This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Up2Date to latest package only

I just took over support of a SG230 running firmware 9.308-16. It's been up and running for a couple of years and when I had Up2Date set to auto WebAdmin showed 29 updates ready to install; however, the Up2Date log indicated that there was not enough space to proceed. The device has also been dismally slow with generating and sending out reports. I see that the downloaded GPG packages are downloaded to /var/upd2date/sys but unfortunately that is within the root partition of only 5GB. There will never be enough free space to download all 29 updates. I did delete all those packages and got back to 48% free on the root partition.

My question is ... Do I have to download each one of those updates in succession and install them one at a time, manually, or can I jump to the end of each major version. For example: can I just grab the latest 9.3xx and install that then jump to the latest 9.4xx and installed that.

I only have a 2 hour window for doing the maintenance on this device so downloading each manually, installing, and rebooting 29 times seems like a lot of effort.

Up2Date failed: Not enough free space for '/var/up2date/sys'. Required space: 362737 KB Available space: 283548 KB; inodes: 309683



This thread was automatically locked due to age.
Parents
  • As the Sophos UTM packages are incremental you can't skip any update. You have to follow the correct order.

    Depending of the space you can do a couple of updates, so a batch of 5 or 10.

    An other way could be install the complete system from an iso in an up to date version and restore a backup of your settings. But from my perspective I would prefer the updates in several batches, because of less chances to roll back if you do a complete reinstall of the appliance and anything doesn't work.

    Do you have a HA Cluster or single system?

    Best regards

    Alex

    -

  • It's a single standalone appliance. No HA. If I were to do this in batches how would I implement that. Seems I would still need to download each from the FTP site and manually load them. I suppose I could download them all and then only SCP maybe 10 at a time to /var/up2date/sys but then I'm not sure how to start the upgrade process.

  • Yes unfortunate you had to do this manually. HA would be nice in that case ;-)

    The steps should be

    1. Shell into the firewall and navigate to /var/up2date/sys -> cd /var/up2date/sys

    2. wget the patch file (.tgz.gpg extension) -> wget

    Or SCP the batch of 10 updates

    3. Invoke auisys.plx with the –showdesc paramater -> auisys.plx --showdesc

    4. Install the update. -> cc system_up2date system_update

    Alternatively you can go into the web interface and schedule the install from there.

    More info:  

    Best regards

    Alex

    -

  • Thanks much. Was just reading that article. Hopefully, I can complete this is my 2 hour window. I manage 3 other Sophos UTM 9s and I stay on top of the updates. I had about a dozen to do on another that was ignored too long but it worked out just fine. It appears I had just enough space to download 28 of the 29 but then no space to unpack and install them. I really appreciate the timely response. You beat Sophos Support by days I'm sure.

  • I keep my fingers crossed for you. The quick response is the positive aspect of sitting at home with one foot broke.

    -

Reply Children
No Data