Using the noexec flag

If you have the /var and /tmp paths mounted with noexec flag and restricted write for /opt, the installation of ESET Server Security for Linux fails with the following error message:

Invalid value of environment variable MODMAPDIR. Modules cannot be loaded.

Workaround

The commands below are executed in a Terminal window.

1.Create a folder where exec is enabled with the following owner and permission set:

/usr/lib/efs drwxrwxr-x. root eset-efs-daemons

2.Execute the following commands:

# mkdir /usr/lib/efs
# chgrp eset-efs-daemons /usr/lib/efs
# chmod g+w /usr/lib/efs/

3.Replace /opt/eset/lib/modules with symlink:

# rmdir /opt/eset/lib/modules

# ln -s /opt/eset/lib/modules /usr/lib/efs

4.Compile the essential modules:

# /opt/eset/efs/bin/upd --compile-nups

5.Restart the efs service:

# systemctl restart efs

If a normal, unprivileged user runs efs utilities, you can get the same error when the user's home directory is mounted noexec.

Workaround

1. Either allow others to use /opt/eset/lib/modules

# chmod o+rwx /opt/eset/lib/modules

2a.Or create a folder where exec for specific user is enabled:

# mkdir /usr/lib/efs-user

# chown <user>:<user_group> /usr/lib/efs-user

# chmod 770 /usr/lib/efs-user

2b.Run utility with specified MODMAPDIR variable, for example:

# MODMAPDIR=/usr/lib/efs-user /opt/eset/efs/bin/lslog -s

˄˅