This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

talpa-deny google-chrome Ubuntu 14.04.2 LTS

Hi,

As of June 27th, 2015 Chrome no longer opens due to sav-protect talpa denying the process. How can we get this resolved? 

Logs:

/varlog/syslog:

Jun 29 19:03:06 hostname savd: savd.daemon: Sophos Anti-Virus daemon started.
Jun 29 19:03:07 hostname kernel: [105654.407155] talpa-pedevice: Attached
Jun 29 19:03:07 hostname kernel: [105654.410844] talpa-vfshook: rootfs is on the skip list, not patching
Jun 29 19:03:07 hostname kernel: [105654.410921] talpa-vfshook: Patching devtmpfs
Jun 29 19:03:07 hostname kernel: [105654.410985] talpa-vfshook: devpts is on the skip list, not patching
Jun 29 19:03:07 hostname kernel: [105654.411304] talpa-vfshook: sysfs is on the skip list, not patching
Jun 29 19:03:07 hostname kernel: [105654.411351] talpa-vfshook: cgroup is on the skip list, not patching
Jun 29 19:03:07 hostname kernel: [105654.411354] talpa-vfshook: fusectl is on the skip list, not patching
Jun 29 19:03:07 hostname kernel: [105654.411356] talpa-vfshook: debugfs is on the skip list, not patching
Jun 29 19:03:07 hostname kernel: [105654.411358] talpa-vfshook: securityfs is on the skip list, not patching
Jun 29 19:03:07 hostname kernel: [105654.411361] talpa-vfshook: Patching pstore
Jun 29 19:03:07 hostname kernel: [105654.411392] talpa-vfshook: proc is on the skip list, not patching
Jun 29 19:03:07 hostname kernel: [105654.411434] talpa-vfshook: Patching ecryptfs
Jun 29 19:03:07 hostname kernel: [105654.411600] talpa-vfshook: Patching ecryptfs
Jun 29 19:03:07 hostname kernel: [105654.417798] talpa-cache: Enabled
Jun 29 19:03:10 hostname savd: savd.daemon: On-access scanning enabled using talpa.
Jun 29 19:03:10 hostname kernel: [105657.637566] talpa-vfshook: Enabled
Jun 29 19:04:09 hostname kernel: [105716.445593] talpa-deny: Timeout occurred while opening /opt/google/chrome/chrome on behalf of process google-chrome-s[21262/21262] owned by xxxx(xxxx)/xxxx(xxxx) <0>


/opt/sophos-av/log/talpaselect.log:

[Talpa-select]
Copyright (c) 1989-2015 Sophos Limited. All rights reserved.
2015-06-29 19:03:06 PDT /opt/sophos-av/engine/_/talpa_select selectexisting
Verifying source pack contents...
Verifying binary pack contents...
[Talpa-select]
Copyright (c) 1989-2015 Sophos Limited. All rights reserved.
2015-06-29 19:03:06 PDT /opt/sophos-av/engine/_/talpa_select load --hook talpa_vfshook
Linux distribution: [ubuntu]
Product: [Ubuntu 14.04.2 LTS]
Kernel: [3.16.0-41-generic]
Multiprocessor support enabled.
Searching for source pack...
Verifying source pack contents...
Searching for suitable binary pack...
Verifying binary pack contents...
Found suitable binary pack. Using: /opt/sophos-av/talpa/dist/talpa-binpack-ubuntu-x86_64-3.16.0-41-generic-5714041ubuntusmpthujun18180113utc2015.tar.gz
Loading Talpa kernel modules version 1.18.6...
Complete.

Other logged talpa-deny:

.kde/share/config/ksmserverrc

/usr/lib/firefox/libxul.so

/opt/sophos-av/tmp/saviDebug.log

/usr/share/locale-langpack/en_CA/LC_MESSAGES/glib20.mo

/usr/bin/virtuoso-t on behalf of process kactivitymanage

/usr/lib/cups/notifier/dbus

/.local/share/akonadi/db_data/mysql/*

:1021134


This thread was automatically locked due to age.
Parents
  • Hi Dominic.

    I seem to have lost the Web Gui functionality after running the savupdate this morning.

    /opt/sophos-av/bin/savsetup
    Welcome to Sophos Anti-Virus interactive configuration


    [1] Display update configuration

    Configure primary update source:
    [2] From Sophos
    [3] From own server

    Configure secondary update source:
    [4] From Sophos
    [5] From own server

    [q] Quit
    What do you want to do? [1]
    >

    Maybe I haven't had enough coffee this morning, was that feature removed recently? (I don't have a 8081 tcp port listening)

    (https://www.sophos.com/en-us/medialibrary/PDFs/documentation/savl_9_cgeng.pdf page 24)

    :1021160
Reply
  • Hi Dominic.

    I seem to have lost the Web Gui functionality after running the savupdate this morning.

    /opt/sophos-av/bin/savsetup
    Welcome to Sophos Anti-Virus interactive configuration


    [1] Display update configuration

    Configure primary update source:
    [2] From Sophos
    [3] From own server

    Configure secondary update source:
    [4] From Sophos
    [5] From own server

    [q] Quit
    What do you want to do? [1]
    >

    Maybe I haven't had enough coffee this morning, was that feature removed recently? (I don't have a 8081 tcp port listening)

    (https://www.sophos.com/en-us/medialibrary/PDFs/documentation/savl_9_cgeng.pdf page 24)

    :1021160
Children
No Data