All of my Linux servers running Sophos AV for Linux version 9 suddenly stopped updating over memorial day weekend.
I have about 30 Linux VMs running in three different cloud environments; all were working fine until this issue.
I have uninstalled and reinstalled and they still will not update automatically. They fail and produce the alert: Download of savupdate failed from server sdds:SOPHOS.
I ran /opt/sophos-av/bin/savupdate -v5 --debug and got the following output:
--------------------------------------------------------------------------------------------------------------------------------
2019-05-31 21:53:26,575 DEBUG savupdate.util.Logger: Logging to /opt/sophos-av/log/savupdate-debug.log
2019-05-31 21:53:27,402 INFO savupdate.util.Logger: Update to include '*' priority 10
Update to include '*' priority 10
2019-05-31 21:53:27,412 INFO savupdate.util.Logger: Update to exclude 'sav-*' priority 20
Update to exclude 'sav-*' priority 20
2019-05-31 21:53:27,421 INFO savupdate.util.Logger: Update to exclude 'sdf.xml' priority 20
Update to exclude 'sdf.xml' priority 20
2019-05-31 21:53:27,428 INFO savupdate.util.Logger: Update to include 'sav-linux/licence*' priority 30
Update to include 'sav-linux/licence*' priority 30
2019-05-31 21:53:27,428 INFO savupdate.util.Logger: Update to include 'sav-linux/manifest.dat' priority 30
Update to include 'sav-linux/manifest.dat' priority 30
2019-05-31 21:53:27,455 INFO savupdate.util.Logger: Update to include 'sav-linux/manifest.spec' priority 30
Update to include 'sav-linux/manifest.spec' priority 30
2019-05-31 21:53:27,470 INFO savupdate.util.Logger: Update to include 'sav-linux/cidsync.upd' priority 30
Update to include 'sav-linux/cidsync.upd' priority 30
2019-05-31 21:53:27,476 INFO savupdate.util.Logger: Update to include 'sav-linux/common/*' priority 30
Update to include 'sav-linux/common/*' priority 30
2019-05-31 21:53:27,476 INFO savupdate.util.Logger: Update to include 'sav-linux/x86/*' priority 30
Update to include 'sav-linux/x86/*' priority 30
2019-05-31 21:53:27,476 INFO savupdate.util.Logger: Update to include 'uncdownload/*' priority 20
Update to include 'uncdownload/*' priority 20
2019-05-31 21:53:27,515 INFO savupdate.util.Logger: Update to exclude 'talpa/*' priority 20
Update to exclude 'talpa/*' priority 20
2019-05-31 21:53:27,518 INFO savupdate.util.Logger: Update to include 'talpa/talpa-srcpack.tar.gz' priority 30
Update to include 'talpa/talpa-srcpack.tar.gz' priority 30
2019-05-31 21:53:27,518 INFO savupdate.util.Logger: Update to include 'talpa/manifest.dat' priority 30
Update to include 'talpa/manifest.dat' priority 30
2019-05-31 21:53:27,518 INFO savupdate.util.Logger: Update to include 'talpa/cidsync.upd' priority 30
Update to include 'talpa/cidsync.upd' priority 30
2019-05-31 21:53:27,551 INFO savupdate.util.Logger: Update to include 'talpa/copying' priority 30
Update to include 'talpa/copying' priority 30
2019-05-31 21:53:27,560 INFO savupdate.util.Logger: Update to include 'talpa/talpa-redhat/combined.tgz' priority 30
Update to include 'talpa/talpa-redhat/combined.tgz' priority 30
2019-05-31 21:53:27,573 INFO savupdate.util.Logger: Update to include 'talpa/talpa-redhat/talpa-binpack-redhat-x86_64-3.10.0-957.12.2.el7.x86_64-1smpfriapr19210907utc2019.tar.gz' priority 30
Update to include 'talpa/talpa-redhat/talpa-binpack-redhat-x86_64-3.10.0-957.12.2.el7.x86_64-1smpfriapr19210907utc2019.tar.gz' priority 30
2019-05-31 21:53:27,594 INFO savupdate.util.Logger: Update to include 'talpa/talpa-redhat/talpa-binpack-redhat-x86_64-3.10.0-957.12.2.el7.x86_64.tar.gz' priority 30
Update to include 'talpa/talpa-redhat/talpa-binpack-redhat-x86_64-3.10.0-957.12.2.el7.x86_64.tar.gz' priority 30
2019-05-31 21:53:27,613 INFO savupdate.util.Logger: Update to exclude 'sav-linux/x86/32/*' priority 40
Update to exclude 'sav-linux/x86/32/*' priority 40
2019-05-31 21:53:27,624 INFO savupdate.util.Logger: Update to exclude 'uncdownload/32/*' priority 40
Update to exclude 'uncdownload/32/*' priority 40
2019-05-31 21:53:27,636 DEBUG savupdate.Updater: Scheduled Update: Day=0, Time=21:00:00, supplementOnly=False
2019-05-31 21:53:27,642 DEBUG savupdate.sdds.SddsUpdater: Syncing both products and supplements because source changed: None vs. SOPHOS
2019-05-31 21:53:27,653 WARNING savupdate.util.Logger: SDDS_UPDATE_SOURCE_IS SOPHOS
SOPHOS source is either SOPHOS, or the warehouse update source address.
2019-05-31 21:53:27,666 INFO savupdate.sdds.SddsUpdater: Setting default Sophos Aliases
2019-05-31 21:53:27,678 DEBUG savupdate.util.Logger: This system is SAV10 capable
This system is SAV10 capable
2019-05-31 21:53:27,697 DEBUG savupdate.sdds.SddsUpdater: No update caches configured
2019-05-31 21:53:27,732 DEBUG savupdate.sdds.SddsUpdater: Updating using HTTPS
2019-05-31 21:53:27,868 DEBUG savupdate.util.Logger: settingsBaseVersion=10
settingsBaseVersion=10
2019-05-31 21:53:27,891 DEBUG savupdate.sdds.SddsUpdater: Adding update source: direct [HTTPS]
2019-05-31 21:53:28,756 INFO savupdate.sdds.SddsUpdater: Trying alternative proxies
2019-05-31 21:53:28,844 DEBUG savupdate.util.Logger: settingsBaseVersion=10
settingsBaseVersion=10
2019-05-31 21:53:28,853 DEBUG savupdate.util.Logger: read_remote_metadata failed: result=5
read_remote_metadata failed: result=5
2019-05-31 21:53:28,862 DEBUG savupdate.util.Logger: error_details: Failed to authenticate
error_details: Failed to authenticate
2019-05-31 21:53:28,871 DEBUG savupdate.util.Logger: log_entry: [E19127] Couldn't find DCI for user. URL was: dci.sophosupd.com/.../
log_entry: [E19127] Couldn't find DCI for user. URL was: dci.sophosupd.com/.../
2019-05-31 21:53:28,882 DEBUG savupdate.util.Logger: log_entry: [I31036] No proxy was used.
log_entry: [I31036] No proxy was used.
2019-05-31 21:53:28,882 DEBUG savupdate.util.Logger: log_entry: [E19127] Couldn't find DCI for user. URL was: dci.sophosupd.net/.../
log_entry: [E19127] Couldn't find DCI for user. URL was: dci.sophosupd.net/.../
2019-05-31 21:53:28,882 DEBUG savupdate.util.Logger: log_entry: [I31036] No proxy was used.
log_entry: [I31036] No proxy was used.
2019-05-31 21:53:28,882 DEBUG savupdate.util.Logger: log_entry: [E75373] Ran out of sophos aliases for this update source
log_entry: [E75373] Ran out of sophos aliases for this update source
2019-05-31 21:53:28,926 DEBUG savupdate.util.Logger: log_entry: [E19127] Couldn't find DCI for user. URL was: dci.sophosupd.com/.../
log_entry: [E19127] Couldn't find DCI for user. URL was: dci.sophosupd.com/.../
2019-05-31 21:53:28,942 DEBUG savupdate.util.Logger: log_entry: [I31036] No proxy was used.
log_entry: [I31036] No proxy was used.
2019-05-31 21:53:28,949 DEBUG savupdate.util.Logger: log_entry: [E19127] Couldn't find DCI for user. URL was: dci.sophosupd.net/.../
log_entry: [E19127] Couldn't find DCI for user. URL was: dci.sophosupd.net/.../
2019-05-31 21:53:28,962 DEBUG savupdate.util.Logger: log_entry: [I31036] No proxy was used.
log_entry: [I31036] No proxy was used.
2019-05-31 21:53:28,972 DEBUG savupdate.util.Logger: log_entry: [E75373] Ran out of sophos aliases for this update source
log_entry: [E75373] Ran out of sophos aliases for this update source
2019-05-31 21:53:28,985 DEBUG savupdate.util.Logger: log_entry: [E54187] Couldn't find DCI for user. URL was: dci.sophosupd.net/.../
log_entry: [E54187] Couldn't find DCI for user. URL was: dci.sophosupd.net/.../
2019-05-31 21:53:29,000 ERROR savupdate.Updater: BadAuthenticationError
Traceback (most recent call last):
File "Updater.py", line 179, in tryUpdate
File "Updater.py", line 147, in update
File "SddsUpdater.py", line 784, in update
File "SddsUpdater.py", line 934, in __update
File "SDDSResult.py", line 92, in throwOnError
BadHostCredentialsException: BadHostCredentialsException for sdds:SOPHOS
2019-05-31 21:53:29,013 DEBUG savupdate.util.Logger: BAD-PRIMARY-AUTHENTICATION sdds:SOPHOS
Failed to download 'sdds:SOPHOS': invalid authentication. Please check PrimaryUpdateUsername and PrimaryUpdatePassword.
2019-05-31 21:53:29,025 DEBUG savupdate.util.Logger: ALL_UPDATE_SOURCES_FAILED
Failed to replicate from all update sources
2019-05-31 21:53:29,037 DEBUG savupdate.Updater: Successfully reported update to savd
--------------------------------------------------------------------------------------------------------------------------------
I also found this on a Sophos web site which says:
"The version of Sophos Anti-Virus for Linux you can use depends on your management console.
Sophos Central managed computers
For 64-bit Linux computers you use Sophos Anti-Virus for Linux version 10."
I can't find a version 10 download.
Any guidance would be appreciated!
Thanks
This thread was automatically locked due to age.