Discussion:
Sophos failure: sophos-autoupdate is missing new Sophos files
Paul Lamb
2009-11-04 04:21:58 UTC
Permalink
The Sophos AV November 2009 distribution:-
Product version : 4.47.0
Engine version : 3.01.0
Virus data version : 4.47
User interface version : 2.07.250
Platform : Linux/Intel
Released : 02 November 2009

is installing additional files
./lib/xvdl*.vdb

sophos-autoupdate will not create softlinks to these in ./ide/

Running sweep through strace shows an open failure on
/usr/local/Sophos/ide/xvdl01.vdb leading to
"Error initialising detection engine - missing part of virus data"

As a quick workround, I have added the following cloned fragment into
sophos-autoupdate before "Add the new swpmess.dat..." -

# Add the even newer xvdl*.vdb files if they are there
foreach $vdlsus ("xvdl") {
foreach $number (1..99) {
$string = $vdlsus . sprintf("%02d", $number) . ".vdb";
symlink("$VDLDir/$string", $string) if -f "$VDLDir/$string";
}
}
# end

I am running MailScanner version 4.72.5 whose version of
sophos-autoupdate looks little different to the current version.

Regards,
Paul Lamb
Mark Nienberg
2009-11-04 08:26:52 UTC
Permalink
Post by Paul Lamb
The Sophos AV November 2009 distribution:-
Product version : 4.47.0
Engine version : 3.01.0
Virus data version : 4.47
User interface version : 2.07.250
Platform : Linux/Intel
Released : 02 November 2009
is installing additional files
./lib/xvdl*.vdb
sophos-autoupdate will not create softlinks to these in ./ide/
Running sweep through strace shows an open failure on
/usr/local/Sophos/ide/xvdl01.vdb leading to
"Error initialising detection engine - missing part of virus data"
As a quick workround, I have added the following cloned fragment into
sophos-autoupdate before "Add the new swpmess.dat..." -
# Add the even newer xvdl*.vdb files if they are there
foreach $vdlsus ("xvdl") {
foreach $number (1..99) {
$string = $vdlsus . sprintf("%02d", $number) . ".vdb";
symlink("$VDLDir/$string", $string) if -f "$VDLDir/$string";
}
}
# end
I am running MailScanner version 4.72.5 whose version of
sophos-autoupdate looks little different to the current version.
Regards,
Paul Lamb
I guess you are using Sophos V4, correct?

I have V5 and it reports:

[***@tesla bin]# savscan -v
SAVScan virus detection utility
Copyright (c) 1989-2009 Sophos Group. All rights reserved.

System time 06:19:20 PM, System date 03 November 2009

Product version : 4.46.0
Engine version : 3.00.1
Virus data version : 4.46
User interface version : 2.07.249
Platform : Linux/Intel
Released : 05 October 2009
Total viruses (with IDEs) : 1061548

Information on additional data files:

Data file name : /opt/sophos-av/lib/sav/daonol-a.ide
Data file type : IDE
Data file date : 03 November 2009, 16:12:47
Data file status : Loaded

etc...

For V5, sophos-autoupdate just calls the Sophos provided savupdate
program and it takes care of itself. I think the edit you show would
only be needed for V4.

Mark Nienberg
Paul Lamb
2009-11-04 16:45:20 UTC
Permalink
Post by Mark Nienberg
Post by Paul Lamb
The Sophos AV November 2009 distribution:-
Product version : 4.47.0
Engine version : 3.01.0
Virus data version : 4.47
User interface version : 2.07.250
Platform : Linux/Intel
Released : 02 November 2009
is installing additional files
./lib/xvdl*.vdb
sophos-autoupdate will not create softlinks to these in ./ide/
Running sweep through strace shows an open failure on
/usr/local/Sophos/ide/xvdl01.vdb leading to
"Error initialising detection engine - missing part of virus data"
As a quick workround, I have added the following cloned fragment into
sophos-autoupdate before "Add the new swpmess.dat..." -
# Add the even newer xvdl*.vdb files if they are there
foreach $vdlsus ("xvdl") {
foreach $number (1..99) {
$string = $vdlsus . sprintf("%02d", $number) . ".vdb";
symlink("$VDLDir/$string", $string) if -f "$VDLDir/$string";
}
}
# end
I am running MailScanner version 4.72.5 whose version of
sophos-autoupdate looks little different to the current version.
Regards,
Paul Lamb
I guess you are using Sophos V4, correct?
SAVScan virus detection utility
Copyright (c) 1989-2009 Sophos Group. All rights reserved.
System time 06:19:20 PM, System date 03 November 2009
Product version : 4.46.0
Engine version : 3.00.1
Virus data version : 4.46
User interface version : 2.07.249
Platform : Linux/Intel
Released : 05 October 2009
Total viruses (with IDEs) : 1061548
Data file name : /opt/sophos-av/lib/sav/daonol-a.ide
Data file type : IDE
Data file date : 03 November 2009, 16:12:47
Data file status : Loaded
etc...
For V5, sophos-autoupdate just calls the Sophos provided savupdate
program and it takes care of itself. I think the edit you show would
only be needed for V4.
Mark Nienberg
Yes, I am using Sophos v4. Thanks for adding the caveat.

Paul
Daniel Straka
2009-11-07 04:40:49 UTC
Permalink
--

Dan Straka
Systems Coordinator
Casper College
307.268.2399
http://www.caspercollege.edu
Post by Paul Lamb
The Sophos AV November 2009 distribution:-
Product version : 4.47.0
Engine version : 3.01.0
Virus data version : 4.47
User interface version : 2.07.250
Platform : Linux/Intel
Released : 02 November 2009
is installing additional files
./lib/xvdl*.vdb
sophos-autoupdate will not create softlinks to these in ./ide/
Running sweep through strace shows an open failure on
/usr/local/Sophos/ide/xvdl01.vdb leading to
"Error initialising detection engine - missing part of virus data"
As a quick workround, I have added the following cloned fragment into
sophos-autoupdate before "Add the new swpmess.dat..." -
# Add the even newer xvdl*.vdb files if they are there
foreach $vdlsus ("xvdl") {
foreach $number (1..99) {
$string = $vdlsus . sprintf("%02d", $number) . ".vdb";
symlink("$VDLDir/$string", $string) if -f "$VDLDir/$string";
}
}
# end
I am running MailScanner version 4.72.5 whose version of
sophos-autoupdate looks little different to the current version.
Regards,
Paul Lamb
Another fix with a less typing :-) seems to work for my installation.
Sent to me by Joachim Holzfuss <***@physik.tu-darmstadt.de>

you have to add xvdlXX.vdb to the list of virus defs in
/usr/lib/MailScanner/sophos-autoupdate

like this
---- excerpt

# Add the new vdl*.vdb files if they are there
foreach $vdlsus ("vdl", "sus", "xvdl") {

----end excerpt

Loading...