|Applies To||RSA Product Set: NetWitness Log & Network, Security Analytics|
RSA Version/Condition: 10.x
Platform: CentOS 6
Component: GRand Unified Bootloader (grub) (does NOT apply to grub2)
|Issue||The latest installed CentOS 6 kernel is not loaded when the Linux operating system is restarted after an RSA Security Analytics software update.|
Note: Not all software updates include an updated kernel-* RPM.
Currently Loaded Kernel:
The issue is present if the currently loaded kernel is lower than the latest kernel installed.
|Cause||There are multiple reasons why this issue may occur after a RSA NetWitness/Security Analytics software update. These include:|
In order to resolve the issue, a small tool called 'grubby-wrapper' has been written to make changes to grub.conf in the most automated manner possible. This tool can find the most recent kernel available on your system (when invoked with -d) and update grub.conf automatically so that it will be started on the next system boot.
The -i option is suggested if you are uncertain about making this change; this causes the tool to run interactively. In interactive mode, grubby-wrapper will collect all necessary information as usual, then pause just before making any changes and provide you the opportunity to exit the tool early.
To use this tool, first download the attached archive from this article. It is then necessary to transfer it to the target appliance with the scp or sftp protocol, or your preferred FTP client.
Unpack the containing archive (grubby-wrapper-22.214.171.124.tar.gz) with this command, executed from the directory where you stored it:
Invoke the script with this command, followed by at least one parameter.
The script must either receive -d to operate in default mode or else -k [kernel version]. If it does not receive any parameters or if it receives incorrect parameters, it will refer you to inline help (-h). So, for example, either:
...or else -k followed by the desired kernel version:
Other options are available for advanced users. Consult the inline help. Again, this is accessible by invoking grubby-wrapper with -h:
If you find that you cannot boot the resulting kernel entry after running grubby-wrapper, you should still be able to boot the previous version. By default, this backup boot entry may have the name of Boot.
It is possible to modify /boot/grub/grub.conf by hand. However, this increases the risk of modifications that may render the appliance un-bootable.
|Legacy Article ID||a67908|