We'd love to hear about it! Click here to go to the product suggestion community
I managed to install Sophos Anti-Virus for Linux on Clear Linux. It was not able to install Talpa out of the box on which I am not concerned as I prefer using Fanotify but I can not get Sophos to start using Fantofigy and I cannot find the recommended process to tell me if Clear has Fanotify enabled.
grep -ir FANOTIFY /boot/`uname -r`.config won't work as /boot is empty.
Installing Sophos Anti-Virus....Selecting appropriate kernel support...When Sophos Anti-Virus starts, it updates itself to try to find a Sophos kernel interface module update. This might cause a significant delay.Sophos Anti-Virus starts after installation.
Installation completed.On-access scanning not available. It was not possible to obtain or build suitable kernel support because kernel headers are not installed.Failed to update Sophos Anti-VirusRegistering with Sophos CentralSaving Sophos Central credentialsStarting Sophos Central Management ClientNow managed by Sophos Central
Restarted service to use Fanotify
# /opt/sophos-av/bin/savconfig set DisableFanotify false;
# /opt/sophos-av/bin/savconfig set PreferFanotify true
# systemctl restart sav-protect.service
Log entries does not even mention Fanotify:
Fri 11 Oct 2019 01:00:14 PM UTC: savd.daemon Sophos Anti-Virus daemon started.Fri 11 Oct 2019 01:00:16 PM UTC: talpa.startup Unable to load Talpa modules.Fri 11 Oct 2019 01:02:25 PM UTC: update.failed Failed to update Sophos Anti-VirusFri 11 Oct 2019 01:02:25 PM UTC: update.failed Updating directly from Sophos.Extra files updating is disabled. You can change updating settings using /opt/sophos-av/bin/savsetup.
Installation completed.On-access scanning not available. It was not possible to obtain or build suitable kernel support because kernel headers are not installed.Fri 11 Oct 2019 01:02:51 PM UTC: talpa.startup Unable to load Talpa modules.
# /opt/sophos-av/bin/savdstatus Sophos Anti-Virus is active but on-access scanning is not running
Have you reviewed the following article already? I noticed the commands that you used are mentioned in the article. However, did you restart SAV (/etc/init.d/sav-protect restart) after running the /opt/sophos-av/bin/savconfig set PreferFanotify true statement.
Please let us know.
In reply to RodS:
I did. I also tried to compile Talpa but since /boot is empty on Clear I'm not sure how to correct that.
In reply to Danie de Jager:
Hi Danie de Jager,
One simple way to check if Clear Linux has fanotify is to run "man fanotify". If it has it, there should be a manual.
Are you able to show us the error you get when you attempt to locally compile a talpa binary pack? You can do this by running "/opt/sophos-av/engine/talpa_select select"
It may also help if you can share us the log in /opt/sophos-av/log/talpaselect.log
In reply to MEric:
Good news! I updated Clear Linux and installing Sophos on it now using Fanotify configuration, on-access scanning is working. I don't have need for Talpa in that case.
# /opt/sophos-av/bin/savdstatus Sophos Anti-Virus is active and on-access scanning is running