Issue/Introduction:
Security_Analytics_Release_Notes_7.3.2.pdf has the following description,
The backup and restore scripts inadvertently overwrote the postgres password, which prevented restoration.
Cause:
Below is the scenario on the backup and restore scripts inadvertently overwrote the postgres password,
- On firstboot, a postgres password is generated, and saved to the tonic vault. We will call this $passOne.
- The user does a backup. The encrypted tonic vault data including $passOne are saved in the backup.
- The user installs a new system. A new password is generated and assigned to postgres. We will call this $passTwo.
- The user restores the backup. $passOne is placed in the vault. $passTwo is replaced and lost. * At this point, we are in a bad state. Postgres has $passTwo, the system is using $passOne again.
- The restore continues with some errors that they can't log into postgres. Possibly making the state worse?
- The SA reboots and the UI can't log into postgres causing the bad state.
Resolution:
To fixed this issue, removed this file (postgresql.vault) from the backup.
You should be able to run this on the appliance before calling restore. I am using the backup filename solera-backup-sameple.tgz as an example.
- # Make a copy of the backup file
cp solera-backup-sameple.tgz solera-backup-sameple-FIXED.tgz
- # Un-gzip the archive
gunzip solera-backup-sameple-FIXED.tgz
- # Delete the file from the tar
tar --delete var/lib/aegis/postgresql.vault -f ./solera-backup-sameple-FIXED.tar
- # Re-gzip the file
gzip solera-backup-sameple-FIXED.tar
The new backup file will be name as solera-backup-sameple-FIXED.tar.gz.