Short post to learn how to install and uninstall Sophos Antivirus in Linux.
Sophos is a well-known antivirus for Windows, Linux, Mac platforms. Sophos also offers different security solutions along with antivirus. In this post we walk through the install, check and remove Sophos antivirus on Linux systems. You can download Sophos antivirus for Linux for free here.
How to install Sophos Antivirus in Linux
You can transfer the installer downloaded on a laptop or desktop on your Linux server. Or you can use tools like wget to download the installer directly on your Linux server. You can get a Linux installer link from your account on a website.
You will be having Sophos Antivirus with
install.sh script within. For non-interactive setup executive script with below switches and you are good to go –
root@kerneltalks # ./install.sh --automatic --acceptlicence /opt/sophos-av Installing Sophos Anti-Virus.... Selecting appropriate kernel support... Installation completed. Your computer is now protected by Sophos Anti-Virus.
Antivirus is successfully installed on your server.
Check current status of Sophos Antivirus
Antivirus runs with service named
sav-protect. So you can use normal Linux service status command to check the status of AV service.
root@kerneltalks # service sav-protect status sav-protect.service - "Sophos Anti-Virus daemon" Loaded: loaded (/usr/lib/systemd/system/sav-protect.service; enabled) Active: active (running)[0m since Thu 2018-07-19 13:30:50 IST; 3 months 4 days ago Docs: man:sav-protect Process: 5619 ExecStop=/opt/sophos-av/engine/.sav-protect.systemd.stop.sh (code=exited, status=0/SUCCESS) Process: 6287 ExecStartPost=/opt/sophos-av/engine/.sav-protect.systemd.poststart.(code=exited, status=1/FAILURE) Process: 5646 ExecStartPre=/opt/sophos-av/engine/.sav-protect.systemd.prestart.sh (code=exited, status=0/SUCCESS) Main PID: 6286 (savd) CGroup: /system.slice/sav-protect.service ├─5842 savscand --incident=unix://tmp/incident --namedscan=unix://root@tmp/namedscansprocessor.397 --ondemandcontrol=socketpair://46/47 └─6286 savd etc/savd.cfg Oct 21 17:50:56 kerneltalks savd: scheduled.scan.log: Scheduled scan "SEC:Weekly scan" completed: master boot records scanned: 0, boot records scanned: 0, files scanned: 968342, scan errors: 0, threats detected: 0, infected files detected: 0 Oct 21 21:38:46 kerneltalks savd: update.check: Successfully updated Sophos Anti-Virus from \\avserver.kerneltalks.com\SophosUpdate\CIDs\S038\savlinux
You can see the recent two activities as a successful scheduled scan run and virus definition update in the last log lines.
How to uninstall Sophos Antivirus in Linux
uninstall.sh script located at
/opt/sophos-av to uninstall Sophos Antivirus.
root@kerneltalks # /opt/sophos-av/uninstall.sh Uninstalling Sophos Anti-Virus. WARNING: Sophos Anti-Virus still running. Do you want to stop Sophos Anti-Virus? Yes(Y)/No(N) [N] > Y Stopping Sophos Anti-Virus. Sophos Anti-Virus has been uninstalled.
And AV is un-installed. You can confirm by checking status again which will result in an error.
root@kerneltalks # service sav-protect status service: no such service sav-protect