Cannot open file in CAPKI folder error after PAMSC Linux agent upgrade to 14.10.50.61
search cancel

Cannot open file in CAPKI folder error after PAMSC Linux agent upgrade to 14.10.50.61

book

Article ID: 266843

calendar_today

Updated On:

Products

CA Privileged Access Manager - Server Control (PAMSC)

Issue/Introduction

There was a recent upgrade of PAMSC Linux agent on a Linux host - the upgrade was successful but it gives an error when logged in with our adminuser ID (restricted for pamsc access) and switched to root getting attached error.
We were able to identify the CAPKI directory itself do not exist - but there's a variable somewhere looking for that library in the directory which doesn't exist. Why is the error after upgrading the PAMSC agent.

Upgraded from 14.10.0.1383 to 14.10.50.61

Environment

Release : 14.1

Cause

The root cause could not be determined since the error only occurred in the past with an automation tool and no log of the events leading to this could be found.

Resolution

A reinstall will properly add the directories and reset the file permissions appropriately .. We also modified the Automated install script to capture then structure in case future issues aoccur

 

#!/bin/sh -x

#This script is the PAM SC 14.1 Upgrade

#Modify this line for the upgrade version

PKGVersion="CAeAC-1410-50.61.x86_64"

PKGInstall=$PKGVersion.rpm

TARBALL=$PKGVersion.tar

 

umask 022


#input variables

TEMPDIR=/opt/tmp/pamsc

INSTALLDIR=/opt/CA/

SEOSDIR=$INSTALLDIR/PAMSC; export SEOSDIR

ACSHARED=$INSTALLDIR/PAMSCShared

MEDIA_DIR=$INSTALLDIR/media

a_OS=`uname`

#Define Log File

DATE=`date '+%y%m%d%H'`

ENDPOINT=`hostname`

if [ -d "$TEMPDIR" ] ;then
   mkdir $TEMPDIR 2>&1
fi


LOGFILE="$TEMPDIR/$ENDPOINT.$DATE.PAMPatchInstallLog"

exec > $LOGFILE 2>&1

 

echo "Automated upgrade begin - $DATE"

ls -laR $INSTALLDIR > $TEMPDIR/$ENDPOINT.$DATE.PAM_Before_Upgrade.log 


if [ $a_OS != "Linux" ]

then

  echo " The program $0 can be installed only on Linux" >&2

  exit 1

fi

 

if [ -a /etc/seos.ini ]

then

cd $MEDIA_DIR

tar xvf $TARBALL

else

echo "PAMSC does not exist on server" >&2

exit 1

fi

 

 

$SEOSDIR/bin/secons -sk

 

sleep 60

 

 

RUNNING=`$SEOSDIR/bin/issec |grep "pid="`

if [ -z "$RUNNING" ]

then

echo "PAMSC successfully stopped"

else

echo "PAMSC failed to stop in time"

xxxxxxxxxxxxxxxxxxxxxxxxxxxx

exit 1

fi

 

echo "Upgrading PAMSC"

cd $MEDIA_DIR

rpm -Uvh $PKGInstall

 

$SEOSDIR/bin/seload

wait $pid

sleep 25

grep connect $SEOSDIR/log/policyfetcher.log

ls -laR $INSTALLDIR > $TEMPDIR/$ENDPOINT.$DATE.PAM_After_Upgrade.log

echo "Automated upgrade ended successfully - $DATE"

echo "$0 completed"