"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
This article provides information and commands related to the Sophos UTM Up2Date process.
The commands can be run from the command line and perform such tasks as manually updating, pre-checking an update will work, forcing a re-installation, etc.
Applies to the following Sophos product(s) and version(s) Sophos UTM
The Up2Date installer is used to install both system and pattern up2dates.
It will by default install all available Up2Date packages first (and records whether a reboot of the UTM is required). If a reboot is required it will schedule the reboot until the successful installation of the last available Up2Date package.
You can also only install up to a specific version using the -upto switch. Running in -simulation mode will not make any changes to the file system, so this mode can be used to see the Up2Date package contents and scripts which would be triggered.
The -showdesc option will unpack the installation instruction file from the Up2Date package, so you can access the Up2Date package properties (version, required version, reboot required, urgency) as well as the description (bug fixes, news, etc.).
Use the following command to upload an Up2Date package manually via SSH to the UTM and want to see it immediately as available Up2Date in the WebAdmin:
The following command will provide debug output from the downloading process, include authentication, md5sum. You find the tar.gz file in /var/up2date/sys
audld.plx -level d
The following command starts the UTM Up2Date installation process in simulation mode. This allow you to test whether the installation would work before actually installing for real.
The following shows an example output:
myUTM:/root # auisys.plx -simulation Starting Up2Date Package Installer Simulation mode enabled! Searching for available up2date packages for type 'sys'
Installing up2date package version 9.092008 myUTM:/root # Verifying up2date package signature Unpacking installation instructions Unpacking up2date package container Running pre-installation checks Starting up2date package installation Would do 0, 0 [ENV 300] rpm --test -U --nodeps /var/up2date//sys-install/u2d-sys-9.092008/rpms/libgmime-2_4-2-2.4.26-10.gb6ce3fc.i686.rpm Would do 0, 1 [ENV 300] rpm --test -U --nodeps /var/up2date//sys-install/u2d-sys-9.092008/rpms/libiconv-1.12-10.g1ff1a15.i686.rpm
... ... ...
Would do 7, 0 [ENV 300] sh -c exec /var/up2date//sys-install/u2d-sys-9.092008/./update9.092008post_start Would do 9, 0 [NOENV no] rm /var/up2date//sys/u2d-sys-9.091005-092008.tgz.gpg Would do 9, 1 [NOENV no] sync Would touch '/tmp/.u2d-sys-9.091-9.092-5.8.1.tgz' Would mark for reboot now
Installing up2date package version 9.100008 Verifying up2date package signature Unpacking installation instructions You are currently running Version 9.091005, but Version 9.092008 is required for this up2date package.
auisys.plx -rpmargs -force
rpm -e u2d-auav -nodeps rpm -e u2d-clam -nodeps
mount /opt/inst cd /opt/inst/rpm rpm -Uhv u2d-auav-7-103.i686.rpm -force rpm -Uhv u2d-clam-7-465.i686.rpm -force
The Up2Date downloader is used to download system up2dates as well as pattern up2dates. The default operation is to fetch all Up2Date types which are mentioned in the configuration; you can choose a subset of these by using the -types command line switch.
audld --level <d(ebug)|i(nfo)|w(arn)|c(rit)>
audld --configfile <path/to/file>
audld --nosys (exclude type "sys")
audld --dryrun (don't download packages)
audld --server <host:port> (preferred server)
audld --trigger (trigger pattern download/installation)
audld --proxy <(user:pass@)host:port> (preferred proxy)
audld --ha-override (override HA slave/cluster routine)
Those are gnu longopts, so abbreviations are possible.
--configfile <path> the config file
--transferdir <path> where to look for incoming files
--workbasedir <path> where to unpack the incoming file
--level [c|e|w|i|d|n] set debuglevel
--simulation no real work - only simulation
--[no]cleanupcleanup of workdir; default: on
--[no]reboot reboot enabled; default: on
--upto X.yyyzzz end version (default: 999.999999) (enforces sys-only run)
--oldestonly only the next version (enforces sys-only run)
--types <type> restrict the up2date package types
--nosys don't do system up2date installation
--rpmargs --arg1,--arg2 pass additional arguments to RPM
--rpmreinstall don't skip already installed RPM packages
--help help text and exit
--version module versions and exit
--showdesc generate and show up2date description
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.