Limitations

The Qualys Containerized Scanner has some limitations in the current release.

  • The SCAP scanning feature is currently unavailable.
  • Podman in Rootless mode is currently unavailable.
  • Polling interval and update now operations are currently unavailable.

     If you try to attempt Polling interval and Update Now operation, it gives the error Unable to send a signal to the process [ PID: 1 | SIGNAL: 1 | ERROR: Operation not permitted ] in Containerized Scanner logs.

    The following example shows the error received.

    2024-04-29T05:49:15 fd80239886ee daemon.info ScanD[1001]: Sending heartbeat message (capacity=249&session_id=84789279&session_seq=16) to jobd/SJMS URL
https://scanxxx.xxx.xxx.xxx.qualys.com:443
2024-04-29T05:49:18 fd80239886ee daemon.info ScanD[1001]: Received response to heartbeat message from jobd/SJMS
2024-04-29T05:49:18 fd80239886ee daemon.info ScanD[1001]: Scheduling command job with jobid 4138211:1 for pickup
2024-04-29T05:49:18 fd80239886ee daemon.info ScanD[1001]: Sending Job Pickup request for job 4138211:1. Count 0
2024-04-29T05:49:19 fd80239886ee daemon.info ScanD[1001]: SSL connection cert info: ISSUER: [ xxx ] SUBJECT: [ xxx ] VALIDITY_NOT_BEFORE: [ 230816073849Z (August 16 07:38:49 2023) ] VALIDITY_NOT_AFTER: [ 240815073848Z (August 15 07:38:48 2024) ]
2024-04-29T05:49:19 fd80239886ee daemon.info ScanD[1001]: SSL connection cert info: SERIAL_NUMBER: [ 544AE7647301FA3738E1C11A984BD8A35C7FFC8E ] SHA1_FINGERPRINT: [ 66:5F:CF:DE:10:90:51:72:87:08:66:B5:EF:4B:79:7A:5D:BA:03:43 ]
2024-04-29T05:49:19 fd80239886ee daemon.info ScanD[1001]: SSL connection info [ PROTOCOL: TLSv1.2 | CIPHER: AES256-SHA ]
2024-04-29T05:49:19 fd80239886ee daemon.info ScanD[1001]: received xml size from JOBD/SJMS for job-id 4138211:1 is 183
2024-04-29T05:49:20 fd80239886ee daemon.info ScanD[1001]: Sending start-ack to scanner command 4138211:1 with status code 1000. Count 0
2024-04-29T05:49:22 fd80239886ee daemon.info ScanD[1001]: Scanner's running jobs list is: running_jobs=4138211:1
2024-04-29T05:49:22 fd80239886ee daemon.info ScanD[1001]: Sending SIGHUP signal to the init process [ JOB_ID: 4138211:1 | COMMAND: Refresh ]
2024-04-29T05:49:22 fd80239886ee daemon.error ScanD[1001]: Unable to send a signal to the process [ PID: 1 | SIGNAL: 1 | ERROR: Operation not permitted ]
2024-04-29T05:49:22 fd80239886ee daemon.error ScanD[1001]: Sending a signal to the init process to initiate "refresh" failed [ JOB_ID: 4138211:1 ]
2024-04-29T05:49:23 fd80239886ee daemon.info ScanD[1001]: Sending end-ack to scanner command 4138211:1 with status code -5008. Count 0
2024-04-29T05:49:25 fd80239886ee daemon.info ScanD[1001]: JobD/SJMS reports job 4138211:1 as "ok" job
  • Split networking is currently unavailable.
  • Graceful shutdown for containerized scanners is currently unavailable.

     Stopping the containerized scanner, removes all running scans and partial scan results permanently and can not be recovered.

  • In 64-bit-only mode (Beta), the containerized scanner operates exclusively in 64-bit mode, restricting support for the following target technologies within its scanning capabilities.

    Target Technologies

    • MySQL Database

    • MongoDB Database

    • CyberArk PIM vault support

    • Password auditing support for Windows

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.