Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 66 replies
  • Subscribers 6 subscribers
  • Views 265729 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Mac OS X 10.9 "Mavericks" and SAV for Mac

bobcook

Apple released Mac OS X 10.9 "Mavericks" today, free for everyone with Snow Leopard or newer.

We've been testing our product with this release for many months now and had made numerous changes in version 9.0.3 (the version published about a month ago). The significant changes required were to change how we were building, codesigning, and installing our kernel extensions. You will now find two copies of our kext: one in /System/Library/Extensions and another in /Library/Extensions. This follows Apple's recommendation to support people transitioning from 10.8 to 10.9.

The kexts in /System/Library/Extensions are present for compatiblity with versions of Mac OS X prior to 10.9. Starting in "Mavericks" the location is /Library/Extensions. We are codesigning the kexts in /Library/Extensions to conform to Apple's security requirements.

If you have issues, please report them in this thread.

:1013899


This thread was automatically locked due to age.
  • 0

    Hi there,

    It seems that Sophos 9.0.3 never stops updating on OSX Mavericks?  (E.g. The menubar icon keeps in downloading state)

    Tried reinstalling both editions (HE & SA) same problem on both versions

    The LOG:

    com.sophos.autoupdate: Sophos AutoUpdate
    com.sophos.autoupdate: Version 9.0.3
    com.sophos.autoupdate: Copyright © 1989-2013 Sophos Ltd. All rights reserved.
    com.sophos.autoupdate:
    com.sophos.intercheck: Sophos Anti-Virus
    com.sophos.intercheck: Version 4.93, 11 September 2013
    com.sophos.intercheck: Includes detection for 5684257 viruses, trojans and worms
    com.sophos.intercheck: Copyright (c) 1989-2012 Sophos Ltd, www.sophos.com
    com.sophos.intercheck:
    com.sophos.intercheck:
    com.sophos.intercheck:
    com.sophos.intercheck:
    com.sophos.intercheck:
    com.sophos.intercheck: Info: On-access scanner started at 18:14 on 24 October 2013
    com.sophos.intercheck:
    com.sophos.autoupdate: Updating catalogue information at 18:15:02 24 oktober 2013
    com.sophos.autoupdate: Catalogue updated at 18:15:04 24 oktober 2013
    com.sophos.autoupdate: Download started at 18:15:04 24 oktober 2013
    com.sophos.autoupdate: Download completed at 18:22:19 24 oktober 2013
    com.sophos.autoupdate: Update started at 18:22:19 24 oktober 2013
    com.sophos.intercheck: Info: ic_worker_start: kext already loaded at 18:22 on 24 October 2013
    com.sophos.intercheck:
    com.sophos.autoupdate: Update completed at 18:22:22 24 oktober 2013
    com.sophos.autoupdate: Info: Checked primary server at 18:22 on 24 October 2013
    com.sophos.autoupdate: Sophos Anti-Virus was updated
    com.sophos.autoupdate:
    com.sophos.intercheck: Sophos Anti-Virus
    com.sophos.intercheck: Version 4.93, 11 September 2013
    com.sophos.intercheck: Includes detection for 5689108 viruses, trojans and worms
    com.sophos.intercheck: Copyright (c) 1989-2012 Sophos Ltd, www.sophos.com
    com.sophos.intercheck:
    com.sophos.intercheck:
    com.sophos.intercheck: Using IDE files:
    com.sophos.intercheck: age-acwm.ide age-acwy.ide age-adat.ide age-adaw.ide age-adbi.ide age-adbj.ide age-adbl.ide age-adbv.ide age-adbw.ide

    REMOVED ALL LINES IN BETWEEN

    com.sophos.intercheck: zbot-gqy.ide zbot-grj.ide zbot-grp.ide zbot-grw.ide
    com.sophos.intercheck:
    com.sophos.intercheck:
    com.sophos.intercheck: Info: On-access scanner started at 18:22 on 24 October 2013
    com.sophos.intercheck:

    :1013929
  • 0

    Hi Iwan,

    It stops eventually. The Mac OS X 10.9 upgrade deletes the contents of /Library/Caches (a perfectly fair thing to do) but that is where we store our product update files. Specifically, we store files under /Library/Caches/com.sophos.sau. So you need to rebuild that cache and its more than 130mb. The AutoUpdate window should give you some indication how much has been downloaded so far.

    :1013931

    ---

    Bob Cook (bob.cook@sophos.com) Director, Software Development

  • 0

    Hi Bob,

    The cache is OK. I have a decent internet connection. At the moment the update icon is still showing that bouncing arrow. Nothing is downloaded or updated in the cache for about 2 hours now. So i don't think the cache rebuild is the issue here.

    Regards,

    Iwan

    :1013933
  • 0

    Hi Iwan,

    That is very odd. Ok, let's try killing things off and see what might be going on. First, try restarting the SophosUIServer. Open Activity Monitor, find it i the list and tell it to quit. It should automatically restart. If that isn't the cure, try restarting the SophosAutoUpdate process (you need to view All Processes in order to find it).

    I am very interested to know which (if either) of these issues resolve the issue.

    :1013935

    ---

    Bob Cook (bob.cook@sophos.com) Director, Software Development

  • 0

    Hi Bob,

    I was just rebuilding the cache for the second time. Deleted both sophos cache folders and restarted my mac. Then manually did an update for Sophos. I can see the cache was rebuilded correctly. When it completed the rebuild the Sophos Update Window stopped displaying the mb's downloaded. Just saying sophos was updating.

    In the menu:

    Up to date was greyed out

    Update Now was enabled and selectable

    Cancel update was greyed out

    The Sopos icon in the menu bar keeps saying (bouncing arrow) it was updating

    The AutoUpdate Window keeps showing the download animation and displayed the text that Sophos was updating

    ......

    Restarting the SophosUIServer worked for the moment. 

    I'll wait a couple of hours and by the next update i'll see if the problem comes up again.

    Many thanx for the super fast replies so far, 

    Regards,

    Iwan

    :1013937
  • 0

    UPDATE

    I just did a complete restart. Clicked update now in the menu bar.

    Begins downloading...stops at appx. 46 MB....Then same issue

    See attachments. The console log says  " com.sophos.autoupdate[119]: Checked primary server: Sophos Anti-Virus is up to date" at the same time

    scrolling trough the logs i found this line multiple times...... Could it have something to do with the problem?

    24-10-13 21:50:12,000 kernel[0]: Notice - new kext com.sophos.kext.sav, v9.0.53 matches prelinked kext but can't determine if executables are the same (no UUIDs).
    24-10-13 22:19:34,000 kernel[0]: Notice - new kext com.sophos.kext.sav, v9.0.53 matches prelinked kext but can't determine if executables are the same (no UUIDs).
    24-10-13 22:41:18,000 kernel[0]: Notice - new kext com.sophos.kext.sav, v9.0.53 matches prelinked kext but can't determine if executables are the same (no UUIDs).
    24-10-13 23:02:12,000 kernel[0]: Notice - new kext com.sophos.kext.sav, v9.0.53 matches prelinked kext but can't determine if executables are the same (no UUIDs).
    24-10-13 23:03:28,000 kernel[0]: Notice - new kext com.sophos.kext.sav, v9.0.53 matches prelinked kext but can't determine if executables are the same (no UUIDs).
    24-10-13 23:16:42,000 kernel[0]: Notice - new kext com.sophos.kext.sav, v9.0.53 matches prelinked kext but can't determine if executables are the same (no UUIDs).

    Iwan

    :1013939
  • 0

    Hi Iwan,

    This is very curious. Can you post a "sample" (Activity Monitor has a feature that lets you grab a stack trace of any program) of the SophosAutoUpdate process? Seems like its getting stuck somewhere.

    :1013943

    ---

    Bob Cook (bob.cook@sophos.com) Director, Software Development

  • 0

    Hi Bob,

    I managed to figure it out  and reproduced the problem.

    The problem rises when i make use of the primary AND de secondary Update credentials. When i make use of only the primary update location again (and restart the SophosUI server manually), the auto update will function normally again.

    It seems likely that when you uninstall Sophos for Mac SA version and then reinstall Sophos for Mac HE version, the settings from the previous version are still there only not visible. Allso i found 1Password to be working without the 127.0.0.1 exclusion. It was still being used by Sophos but not showing in the new HE version, so a leftover from the previously installed SA version.

    Hope this info helps you to fix that (i think) little bug.

    Regards,

    Iwan

    :1013959
  • 0

    Hi Iwan,

    Thanks for the explanation, that is definitely much of a relief to know its not related to 10.9.

    You are right about the preferences being left behind. This was true for all versions of the product including 9.0 although our current project (9.1) changes that behavior. At one time it was considered "beneficial" since you could uninstall and reinstall without losing your settings. But the reality is that if someone is uninstalling, they likely want a real clean machine (and not have our files left around behind).

    :1013987

    ---

    Bob Cook (bob.cook@sophos.com) Director, Software Development

  • 0

    Hi,

    can I upgrade OS X Mountain Lion to Mavericks without reinstalling Sophos Antivirus for Mac? Or do I have to uninstall Sophos, upgrade OS X and then install Sophos?

    Sorry for my English, hope you understand my question.

    :1013993
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?