Thread Info
  • State Verified Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 13 replies
  • Subscribers 4 subscribers
  • Views 5740 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

sav-protect service breaks system updates on Ubuntu

UcP-88AePFWvnSi

The sav-protect on-demand scanning service is breaking system updates and software installs on Ubuntu. See:

Is it possible to configure the sav-protect service so that it doesn't interfere with system updates and software installs (apt/dpkg) in such a way that it breaks them (or are the only solutions a) to disable sav-protect permanently or b) to uninstall sophos-av completely)?

Thank you.



This thread was automatically locked due to age.
  • 0 in reply to UcP-88AePFWvnSi

    Hello UcP-88AePFWvnSi,

    I just followed the terminology of another user
    I see :).

    some specific configuration
    can't say what the underlying cause is but it's very likely not some mis-(ing )configuration. As mentioned is this thread the first question is Fanotify or Talpa? Furthermore, if using Talpa Operation Not Permitted normally indicates blocked access because the file is infected. It might be a False Positive - but then the SAV log should have a corresponding entry.

    Christian

  • 0 in reply to QC
    Thank you Christian. Apologies for the error in terminology. You're correct that it's referred to as On-Access not On-Demand. I just followed the terminology of another user (likely a non-native English speaker) who had reported the same problem and workaround. bugs.launchpad.net/.../4 I knew that it didn't sound quite right, but didn't take the time to check. I have been using Ubuntu Linux for more than 10 years, and have never had such an issue with broken updates before. On the contrary, I only installed Sophos AV on two machines about a month ago and have been having issues with software updates since, the last of which broke my system in such as way that it prevented any use of the package manager updating/installing software, as reported in bug #1855259 on Launchpad. Disabling the on-access scanning, which was reported by other people as having worked for them, also enabled me to repair my package management system and start getting updates again. I am in no doubt that the problem is related to Sophos AV, but it may just be that there is some specific configuration that needs to be made for it to work well with Ubuntu's package management system that I am not aware of, and which is not written into any of the Sophos documentation I have read. Any help with this would be greatly appreciated.
  • 0

    Hello UcP-88AePFWvnSi,

    I don't question that the updates fail and disabling sav-protect might be a temporary workaround. I'm always wary though of so-called solutions when the terms used in the description are not quite correct (and thus likely the underlying cause has not been identified). It's On-Access, not On-Demand. It used to work for quite some time and it's not sav-protect that has changed. 
    As there are two possible interception methods for On-Access scanning, Talpa or Fanotify, the first question is - which one is used? I cede further questions and comments to .

    Christian 

Unfiltered HTML