Forum Discussion
F5_Digger_13600
Cirrus
CirrusAn error with running a command by remote user
Did anyone have this error before?
Basically we are using authentication and authorization through TACACS.
One of remote users with the auditor role ran the command "show running-config" to grep all configuration on the LTM. Then the user encountered the following error.
Error Message
Unexpected Error: Can't chmod key management directory: "/var/tmp/key_mgmt", error: [1] Operation not permitted
Environment
BIG-IP: 11.5.4 HF2
Authentication/Authorization: TACACS
I did some googling and found below release note. Then I tried the workaround but it didn't fix the problem. BIG-IP 11.5.4 Release Note: https://support.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote-ltm-11-5-4.html Go to Known bug (568566)
I wonder if there is any better solution or only solution is to upgrade BIG-IP?
Thank you
F5_Digger_13600I opened up a F5 case with this and here is the solution.
If the workaround doesn't fix the issue, do followings.
As a root, run:
rm -rf /var/tmp/key_mgmt/Once a remote user run the command again, the directory key_mgmt will be created again.
Result of ls -lZ | grep key_mgmt
Before the change: drwxr-xr-x. root root root:object_r:tmp_t:s0 key_mgmt
After the change: drwxr-xr-x f5_remoteuser f5_remoteuser user_u:object_r:tmp_t key_mgmtI don't think Security context wasn't the issue as other devices having "Before the change" work fine. Maybe some corruption inside of key_mgmt folder but this is my guess.
Thank you.