KVRT ignores custom folder

[Ph0nq]

Hi team,

I guess I'm facing the same (or a similar) issue as this guy. Whatever I feed into KVRT as custom folders, they're completely ignored. I've tried to run the commands suggested in the other post but they're not available in my webspace. (A 'uname -a' simply returns "Linux <FQDN> 4.18.0-477.13.1.lve.el7h.x86_64 #1 SMP Thu Jun 1 16:49:27 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux" and the ISP is not disclosing which distribution they're using...)

First of all, I had to install the tool as a regular user, I don't have root access nor a graphical display:

-bash-4.2$ ./kvrt.run --allowuser --target /full_path_to/install_dir -- -silent -accepteula

It succeeded but contrary to the docs I can't start the tool thru 'kvrt.run':

-bash-4.2$ ./kvrt.run -- -silent -accepteula -custom /full_path_to/my_dir/ -dontencrypt -details
It seems that it's non-graphical mode now (XDG_SESSION_TYPE = <>, XDG_CURRENT_DESKTOP = <>).
Please, run kvrt.run under root manually (use su or sudo) or add --allowuser to run under normal user.
-bash-4.2$ ./kvrt.run --allowuser -- -silent -accepteula -custom /full_path_to/my_dir/ -dontencrypt -details
Product will be runned under current user
Generated directory is </tmp/5aedbe490e94d02f2482798>
Temp root </tmp> mounted with noexec, aborting. Use --target argument.

So when I start the script instead, KVRT is running and scanning the system files but no custom directories. If I'm passing along only custom files it simply returns:

-bash-4.2$ cd install_dir
-bash-4.2$ ./kvrt_runner.sh -accepteula -silent -customonly -custom ~/my_dir/ -dontencrypt -details -tracelevel DBG
=================================
Running kvrt with args <-accepteula -silent -customonly -custom /full_path_to/my_dir/ -dontencrypt -details -tracelevel DBG>
=================================
compver: 24.0.5.0 x86-64 (Jul  9 2024 17:36:48)
Product folder </full_path_to/KVRT2024_Data>
=================================
Scan is started
=================================
=================================
Scan is finished with results:
        Processed: 0
        Processing errors: 0
        Detected: 0
        Password protected: 0
        Corrupted: 0
=================================
=================================
kvrt exited with code <0>
=================================

What am I missing here? Thanks for any hints...

[Yury N.]

1 час назад, Ph0nq сказал:

First of all, I had to install the tool as a regular user, I don't have root access nor a graphical display:

-bash-4.2$ ./kvrt.run --allowuser --target /full_path_to/install_dir -- -silent -accepteula

Hello.

It's not required. KVRT is a portable tool with integrated antivirus databases. You should run a scan immediately.

./kvrt.run --allowuser -- -accepteula -silent -customonly -custom ~/my_dir/

But it won't work on your system due "Temp root </tmp> mounted with noexec, aborting. Use --target argument." So you should run 

./kvrt.run --allowuser --target /full_path_to/temp_dir -- -accepteula -silent -customonly -custom /full_path_to/my_dir/

And delete "/full_path_to/temp_dir" folder yourself after every KVRT run. Also recommended use full path. So use "-custom /full_path_to/my_dir/".
 

1 час назад, Ph0nq сказал:

What am I missing here? Thanks for any hints...

Files exist in "/full_path_to/my_dir/"? My be "~/my_dir" resolved to other directory?

If files exist please provide traces. 
./kvrt.run --allowuser --target /full_path_to/temp_dir -- -accepteula -silent -customonly -custom /full_path_to/my_dir/ -trace

And provide "Traces" folder in "Product folder </full_path_to/KVRT2024_Data>".

Edited October 3 by Yury N.

[Ph0nq]

Thank you Yuri.

Yes, the directory resolves correctly but I do see interesting entries in the trace file, like

10:25:40.853    0x7f821984e700    INF    vrt: custom: Custom Scan for </var/www/vhosts/my_web_space/my_dir> is started
10:25:40.853    0x7f821984e700    INF    vrt: custom: Path </var/www/vhosts/my_web_space/my_dir> has FS magic <0xef53> and <0x3d6079ca> blocks
[...]
10:25:40.853    0x7f821984e700    INF    vrt: linux mp: Skip mount point </var/www/vhosts/system/my_web_space> due to type <Volume>
[...]
10:25:40.953    0x7f821984e700    ERR    vrt: custom: Exception caught at line 1004 =>  std::bad_cast
10:25:40.953    0x7f821984e700    INF    scan notify: Progress calculation is finished
10:25:40.953    0x7f821984e700    INF    vrt: automode: scan notify: Progress calculation is finished
10:25:40.953    0x7f821984e700    ERR    vrt: custom: Can't get files count with error 0x80000047
10:25:40.953    0x7f821984e700    ERR    vrt: avs: Scan was ended with error 0x80000047
10:25:40.953    0x7f821984e700    INF    vrt: avs: sl: All pended async tasks (0) has been done
10:25:40.953    0x7f821984e700    INF    vrt: avs: ksnq: Shutdown is requested for 0x7f82100021b0

Those "Skip mount point" entries show up for all sub dirs in my_dir, so in the end, nothing seems to be left to scan.

Where can I sent the whole trace file to?

[Yury N.]

55 минут назад, Ph0nq сказал:

Where can I sent the whole trace file to?

Upload to any file sharing server. Google drive for example. And provide link to me in private message.

Edited October 3 by Yury N.

[Ph0nq]

Thanks Yury for providing a fix.