly: true

and,

under the volumes section, the following section is uncommented. 
#- name: containerd-root-dir
# hostPath: # path: /var/lib/containerd
# if root directory of containerd is different then update actual containerd root directory path

Issue Addressed

The following issue has been fixed with this release.

Category Issue
Registry Sensor While listing images from a registry, the Sensor got terminated with error: 24 and displayed the following error -
"Unexpected error 9 on netlink descriptor 13."

 

 

© 2025 Qualys, Inc. All rights reserved. Privacy Policy.