Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 38 replies
  • Subscribers 9 subscribers
  • Views 40999 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Linux don't accept the configuration " UpdatePeriodMinutes "

Henrique RJ

Hello


After recent update Sophos Free Linux don't accept more the configuration when I put in " UpdatePeriodMinutes " (#/opt/sophos-av/bin/savconfig UpdatePeriodMinutes 1440 ) 1440 minutes ( 24 hours ).

Now it update every 4 hours.


Any solution ?


Thanks



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Henrique RJ

    Hello Henrique RJ,

    don't accept means you can set it but it is ignored? could tell whether the behaviour has indeed been changed.
    BTW, just curious - what's your reason for choosing 24 hours?

    Christian

  • 0 in reply to QC

    QC said:

    Hello Henrique RJ,

    don't accept means you can set it but it is ignored? could tell whether the behaviour has indeed been changed.
    BTW, just curious - what's your reason for choosing 24 hours?

    Christian

     

     

    Look

    root@henrique-desktop:/home/henrique# /opt/sophos-av/bin/savconfig -v --all
    Email: root@localhost
    EmailDemandSummaryIfThreat: true
    EmailLanguage: English
    EmailNotifier: true
    EmailServer: localhost:25
    EnableOnStart: true
    ExclusionEncodings: UTF-8
    EUC-JP
    ISO-8859-1
    LogMaxSizeMB: 100
    NotifyOnUpdate: false
    PrimaryUpdateSourcePath: sophos:
    PrimaryUpdateUsername: FAVLeSED5Q5MM
    PrimaryUpdatePassword: ********
    UploadSamples: false
    SendErrorEmail: true
    SendThreatEmail: true
    UINotifier: true
    UIpopupNotification: true
    UIttyNotification: true
    UpdatePeriodMinutes: 1440
    NamedScans Not configured
    LiveProtection: enabled
    ScanArchives: mixed
    root@henrique-desktop:/home/henrique#

     

    I prefere 24h because I have 2GB memory and the frequent update cause system slowlli ( it cause problem with preload ).

     

    If I adjust for 60 minutes the Sophos accept but for 1440 minutes didn't accept.

     

    OK ?

  • 0 in reply to Henrique RJ

    Hi,

     

    As far as I know, we haven't changed anything related to update period recently.

    Please could you add the recent savlog output, to show the updates happening more frequently?

    Thanks,

    Douglas.

  • 0 in reply to DouglasLeeder

    DouglasLeeder said:

    Hi,

     

    As far as I know, we haven't changed anything related to update period recently.

    Please could you add the recent savlog output, to show the updates happening more frequently?

    Thanks,

    Douglas.

     

     

    Look syslog ( /var/log/syslog ):

    Jun 21 19:03:22 henrique-desktop savd: update.updated: Updating from versions - SAV: 9.14.2, Engine: 3.70.2, Data: 5.52
    Jun 21 19:03:22 henrique-desktop savd: update.updated: Updating Sophos Anti-Virus....#012Updating Command-line programs#012Updating Talpa Binary Packs#012Updating SAVScan on-demand scanner#012Updating sav-protect startup script#012Updating sav-rms startup script#012Updating Sophos Anti-Virus Daemon#012Updating Remote Management Daemon#012Updating Manifest#012Selecting appropriate kernel support...#012Update completed.
    Jun 21 19:03:22 henrique-desktop savd: update.updated: Updated to versions - SAV: 9.15.0, Engine: 3.72.1, Data: 5.52
    Jun 21 19:03:22 henrique-desktop savd: update.updated: Successfully updated Sophos Anti-Virus from sdds:SOPHOS

  • 0 in reply to Henrique RJ

    That's from syslog, not savlog, and only shows one update.

    After an upgrade like that I'd expect one update after 5-10 minutes, then it should wait the UpdatePeriod before doing another update check.

  • 0 in reply to DouglasLeeder

    DouglasLeeder said:

    That's from syslog, not savlog, and only shows one update.

    After an upgrade like that I'd expect one update after 5-10 minutes, then it should wait the UpdatePeriod before doing another update check.

     

     

    savlogd ( /opt/sophos-av/bin/log )

    nofile.io/.../savlogd

  • 0 in reply to Henrique RJ

    Sorry, I thought you would know how to view savlog:

     

    /opt/sophos-av/bin/savlog --category=update -100

  • 0 in reply to DouglasLeeder

    DouglasLeeder said:

    Sorry, I thought you would know how to view savlog:

     

    /opt/sophos-av/bin/savlog --category=update -100

     

     

    nofile.io/.../savlog

  • 0 in reply to Henrique RJ

    Looking at the other log I see that savd is being restarted very frequently, so this may be related to your issues.

    In SAV: UpdatePeriodMinutes is relative to the start of savd.

    In 9.14:

    • The first update (check) happened UpdatePeriodMinutes after savd starts.
    • savupdate restricts Sophos updates to no more than once per hour.

    In 9.15:

    • The first update (check) happens 5-10 minutes after savd starts.
    • Subsequent update (checks) happen UpdatePeriodMinutes after the previous update.
    • savupdate doesn't restrict Sophos updates.

     

    This was a deliberate change to support temporary machines and new installs, which weren't getting updates quickly enough.

     

    I suspect this might explain some of what you are seeing, since I was in the other log you gave me that savd is being restarted very frequently.

     

Unfiltered HTML