Up
Previous Next

Sheriff CSMâ„¢

Operating System Upgrade in Version 5.8.0

Sheriff CSM version 5.8.0 includes an operating system (OS) upgrade to improve the performance and security of your deployment. The upgrade process consists of three parts:

  • Perform Pre-Checks: Runs a set of diagnostic checks to ensure that your deployment meets AT&T Cybersecurity's requirements.
  • Update OS Packages: Brings the OS packages to the designated versions.
  • Update Sheriff CSM Packages: Brings the Sheriff CSM specific packages to the designated versions.

The upgrade process aborts if any of the pre-checks fail. The following table lists the various errors you may receive. If you need help passing these checks, please contact AT&T Cybersecurity Technical Support.

Pre-Check Error Codes and Messages
Error CodeError Message
1 sheriff-update is already running ... exiting.
2 System cannot be updated because a vulnerability scan is currently running. Try again later.
3 The system must be rebooted. Please, reboot the system before starting the update process.
4 The verification process could not be completed. Signature file not found.
5 The verification process could not be completed. Signature is invalid.
6 System cannot connect to APT. Execute 'dpkg --configure -a --force-confnew' to correct the problem.
22 Unable to obtain database password. Please, check your vigilante_setup.conf file.
23 mysqlcheck command not found.
24 Your database is corrupted and cannot be repaired.
27 It seems that there are more than 200M events in the database or your indexes are corrupted.
29 Cannot change repositories.
31 Error downloading packages.
32 Error while updating a major version.
33 Error while updating a major version (MariaDB cannot be installed).
34 Error while updating a major version (Squid cannot be installed).
35 vigilante_setup.conf has been removed. Try to recover a backup from /etc/vigilante/.
36 Error updating sources list.
40 Dash shell cannot be installed.
42 Sheriff preseeds cannot be set.
50 Parsing error: Some command line arguments are unknown. Please, type sheriff-update --help for more information.
51 System must be running v5.7.6 to perform an OS update.
52 System is unstable, some packages are not correctly installed and configured.
53 Your system does not meet the minimum requirements (For more information, review https://cdn-cybersecurity.att.com/docs/data-sheets/usm-appliance.pdf).
54 Your system has less partitions than required in /dev/sda, please contact with support.
55 System is running in HA mode. If you want to update your system, please disable the HA system by running sheriff-ha-assistant -d, and then update.
56 CPU usage is above 90%, the OS update requires CPU usage to be below the threshold.
57 Sheriff CSM cannot be updated, packages cannot be installed.
58 No profiles found in your system.
59 vigilante_setup.conf is corrupted. Profiles not found. Try to recover a backup from /etc/vigilante/."
60 The command apt-get update failed. Please, check your internet connection.
61 You don't have enough disk space. Please, free up space on your hard drive.
62 A problem occurred checking your Sheriff CSM license. Please, check the update log for more information.
64 Database schema version mismatch.
65 Packages cannot be downloaded. Please, check the update log for more information.
66 Failed to install package from Threat Intelligence update.
67 Apt command cannot be updated
68 System is unstable, some packages have not been updated to the latest version.
69 bash script was executed isolatedly. Please, use sheriff-update command instead.
70 MySQL cannot be started.

You may also receive some warnings from running these pre-checks. See the following table for details.AT&T Cybersecurity recommends that you review the warning messages and correct as many issues as possible, but you can proceed with the upgrade by entering y when the system asks if you want to continue.

Pre-Check Warnings
NumberWarning Message
1 SSH Session detected. Sheriff recommends updating the system from a terminal to prevent possible connection problems during the update.
2 The verification process could not be completed. User agent signature is invalid.
3 There is no connection. UserAgent will not be downloaded.
4 apt-get --yes autoremove --purge could not be executed.
5 Failed to install libhyperscan!
6 No event backup with less than 14 days found. It's recommended creating a new backup and copying it to an external device.
7 No configuration backup with less than 14 days found. It's recommended creating a new backup and copying it to an external device.
8 NfSen backup cannot be created.
9 MySQL backups cannot be created.
10 MySQL backups cannot be restored.
11 Default api periodic tasks cannot be enabled.
12 Default api periodic tasks cannot be disabled.
13 New Squid configuration cannot be applied.
14 Squid backup cannot be created.
15 Squid backup cannot be restored.
16 Nagios module cannot be disabled in Apache server.
17 Nagios module cannot be enabled in Apache server.
18 More than 3 partitions has been detected in /dev/sda. It's recommended contacting with support before proceeding.

Because Sheriff CSM needs to reboot during the OS upgrade, you cannot perform this particular update from the browser. For the same reason, it is not recommended to run the upgrade from an SSH session either. Please run the update from a terminal or a virtual machine (VM) console.

To upgrade the OS
  1. Launch the Sheriff Console and use your credentials to log in.

    The Sheriff Setup menu displays.

  2. Select System Preferences.

  3. Select Update Sheriff System.

  4. Select Upgrade Operating System or Upgrade Operating System (Offline), and then press Enter. If choosing offline, see Update Sheriff CSM Offline on how to prepare the ISO image.

    Important: These two options are only available in Sheriff CSM version 5.7.6.

  5. Confirm your selection by pressing Enter.

    The upgrade process starts, writing its progress to /var/log/sheriff/update/sheriff57to58-update-<timestamp>.log.

    For example:

    You can check the log file periodically to monitor the progress. This upgrade can take more than 30 minutes to finish.

Topic revision: r15 - 11 Jun 2022, SheriffCyberSecurity
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.