We'd love to hear about it! Click here to go to the product suggestion community
I recently tried to install the latest kernel for ubuntu 17.04 - 4.10.0-22. It kept failing saying an "operation was not permitted". When I reported this on the ubuntu bug tracker it was suggested I turn off anti-virus and try again.
I disabled the on-access scan and tried again, and installation worked.
I had no warnings or alerts from sophos. I checked that the sophos warnings and emails were on and worked (I tested using the test virus file) and that all worked.
So, somehow sophos is preventing a file access. I am on the latest version, including talpa.
The ubuntu report with full details is at https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1696132
In reply to DouglasLeeder:
I am using fanotify as it is easier with Debian kernel
Once a new kernel is installed I reboot to take it into account, so Sophos is restarted.
Not a big deal for me
I have the same issue, sophos is blocking upgrades during apt-get upgrade for several packages, often involving the kernel or libreoffice. I always need to manually shut down on-access protection to have these (security) upgrade go through. I am using ubuntu 19.04 and the free version of sophos.
I don't know about fanotify or talpa, I don't know what either is. It seems sophos is using fanotify in my case. Which one should I be using for this to work?
In reply to Philippe Seidel:
It appears to be a problem with fanotify. At least people seem to have fewer problems with talpa.
To use Talpa, you need to have kernel headers, gcc and make installed.