Sophos UTM 9.5: Migrate existing installation to 64bit database!

Martin 08/05/2017

With the new UTM 9.5, existing installations will not be upgraded to the 64bit Postgres database, for this to happen you will have to do the following via “console” or SSH (SSH connection HAS to be stable during upgrade!!)

Please read this:
https://community.sophos.com/products/unified-threat-management/unified-threat-management-beta/sophos-utm-9-5-beta/f/sophos-utm-9-5-public-beta/90667/question-answered-database-upgrade

SSH into UTM:

Execute command:

“/usr/local/bin/pg_migrate64.sh”

———————————————————————————————–

fw01:/home/login # /usr/local/bin/pg_migrate64.sh

========================================
This script migrates a existing 32bit
postgres server instance to 64bit.
========================================

Depending on the size of your reporting
data, this could lead to a significant
database downtime.
Also notice that you should NOT terminate
this script while running. Consider using
“screen” if you have an unstable SSH
connection.

Enter “yes” to continue:
yes

========================================
Checking pre-conditions for db migration
========================================
You need to change the value of POSTGRES_ARCH to “64” in
/var/storage/pgsql92/postgres.default.
Should it be changed automatically?
Enter “yes” or “no”:
yes
Set POSTGRES_ARCH to “64” in /var/storage/pgsql92/postgres.default

========================================
Created backup dir:
/var/log/postgres_migration64
========================================
========================================
Creating complete database dump:
database-pgdumpall.bz2
========================================

:: Stopping PostgreSQL done

========================================
Erasing db files
========================================
========================================
Restoring complete database:
database-pgdumpall.bz2
========================================

:: Initializing the PostgreSQL database done
:: Starting PostgreSQL done
:: Restarting SMTP Proxy
:: Stopping SMTP Proxy
[ ok ]
:: Starting SMTP Proxy
[ ok ]
[ ok ]
auto-truncating process name to 15 chars (-> proc limitation)

##################
2017-05-08 08:49:49.032 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:69()
| Starting ADBS maintenance run

##################
2017-05-08 08:49:49.032 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:75()
| operating on table appcontrol (keep_days 90)

##################
2017-05-08 08:49:49.045 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:77()
| finished ADBS maintenance run on appcontrol

##################
2017-05-08 08:49:49.046 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:75()
| operating on table waf (keep_days 90)

##################
2017-05-08 08:49:49.046 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:77()
| finished ADBS maintenance run on waf

##################
2017-05-08 08:49:49.046 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:75()
| operating on table websecurity (keep_days 90)

##################
2017-05-08 08:49:49.047 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:77()
| finished ADBS maintenance run on websecurity

##################
2017-05-08 08:49:49.047 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:75()
| operating on table websec_searches (keep_days 90)

##################
2017-05-08 08:49:49.047 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:77()
| finished ADBS maintenance run on websec_searches

##################
2017-05-08 08:49:49.047 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:75()
| operating on table waf_events (keep_days 90)

##################
2017-05-08 08:49:49.048 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:77()
| finished ADBS maintenance run on waf_events

##################
2017-05-08 08:49:49.048 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:75()
| operating on table auth (keep_days 90)

##################
2017-05-08 08:49:49.048 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:77()
| finished ADBS maintenance run on auth

##################
2017-05-08 08:49:49.048 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:75()
| operating on table atp (keep_days 90)

##################
2017-05-08 08:49:49.049 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:77()
| finished ADBS maintenance run on atp

##################
2017-05-08 08:49:49.049 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:75()
| operating on table mailsec (keep_days 90)

##################
2017-05-08 08:49:49.049 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:77()
| finished ADBS maintenance run on mailsec

##################
2017-05-08 08:49:49.049 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:75()
| operating on table ips (keep_days 90)

##################
2017-05-08 08:49:49.050 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:77()
| finished ADBS maintenance run on ips

##################
2017-05-08 08:49:49.050 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:75()
| operating on table pfilter (keep_days 90)

##################
2017-05-08 08:49:49.440 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:77()
| finished ADBS maintenance run on pfilter

##################
2017-05-08 08:49:49.440 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:75()
| operating on table accounting (keep_days 90)

##################
2017-05-08 08:49:49.441 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:77()
| finished ADBS maintenance run on accounting

##################
2017-05-08 08:49:49.441 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:75()
| operating on table websec_visits (keep_days 90)

##################
2017-05-08 08:49:49.441 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:77()
| finished ADBS maintenance run on websec_visits

##################
2017-05-08 08:49:49.441 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:75()
| operating on table websec_sessions (keep_days 90)

##################
2017-05-08 08:49:49.442 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:77()
| finished ADBS maintenance run on websec_sessions

##################
2017-05-08 08:49:49.442 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:75()
| operating on table vpn (keep_days 90)

##################
2017-05-08 08:49:49.442 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::expire_db:77()
| finished ADBS maintenance run on vpn

##################
2017-05-08 08:49:49.442 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::main:53()
| cleaning anonymizing mappings

##################
2017-05-08 08:49:49.442 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::clean_mailanon:87()
| cleaning mail anonymizing mappings

##################
2017-05-08 08:49:50.163 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::clean_webanon:131()
| cleaning web anonymizing mappings

##################
2017-05-08 08:49:50.453 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::clean_webcategories:117()
| cleaning web request categories

##################
2017-05-08 08:49:50.505 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::cleanup_db:180()
| running vacuum tasks

##################
2017-05-08 08:52:19.733 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::ipcount:195()
| running count_active_ip.plx

##################
2017-05-08 08:52:20.036 INFORMATIVE MESSAGE adbs-maintenance[21858]: main::main:60()
| finished ADBS maintenance run

You’re nearly done. It may be useful to save the
created database backup somewhere safe. Otherwise
we can remove the database backup from the system.

Remove the created database backup?
Enter “yes” or “no”:
yes

DONE.

fw01:/home/login #

————————————————————————————–

Note: New installations of UTM 9.5 will already run as 64bit db, and therefore the upgrade above, is not needed. This is only for UTM 9.5 upgrades.

 

About the Author

Leave a Reply