HomeDocumentationAPI Reference
Log In
Documentation

Scanning Exit Codes

When scanning, various conditions can occur that cause the scan to exit unsuccessfully. This page lists known exit codes and the conditions that may have caused the failure.

Contact Sandfly Support should additional assistance be required.

Exit Codes

1

📘

NOTE: Exit Code 1 is a Catch-All

The cases listed below are not exhaustive, and other possibilities may exist. This list will be updated as new circumstances are encountered and confirmed.

  • Sandfly user on an NFS home directory - If the user who is designated to run Sandfly on the target hosts has their home directory NFS-mounted, this can cause scanning failures. In those cases, we recommend one of the following options:
    • Place the user's home directory on a local partition.
    • Use the Override Scan Directory option on affected hosts and set it to a local partition such as /tmp/.
  • requiretty - Older Red Hat-based distributions may include the Defaults requiretty directive in /etc/sudoers. Removing this directive (which Red Hat no longer supports) will resolve the scanning failure.

126

  • noexec attribute or kernel parameter - This typically occurs when the Sandfly agent binary attempts to execute from a directory with the noexec attribute set, or when other kernel parameters prevent it from running. If there is an acceptable directory on the host to run Sandfly from, you may set it when adding the host using the "Override Scan Directory" option when adding the host.

139

  • Partially transferred binary - The Sandfly agent binary was not completely transferred during the SSH connection, causing a segfault. While rare network or system conditions can cause this condition, malware has been confirmed to also cause this exit code. If this scan error occurs with every attempt to scan the affected host, it should be investigated immediately.


Did this page help you?