By Brett Littrell
I started this to try and get our Sophos AV updates to come from a SUSE Web server. The problem was that Sophos does not allow a whole lot of options to connect natively to a Linux box so I devised a way around this.
Sophos Enterprise console does allow Central Installation Directories (CIDs) on NetWare volumes and you can use a NetWare server to house these, I just wanted to move this to Linux server because it seems that is the way things are moving and I wanted to start housing what I could on SUSE.
The first issue was to get the files to the SUSE server, to do this I installed OES2 on SUSE 10.1 server with the NCP server option. Once it was installed I created a share for a directory called /Sophos via the Remote Manager console.
Once this was done I configured a Virtual Web Server and made the /Sophos directory it’s root directory. The biggest issue I ran into here was the rights, the problem was that Apache likes to use wwwrun user and www group. I could have changed this but I like to keep things as simple as possible. When you copy a file from a regular Novell client to the new Sophos share the name changes for the user and maybe even group, so I had to create a script to run and reset the rights to the folder. The script is very basic, I just ran the shell command “chown –R wwwrun:www /Sophos”, a basic shell script will do this, I used an expect script but that is just because I am trying to familiarize myself with that scripting.
After you create the script you just need to add it as a cron job. You can do this two ways, either pop the script into one of the cron preset directories, like “/etc/cron.hourly”, or you can manually edit the “/etc/crontab” file. I did the crontab file because I wanted to run it every 5 minutes. So the line I put in was:
“0-59/5 * * * * root /root/ChangeAVOwners”
So now that this is all setup, the next point is to setup Sophos EC to copy the files to the new /Sophos share.
This part is easy if you have done this before on NetWare servers, if you have not there are a few little caveats. To start you have to create a CID for a published package..
The Next dialogue you have to specify your login information, click the NDS Details button for this.
In the NDS Details you must make sure you enter the fully distinguished name, it does not need to be type-full but it can be if you like. Notice even the server has to be distinguished.
Finally you can enter the UNC for the Share:
One thing to note on this, with regular NetWare volumes I have found that using the UNC with the full distinguished volume name works best but for SUSE the UNC to the share or FD volume name seems to work equally well.
Once this is created you can assign the web server you created as an update location and point it to http://AV.Mybusiness.com “assuming you name your server AV”.
Hope this helps people.
Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).
It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.