When you are deploying physical Sophos UTM appliances, you can run into a scenario where the Up2Date process fails due to a disk space shortage. This typically happens if you have a large number of updates that are outstanding.
Perhaps you have a hardware appliance that has been turned on for the first time after being shipped with an old build. Or perhaps you only have a single Sophos UTM as your firewall and you don’t have a maintenance slot for patching and updating.
Whatever the reason, Sophos UTM’s UI will not show you that anything is wrong. It just shows that there are a number of updates available for download.
When you go to perform the update, you are met with a screen that contradicts the dashboard view. Clicking the two Update buttons also does not seem to do anything.
Check the Up2Date Log
The first step is to check the Up2Date log for clues as to what the problem could be.
- Navigate to Management | Up2Date | Configuration
- Change the Firmware download option to Manual and click Apply
- Change the Pattern Download to Manual and click Apply
- Navigate to Management | Up2Date | Overview
- Open the livelog on this page or select Up2Date Messages
- Click the Check for Up2Date Packages Now button and watch the log
- Seeing the message below confirms the problem
Up2Date failed: Not enough free space for ‘/var/up2date/sys’
Clearing Up2Date Disk Space on Sophos UTM
To resolve the issue we will have to perform some tasks from the shell.
Note: This should only be done if you know what you are doing in the shell as it is possible to make changes to the UTM that may lead to it being unusable and requiring a rebuild. Before you start, make sure you have a backup and that you have downloaded it from the Sophos UTM and stored on another device.
If not already done, enable shell access on your Sophos UTM, then:
- Terminal to the Sophos UTM using a terminal tool such as Putty and log in as loginuser
- Elevate to root using su –
- Select the correct directory using cd /var/up2date/sys
- Use the following to check free space df –h . (include the .)
- Check for the presence of updates by using ls
- Delete all the updates using rm *
- Confirm all the updates are deleted using ls
- Use the following to check free space df –h . (include the .)
Trigger Up2Date Firmware Check
ACHTUNG! Hier am besten auf die UTM gehen und das Update Manuell hochladen!
Die Download Links haben wir ja da der SSH Verbindung!