Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

maldet(15338): {scan} scan returned empty file list; check that path exists and contains files in scope of configuration. maldetect-1.6.4 #382

Open
Munawirsyah13 opened this issue Mar 19, 2021 · 7 comments
Open

maldet(15338): {scan} scan returned empty file list; check that path exists and contains files in scope of configuration. maldetect-1.6.4 #382

Munawirsyah13 opened this issue Mar 19, 2021 · 7 comments

Comments

@Munawirsyah13
Copy link

[root@malware ~]# maldet -a /root/Documents/malware/thezoo/
Linux Malware Detect v1.6.4
(C) 2002-2019, R-fx Networks [email protected]
(C) 2019, Ryan MacDonald [email protected]
This program may be freely redistributed under the terms of the GNU GPL v2

maldet(15338): {scan} signatures loaded: 17253 (14431 MD5 | 2039 HEX | 783 YARA | 0 USER)
maldet(15338): {scan} building file list for /root/Documents/malware/thezoo/, this might take awhile...
maldet(15338): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
maldet(15338): {scan} scan returned empty file list; check that path exists and contains files in scope of configuration.
@Munawirsyah13 Munawirsyah13 changed the title maldet(15338): {scan} scan returned empty file list; check that path exists and contains files in scope of configuration. maldet(15338): {scan} scan returned empty file list; check that path exists and contains files in scope of configuration. maldetect-1.6.4 Mar 19, 2021
@tisc0
Copy link

tisc0 commented Mar 28, 2021

Seems maldet is not scanning files owned by root. (#273)
I'll be glad to get over that limitation. Seeking for the option, not finding anything for now.

@tisc0
Copy link

tisc0 commented Apr 7, 2021

Hi !
Glad I kept that tab open, the answer is simply in /usr/local/maldetect/conf.maldet :

# As a design and common use case, LMD typically only scans user space paths
# and as such it makes sense to ignore files that are root owned. It is
# recommended to leave this enabled for best performance.
# [ 0 = disabled, 1 = enabled ]
scan_ignore_root="0"

@kalleboy
Copy link

Hello there.

I have the same issue on FreeBSD 13. Getting the same error on any directory I try to scan.

Have scan_ignore_root="0" as well, in config file.

Any idea?

@kalleboy
Copy link

kalleboy commented Feb 24, 2022
edited
Loading

Sorry for the bump. Any idea on how to solve this?

@w3bservice
Copy link

Send the error message

@kalleboy
Copy link

"maldet(15338): {scan} scan returned empty file list; check that path exists and contains files in scope of configuration."

@Mikanoshi
Copy link

Mikanoshi commented Jul 17, 2022
edited
Loading

"maldet(15338): {scan} scan returned empty file list; check that path exists and contains files in scope of configuration."

Try to start like this: OSTYPE=FreeBSD maldet -a /path.
This OS detection is incorrect as $OSTYPE can return something like "freebsd13.0":
https://github.com/rfxn/linux-malware-detect/blob/master/files/internals/internals.conf#L27

@marwenius marwenius mentioned this issue Nov 25, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@Mikanoshi @w3bservice @tisc0 @Munawirsyah13 @kalleboy