Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Contributor

cp_conf sic init 1234 norestart is not working via ansible

Hi Team,

 

I am trying to reset the SIC without restart by using below command via ansible and getting the error .Kinldy help on this.

 

Playbook:

- name: SIC key generation
command: "{{ item }}"
with_items:

- /opt/CPshrd-R80/bin/cp_conf sic init Infy123+ norestart
- /opt/CPshrd-R80/bin/cpwd_admin stop -name CPD -path "/opt/CPshrd-R80/bin/cpd_admin" -command "cpd_admin stop"
- /opt/CPshrd-R80/bin/cpwd_admin start -name CPD -path "/opt/CPshrd-R80/bin/cpd" -command "cpd"

 

Error in ansible:

failed: [10.6 (item=/opt/CPshrd-R80/bin/cp_conf sic init Infy123+ norestart) => {"changed": true, "cmd": ["/opt/CPshrd-R80/bin/cp_conf", "sic", "init", "Infy123+", "norestart"], "delta": "0:00:00.018486", "end": "2019-07-17 07:50:20.309823", "item": "/opt/CPshrd-R80/bin/cp_conf sic init Infy123+ norestart", "msg": "non-zero return code", "rc": 127, "start": "2019-07-17 07:50:20.291337", "stderr": "/opt/CPshrd-R80/bin/cp_conf: error while loading shared libraries: libcpconfca.so: cannot open shared object file: No such file or directory", "stderr_lines": ["/opt/CPshrd-R80/bin/cp_conf: error while loading shared libraries: libcpconfca.so: cannot open shared object file: No such file or directory"], "stdout": "", "stdout_lines": []}


failed:  (item=/opt/CPshrd-R80/bin/cpwd_admin stop -name CPD -path "/opt/CPshrd-R80/bin/cpd_admin" -command "cpd_admin stop") => {"changed": true, "cmd": ["/opt/CPshrd-R80/bin/cpwd_admin", "stop", "-name", "CPD", "-path", "/opt/CPshrd-R80/bin/cpd_admin", "-command", "cpd_admin stop"], "delta": "0:00:00.019825", "end": "2019-07-17 07:50:20.956607", "item": "/opt/CPshrd-R80/bin/cpwd_admin stop -name CPD -path \"/opt/CPshrd-R80/bin/cpd_admin\" -command \"cpd_admin stop\"", "msg": "non-zero return code", "rc": 127, "start": "2019-07-17 07:50:20.936782", "stderr": "/opt/CPshrd-R80/bin/cpwd_admin: error while loading shared libraries: libcpwd_is.so: cannot open shared object file: No such file or directory", "stderr_lines": ["/opt/CPshrd-R80/bin/cpwd_admin: error while loading shared libraries: libcpwd_is.so: cannot open shared object file: No such file or directory"], "stdout": "", "stdout_lines": []}


failed:  (item=/opt/CPshrd-R80/bin/cpwd_admin start -name CPD -path "/opt/CPshrd-R80/bin/cpd" -command "cpd") => {"changed": true, "cmd": ["/opt/CPshrd-R80/bin/cpwd_admin", "start", "-name", "CPD", "-path", "/opt/CPshrd-R80/bin/cpd", "-command", "cpd"], "delta": "0:00:00.019049", "end": "2019-07-17 07:50:21.613861", "item": "/opt/CPshrd-R80/bin/cpwd_admin start -name CPD -path \"/opt/CPshrd-R80/bin/cpd\" -command \"cpd\"", "msg": "non-zero return code", "rc": 127, "start": "2019-07-17 07:50:21.594812", "stderr": "/opt/CPshrd-R80/bin/cpwd_admin: error while loading shared libraries: libcpwd_is.so: cannot open shared object file: No such file or directory", "stderr_lines": ["/opt/CPshrd-R80/bin/cpwd_admin: error while loading shared libraries: libcpwd_is.so: cannot open shared object file: No such file or directory"], "stdout": "", "stdout_lines": []}

 

Kinldy help on this.

 

Regards

Athimoolam.A

0 Kudos
15 Replies
Highlighted
Champion
Champion

You are missing various environment variables required cp_conf to run, namely $LD_LIBRARY_PATH.

Execute something like this prior to all the other commands and try again:

source  /opt/CPshrd-R80/tmp/.CPprofile.sh

or

.  /opt/CPshrd-R80/tmp/.CPprofile.sh

 

R80.40 addendum for book "Max Power 2020" now available
for free download at http://www.maxpowerfirewalls.com
0 Kudos
Highlighted
Contributor

HI Timothy,

 

Thank you so much for your update.

I tried as below but still getting the error.

 

- name: SIC key generation
command: "{{ item }}"
with_items:
- ./opt/CPshrd-R80/tmp/.CPprofile.sh
- /opt/CPshrd-R80/bin/cp_conf sic init Infy123+ norestart
- /opt/CPshrd-R80/bin/cpwd_admin stop -name CPD -path "/opt/CPshrd-R80/bin/cpd_admin" -command "cpd_admin stop"
- /opt/CPshrd-R80/bin/cpwd_admin start -name CPD -path "/opt/CPshrd-R80/bin/cpd" -command "cpd"

 

 

Error:

failed:  (item=./opt/CPshrd-R80/tmp/.CPprofile.sh) => {"changed": false, "cmd": "./opt/CPshrd-R80/tmp/.CPprofile.sh", "item": "./opt/CPshrd-R80/tmp/.CPprofile.sh", "msg": "[Errno 2] No such file or directory", "rc": 2}

Regards

Aathi

0 Kudos
Highlighted
Champion
Champion

It is really the file  $CPDIR/conf/.CPprofile.sh, that  is /var/opt/CPshrd-R80.30/conf/.CPprofile.sh !!!

0 Kudos
Highlighted
Contributor

Hi Albrecht,

Still i am getting the same error.Kinldy help on this.
failed: [10.66.40.162] (item=./var/opt/CPshrd-R80.30/conf/.CPprofile.sh) => {"changed": false, "cmd": "./var/opt/CPshrd-R80.30/conf/.CPprofile.sh", "item": "./var/opt/CPshrd-R80.30/conf/.CPprofile.sh", "msg": "[Errno 2] No such file or directory", "rc": 2}

Regards
Aathi
0 Kudos
Highlighted
Champion
Champion

The space after the period matters:

.   /var/opt/CPshrd-R80.30/conf/.CPprofile.sh

 

 

R80.40 addendum for book "Max Power 2020" now available
for free download at http://www.maxpowerfirewalls.com
0 Kudos
Highlighted
Contributor

Hi Hall,

Getting the below error now
failed: [10.66.40.162] (item=. /var/opt/CPshrd-R80.30/conf/.CPprofile.sh) => {"changed": false, "cmd": ". /var/opt/CPshrd-R80.30/conf/.CPprofile.sh", "item": ". /var/opt/CPshrd-R80.30/conf/.CPprofile.sh", "msg": "[Errno 13] Permission denied", "rc": 13}

Please help on this,

Regards
Aathi
0 Kudos
Highlighted
Champion
Champion

Try:

source  /var/opt/CPshrd-R80.30/conf/.CPprofile.sh

 

R80.40 addendum for book "Max Power 2020" now available
for free download at http://www.maxpowerfirewalls.com
0 Kudos
Highlighted
Contributor

Hi
Please find the below error:
ASK [SIC key generation] **********************************************************************************************************************************************
[WARNING]: sftp transfer mechanism failed on [10.66.40.162]. Use ANSIBLE_DEBUG=1 to see detailed information

fatal: [10.66.40.162]: FAILED! => {"changed": false, "cmd": "source /var/opt/CPshrd-R80/conf/.CPprofile.sh", "msg": "[Errno 2] No such file or directory", "rc": 2}
...ignoring

TASK [2nd command] *****************************************************************************************************************************************************
[WARNING]: sftp transfer mechanism failed on [10.66.40.162]. Use ANSIBLE_DEBUG=1 to see detailed information

fatal: [10.66.40.162]: FAILED! => {"changed": false, "cmd": "cp_conf sic init abc123 norestart", "msg": "[Errno 2] No such file or directory", "rc": 2}
...ignoring

Plybook:
- hosts: "Gaia"
gather_facts: no
connection: local
ignore_errors: True
tasks:
- name: "SIC key generation"
command: source /var/opt/CPshrd-R80/conf/.CPprofile.sh
- name: " 2nd command"
command: cp_conf sic init abc123 norestart
0 Kudos
Highlighted
Champion
Champion

Please read my last post again.  You are using the wrong directory path.

 

R80.40 addendum for book "Max Power 2020" now available
for free download at http://www.maxpowerfirewalls.com
0 Kudos
Contributor

Hi
I am using R80.10 gateway.Plese find the below manual output.
[Expert@NTEG:0]# cat /var/opt/CPshrd-R80.30/conf/.CPprofile.sh
cat: /var/opt/CPshrd-R80.30/conf/.CPprofile.sh: No such file or directory
[Expert@NTEG:0]# cat /var/opt/CPshrd-R80/conf/.CPprofile.sh
. /opt/CPshrd-R80/scripts/cpprofile_functions.sh
_cpprof_add CPDIR /opt/CPshrd-R80 1 1
_cpprof_dir PATH $CPDIR/util 1
_cpprof_add CPAPACHEDIR "/opt/CPshrd-R80/web/Apache" 1 1
#CPPostgreSQL Start DON'T REMOVE MANUALLY
PG_LIB_PATH=$CPDIR/database/postgresql/lib
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$PG_LIB_PATH ; export LD_LIBRARY_PATH
#CPPostgreSQL End DON'T REMOVE MANUALLY
LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:${CPDIR}/lib64 ; export LD_LIBRARY_PATH
_cpprof_add FWDIR "/opt/CPsuite-R80/fw1" 1 1
_cpprof_add MDS_FWDIR "/opt/CPsuite-R80/fw1" 0 0
_cpprof_add CPMDIR "/opt/CPsuite-R80/fw1" 0 0
_cpprof_add SUDIR "/opt/CPsuite-R80/fw1/sup" 0 0
_cpprof_add SUROOT "/var/log/cpupgrade/suroot" 0 0
_cpprof_add FW_BOOT_DIR "/etc/fw.boot" 0 0
_cpprof_add NGM_SOLR_LOCAL_PATH "/opt/CPsuite-R80/fw1/Solr" 0 0
_cpprof_add JAVA_HOME "/opt/CPsuite-R80/fw1/jre" 1 0
_cpprof_add NGM_MEM "2048" 0 0
_cpprof_add PGDIR "/opt/CPshrd-R80/database/postgresql" 0 0
_cpprof_add PGDATA "/opt/CPshrd-R80/database/postgresql/data" 0 0
_cpprof_add DONT_LOAD_FWM_OBJECTS "1" 0 0
_cpprof_add CLASSPATH "/opt/CPsuite-R80/fw1/ngm" 0 0
LD_LIBRARY_PATH=/opt/uf/SecureComputing/lib:${LD_LIBRARY_PATH} ; export LD_LIBRARY_PATH ; hash 1>/dev/null 2>&1
UCPORTALDIR_HOME=/opt/CPUserCheckPortal ; export UCPORTALDIR_HOME ; hash 1>/dev/null 2>&1
DLPDIR=/opt/CPsuite-R80/fw1/dlp ; export DLPDIR
PATH=${PATH}:${FWDIR}/oracle_oi/sdk ; export PATH ; hash 1>/dev/null 2>&1
LD_LIBRARY_PATH=${FWDIR}/oracle_oi/sdk:${LD_LIBRARY_PATH} ; export LD_LIBRARY_PATH ; hash 1>/dev/null 2>&1
POSTFIX_DIR=/opt/postfix ; export POSTFIX_DIR ; hash 1>/dev/null 2>&1
MAIL_CONFIG=/opt/postfix/etc/postfix ; export MAIL_CONFIG ; hash 1>/dev/null 2>&1
_cpprof_add JAVA_HOME "/opt/CPshrd-R80/jre_32" 1 0
_cpprof_add JAVA_HOME_32 "/opt/CPshrd-R80/jre_32" 0 0
_cpprof_add JAVA_HOME_64 "/opt/CPshrd-R80/jre_64" 0 0
_cpprof_add JETTY_HOME "/opt/CPshrd-R80/jetty" 0 0
_cpprof_add FGDIR "/opt/CPsuite-R80/fg1" 1 1
_cpprof_add DADIR "/opt/CPda" 1 0
_cpprof_add INFODIR "/opt/CPinfo-10" -1 0

Please help me on this
0 Kudos
Highlighted
Champion
Champion

source  /var/opt/CPshrd-R80.10/conf/.CPprofile.sh

 

R80.40 addendum for book "Max Power 2020" now available
for free download at http://www.maxpowerfirewalls.com
0 Kudos
Highlighted
Contributor

Please find the blow output
[Expert@INTEG:0]# fw ver
This is Check Point's software version R80.10 - Build 435
[Expert@INTEG:0]# source /var/opt/CPshrd-R80.10/conf/.CPprofile.sh
-bash: /var/opt/CPshrd-R80.10/conf/.CPprofile.sh: No such file or directory
[Expert@INTEG:0]# cd /var/opt/
[Expert@INTEG:0]# ls
CPshrd-R80 CPsuite-R80 fw.boot uf
0 Kudos
Highlighted
Champion
Champion

source   /var/opt/CPshrd-R80/conf/.CPprofile.sh

R80.40 addendum for book "Max Power 2020" now available
for free download at http://www.maxpowerfirewalls.com
0 Kudos
Highlighted
Contributor

i tried this command already on previous post getting the same error.Please help me to close this issue.
0 Kudos
Highlighted
Contributor

HI 

The below format is working for me.

with_items:
- clish -c 'cp_conf sic init abc123 norestart'
- clish -c 'cpwd_admin stop -name CPD -path "$CPDIR/bin/cpd_admin" -command "cpd_admin stop"'
- clish -c 'cpstart'

Anyhow .Please let me know is there any other way to make it work for below commands.

/opt/CPshrd-R80/bin/cp_conf sic init abc123 norestart
/opt/CPshrd-R80/bin/cpwd_admin stop -name CPD -path "/opt/CPshrd-R80/bin/cpd_admin" -command "cpd_admin stop"
/opt/CPshrd-R80/bin/cpwd_admin start -name CPD -path "/opt/CPshrd-R80/bin/cpd" -command "cpd"

 

Regards

Athimoolam.A

 

 

 

 

0 Kudos