Sophos Cloud Central (10.0.4) for macOS

mickl089
Contributor III

Hello,

unfortunately there is no current script that still works to roll out Sophos. I have made several attempts to get Sophos onto the Macs (I use Big Sur) via Self Service and Auto Deploy. Current approach does not work.

3120966023bd4ab5981df7bae61f11c5

91041b7886674490b06f073d0c910474

Packed the Sophos installer in /private/var/tmp, deployed it as a pkg in Self Service and used this as the script:

#!/bin/sh

postinstall

# Created using this Sophos KB article:

https://community.sophos.com/kb/en-us/14179#v9.2+

sudo /private/var/tmp/sophos/Sophos Installer.app/Contents/MacOS/Sophos Installer --install;

# Remove installer

/bin/rm -rf /private/var/tmp/sophos; exit 0 ## Success exit 1 ## Failure

The installer is dropped correctly, but the installation does not start.

Are there any other ways I can offer Sophos 10.0.4?

Thank you!

19 REPLIES 19

mark_mahabir
Valued Contributor

Do you use Sophos Cloud? If so, one of the more recent scripts in this thread works well for us.

mickl089
Contributor III

Yes, Sophos Cloud.... thank you, i´ll try.

sirsir
Contributor

This script works fine for us.

#!/bin/sh

cd /tmp

if [[ -d "/tmp/Sophos Installer.app" ]]; then
    rm -rf /tmp/Sophos*
fi

# Update the URL as indicated in Sophos Admin Panel
curl -O your cloud url 
unzip SophosInstall.zip

chmod a+x ./Sophos Installer.app/Contents/MacOS/Sophos Installer
chmod a+x ./Sophos Installer.app/Contents/MacOS/tools/com.sophos.bootstrap.helper

./Sophos Installer.app/Contents/MacOS/Sophos Installer --install

exit 0

mickl089
Contributor III

@SirSir And what should i do with the SophosCloudConfig.plist? :-)

sirsir
Contributor

@mickl089

Are you talking about all the Configuration Profiles needed to run Sophos? If so, make sure you have all of this taken care of and deployed to your machine(s) before installing.

Edit: I haven't used a config.plist for the installation of Sophos before, just make sure to get the Sophos download link into that script and it should auto-configure to your Sophos Cloud.

jrippy
Contributor II

@SirSir Even with that KB link, I still have an issue with Sophos starting the servicemgr service on Big Sur. Catalina is fine, but something is not right with the PPPC and/or System Extensions that I have set up. Waiting on Sophos to respond back to a case we have open.
Also, there are discrepancies in that article between the numbered steps and the screenshots. The information is not the same between the two. Specifically under Big Sur steps 2-4. It looks like the discrepancy is only about display name which I believe is arbitrary and shouldn't make a difference, but given my issues, I'm wondering if that is actually the case.

dmillertds
Contributor

So far as I know, they're still not officially supporting Big Sur, no?

cradice
New Contributor III

Sophos officially supports Big Sur as of 10.0.4, but SophosScanD currently will stop functioning after updating to Big Sur from Catalina or Mojave.

jrippy
Contributor II

@dmillertds It depends on where you look. Most KB articles still say Big Sur is not supported, however they haven't been updated in months. If you look at the release notes for 10.0.4, it claims Big Sur is fully supported as well as support for the M1 chip via Rosetta2. Sophos 10.0.4

mickl089
Contributor III

@SirSir How did you get the download link? I can download Sophos in our Cloud Central, but I don't get the download link displayed or copied out :-(

mickl089
Contributor III

Now i´ve got a solution to install via Self Service: install pkg dropped in private/var/tmp/sophos and then a command under "files and processes: /private/var/tmp/sophos/Sophos Installer.app/Contents/MacOS/Sophos Installer --install --quiet

but then there is a prompt that you have to confirm, the install is not really silent. any suggestions?

jrippy
Contributor II

@mickl089 That is the same command I run except I don't have the --quiet part on mine and it installs silently.

mickl089
Contributor III

@jrippy is your command with sudo or without?

jrippy
Contributor II

@mickl089 Without sudo as Jamf runs commands as root already.

mickl089
Contributor III

@jrippy does this also apply to a script that I run instead of a command?

edit: one more question: Sophos needs a permission for the network extension, i created a config profile for this. is it possible to include this config profile somehow in my policy to prevent this event during the installation?

jrippy
Contributor II

@mickl089 As far as I am aware, whether the script runs in the Script payload or in the Files and Processes payload, it should run as root. I might be wrong about that, will just have to check.
As for the Network Extension config profile, you may just have to send that out a day or two before the install goes out to try to blanket your install base. If Sophos isn't installed yet, it shouldn't cause the config profile to fail, but if Sophos is installed before the config profile, you will run into issues as you've probably seen.

Mr_Meaves
New Contributor II

So I've tried a few variations of these install deployment scripts for Sophos and each time it comes back to a basic issue of it can't find the files /directories its created in the first place (/private/tmp/Sophos Installer) when it goes to run the chmod. I'm fairly new to jamf/deployments/macs so I apologize if I'm missing something obvious. I've tried running the scripts as my user, as a policy, and as a script via Jamf Remote tool.

Mr_Meaves
New Contributor II

Realized the issue, it wasn't reading the space in Sophos Installer. Not sure if that's due to settings in my BBEdit or saving it as an .sh.  Removing the spaces before I sent it to composer and likewise in the script made this work for me.

@Mr_Meaves Glad you got it figured out.  The spaces can definitely be tricky.