This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Up2Date to latest package only

I just took over support of a SG230 running firmware 9.308-16. It's been up and running for a couple of years and when I had Up2Date set to auto WebAdmin showed 29 updates ready to install; however, the Up2Date log indicated that there was not enough space to proceed. The device has also been dismally slow with generating and sending out reports. I see that the downloaded GPG packages are downloaded to /var/upd2date/sys but unfortunately that is within the root partition of only 5GB. There will never be enough free space to download all 29 updates. I did delete all those packages and got back to 48% free on the root partition.

My question is ... Do I have to download each one of those updates in succession and install them one at a time, manually, or can I jump to the end of each major version. For example: can I just grab the latest 9.3xx and install that then jump to the latest 9.4xx and installed that.

I only have a 2 hour window for doing the maintenance on this device so downloading each manually, installing, and rebooting 29 times seems like a lot of effort.

Up2Date failed: Not enough free space for '/var/up2date/sys'. Required space: 362737 KB Available space: 283548 KB; inodes: 309683



This thread was automatically locked due to age.
  • Hi,

    don't worry about the dates, just name order.

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • I was successful installing all 29 patches. I accomplished this in two rounds as described above (9.3x first then all 9.4x second). I had a single reboot after all 9.3 installed and one more reboot after all 9.4. After the final reboot everything was up and functional and the appliance was running with much less CPU and Memory consumption (had not been rebooted in over two years, though).

    I also had Sophos Support come in remotely to check my process and available disk space. They looked at the pending updates listed in the Web Interface and the available disk space via the SSH console and agreed that I should be able to follow this process and complete the updates.

    I appreciate all the help offered by this community which led me in the right direction and helped to ease my anxiety. I only had one chance to get this right and I had a lot of other tasks to complete in my maintenance window besides updating the Sophos. Thank you all.

  • Hi, Kipland, and welcome to the UTM Community!

    Thanks for coming back and closing the loop for others that need the info in your thread.

    Clear problem explanation and a thoughtful application of  the suggestions made - a great, first thread.  That got you help from two guys that know a lot about the UTM.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • BAlfson said:
    Thanks for coming back and closing the loop for others that need the info in your thread.

    After being in IT for 35 years now I appreciate the value that these forums add. I could not continue my career choice without them. In the old days we had no forum except for a few private BBS boards and lots of vendor supplied documentation since everything was turnkey. I like that we can now help each other. Appreciate the Kudos.

  • I upgraded 8 versions from early 9.4xx up to 9.507-1. I didn't go to the latest or the second latest due to unresolved bugs I've read about on some other forum posts. Since I wasn't sure if i could just click on install next to 9.507-1 or if i had to manually install each patch until i got to 9.507-1, i decided to install them one by one to ensure none of them were missed. I found that by installing them one by one the appliance rebooted itself after each individual patch was installed. I didn't get to do a single reboot after doing all 9.4xx like OP describes.

  • If you only do one at a time it will reboot after each update by design. If you update to the latest my experience has been that all the updates will complete (hopefully) and then there will be one final reboot after the last update. If you did not want the last two updates you may need to remove those from the backend via ssh then update to the latest (that you currently have downloaded). I'm actually running the latest without issue on several of my Sophos UTM appliances so not aware of any bugs. 

  • You revived an old post.   Fortunately, the original problem was solved despite the bad advice given.

    Configuration files are upward compatible.   Save your configuration.   Make sure that you will be able to connect to UTM using a laptop using the factory default IP address.  Rebuild your UTM from the latest CD to an initial factory load.  Restore your configuration file.  You are done, and you do not have the baggage of all of those incremental updates.

    Learned this from Sophos Support, by necessity, when my upgrade from 9.408 to 9.506 had a fatal error during installation of one of the intermediate kits.  I was terrified, but the process was much quicker than applying each update one at a time.

    Of course, your options for doing this are limited by the ISO image versions offered by the Sophos website or that you have previously downloaded from them.