search cancel

Console or Control Center authentication issues following update to SMG 10.7

book

Article ID: 174851

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

Following the update to Messaging Gateway (SMG) 10.7, authentication to the Virtual Machine console or Control Center GUI fails.

Access to the Control Center command line (CLI) via ssh continues to work as expected.

update.log
Updating   : glibc-common-2.17-260.el7.x86_64                          20/972
/usr/sbin/build-locale-archive: incomplete set of locale files in "/usr/lib/locale/en_US.utf8"
/usr/sbin/build-locale-archive: incomplete set of locale files in "/usr/lib/locale/es_PA.utf8"
/usr/sbin/build-locale-archive: incomplete set of locale files in "/usr/lib/locale/el_GR.utf8"
/usr/sbin/build-locale-archive: incomplete set of locale files in "/usr/lib/locale/en_DK.utf8"

secure log
2019 May 15 14:33:14 (err) sudo: [-]  PAM unable to dlopen(/lib/security/$ISA/pam_env.so): /lib/security/../../lib64/security/pam_env.so: cannot open shared object file: No such file or directory
2019 May 15 14:33:14 (err) sudo: [-]  PAM adding faulty module: /lib/security/$ISA/pam_env.so
2019 May 15 14:33:14 (err) sudo: [-]  PAM unable to dlopen(/lib/security/$ISA/pam_unix.so): /lib/security/../../lib64/security/pam_unix.so: cannot open shared object file: No such file or directory
2019 May 15 14:33:14 (err) sudo: [-]  PAM adding faulty module: /lib/security/$ISA/pam_unix.so
2019 May 15 14:33:14 (err) sudo: [-]  PAM unable to dlopen(/lib/security/$ISA/pam_deny.so): /lib/security/../../lib64/security/pam_deny.so: cannot open shared object file: No such file or directory
2019 May 15 14:33:14 (err) sudo: [-]  PAM adding faulty module: /lib/security/$ISA/pam_deny.so
2019 May 15 14:33:14 (err) sudo: [-]  PAM unable to dlopen(/lib/security/$ISA/pam_cracklib.so): /lib/security/../../lib64/security/pam_cracklib.so: cannot open shared object file: No such file or directory
2019 May 15 14:33:14 (err) sudo: [-]  PAM adding faulty module: /lib/security/$ISA/pam_cracklib.so

Cause

This issue is still under investigation but appears to only affect SMG system with a long update history.

Resolution

This issue has been resolved in SMG version 10.7.1-17 and upgrading is recommended.

If an upgrade is not possible, and the aforementioned situation is verified, please proceed to implement following workaround:

  1. Obtain backup from SMG where the upgrade failed via db-backup on the command line interface: HOWTO59036
  2. Set up a new VM or deploy the SMG from scratch on the hardware appliance with SMG 10.7.0-5 ISO file via HOWTO127892 to be used as a test machine in a test environment.
  3. Import the backup from the SMG where the upgrade failed, on the new SMG host. You should now be able to login now with your current password.
  4. Verify that the SMG contains all configuration you had with 10.6.6-5. If verified and if mail flow is correct, then proceed to (5).
  5. Change the IPs on the SMG host in the test environment to the production IPs and use this SMG host as your production machine.

You should now be able to use the SMG normally. In case there is any issue following the implementation of the workaround, please contact Symantec Support.