sign in sign up
<<
Home , Install (Unix)

K33233632: After upgrade and reboot with Install Configuration set to , the BIG-IP appears to have hung or lost all configuration and mcpd, gtmd, named and others are in a restart loop

Support Solution

Original Publication Date: Jan 28, 2020

Update Date: Mar 25, 2021

Details

Description

After you upgrade the BIG-IP system to BIG-IP 14.1.2 and later, certain daemons (e.g. mcpd, gtmd, and named) may be in a restart loop and the BIG-IP appears to have hung or lost all configuration. Additionally, the device may exhibit the following symptoms:

You observe error messages similar to the following in /var/log/ltm (below is an example of an mcpd restart loop): err mcpd[8710]: 01070734:3: Configuration error: MCPProcessor::initializeDB: can't for directory (/config/filestore/files_d/) err (Permission denied). err mcpd[8710]: 01070596:3: An unexpected failure has occurred, can't chmod for directory (/config /filestore/files_d/) err (Permission denied). - sys/validation/FileObject.cpp, line 612, exiting... You observe error messages similar to the following in /var/log/ltm: 01420006:3: Loading configuration process failed. You observe error messages similar to the following in /var/log/auditd/audit.log (below is an example for an mcpd restart loop): Note: The message contains denied and unlabeled_t shown in bold below. type=AVC msg=audit(day_time): avc: denied { setattr } for pid=13624 ="mcpd" name=" external_monitor_d" dev="dm-11" ino=307 scontext=system_u:system_r:mcpd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=dir The Configuration utility displays the following: The configuration has not yet loaded. If this message persists, it may indicate a configuration problem.

Environment

BIG-IP 14.1.2 and later A BIG-IP Upgrade

Cause

The issues described in this article are caused by broken SELinux permissions due to Bug ID 862937

Recommended Actions Choose one of the following:

Perform the workaround in Bug ID 862937. Prior to upgrading to BIG-IP 14.1.2 and later, check the BigDB value is enabled for liveinstall. moveconfig and liveinstall.saveconfig with the following command:

tmsh list sys db liveinstall.moveconfig liveinstall.saveconfig

Then boot to the newly installed software by setting Install Configuration to No. When the Live Install BigDB settings are enabled, the configuration is automatically copied to the new boot location during upgrade. Setting the Install Configuration option to Yes is for situations when you've made changes to the configuration between the time you install the software and when you boot to the new boot location. For more information about the Live Install BigDB settings and how to modify them refer to, K13438: Controlling configuration import when performing software installations

Additional Information

Any BIG-IP daemon can be affected by this unlabeling issue. You can check which have not been labeled properly by running the command below:

-laRZ / 2> /dev/null | grep unlabel

Related Content

K24925704: Configuration load fails with error 01070734:3: Configuration error: undefined error at authz/ConfigWriter.cpp

Applies to:

Product: BIG-IP 16.0.X, 15.1.X, 15.0.X, 14.1.X