Up2date Troubleshooting: Sophos UTM

  • Article ID: 115025
  • Rating:
  • 6 customers rated this article 4.8 out of 6
  • Updated: 04 Apr 2016

It is recommended that all UTM users update their systems regularly. While there is usually no issue during an update, sometimes an update can have errors. This is an article to assist when having update problems.

Applies to the following Sophos product(s) and version(s)
Astaro Security Gateway/Sophos UTM

Operating systems
V7, V8, V9

What To Do

One of the common issues that will occur is with system up2dates not functioning as intended through the WebAdmin. Although sometimes users may forget that they do need to apply System up2dates manually, as opposed to pattern up2dates which are automatic. Up2date management is configured under 'Management' | 'Up2date'.

In the event that normal up2date from the WebAdmin does not work there are several tests that can be run as well as force of up2dates to run from SSH.

Simulation of RPM installs 

Simulation of an up2date install is useful for determining why a particular up2date may be failing. The output will appear in the standard /var/log/up2date.log file or for an individual test by sending to a file will make examination easier. 

auisys.plx --simulation 
auisys.plx --simulation >> up2datetest.log

Up2date to a specific version 

This is useful for up2dating to a specific version rather than all the way to the latest in particular with up2dates making large changes as noted by our feature releases of 8.100, 8.200, 8.300. Prior to up2dating completely it is usually useful and causes less problems to first up2date to the latest in the series prior to a feature release. 

auisys.plx --upto 8.203

Force and skip RPM arguments 

For up2date issues the combination of the --rpmargs and --force will have the greatest effect on loading all current up2dates. In addition these can be combined with the --upto version in order to create a powerful up2date order. This command is standard to run to effectively force all up2dates present to load on a system despite previous up2date failures which may be triggered by customized RPM packages having been loaded on the system previously. 

auisys.plx --rpmargs --force

Or combined with 'upto' version: 

auisys.plx --rpmargs --force --upto 8.203

Downloading new up2dates 

Sometimes a new download or removal of an up2date will be required to resolve an issue if an up2date has been corrected on the up2date servers or is otherwise corrupted on a customer system. Remove any affected system up2dates from the AxG and run a new download: 

cd /var/up2date/sys 
rm u2d-sys-8.301* 

If the download cannot communicate or authenticate to a server the download can be pulled directly from the Sophos ftp servers into the /var/up2date/sys directory with a wget command such as: 

cd /var/up2date/sys 
wget http://ftp.astaro.com/ASG/v8/up2date/u2d-sys-8.301.tgz.gpg

Then, to make the update appear in WebAdmin:

auisys.plx --showdesc

If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent