Sophos Anti-Virus for Linux v7: Rolling out a custom TBP to multiple computers

  • N.º del artículo: 110767
  • Actualizado: 28 ene 2013
Sophos does not provide TBPs (Talpa Binary Packs) for all Linux kernels. This article describes how to install the necessary prerequisites and create TBPs for other kernels, without the need to install additional tools on your computers.

Summary of procedure:
  1. Build the TBP on one machine (let's call it the 'Primary client') with all prerequisites installed.
  2. Add the custom TBP you have just created to one of the following:
    • Option 1 - a Unix/Linux-mounted CID
    • Option 2 - the 'Alpha client' cache directory.
  3. Other machines (let's call them 'Secondary clients') who use the same kernel can then use either of these as an update source. These 'Secondary clients' don't have to build their own TBPs, they can just use the TBP built by the Primary client, provided they use the same kernel.

What to do

  1. Make sure all requirements mentioned in the knowledgebase article Sophos Anti-Virus for Linux: Using a custom built or unsupported kernel are fulfilled.
  2. Install Sophos Anti-Virus on your 'Primary client'. (If it is already installed you do not need to re-install)
  3. Run the command /opt/sophos-av/engine/talpa_select select.
    This builds a custom TBP which should be located in /opt/sophos-av/talpa/compiled. It will be called something like talpa-binpack-centos_2.6.18-164.11.1.el5.tar.gz
  4. Now follow either Option 1 or Option 2.

Option 1. Add a TBP to a Unix/Linux-mounted CID:

  1. Mount your CID to a Unix/Linux machine.
    For the purposes of this example, let's assume you use SUM and have mounted the CID to /opt/SUM
    • Example 1: Set up a SAMBA server on your Unix/Linux Machine. Configure EM Library or SUM to use it as a custom CID location (Refer to EM Library or SUM manual for further details).
    • Example 2: Use smbmount to mount the default CID location on a EM Library or SUM machine to your Unix/Linux machine. Make sure it is mounted writeable.
  2. Run the command:

    /opt/SUM/CIDs/S000/savlinux/addtbp.sh -f /opt/sophos-av/talpa/compiled/talpa-binpack-centos_2.6.18-164.11.1.el5.tar.gz
    This command will add the TBP to /opt/SUM/CIDs/S000/savlinux/talpa-custom

    You can also use this command to add TBPs created on other machines to the CID. To do this, copy the talpa-binpack file over and adjust the path after the -f argument accordingly.
  3. Point Secondary clients to this CID as their update location.
Option 2. Add a TBP to the Primary Client's local cache directory:
  1. Run the command:

    /opt/sophos-av/update/cache/Primary/addtbp.sh -f /opt/sophos-av/talpa/compiled/talpa-binpack-centos_2.6.18-164.11.1.el5.tar.gz
    This command will add the TBP to the local cache directory /opt/sophos-av/update/cache/Primary/talpa-custom

    • You can also use this command to add TBPs created on other machines to a local cache directory. To do this, copy the talpa-binpack file over and adjust the path after the -f argument accordingly.
    • By default, a client (both Primary and Secondary client) will only download the TBPs it needs to activate its own OnAccess scanning. This is done to save bandwidth and disk space. If you plan to update Secondary clients from a Primary client's local cache directory, and if these Secondary clients have Kernels other than the Primary client, you have to configure the Primary client to download all available TBPs from its CID. To do so use the command /opt/sophos-av/bin/savconfig set PrimaryUpdateVendors redhat.

      Other allowed arguments instead of redhat are suse and turbo but any of them will cause all available TBP files like the Ubuntu ones to be downloaded as well, so don't get confused by the name of the parameter.

      Also don't get confused by the word Primary in PrimaryUpdateVendors. This denotes the Primary Update Location, not the Primary client. If your Primary client also uses a Secondary Update Location whose local cache directory /opt/sophos-av/update/cache/Secondary is shared out to other clients you will also have to set the SecondaryUpdateVendors option.

  2. Use rsync or cp to create a local copy of /opt/sophos-av/update/cache/Primary at an alternative location on the Primary client's hard disk. We recommend creating a copy because if Secondary clients update directly out of a shared /opt/sophos-av/update/cache/Primary of the Primary client, it could cause problems because it might be invalid during an update.
  3. Use a third-party means (for example, NFS, SAMBA, or HTTP) to share this copy of the local cache and point 'Secondary clients' to it as their update location.
Troubleshooting:

If 'Secondary clients' fail to use the TBP provided with the above method check the following:
  • Ensure the Secondary client's local cache directory contains the TBP: ls /opt/sophos-av/talpa/custom
  • Ensure the Secondary client is using the same kernel as the Primary client.
    • Compare the output of ls /opt/sophos-av/talpa/custom with the output of /opt/sophos-av/engine/talpa-select requiredpackname. If you can't find a file in /opt/sophos-av/talpa/custom that is named exactly like the output of the talpa-select requiredpackname command then you have different kernel versions on the Primary client and on the Secondary client.
      In this case you have to create another TBP on this Secondary client. You might want to add this to your CID with above procedure to provide a TBP for other machines with the same kernel as this Secondary client
  • If it still fails please contact Sophos Technical Support.

 
Si necesita más ayuda, póngase en contacto con soporte técnico.

Valore el artículo

Muy malo Excelente

Comentarios