We'd love to hear about it! Click here to go to the product suggestion community
I recently tried to install the latest kernel for ubuntu 17.04 - 4.10.0-22. It kept failing saying an "operation was not permitted". When I reported this on the ubuntu bug tracker it was suggested I turn off anti-virus and try again.
I disabled the on-access scan and tried again, and installation worked.
I had no warnings or alerts from sophos. I checked that the sophos warnings and emails were on and worked (I tested using the test virus file) and that all worked.
So, somehow sophos is preventing a file access. I am on the latest version, including talpa.
The ubuntu report with full details is at https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1696132
In reply to Philippe Seidel:
It appears to be a problem with fanotify. At least people seem to have fewer problems with talpa.
To use Talpa, you need to have kernel headers, gcc and make installed.