This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Messages log filling with " sav-rms main process (24702) terminated with status 1"

Using Sophos Central I downloaded and installed the SophosInstall.sh package.

Initially it wouldn't run as there was no /opt directory on my Ubuntu server install.


After creating the /opt directory, the installation proceeded and it looks like Sophos is basically working, though the messages log is filling with:

Mar 7 16:16:01 jam kernel: init: sav-rms main process (24630) terminated with status 1
Mar 7 16:16:01 jam kernel: init: sav-rms main process ended, respawning
Mar 7 16:16:03 jam kernel: init: sav-rms main process (24648) terminated with status 1
Mar 7 16:16:03 jam kernel: init: sav-rms main process ended, respawning
Mar 7 16:16:04 jam kernel: init: sav-rms main process (24666) terminated with status 1
Mar 7 16:16:04 jam kernel: init: sav-rms main process ended, respawning

Any guesses on why sav-rms is unstable?

Distributor ID: Ubuntu
Description: Ubuntu 14.04.3 LTS
Release: 14.04
Codename: trusty

Thanks!



This thread was automatically locked due to age.
  • Hi Jonathan, 

    Could you verify if its a SAV for Linux or another product and mention the version info of the same.

    Regards,

    Aditya Patel
    Global Escalation Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

  • Aditya Patel said:

    Hi Jonathan, 

    Could you verify if its a SAV for Linux or another product and mention the version info of the same.

     

     
    Thanks for replying. Here is the version info you requested.
     
    Copyright 1989-2017 Sophos Limited. All rights reserved.
    Sophos Anti-Virus = 9.13.1
    Build Revision = 2668160
    Threat detection engine = 3.68.0
    Threat data = 5.37
    Threat count = 12928011
    Threat data release = Tue 07 Mar 2017 12:00:00 AM
    Last update = Wed 08 Mar 2017 06:41:04 AM CST

    If I turn sav-rms on via /etc/init.d/sav-rms start, the messages and syslog start filling with the termination messages.
  • Another clue...

    sav-rms.log outputs:

    tail: sav-rms.log: file truncated
    Wed Mar 8 10:05:24 CST 2017
    Wed Mar 8 10:05:24 CST 2017
    Traceback (most recent call last):
    File "savdctl.py", line 1311, in <module>
    File "savdctl.py", line 1308, in command
    File "savdctl.py", line 1295, in command
    File "savdctl.py", line 84, in p
    IOError: zipimport: can not open file /opt/sophos-av/engine/util.zip

    The zipfiles in the engine directory have the following rights.


    root@jam:/var/log# ls -lart /opt/sophos-av/engine/*.zip
    -rw-r--r-- 1 root sophosav 41127 Mar 7 15:40 /opt/sophos-av/engine/util.zip
    -rw-r--r-- 1 root sophosav 16618 Mar 7 15:40 /opt/sophos-av/engine/sophosmgmtd_rms.zip
    -rw-r--r-- 1 root sophosav 69613 Mar 7 15:40 /opt/sophos-av/engine/sophosmgmtd_mcs.zip
    -rw-r--r-- 1 root sophosav 1501538 Mar 7 15:40 /opt/sophos-av/engine/python27.zip
    -rw-r--r-- 1 root sophosav 26617 Mar 7 15:40 /opt/sophos-av/engine/diagnose.zip

  • Hello Jonathan Wolfert,

    on my Ubuntu 16.04 the group is root, not sophosav. except for the sophosmgmtd_mcs.zip (which is not used for an on-premise install - for Central sophosmgmtd_rms.zip is not needed). Looks like the install didn't work as it should.

    Christian

  • Thanks for the help everyone, I realized the installation was faulty and have done a clean install.
    There are still issues which I have addressed in a different question.