Hey, guys!
I'm trying to use MALDET (https://www.rfxn.com/projects/linux-malware-detect/) as an antivirus in MX 21.3.
Problem is, it requires "inotify-tools" in order to actively monitor the system, and when I try to run it in active mode, it says that the system kernel doesn't support inotify-tools...
Any help is greatly appreciated.
Thanks!
MALDET / inotify-tools
Re: MALDET / inotify-tools
Please post your QSI
*QSI = Quick System Info from menu (Copy for Forum)
*MXPI = MX Package Installer
*Please check the solved checkbox on the post that solved it.
*Linux -This is the way!
*MXPI = MX Package Installer
*Please check the solved checkbox on the post that solved it.
*Linux -This is the way!
Re: MALDET / inotify-tools
Hi, Charles.
Thanks and sorry for the late reply.
I posted but then deleted the QSI, because I solved the problem.
I installed "inotify-tools" and the "ed" package which is also needed, and after that I ran (as root) "update-initramfs -cu" and restarted the computer. Worked like a charm. That was the trick - updating the filesystem after installing the packages and then restarting the PC...
Sorry for the trouble and I hope this post will help anyone else who had the same problem.
Thanks and sorry for the late reply.
I posted but then deleted the QSI, because I solved the problem.
I installed "inotify-tools" and the "ed" package which is also needed, and after that I ran (as root) "update-initramfs -cu" and restarted the computer. Worked like a charm. That was the trick - updating the filesystem after installing the packages and then restarting the PC...
Sorry for the trouble and I hope this post will help anyone else who had the same problem.
Re: MALDET / inotify-tools
Ok, after formatting again and doing the same procedure, I again got the error that the kernel doesn't support inotify-tools. So here's my QSI:
System: Kernel: 5.10.0-23-amd64 [5.10.179-1] x86_64 bits: 64 compiler: gcc v: 10.2.1
parameters: BOOT_IMAGE=/boot/vmlinuz-5.10.0-23-amd64 root=UUID=<filter> ro quiet splash
Desktop: Xfce 4.18.1 tk: Gtk 3.24.24 info: xfce4-panel wm: xfwm 4.18.0 vt: 7
dm: LightDM 1.26.0 Distro: MX-21.3_x64 Wildflower January 15 2023
base: Debian GNU/Linux 11 (bullseye)
Machine: Type: Desktop System: Gigabyte product: Z170X-Ultra Gaming v: N/A serial: <filter>
Mobo: Gigabyte model: Z170X-Ultra Gaming-CF v: x.x serial: <filter>
UEFI: American Megatrends v: F23j date: 03/09/2018
CPU: Info: Quad Core model: Intel Core i5-7600K bits: 64 type: MCP arch: Kaby Lake family: 6
model-id: 9E (158) stepping: 9 microcode: F0 cache: L2: 6 MiB
flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 30399
Speed: 800 MHz min/max: 800/4800 MHz Core speeds (MHz): 1: 800 2: 800 3: 800 4: 800
Vulnerabilities: Type: itlb_multihit status: KVM: VMX disabled
Type: l1tf mitigation: PTE Inversion; VMX: conditional cache flushes, SMT disabled
Type: mds mitigation: Clear CPU buffers; SMT disabled
Type: meltdown mitigation: PTI
Type: mmio_stale_data mitigation: Clear CPU buffers; SMT disabled
Type: retbleed mitigation: IBRS
Type: spec_store_bypass
mitigation: Speculative Store Bypass disabled via prctl and seccomp
Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization
Type: spectre_v2 mitigation: IBRS, IBPB: conditional, STIBP: disabled, RSB filling,
PBRSB-eIBRS: Not affected
Type: srbds mitigation: Microcode
Type: tsx_async_abort mitigation: Clear CPU buffers; SMT disabled
Graphics: Device-1: NVIDIA GP107 [GeForce GTX 1050 Ti] vendor: Micro-Star MSI driver: nouveau
v: kernel bus-ID: 01:00.0 chip-ID: 10de:1c82 class-ID: 0300
Display: x11 server: X.Org 1.20.11 compositor: xfwm4 v: 4.18.0 driver:
loaded: modesetting unloaded: fbdev,vesa display-ID: :0.0 screens: 1
Screen-1: 0 s-res: 1920x1080 s-dpi: 96 s-size: 508x285mm (20.0x11.2")
s-diag: 582mm (22.9")
Monitor-1: HDMI-1 res: 1920x1080 hz: 60 dpi: 92 size: 531x298mm (20.9x11.7")
diag: 609mm (24")
OpenGL: renderer: NV137 v: 4.3 Mesa 20.3.5 direct render: Yes
Audio: Device-1: Intel 100 Series/C230 Series Family HD Audio vendor: Gigabyte
driver: snd_hda_intel v: kernel bus-ID: 00:1f.3 chip-ID: 8086:a170 class-ID: 0403
Device-2: NVIDIA GP107GL High Definition Audio vendor: Micro-Star MSI
driver: snd_hda_intel v: kernel bus-ID: 01:00.1 chip-ID: 10de:0fb9 class-ID: 0403
Sound Server-1: ALSA v: k5.10.0-23-amd64 running: yes
Sound Server-2: PulseAudio v: 14.2 running: yes
Network: Device-1: Intel Ethernet I219-V vendor: Gigabyte driver: e1000e v: kernel port: f000
bus-ID: 00:1f.6 chip-ID: 8086:15b8 class-ID: 0200
IF: eth0 state: down mac: <filter>
IF-ID-1: wwan0 state: unknown mac: <filter>
Drives: Local Storage: total: 1.78 TiB used: 533.9 GiB (29.2%)
SMART Message: Unable to run smartctl. Root privileges required.
ID-1: /dev/sda maj-min: 8:0 vendor: Toshiba model: TR150 size: 894.25 GiB block-size:
physical: 512 B logical: 512 B speed: 6.0 Gb/s type: SSD serial: <filter> rev: 12.3
scheme: GPT
ID-2: /dev/sdb maj-min: 8:16 vendor: Seagate model: ST1000DM010-2EP102 size: 931.51 GiB
block-size: physical: 4096 B logical: 512 B speed: 6.0 Gb/s type: HDD rpm: 7200
serial: <filter> rev: CC43
Partition: ID-1: / raw-size: 488.28 GiB size: 479.55 GiB (98.21%) used: 8.21 GiB (1.7%) fs: ext4
dev: /dev/sda2 maj-min: 8:2
ID-2: /boot/efi raw-size: 256 MiB size: 252 MiB (98.46%) used: 25.3 MiB (10.0%)
fs: vfat dev: /dev/sda1 maj-min: 8:1
Swap: Kernel: swappiness: 15 (default 60) cache-pressure: 100 (default)
ID-1: swap-1 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -2 dev: /dev/sda5
maj-min: 8:5
Sensors: System Temperatures: cpu: 56.0 C mobo: 27.8 C gpu: nouveau temp: 49.0 C
Fan Speeds (RPM): N/A gpu: nouveau fan: 0
Repos: Packages: note: see --pkg apt: 2187 lib: 1192 flatpak: 0
No active apt repos in: /etc/apt/sources.list
Active apt repos in: /etc/apt/sources.list.d/debian-stable-updates.list
1: deb http://deb.debian.org/debian bullseye-updates main contrib non-free
Active apt repos in: /etc/apt/sources.list.d/debian.list
1: deb http://deb.debian.org/debian bullseye main contrib non-free
2: deb http://security.debian.org/debian-security bullseye-security main contrib non-free
Active apt repos in: /etc/apt/sources.list.d/mx.list
1: deb http://ftp.linux.org.tr/mx/repo/mx/repo/ bullseye main non-free
Info: Processes: 238 Uptime: 2m wakeups: 1 Memory: 31.31 GiB used: 1.4 GiB (4.5%)
Init: SysVinit v: 2.96 runlevel: 5 default: 5 tool: systemctl Compilers: gcc: N/A
alt: 10 Client: shell wrapper v: 5.1.4-release inxi: 3.3.06
Boot Mode: UEFI
System: Kernel: 5.10.0-23-amd64 [5.10.179-1] x86_64 bits: 64 compiler: gcc v: 10.2.1
parameters: BOOT_IMAGE=/boot/vmlinuz-5.10.0-23-amd64 root=UUID=<filter> ro quiet splash
Desktop: Xfce 4.18.1 tk: Gtk 3.24.24 info: xfce4-panel wm: xfwm 4.18.0 vt: 7
dm: LightDM 1.26.0 Distro: MX-21.3_x64 Wildflower January 15 2023
base: Debian GNU/Linux 11 (bullseye)
Machine: Type: Desktop System: Gigabyte product: Z170X-Ultra Gaming v: N/A serial: <filter>
Mobo: Gigabyte model: Z170X-Ultra Gaming-CF v: x.x serial: <filter>
UEFI: American Megatrends v: F23j date: 03/09/2018
CPU: Info: Quad Core model: Intel Core i5-7600K bits: 64 type: MCP arch: Kaby Lake family: 6
model-id: 9E (158) stepping: 9 microcode: F0 cache: L2: 6 MiB
flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 30399
Speed: 800 MHz min/max: 800/4800 MHz Core speeds (MHz): 1: 800 2: 800 3: 800 4: 800
Vulnerabilities: Type: itlb_multihit status: KVM: VMX disabled
Type: l1tf mitigation: PTE Inversion; VMX: conditional cache flushes, SMT disabled
Type: mds mitigation: Clear CPU buffers; SMT disabled
Type: meltdown mitigation: PTI
Type: mmio_stale_data mitigation: Clear CPU buffers; SMT disabled
Type: retbleed mitigation: IBRS
Type: spec_store_bypass
mitigation: Speculative Store Bypass disabled via prctl and seccomp
Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization
Type: spectre_v2 mitigation: IBRS, IBPB: conditional, STIBP: disabled, RSB filling,
PBRSB-eIBRS: Not affected
Type: srbds mitigation: Microcode
Type: tsx_async_abort mitigation: Clear CPU buffers; SMT disabled
Graphics: Device-1: NVIDIA GP107 [GeForce GTX 1050 Ti] vendor: Micro-Star MSI driver: nouveau
v: kernel bus-ID: 01:00.0 chip-ID: 10de:1c82 class-ID: 0300
Display: x11 server: X.Org 1.20.11 compositor: xfwm4 v: 4.18.0 driver:
loaded: modesetting unloaded: fbdev,vesa display-ID: :0.0 screens: 1
Screen-1: 0 s-res: 1920x1080 s-dpi: 96 s-size: 508x285mm (20.0x11.2")
s-diag: 582mm (22.9")
Monitor-1: HDMI-1 res: 1920x1080 hz: 60 dpi: 92 size: 531x298mm (20.9x11.7")
diag: 609mm (24")
OpenGL: renderer: NV137 v: 4.3 Mesa 20.3.5 direct render: Yes
Audio: Device-1: Intel 100 Series/C230 Series Family HD Audio vendor: Gigabyte
driver: snd_hda_intel v: kernel bus-ID: 00:1f.3 chip-ID: 8086:a170 class-ID: 0403
Device-2: NVIDIA GP107GL High Definition Audio vendor: Micro-Star MSI
driver: snd_hda_intel v: kernel bus-ID: 01:00.1 chip-ID: 10de:0fb9 class-ID: 0403
Sound Server-1: ALSA v: k5.10.0-23-amd64 running: yes
Sound Server-2: PulseAudio v: 14.2 running: yes
Network: Device-1: Intel Ethernet I219-V vendor: Gigabyte driver: e1000e v: kernel port: f000
bus-ID: 00:1f.6 chip-ID: 8086:15b8 class-ID: 0200
IF: eth0 state: down mac: <filter>
IF-ID-1: wwan0 state: unknown mac: <filter>
Drives: Local Storage: total: 1.78 TiB used: 533.9 GiB (29.2%)
SMART Message: Unable to run smartctl. Root privileges required.
ID-1: /dev/sda maj-min: 8:0 vendor: Toshiba model: TR150 size: 894.25 GiB block-size:
physical: 512 B logical: 512 B speed: 6.0 Gb/s type: SSD serial: <filter> rev: 12.3
scheme: GPT
ID-2: /dev/sdb maj-min: 8:16 vendor: Seagate model: ST1000DM010-2EP102 size: 931.51 GiB
block-size: physical: 4096 B logical: 512 B speed: 6.0 Gb/s type: HDD rpm: 7200
serial: <filter> rev: CC43
Partition: ID-1: / raw-size: 488.28 GiB size: 479.55 GiB (98.21%) used: 8.21 GiB (1.7%) fs: ext4
dev: /dev/sda2 maj-min: 8:2
ID-2: /boot/efi raw-size: 256 MiB size: 252 MiB (98.46%) used: 25.3 MiB (10.0%)
fs: vfat dev: /dev/sda1 maj-min: 8:1
Swap: Kernel: swappiness: 15 (default 60) cache-pressure: 100 (default)
ID-1: swap-1 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -2 dev: /dev/sda5
maj-min: 8:5
Sensors: System Temperatures: cpu: 56.0 C mobo: 27.8 C gpu: nouveau temp: 49.0 C
Fan Speeds (RPM): N/A gpu: nouveau fan: 0
Repos: Packages: note: see --pkg apt: 2187 lib: 1192 flatpak: 0
No active apt repos in: /etc/apt/sources.list
Active apt repos in: /etc/apt/sources.list.d/debian-stable-updates.list
1: deb http://deb.debian.org/debian bullseye-updates main contrib non-free
Active apt repos in: /etc/apt/sources.list.d/debian.list
1: deb http://deb.debian.org/debian bullseye main contrib non-free
2: deb http://security.debian.org/debian-security bullseye-security main contrib non-free
Active apt repos in: /etc/apt/sources.list.d/mx.list
1: deb http://ftp.linux.org.tr/mx/repo/mx/repo/ bullseye main non-free
Info: Processes: 238 Uptime: 2m wakeups: 1 Memory: 31.31 GiB used: 1.4 GiB (4.5%)
Init: SysVinit v: 2.96 runlevel: 5 default: 5 tool: systemctl Compilers: gcc: N/A
alt: 10 Client: shell wrapper v: 5.1.4-release inxi: 3.3.06
Boot Mode: UEFI
Re: MALDET / inotify-tools
Maybe try using Package Installer to upgrade the kernel
Production: 5.10, MX-23 Xfce, AMD FX-4130 Quad-Core, GeForce GT 630/PCIe/SSE2, 16 GB, SSD 120 GB, Data 1TB
Personal: Lenovo X1 Carbon with MX-23 Fluxbox
Other: Raspberry Pi 5 with MX-23 Xfce Raspberry Pi Respin
Personal: Lenovo X1 Carbon with MX-23 Fluxbox
Other: Raspberry Pi 5 with MX-23 Xfce Raspberry Pi Respin
Re: MALDET / inotify-tools
I just tried this in a VM, ( not totally clean, but almost totally clean.) and when I ran that install using sudo .. it worked and seems to run just fine ?
EDIT: fsearch is the only other package I have installed on this vm.
Code: Select all
System: Kernel: 5.10.0-20-amd64 [5.10.158-2] x86_64 bits: 64 compiler: gcc v: 10.2.1
parameters: BOOT_IMAGE=/vmlinuz-5.10.0-20-amd64
root=UUID=<filter> ro quiet splash
Desktop: Xfce 4.18.0 tk: Gtk 3.24.24 info: xfce4-panel wm: xfwm 4.18.0 vt: 7
dm: LightDM 1.26.0 Distro: MX-21.3_x64 Wildflower January 15 2023
base: Debian GNU/Linux 11 (bullseye)
Machine: Type: Virtualbox System: innotek product: VirtualBox v: 1.2 serial: <filter>
Chassis: Oracle Corporation type: 1 serial: <filter>
Mobo: Oracle model: VirtualBox v: 1.2 serial: <filter> BIOS: innotek v: VirtualBox
date: 12/01/2006
CPU: Info: Single Core model: Intel Core i7-9700K bits: 64 type: MCP arch: Kaby Lake
note: check family: 6 model-id: 9E (158) stepping: D (13) microcode: N/A cache:
L2: 12 MiB
flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 bogomips: 7200
Speed: 3600 MHz min/max: N/A Core speed (MHz): 1: 3600
Vulnerabilities: Type: itlb_multihit status: KVM: VMX unsupported
Type: l1tf mitigation: PTE Inversion
Type: mds mitigation: Clear CPU buffers; SMT Host state unknown
Type: meltdown mitigation: PTI
Type: mmio_stale_data mitigation: Clear CPU buffers; SMT Host state unknown
Type: retbleed status: Vulnerable
Type: spec_store_bypass status: Vulnerable
Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization
Type: spectre_v2
mitigation: Retpolines, STIBP: disabled, RSB filling, PBRSB-eIBRS: Not affected
Type: srbds status: Unknown: Dependent on hypervisor status
Type: tsx_async_abort status: Not affected
Graphics: Device-1: InnoTek Systemberatung VirtualBox Graphics Adapter driver: vboxvideo
v: kernel bus-ID: 00:02.0 chip-ID: 80ee:beef class-ID: 0300
Display: x11 server: X.Org 1.20.11 compositor: xfwm4 v: 4.18.0 driver:
loaded: modesetting unloaded: fbdev,vesa alternate: vboxvideo display-ID: :0.0
screens: 1
Screen-1: 0 s-res: 1248x888 s-dpi: 96 s-size: 330x234mm (13.0x9.2")
s-diag: 405mm (15.9")
Monitor-1: VGA-1 res: 1248x888 hz: 60
OpenGL: renderer: llvmpipe (LLVM 11.0.1 256 bits) v: 4.5 Mesa 20.3.5 compat-v: 3.1
direct render: Yes
Audio: Device-1: Intel 82801AA AC97 Audio vendor: Dell driver: snd_intel8x0 v: kernel
bus-ID: 00:05.0 chip-ID: 8086:2415 class-ID: 0401
Sound Server-1: ALSA v: k5.10.0-20-amd64 running: yes
Sound Server-2: PulseAudio v: 14.2 running: yes
Network: Device-1: Intel 82540EM Gigabit Ethernet driver: e1000 v: kernel port: d010
bus-ID: 00:03.0 chip-ID: 8086:100e class-ID: 0200
IF: eth0 state: up speed: 1000 Mbps duplex: full mac: <filter>
Device-2: Intel 82371AB/EB/MB PIIX4 ACPI type: network bridge driver: piix4_smbus
v: N/A modules: i2c_piix4 port: d200 bus-ID: 00:07.0 chip-ID: 8086:7113 class-ID: 0680
Drives: Local Storage: total: 16 GiB used: 6.04 GiB (37.7%)
SMART Message: Unable to run smartctl. Root privileges required.
ID-1: /dev/sda maj-min: 8:0 vendor: VirtualBox model: VBOX HARDDISK size: 16 GiB
block-size: physical: 512 B logical: 512 B speed: 3.0 Gb/s type: N/A serial: <filter>
rev: 1.0 scheme: MBR
Partition: ID-1: / raw-size: 14.23 GiB size: 13.9 GiB (97.71%) used: 5.93 GiB (42.7%) fs: ext4
dev: /dev/dm-0 maj-min: 253:0 mapped: root.fsm
ID-2: /boot raw-size: 1024 MiB size: 973.4 MiB (95.06%) used: 103.5 MiB (10.6%)
fs: ext4 dev: /dev/sda1 maj-min: 8:1
Swap: Kernel: swappiness: 15 (default 60) cache-pressure: 100 (default)
ID-1: swap-1 type: partition size: 752 MiB used: 0 KiB (0.0%) priority: -2
dev: /dev/dm-1 maj-min: 253:1 mapped: swap
Sensors: Message: No sensor data found. Is lm-sensors configured?
Repos: Packages: note: see --pkg apt: 1968 lib: 989 flatpak: 0
No active apt repos in: /etc/apt/sources.list
Active apt repos in: /etc/apt/sources.list.d/debian-stable-updates.list
1: deb http://deb.debian.org/debian bullseye-updates main contrib non-free
Active apt repos in: /etc/apt/sources.list.d/debian.list
1: deb http://deb.debian.org/debian bullseye main contrib non-free
2: deb http://security.debian.org/debian-security bullseye-security main contrib non-free
Active apt repos in: /etc/apt/sources.list.d/mx.list
1: deb http://mxrepo.com/mx/repo/ bullseye main non-free
Info: Processes: 188 Uptime: 15m wakeups: 449 Memory: 3.84 GiB used: 835.1 MiB (21.2%)
Init: SysVinit v: 2.96 runlevel: 5 default: 5 tool: systemctl Compilers: gcc: N/A
alt: 10 Client: shell wrapper v: 5.1.4-release inxi: 3.3.06
Boot Mode: BIOS (legacy, CSM, MBR)*QSI = Quick System Info from menu (Copy for Forum)
*MXPI = MX Package Installer
*Please check the solved checkbox on the post that solved it.
*Linux -This is the way!
*MXPI = MX Package Installer
*Please check the solved checkbox on the post that solved it.
*Linux -This is the way!
Re: MALDET / inotify-tools
Hey again!
I just tried starting it up, and it was already running (no idea how): "maldet(8048): {mon} existing inotify process detected (try -k): 7860" (maldet -k is used to terminate active monitoring)
This is the error it returns when the active monitoring is already running - so I guess it somehow solved itself (no idea how, maybe it was an update to the system when I ran "sudo apt update/upgrade"?)
Anyway, thanks again, guys!
I just tried starting it up, and it was already running (no idea how): "maldet(8048): {mon} existing inotify process detected (try -k): 7860" (maldet -k is used to terminate active monitoring)
This is the error it returns when the active monitoring is already running - so I guess it somehow solved itself (no idea how, maybe it was an update to the system when I ran "sudo apt update/upgrade"?)
Anyway, thanks again, guys!
Re: MALDET / inotify-tools
Excellent! possibly so, or a possible cache issue that resolved.
Please mark as solved.
Please mark as solved.
*QSI = Quick System Info from menu (Copy for Forum)
*MXPI = MX Package Installer
*Please check the solved checkbox on the post that solved it.
*Linux -This is the way!
*MXPI = MX Package Installer
*Please check the solved checkbox on the post that solved it.
*Linux -This is the way!