Sophos "sweep" problem - a funny thing happended...
Mark Nienberg
mark at TIPPINGMAR.COM
Fri Apr 18 03:05:13 IST 2003
You didn't upgrade using the install program on the CD did you? The
correct way is to run the "Sophos.install" script that came with
MailScanner which sets the appropriate environment for you. Then
sophos-wrapper (v4.x) or sophoswrapper(v3.x) should work.
If sweep runs directly without complaining, I don't think your sophos
installation is right.
Mark
On Thursday, April 17, 2003, at 05:13 AM, Quentin Campbell wrote:
> Upgraded the Sophos stuff on our Linux boxes yesterday afternoon from
> the Sophos April CD. Installed a later libsavi (libsavi.so.3.2.05.033)
> into /usr/local/Sophos/lib but noticed it also replaced "sweep" in
> /usr/local/Sophos/bin.
>
> All seemed to be working well afterwards with viruses being detected up
> until 04:00 today.
>
> At 04:00 the Sophos autoupdate script ran to update the IDE files, etc.
>> From that point on whenever "/usr/local/Sophos/bin/sophoswrapper" ran
>> it
> gave "Error initialising detection engine - missing part of virus
> data".
>
> Invoked the "autoupdate" script again which appears to run OK. The
> files
> under /usr/local/Sophos/* appeared to be updated OK again but the error
> still appeared.
>
> However noticed that when I invoked "sweep" directly on a file it works
> OK. That is:
>
> ./sweep /tmp/eicar.com # OK
>
> ./sophoswrapper /tmp/eicar.com # Error initialising detection ...
>
> So modified "sophoswrapper" as follows ( added #TMP#) so that "sweep"
> is
> run without the $SAV_IDE and $LD_LIBRARY_PATH environment variables
> being set - "sophoswrapper" is now working OK.
>
> Can anyone suggest why the new "sweep" suddenly started behaving
> differently after the 04:00 IDE update?
>
> ------------------------------ cut here
> (/usr/local/Sophos/bin/sophoswrapper)
> PackageDir=/usr/local/Sophos
> prog=sweep # `basename $0`
>
> #TMP#SAV_IDE=$PackageDir/ide
> #TMP#LD_LIBRARY_PATH=$PackageDir/lib
> #TMP#export SAV_IDE
> #TMP#export LD_LIBRARY_PATH
>
> exec ${PackageDir}/bin/$prog "$@"
> ------------------------------ cut here
>
> Quentin
> ---
> PHONE: +44 191 222 8209 Computing Service, University of Newcastle
> FAX: +44 191 222 8765 Newcastle upon Tyne, United Kingdom, NE1
> 7RU.
> -----------------------------------------------------------------------
> -
> "Any opinion expressed above is mine. The University can get its own."
More information about the MailScanner
mailing list