000037064 - Upgrading to Authentication Manager 8.4 fails with the error message "Unable to delete file /opt/rsa/am/server/wrapper/backup/AdminServerWrapper.conf"

Document created by RSA Customer Support Employee on Jan 17, 2019
Version 1Show Document
  • Comment0
  • View in full screen mode

Article Content

Article Number000037064
Applies ToRSA Product Set:  SecurID
RSA Product/Service Type:  Authentication Manager
RSA Version/Condition:  8.3 or later
IssueApplying the RSA Authentication Manager 8.4 software update (rsa-am-update-8.4.0.0.0.iso) to an Authentication Manager 8.3 instance fails and services will not come back online. The following error is seen in the Advanced Status View for the update. 

[delete] Deleting: /opt/rsa/am/config/classpaths/replication.IMS.classpath
     [copy] Copying 1 file to /opt/rsa/am/config/classpaths
     [exec] Generating wrapper Class-Path Manifest JAR file.
     [exec] wrapper Class-Path Manifest JAR file generated successfully.
   [delete] Deleting: /opt/rsa/am/config/classpaths/wrapper.IMS.classpath
270673 2018-12-28 15:26:00,326 INFO: Generating the classpath jar used for thirdparty jars that are packaged outside the ear due to licensing restrictions.
Exception in thread "main" : Unable to delete file /opt/rsa/am/server/wrapper/backup/AdminServerWrapper.conf
 at org.apache.tools.ant.taskdefs.Delete.handle(Delete.java:704)
 at org.apache.tools.ant.taskdefs.Delete.removeDir(Delete.java:753)
 at org.apache.tools.ant.taskdefs.Delete.removeDir(Delete.java:749)
 at org.apache.tools.ant.taskdefs.Delete.removeDir(Delete.java:749)
 at org.apache.tools.ant.taskdefs.Delete.execute(Delete.java:571)
 at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:291)
 at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:106)
 at UpdateRollback.update_InvokeGroovy_Update_AM(UpdateRollback.groovy:460)
 at UpdateRollback$_update_closure2.doCall(UpdateRollback.groovy:45)
 at UpdateRollback$_update_closure2.doCall(UpdateRollback.groovy)
 at Utils.withArtifacts(Utils.groovy:48)
 at Utils$withArtifacts.call(Unknown Source)
 at UpdateRollback.update(UpdateRollback.groovy:37)
 at com.rsa.plugins.install.GroovyInstallEngine.invokeScript(GroovyInstallEngine.groovy:68)
 at com.rsa.plugins.install.GroovyInstallEngine$_runTask_closure2.doCall(GroovyInstallEngine.groovy:57)
 at com.rsa.plugins.install.GroovyInstallEngine.runTask(GroovyInstallEngine.groovy:56)
 at com.rsa.plugins.install.GroovyInstallEngine$_runTasks_closure3.doCall(GroovyInstallEngine.groovy:106)
 at com.rsa.plugins.install.GroovyInstallEngine.runTasks(GroovyInstallEngine.groovy:105)
 at com.rsa.plugins.install.GroovyInstallEngine$runTasks.call(Unknown Source)
 at com.rsa.plugins.install.CommandLineInstallEngine.main(CommandLineInstallEngine.groovy:40)
Configuration step UpdateRollback:update [FAILED]
[ERROR] Error: Failed to invoke update engine: Failed to apply the update.
java.lang.Exception: Failed to apply the update.
 at com.rsa.am.updateengine.tasks.BaseUpdateEngineTask.doExecute(BaseUpdateEngineTask.java:56)
 at com.rsa.am.updateengine.tasks.Task.execute(Task.java:136)
 at com.rsa.am.updateengine.components.impl.TaskManagerImpl.doExecuteTask(TaskManagerImpl.java:86)
 at com.rsa.am.updateengine.components.impl.TaskManagerImpl.execute(TaskManagerImpl.java:41)
 at com.rsa.am.updateengine.components.impl.UpdateInstallerImpl.run(UpdateInstallerImpl.java:29)
CauseThe /opt/rsa/am/server/wrapper/backup/ directory is owned by root. The Authentication Manager software update installer does not have enough permissions to modify the directory by removing the AdminServerWrapper.conf file, as the update installer is run by the rsaadmin user.
ResolutionTo remedy the problem, revert back to a good snapshot from the Authentication Manager virtual appliance that was taken before the issue happened. Otherwise, install a new instance of Authentication Manager and restore from backup. After that, use the following commands to correct the permissions of the aforementioned file. 
  1. SSH into Authentication Manager using the rsaadmin credentials.
  2. Login to the primary Authentication Manager server as rsaadmin and enter the operating system password.

Note that during Quick Setup another user name may have been selected. Use that user name to login.



  1. Change to root using the command sudo su -


sudo su -


  1. Navigate to the directory in question using the following command:


cd /opt/rsa/am/server/wrapper/


  1. Use the following command to check the current permissions of the backup directory:


ls -lsd backup/


  1. Change the owner of the directory and its content to be rsaadmin:


chown -R rsaadmin:rsaadmin backup/


  1. Make sure that the owner of the directory was changed successfully:


ls -lsd backup/


  1. Make sure that the owner of the content of the directory was changed successfully:


ls -lsR backup/


  1. Run the Authentication Manager 8.4 update again and the update should be successful. 

Attachments

    Outcomes