This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Aathi
Contributor
‎2019-07-17 04:58 AM

cp_conf sic init 1234 norestart is not working via ansible

Hi Team,

 

I am trying to reset the SIC without restart by using below command via ansible and getting the error .Kinldy help on this.

 

Playbook:

- name: SIC key generation
command: "{{ item }}"
with_items:

- /opt/CPshrd-R80/bin/cp_conf sic init Infy123+ norestart
- /opt/CPshrd-R80/bin/cpwd_admin stop -name CPD -path "/opt/CPshrd-R80/bin/cpd_admin" -command "cpd_admin stop"
- /opt/CPshrd-R80/bin/cpwd_admin start -name CPD -path "/opt/CPshrd-R80/bin/cpd" -command "cpd"

 

Error in ansible:

failed: [10.6 (item=/opt/CPshrd-R80/bin/cp_conf sic init Infy123+ norestart) => {"changed": true, "cmd": ["/opt/CPshrd-R80/bin/cp_conf", "sic", "init", "Infy123+", "norestart"], "delta": "0:00:00.018486", "end": "2019-07-17 07:50:20.309823", "item": "/opt/CPshrd-R80/bin/cp_conf sic init Infy123+ norestart", "msg": "non-zero return code", "rc": 127, "start": "2019-07-17 07:50:20.291337", "stderr": "/opt/CPshrd-R80/bin/cp_conf: error while loading shared libraries: libcpconfca.so: cannot open shared object file: No such file or directory", "stderr_lines": ["/opt/CPshrd-R80/bin/cp_conf: error while loading shared libraries: libcpconfca.so: cannot open shared object file: No such file or directory"], "stdout": "", "stdout_lines": []}


failed:  (item=/opt/CPshrd-R80/bin/cpwd_admin stop -name CPD -path "/opt/CPshrd-R80/bin/cpd_admin" -command "cpd_admin stop") => {"changed": true, "cmd": ["/opt/CPshrd-R80/bin/cpwd_admin", "stop", "-name", "CPD", "-path", "/opt/CPshrd-R80/bin/cpd_admin", "-command", "cpd_admin stop"], "delta": "0:00:00.019825", "end": "2019-07-17 07:50:20.956607", "item": "/opt/CPshrd-R80/bin/cpwd_admin stop -name CPD -path \"/opt/CPshrd-R80/bin/cpd_admin\" -command \"cpd_admin stop\"", "msg": "non-zero return code", "rc": 127, "start": "2019-07-17 07:50:20.936782", "stderr": "/opt/CPshrd-R80/bin/cpwd_admin: error while loading shared libraries: libcpwd_is.so: cannot open shared object file: No such file or directory", "stderr_lines": ["/opt/CPshrd-R80/bin/cpwd_admin: error while loading shared libraries: libcpwd_is.so: cannot open shared object file: No such file or directory"], "stdout": "", "stdout_lines": []}


failed:  (item=/opt/CPshrd-R80/bin/cpwd_admin start -name CPD -path "/opt/CPshrd-R80/bin/cpd" -command "cpd") => {"changed": true, "cmd": ["/opt/CPshrd-R80/bin/cpwd_admin", "start", "-name", "CPD", "-path", "/opt/CPshrd-R80/bin/cpd", "-command", "cpd"], "delta": "0:00:00.019049", "end": "2019-07-17 07:50:21.613861", "item": "/opt/CPshrd-R80/bin/cpwd_admin start -name CPD -path \"/opt/CPshrd-R80/bin/cpd\" -command \"cpd\"", "msg": "non-zero return code", "rc": 127, "start": "2019-07-17 07:50:21.594812", "stderr": "/opt/CPshrd-R80/bin/cpwd_admin: error while loading shared libraries: libcpwd_is.so: cannot open shared object file: No such file or directory", "stderr_lines": ["/opt/CPshrd-R80/bin/cpwd_admin: error while loading shared libraries: libcpwd_is.so: cannot open shared object file: No such file or directory"], "stdout": "", "stdout_lines": []}

 

Kinldy help on this.

 

Regards

Athimoolam.A

0 Kudos
Reply
15 Replies
Timothy_Hall
Champion
Champion
‎2019-07-17 05:08 AM

You are missing various environment variables required cp_conf to run, namely $LD_LIBRARY_PATH.

Execute something like this prior to all the other commands and try again:

source  /opt/CPshrd-R80/tmp/.CPprofile.sh

or

.  /opt/CPshrd-R80/tmp/.CPprofile.sh

 

Gaia 3.10 Immersion Self-paced Video Series
now available at http://www.maxpowerfirewalls.com
0 Kudos
Reply
Aathi
Contributor
‎2019-07-17 05:41 AM
In response to Timothy_Hall

HI Timothy,

 

Thank you so much for your update.

I tried as below but still getting the error.

 

- name: SIC key generation
command: "{{ item }}"
with_items:
- ./opt/CPshrd-R80/tmp/.CPprofile.sh
- /opt/CPshrd-R80/bin/cp_conf sic init Infy123+ norestart
- /opt/CPshrd-R80/bin/cpwd_admin stop -name CPD -path "/opt/CPshrd-R80/bin/cpd_admin" -command "cpd_admin stop"
- /opt/CPshrd-R80/bin/cpwd_admin start -name CPD -path "/opt/CPshrd-R80/bin/cpd" -command "cpd"

 

 

Error:

failed:  (item=./opt/CPshrd-R80/tmp/.CPprofile.sh) => {"changed": false, "cmd": "./opt/CPshrd-R80/tmp/.CPprofile.sh", "item": "./opt/CPshrd-R80/tmp/.CPprofile.sh", "msg": "[Errno 2] No such file or directory", "rc": 2}

Regards

Aathi

0 Kudos
Reply
G_W_Albrecht
Champion
Champion
‎2019-07-17 05:48 AM
In response to Aathi

It is really the file  $CPDIR/conf/.CPprofile.sh, that  is /var/opt/CPshrd-R80.30/conf/.CPprofile.sh !!!

0 Kudos
Reply
Aathi
Contributor
‎2019-07-17 06:03 AM
In response to G_W_Albrecht

Hi Albrecht,

Still i am getting the same error.Kinldy help on this.
failed: [10.66.40.162] (item=./var/opt/CPshrd-R80.30/conf/.CPprofile.sh) => {"changed": false, "cmd": "./var/opt/CPshrd-R80.30/conf/.CPprofile.sh", "item": "./var/opt/CPshrd-R80.30/conf/.CPprofile.sh", "msg": "[Errno 2] No such file or directory", "rc": 2}

Regards
Aathi
0 Kudos
Reply
Timothy_Hall
Champion
Champion
‎2019-07-17 06:05 AM
In response to Aathi

The space after the period matters:

.   /var/opt/CPshrd-R80.30/conf/.CPprofile.sh

 

 

Gaia 3.10 Immersion Self-paced Video Series
now available at http://www.maxpowerfirewalls.com
0 Kudos
Reply
Aathi
Contributor
‎2019-07-17 09:36 PM
In response to Timothy_Hall

Hi Hall,

Getting the below error now
failed: [10.66.40.162] (item=. /var/opt/CPshrd-R80.30/conf/.CPprofile.sh) => {"changed": false, "cmd": ". /var/opt/CPshrd-R80.30/conf/.CPprofile.sh", "item": ". /var/opt/CPshrd-R80.30/conf/.CPprofile.sh", "msg": "[Errno 13] Permission denied", "rc": 13}

Please help on this,

Regards
Aathi
0 Kudos
Reply
Timothy_Hall
Champion
Champion
‎2019-07-18 05:35 AM
In response to Aathi

Try:

source  /var/opt/CPshrd-R80.30/conf/.CPprofile.sh

 

Gaia 3.10 Immersion Self-paced Video Series
now available at http://www.maxpowerfirewalls.com
0 Kudos
Reply
Aathi
Contributor
‎2019-07-18 08:34 AM
In response to Timothy_Hall

Hi
Please find the below error:
ASK [SIC key generation] **********************************************************************************************************************************************
[WARNING]: sftp transfer mechanism failed on [10.66.40.162]. Use ANSIBLE_DEBUG=1 to see detailed information

fatal: [10.66.40.162]: FAILED! => {"changed": false, "cmd": "source /var/opt/CPshrd-R80/conf/.CPprofile.sh", "msg": "[Errno 2] No such file or directory", "rc": 2}
...ignoring

TASK [2nd command] *****************************************************************************************************************************************************
[WARNING]: sftp transfer mechanism failed on [10.66.40.162]. Use ANSIBLE_DEBUG=1 to see detailed information

fatal: [10.66.40.162]: FAILED! => {"changed": false, "cmd": "cp_conf sic init abc123 norestart", "msg": "[Errno 2] No such file or directory", "rc": 2}
...ignoring

Plybook:
- hosts: "Gaia"
gather_facts: no
connection: local
ignore_errors: True
tasks:
- name: "SIC key generation"
command: source /var/opt/CPshrd-R80/conf/.CPprofile.sh
- name: " 2nd command"
command: cp_conf sic init abc123 norestart
0 Kudos
Reply
Timothy_Hall
Champion
Champion
‎2019-07-18 08:37 AM
In response to Aathi

Please read my last post again.  You are using the wrong directory path.

 

Gaia 3.10 Immersion Self-paced Video Series
now available at http://www.maxpowerfirewalls.com
0 Kudos
Reply
Aathi
Contributor
‎2019-07-18 08:54 AM
In response to Timothy_Hall

Hi
I am using R80.10 gateway.Plese find the below manual output.
[Expert@NTEG:0]# cat /var/opt/CPshrd-R80.30/conf/.CPprofile.sh
cat: /var/opt/CPshrd-R80.30/conf/.CPprofile.sh: No such file or directory
[Expert@NTEG:0]# cat /var/opt/CPshrd-R80/conf/.CPprofile.sh
. /opt/CPshrd-R80/scripts/cpprofile_functions.sh
_cpprof_add CPDIR /opt/CPshrd-R80 1 1
_cpprof_dir PATH $CPDIR/util 1
_cpprof_add CPAPACHEDIR "/opt/CPshrd-R80/web/Apache" 1 1
#CPPostgreSQL Start DON'T REMOVE MANUALLY
PG_LIB_PATH=$CPDIR/database/postgresql/lib
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$PG_LIB_PATH ; export LD_LIBRARY_PATH
#CPPostgreSQL End DON'T REMOVE MANUALLY
LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:${CPDIR}/lib64 ; export LD_LIBRARY_PATH
_cpprof_add FWDIR "/opt/CPsuite-R80/fw1" 1 1
_cpprof_add MDS_FWDIR "/opt/CPsuite-R80/fw1" 0 0
_cpprof_add CPMDIR "/opt/CPsuite-R80/fw1" 0 0
_cpprof_add SUDIR "/opt/CPsuite-R80/fw1/sup" 0 0
_cpprof_add SUROOT "/var/log/cpupgrade/suroot" 0 0
_cpprof_add FW_BOOT_DIR "/etc/fw.boot" 0 0
_cpprof_add NGM_SOLR_LOCAL_PATH "/opt/CPsuite-R80/fw1/Solr" 0 0
_cpprof_add JAVA_HOME "/opt/CPsuite-R80/fw1/jre" 1 0
_cpprof_add NGM_MEM "2048" 0 0
_cpprof_add PGDIR "/opt/CPshrd-R80/database/postgresql" 0 0
_cpprof_add PGDATA "/opt/CPshrd-R80/database/postgresql/data" 0 0
_cpprof_add DONT_LOAD_FWM_OBJECTS "1" 0 0
_cpprof_add CLASSPATH "/opt/CPsuite-R80/fw1/ngm" 0 0
LD_LIBRARY_PATH=/opt/uf/SecureComputing/lib:${LD_LIBRARY_PATH} ; export LD_LIBRARY_PATH ; hash 1>/dev/null 2>&1
UCPORTALDIR_HOME=/opt/CPUserCheckPortal ; export UCPORTALDIR_HOME ; hash 1>/dev/null 2>&1
DLPDIR=/opt/CPsuite-R80/fw1/dlp ; export DLPDIR
PATH=${PATH}:${FWDIR}/oracle_oi/sdk ; export PATH ; hash 1>/dev/null 2>&1
LD_LIBRARY_PATH=${FWDIR}/oracle_oi/sdk:${LD_LIBRARY_PATH} ; export LD_LIBRARY_PATH ; hash 1>/dev/null 2>&1
POSTFIX_DIR=/opt/postfix ; export POSTFIX_DIR ; hash 1>/dev/null 2>&1
MAIL_CONFIG=/opt/postfix/etc/postfix ; export MAIL_CONFIG ; hash 1>/dev/null 2>&1
_cpprof_add JAVA_HOME "/opt/CPshrd-R80/jre_32" 1 0
_cpprof_add JAVA_HOME_32 "/opt/CPshrd-R80/jre_32" 0 0
_cpprof_add JAVA_HOME_64 "/opt/CPshrd-R80/jre_64" 0 0
_cpprof_add JETTY_HOME "/opt/CPshrd-R80/jetty" 0 0
_cpprof_add FGDIR "/opt/CPsuite-R80/fg1" 1 1
_cpprof_add DADIR "/opt/CPda" 1 0
_cpprof_add INFODIR "/opt/CPinfo-10" -1 0

Please help me on this
0 Kudos
Reply
Timothy_Hall
Champion
Champion
‎2019-07-18 09:06 AM
In response to Aathi

source  /var/opt/CPshrd-R80.10/conf/.CPprofile.sh

 

Gaia 3.10 Immersion Self-paced Video Series
now available at http://www.maxpowerfirewalls.com
0 Kudos
Reply
Aathi
Contributor
‎2019-07-18 09:35 AM
In response to Timothy_Hall

Please find the blow output
[Expert@INTEG:0]# fw ver
This is Check Point's software version R80.10 - Build 435
[Expert@INTEG:0]# source /var/opt/CPshrd-R80.10/conf/.CPprofile.sh
-bash: /var/opt/CPshrd-R80.10/conf/.CPprofile.sh: No such file or directory
[Expert@INTEG:0]# cd /var/opt/
[Expert@INTEG:0]# ls
CPshrd-R80 CPsuite-R80 fw.boot uf
0 Kudos
Reply
Timothy_Hall
Champion
Champion
‎2019-07-18 10:08 AM
In response to Aathi

source   /var/opt/CPshrd-R80/conf/.CPprofile.sh

Gaia 3.10 Immersion Self-paced Video Series
now available at http://www.maxpowerfirewalls.com
0 Kudos
Reply
Aathi
Contributor
‎2019-07-18 10:11 AM
In response to Timothy_Hall

i tried this command already on previous post getting the same error.Please help me to close this issue.
0 Kudos
Reply
Aathi
Contributor
‎2019-07-18 08:21 PM
In response to Aathi

HI 

The below format is working for me.

with_items:
- clish -c 'cp_conf sic init abc123 norestart'
- clish -c 'cpwd_admin stop -name CPD -path "$CPDIR/bin/cpd_admin" -command "cpd_admin stop"'
- clish -c 'cpstart'

Anyhow .Please let me know is there any other way to make it work for below commands.

/opt/CPshrd-R80/bin/cp_conf sic init abc123 norestart
/opt/CPshrd-R80/bin/cpwd_admin stop -name CPD -path "/opt/CPshrd-R80/bin/cpd_admin" -command "cpd_admin stop"
/opt/CPshrd-R80/bin/cpwd_admin start -name CPD -path "/opt/CPshrd-R80/bin/cpd" -command "cpd"

 

Regards

Athimoolam.A

 

 

 

 

0 Kudos
Reply