Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 17 replies
  • Subscribers 1 subscriber
  • Views 70511 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Linux client not able to update - Please help

aphanman

Hello,

We have a single linux machine that we are running into issues with. We do the install by mounting a cifs share on the linux machine and running a script. The install seems to be successful and we can see the machine check-in initially. I assume it received its initial policies as it is configured to run its scheduled scans. The linux client seems to communicate on a regular basis with the management console based on time stamps. In the Enterprise console, "Up to Date" column shows not since [date of initial installation]. The computer details gives me the error code 0000006b "Download of savupdate failed from server sdds: SOPHOS and also code 0000006a "Installation caught error savupdate".

On the client machine, i ran /opt/sophos-av/bin/savupdate -v5 --debug and received the output below:

Update to include '*' priority 10
Update to exclude 'sav-*' priority 20
Update to exclude 'sdf.xml' priority 20
Update to include 'sav-linux/licence*' priority 30
Update to include 'sav-linux/manifest.dat' priority 30
Update to include 'sav-linux/manifest.spec' priority 30
Update to include 'sav-linux/cidsync.upd' priority 30
Update to include 'sav-linux/common/*' priority 30
Update to include 'sav-linux/x86/*' priority 30
Update to include 'uncdownload/*' priority 20
Update to exclude 'talpa/*' priority 20
Update to include 'talpa/talpa-srcpack.tar.gz' priority 30
Update to include 'talpa/manifest.dat' priority 30
Update to include 'talpa/cidsync.upd' priority 30
Update to include 'talpa/copying' priority 30
Update to include 'talpa/talpa-redhat/combined.tgz' priority 30
Update to include 'talpa/talpa-redhat/talpa-binpack-redhat-x86_64-2.6.32-431.17.1.el6.x86_64-1smpfriapr11172700edt2014.tar.gz' priority 30
Update to include 'talpa/talpa-redhat/talpa-binpack-redhat-x86_64-2.6.32-431.17.1.el6.x86_64.tar.gz' priority 30
Update to exclude 'sav-linux/x86/32/*' priority 40
Update to exclude 'uncdownload/32/*' priority 40
Updating from \\[server_name]\SophosUpdate\CIDs\S000\savlinux
Reading \\[server_name]\SophosUpdate\CIDs\S000\savlinux/savlinux/cidsync.upd
Reading \\[server_name]\SophosUpdate\CIDs\S000\savlinux/cidsync.upd
Reading \\[server_name]\SophosUpdate\CIDs\S000\savlinux/master.upd
Can't locate index of \\[server_name]\SophosUpdate\CIDs\S000\savlinux
Failed to replicate from \\[server_name]\SophosUpdate\CIDs\S000\savlinux
Exception recorded in /opt/sophos-av/tmp/savupdateException.log
DownloadConfigurationException for Invalid update source
SOPHOS source is either SOPHOS, or the warehouse update source address.
read_remote_metadata failed: result=4
error_details: Out of sources
log_entry: [E26245] Cannot locate server for http://dci.sophosupd.com/update/e/0a/e0abe8f45bbec20b556a063ff81ef388.dat
log_entry: [I20317] No proxy was used.
log_entry: [E26245] Cannot locate server for http://dci.sophosupd.net/update/e/0a/e0abe8f45bbec20b556a063ff81ef388.dat
log_entry: [I20317] No proxy was used.
log_entry: [E75373] Ran out of sophos aliases for this update source
log_entry: [E35369] Out of update sources
Failed to replicate from sdds:SOPHOS
Exception recorded in /opt/sophos-av/tmp/savupdateException.log
SDDSException for read_remote_metadata failed
Failed to replicate from all update sources

Any ideas on the issue? I have confirmed that the share is accessible by that machine. The share is the same share we use to perform the initial install.

:51334


This thread was automatically locked due to age.
  • 0

    So your Primary update is failing as it isn't able to access the server, in particular I'd expect the path:

    \\[server_name]\SophosUpdate\CIDs\S000\savlinux/cidsync.upd

    to work, so maybe you could try that with smbclient, and if that works with uncdownload (part of SAV) directly. (You'll need to switch \ for / for smbclient)

    Your secondary updating fails as it can't access the Sophos update site. This might be due to not having proxy configured correctly?

    :51350
  • 0

    Hello aphanman,

    looks like Sophos is configured as Secondary update location but fails as well.

    Are there any details in savupdateException.log why reading from the CID apparently fails?

    Christian

    :51352
  • 0

    Thanks Douglas. Would you be able to point me to a KB article on this or provide some detailed steps? I actually do not have access to this system and working with the admin to troubleshoot the issue. I will need to provide him with the steps I want him to take.

    It is interesting that we are only having this issue on one server. All of our linux systems are running the same version of Red Hat and we don't seem to be having issues anywhere else.

    :51368
  • 0

    I'm not too concerned with it not being able to go out to the Internet, however I will have to address that eventually. I am more concerned with the client not being able to receive policy updates from our management console.

    I actually do not have direct access to the system, but have requested the log to be sent to me for analysis.

    :51370
  • 0

    If other managed machines are working, I'd suggest DNS or firewall as the problem.

    # /opt/sophos-av/uncdownload/uncdownload.sh -o /tmp/cidsync.upd  -u <username> -p - //[server_name]/SophosUpdate/CIDs/S000/savlinux/cidsync.upd

    # smbclient -U <username> //[server_name]/SophosUpdate/CIDs/S000/savlinux -c get cidsync.upd

    :51372
  • 0

    I will have admin try this. Will this run verbosely? If these tests work, how do we implement a permanent fix.

    The reason why I do not believe that it is DNS or firewall is because we are able to mount the path "\\[server_name]\SophosUpdate\CIDs\S000\savlinux" without any issues. This is the same path we use during initial install. I can confirm the firewall ports, but could you provide me with the ports required to be opened between a linux client and the management console?

    :51374
  • 0

    here is the output of the savupdateException.log file.

    cat savupdateException.log

    STR:DownloadConfigurationException for Invalid update source

    REPR:DownloadConfigurationException()

    Traceback (most recent call last):

      File "Updater.py", line 139, in tryUpdate

      File "Updater.py", line 110, in update

      File "CidUpdater.py", line 195, in update

    DownloadConfigurationException: DownloadConfigurationException for Invalid update source

    Any ideas?

    Thanks

    :51384
  • 0

    Looks like a DNS issue. I had the admin try using the FQDN of the server instead of the shortname and it worked. How can we change the configuration so that it used the long name instead of the shortname?

    The command used: /opt/sophos-av/uncdownload/uncdownload.sh -o /tmp/cidsync.upd  -u [username] -p [password] //[computer_name.fqdn]/SophosUpdate/CIDs/S000/savlinux/cidsync.upd

    Thanks,

    :51460
  • 0

    Either:

    a) Fix the client to do DNS resolution correctly.

    or 

    b) Put the FQDN into the update location in the update policy on SEC.

    :51468
  • 0

    Hello aphanman,

    How can we change the configuration so that it used the long name

    if you are talking about the Updating Policy (in the console) - it's not required to use the unqualified (canonical) (NetBIOS) name in the host part.(you will get a warning when saving the policy that the "... update location may not contain the selected ... subscription") as long as the clients can successfully and correctly resolve it. Thus it can also be an alias, FQDN or even an IP.

    Christian

    :51472