BEST for Linux compatibility issues with third-party products hooking `libc.so`

On Linux systems, BEST relies on runtime hooks in libc.so for security monitoring. Some third-party applications, such as VirtualBox or mirrord, also hook into libc.so. When both are used on the same system, these overlapping mechanisms can cause compatibility issues, including incorrect hostname resolution or unexpected application behavior.

To mitigate these issues, it is recommended to disable uprobes in BEST for Linux after the product is installed. Follow the steps below to apply this configuration:

Navigate to the BEST configuration directory:
```
cd /opt/bitdefender-security-tools/etc
```
Disable uprobes for the kprobes module in the bdsecd.json file and write the updated configuration to a new file:
```
../bin/jq \
'.modules |= map( if .name == "kprobes" then . + {uprobesEnabled: false} else . end )' \
bdsecd.json > tmp.json
```
Note
The jq binary required for this operation is installed by default and included in all BEST kits.
Replace the original bdsecd.json with the updated version.
```
mv tmp.json bdsecd.json
```
Restart BEST services:
```
bd restart
```

Proper operation when using products such as VirtualBox or mirrord is now restored.

Important

Disabling uprobes has a minimal impact on BEST for Linux detection capabilities.

In this section:

BEST for Linux compatibility issues with third-party products hooking libc.so

Note

Important

Search results

BEST for Linux compatibility issues with third-party products hooking `libc.so`