Sophos does not provide TBPs (Talpa Binary Packs) for all Linux kernels. This article describes how to install the necessary prerequisites and create TBPs for other kernels, without the need to install additional tools on each computer.
Note: This procedure is only necessary if you are using Talpa as the on-access scanning method. An alternative method (Fanotify) is available for customers running 2.6.38+:
Summary of procedure:
- Build the TBP on one computer (let's call it the 'Primary client') with all prerequisites installed.
- Add the custom TBP you have just created to one of the following:
- Option 1 - a Unix/Linux-mounted CID
- Option 2 - the 'Primary client' cache directory.
- Other computers (let's call them 'Secondary clients') that use the same kernel can then use either of these as an update source.
- These 'Secondary clients' don't have to build their own TBPs, they can just use the TBP built by the Primary client, provided they use the same kernel.
What To Do
- Make sure all requirements mentioned in the knowledgebase article Sophos Anti-Virus for Linux: Using a custom built or unsupported kernel are fulfilled.
- Install Sophos Anti-Virus on your 'Primary client'. (If it is already installed you do not need to re-install.)
- Run the command
This builds a custom TBP which should be located in
/opt/sophos-av/talpa/compiled. It will be called something like
- Now follow either Option 1 or Option 2.
Option 1. Add a TBP to a Unix/Linux-mounted CID:
Option 2 - Add a TBP to the Primary Client's local cache directory:
- Mount your CID from the Primary client. For the purposes of this example, let's assume you use SUM and have mounted the CID to
- Example 1: Set up a SAMBA server on your Unix/Linux Machine. Configure SUM to use it as a custom CID location (Refer to SUM manual for further details).
- Example 2: Use smbmount to mount the default CID location on a SUM machine to your Unix/Linux machine. Make sure it is mounted writeable.
- Use the addextra command to add TBPs to the CID. For example:
/opt/sophos-av/update/addextra /opt/sophos-av/talpa/compiled/talpa-binpack-centos_2.6.18-164.11.1.el5.tar.gz /opt/SUM/CIDs/S000/savlinux/
This command will add the TBP to
- Point Secondary clients to this CID as their update location.
- Use the addextra command to add TBPs to the local cache directory:
/opt/sophos-av/update/addextra /opt/sophos-av/talpa/compiled/talpa-binpack-centos_2.6.18-164.11.1.el5.tar.gz /opt/sophos-av/update/cache/Primary/
This command will add the TBP to the local cache directory
- Use rsync or cp to create a local copy of
/opt/sophos-av/update/cache/Primary at an alternative location on the Primary client's hard disk. This can be automated via script.
- Use a third-party means (for example, NFS, SAMBA, or HTTP) to share this copy of the local cache and point 'Secondary clients' to it as their update location
- By default, a client (whether primary or secondary) will only download the TBPs it needs to activate its own on-access scanning. This is done to save bandwidth and disk space. Therefore, you may want the primary client to download and store TBPs for all supported kernels automatically. See the article: Hosting Talpa Binary Packs for all kernels/distributions.
- If 'Secondary clients' fail to use the TBP provided by the above method, check the following:
- Ensure the Secondary client's local cache directory contains the TBP:
- Ensure the Secondary client is using the same kernel as the Primary client. Compare the output of
ls /opt/sophos-av/talpa/custom with the output of
If a different kernel is being used you must create another TBP for this Secondary client. You can use the above procedure to add this to your CID to provide a TBP for other computers with the same kernel.
- If it still fails please contact Sophos Technical Support.