Sophos antivirus for linux and net FIle System NFS [SOLVED]

**UPDATE**

Everything described below occurred when running Mint Linux 19.3 and Ubuntu 18.04 in virtual machines.

When I installed Sophos Antivirus on Mint Linux 19.1 on actual computer hardware, everything installed correctly and everything is working correctly so far. Copying files to/from NFS shares with the default file manager works fine and Sophos av on-access scanning is working - tested with the eicar test file.

So perhaps the problems described below are tied to operating in a VM.

 

[SOLVED WITH WORK-AROUND]

I am running Sophos Antivirus for Linux on Linux Mint 19.3 Cinnamon desktop with on-access scanning active. When Sophos antivirus on-access scanning is active it prevents me from copying files from the desktop computer to an NFS share with the message "operation not permitted". However, it will allow me to copy files from the NFS share to the desktop computer. Does anyone know how to resolve this problem?

I began to suspect there was a compatibility problem with Sophos AV and either the Cinnamon desktop or the file manager. Linux Mint Cinnamon uses the Nemo file manager by default.

I installed some other file managers and attempted the same file copying processes that failed with Nemo. Here are the results:

  • Midnight Commander - successful file copy
  • SpaceFM - successful file copy
  • Nemo (default) - failed
  • PCmanFM - failed
  • Nautilus - failed

I have not found any other compatibility issues with Mint Linux and Sophos, so it looks like using Mint Cinnamon with SpaceFM file manager may be an acceptable work-around.

BY THE WAY...

I experienced the same failure to copy files to NFS using Ubuntu 18.04 with the default desktop and Nautilus file manager. Midnight Commander successfully completes the file copy.

Thanks for all who responded.

  • Hi  

    Linux Mint is not the supported OS for the Sophos Anti-Virus for Linux, so we may not be able to help you more on this. However, you can check the permission to that particular location and also check whether operations are working as expected without Sophos.

  • In reply to Jasmin:

    Hello Jasmin, thank you for responding. Regarding your two suggestions...

    The permissions are configured correctly.

    When I disable Sophos antivirus I can copy the files.

    When I enable Sophos antivirus I cannot copy the files.

    This would indicate to me that Sophos is the cause of the problem.

    Regarding supported distributions, Linux Mint is based on the Ubuntu which I understand is supported.

    Thanks...

  • In reply to Kenneth Cooper:

    Hi  

    I understand your concern that Mint is based on Ubuntu but there are specific versions of Ubuntu which are only supported where Mint is not included. 

  • Hello Kenneth Cooper,

    Mint or not, perhaps can give some advice or tips on troubleshooting.

    Christian

  • Hi Kenneth,

     

    The error message indicates that the problem was opening the local file, rather than anything on the NFS side. Operation not permitted is the error we give when we deny access because the file is infected, but could also be caused by problems while accessing the file.

     

    1. Can you open the file normally?

    2. What do the logs show? - syslog and savlog and sav-protect.log

     

    Possibly on-access is detecting something in the file?

    3. Run savscan <filename>

     

    If you can get the output/answers I might be able to explain what's happening.

     

    Thanks,

    Douglas.