Sophos Anti-Virus for Linux/Unix v9: addextra command syntax

  • Article ID: 118384
  • Updated: 09 May 2014

This article describes how to use the  addextra command included in  Sophos Anti-Virus version 9:  

This command replaces the and scripts used in Sophos Anti-Virus version 7.  
The addextra command can be used for adding custom configurations or Talpa Binary Packs (TBPs) to a Central Installation Directory (CID).

Known to apply to the following Sophos product(s) and version(s)

Sophos Anti-Virus for Unix
Sophos Anti-Virus for Linux

Operating systems
Linux / Unix

How To

Add configuration to the CID

The preferred way to manage Sophos Anti-Virus clients is via Sophos Enterprise Console. Adding configuration to a CID should only be done when SEC is not available.

Unlike the old, addextra is not run from the CID itself.  Therefore, it must be run on a machine with Sophos Anti-Virus already installed.

1)  Use the savconfig command to set options in an offline configuration file.

/opt/sophos-av/bin/savconfig -f <offline-config-file> -c <operation> <parameter> <value>

/opt/sophos-av/bin/savconfig -f /tmp/mynewconfig.cfg -c set EnableOnStart true

2) You can repeat the above commands until the configuration file contains all the required settings. You can query the config file again with savconfig

/opt/sophos-av/bin/savconfig -f <offline-config-file> -c query

/opt/sophos-av/bin/savconfig -f /tmp/mynewconfig.cfg -c query

3) Once you are happy with the configuration, add it to the CID with addextra  

/opt/sophos-av/update/addextra <offline-config-file> <CID> --signing-key=<path-to-key> --signing-certificate=<path-to-certificate>

/opt/sophos-av/update/addextra /tmp/mynewconfig.cfg /opt/SUM/CIDs/S000/savlinux/ --signing-key=/root/certificates/extrafiles-signing.key --signing-certificate=/root/certificates/extrafiles-signing.crt

NB. An article explaining how to generate the signing certificates for use with addextra can be found here

For further examples please refer to the SAV for Linux Configuration Guide found here

If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent