skipervarg
asked on
checkpoint failure while copying files to compatibility package directory
We are getting error "Failure while copying files to compatibility package directory" and "Operation Ended with Errors" when we try to install a new policy on our Checkpoint firewalls.
We have a pair of R60's running HFA_05, hotfix 605 and have a dedicated mgmt host (R61). We have not rebooted them for a couple of years. Unfortunately we have no support contract and cannot call Checkpoint for advice.
We checked disk space and there is plenty of it for new policies. We considered simply rebooting but are concerned it may not come back up.
Has anyone seen this error before? Also, are there per/hr support options from 3rd party Checkpoint solution providers? Any that experienced Checkpoint folks can recommend?
We have a pair of R60's running HFA_05, hotfix 605 and have a dedicated mgmt host (R61). We have not rebooted them for a couple of years. Unfortunately we have no support contract and cannot call Checkpoint for advice.
We checked disk space and there is plenty of it for new policies. We considered simply rebooting but are concerned it may not come back up.
Has anyone seen this error before? Also, are there per/hr support options from 3rd party Checkpoint solution providers? Any that experienced Checkpoint folks can recommend?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Deimark,
It turns out we do not have the standard or expert passwords for console access! So we cannot even try the steps in the article...we inherited this box so no means to get it from the last admin.
Is there a known password reset procedure for both passwords? All we have at this point is the console password for access the mgmt UI.
ack!
It turns out we do not have the standard or expert passwords for console access! So we cannot even try the steps in the article...we inherited this box so no means to get it from the last admin.
Is there a known password reset procedure for both passwords? All we have at this point is the console password for access the mgmt UI.
ack!
ASKER
Just a quick followup
1. We were missing the standard and expert passwords so I booted from a RH5 Rescue CD and edited the following file: /etc/shadow - I removed the admin password, saved the file. I inspected the /etc/passwd file and noticed that there was no "admin" account, just "root".
2. I rebooted into normal mode, logged in as root, dropped into expert mode and executed the passwd command to replace the standard password.
3. I did a check of the drivespace on the filesystem, (df-h) and noticed the /var partition was 100% full. Most of that was in the logs directory.
4. I did a cpstop, cleared out the logs, then cpstart and everything was ok.
Thanks for your suggestions and help.
1. We were missing the standard and expert passwords so I booted from a RH5 Rescue CD and edited the following file: /etc/shadow - I removed the admin password, saved the file. I inspected the /etc/passwd file and noticed that there was no "admin" account, just "root".
2. I rebooted into normal mode, logged in as root, dropped into expert mode and executed the passwd command to replace the standard password.
3. I did a check of the drivespace on the filesystem, (df-h) and noticed the /var partition was 100% full. Most of that was in the logs directory.
4. I did a cpstop, cleared out the logs, then cpstart and everything was ok.
Thanks for your suggestions and help.
Glad to hear its all working now bud
ASKER
Thanks for your suggestion. Some more information that may help steer the ship:
1. We have not installed any additional compat packages in at least 1.5 years.
2. We have been able to successfully apply new rules on almost a weekly basis until now.
3. The firewalls and mgmt devices have ~715 days of uptime.
4. Someone else suggested this solution: http://www.cpug.org/forums/nokia-ipso/7416-fail-install-policy.html
Perhaps we should try rebooting the mgmt host first - do you know if it is possible to do so without affecting the firewall (we have a distributed installation)?
thanks kindly.