I am new to Sophos, but I have successfully in stalled Sophos on other systems with no issues. On this one system when I run the SophosInstall.sh script I get the following error:
# ./SophosInstall.sh Installing Sophos Anti-Virus for Linux with arguments: Downloading medium installerinstaller/bin64/installer: error while loading shared libraries: libSUL.so.0: cannot open shared object file: No such file or directoryFailed to download the medium installer! (Error code = 127)
I am running this from root, the /tmp dir does not have noexec. Not sure what else to check. Thanks for the assist.
Let me know if you've already tried the steps in the following article. I see you mention noexec, though sharing the results from the command "mount | grep tmp" would help clarify.
You may also want to try the steps in the following Recommended Read article. This will apply when you are trying to deploy SPL and not the Legacy installer.- Sophos Protection Linux - Update Support when upgrading on Unsupported Platforms
Kushal, thanks for the quick response. The article doesn't help me. This is a fresh install. Below is the results of the mount command.
# mount | grep tmpdevtmpfs on /dev type devtmpfs (rw,nosuid,seclabel,size=4049128k,nr_inodes=1012282,mode=755)tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,relatime,seclabel)tmpfs on /run type tmpfs (rw,nosuid,nodev,seclabel,mode=755)tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,seclabel,mode=755)/dev/mapper/VG_OS-tmp on /tmp type xfs (rw,relatime,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota)/dev/mapper/VG_OS-var_tmp on /var/tmp type xfs (rw,relatime,seclabel,attr2,inode64,logbufs=8,logbsize=32k,noquota)tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,seclabel,size=813752k,mode=700,uid=1000,gid=1000)
I was able to locate the following article, which mentions additional steps required for Oracle Linux 8.- Additional steps to install SAV on Red Hat Enterprise Linux 8 and related platforms
Let me know if this helps.
No, same error that didn't help.
# ./SophosInstall.sh --autostart=FalseInstalling Sophos Anti-Virus for Linux with arguments: [--autostart=False]Downloading medium installerinstaller/bin64/installer: error while loading shared libraries: libSUL.so.0: cannot open shared object file: No such file or directoryFailed to download the medium installer! (Error code = 127)
In some cases where CIS Level 1 hardening is enabled, this can cause issues with the installation. Could you try disabling this temporarily?
Another option would be to make changes to "fapolicyd" to reduce restrictions on the device.
If this still does not work, it may be best to open a support case so our team can look into this issue further. Please send me a PM with the case ID so I may add some notes to the case as well if you choose to go this route.
Hi Kushal,Thank you for the help, Before we get to the support, I have something for Brad. :)
Hi Brad SimpsonThe Linux installers failing to load such lib and other dependency files usually happen when the integrity of the file is questionable.With that being said, I remember doing this long back when I was facing the same issue.If the installer script is downloaded and transferred to the target machines, it is possible that it might have lost some data in the transmission.What can be done is, copy the download URL from Sophos central and use WGET to download the file directly to the target machine and try running the install script.Hopefully, this should show us some progress if not at least resolving. Do let us know how you get on with this.Thank You.
Ismail Jaweed Ahmed (Ismail) Senior Professional Service Engineer
It is the CIS hardening that is causing the issue. Once I remove it all then I can install Sophos just fine. Not exactly sure what exact setting kill the install but I'll figure that out in time. Thanks for the assist.
I can confirm my RHEL9 installations with 800-171 security hardening also output the same "libSUL.so.0: cannot open shared object file: No such file or directory" message and Error code 127... The RHEL hardening stigs are hitting this sh script from two sides1. noexec /tmp 2. fapolicyd# mkdir -p /opt/sophos_tmp && chmod 777 /opt/sophos_tmp# export TMPDIR=/opt/sophos_tmp/ && ./SophosSetup.shThis software is governed by the terms and conditions of a licence agreement with Sophos LimitedInstallation process for Sophos Linux Protection startedinstaller/bin/installer: error while loading shared libraries: libSUL.so.0: cannot open shared object file: No such file or directoryFailed to download the base installer! (Error code = 127)# rm -rf /opt/sophos_tmp
FAPOLICY DENIED OUTPUT: ( # systemctl stop fapolicyd && fapolicyd --debug-deny)rule=12 dec=deny_audit perm=open auid=1191802640 pid=245840 exe=/opt/sophos_tmp/SophosCentralInstall_bKKYBnf/installer/bin/installer : path=/opt/sophos_tmp/SophosCentralInstall_bKKYBnf/installer/lib64/libSUL.so.0.0.0 ftype=application/x-sharedlib trust=0=====I'm not sure what you're going to do here to address this.Anyway, good luck!