kotakanbe
commented
3 years ago Hi, @mareban
If the /sbin/ip command is not found, vuls will only display a warning message, but the scan itself will run normally.
e.g. Debian https://github.com/future-architect/vuls/blob/3bacb648a5c8d7ca744b5d76057eca7a05c7df43/scan/debian.go#L245
Even if the warning message is displayed, the CVE-ID should still be detected by running the report command. If the container scan stops in the middle, please post the error message in the issue so we can fix it.
Hello,
When scanning hosts no problem, but with containers, if a dependency is missing(ex /sbin/ip not found), the scanning ended with an error !!
Do i need to install the command in the running container (and recreate the image), is there another solution to bypass this error and continue the scanning of other hosts and containers defined in the config.toml file ?? Do i need to exclude these kind of containers from the config file to avoid this problem ? If this is the case, it will be more challenging to scan our Linux machines with more and more containers :-( !
Thx for this usefull project and for your help.