Page MenuHomeVyOS Platform
Create Task
Maniphest T977

Permission denied error when performing config rollback on a machine upgraded from VyOS 1.1.x
Closed, ResolvedPublicBUG
Actions

Description

vyos@vyos:~$ configure
[edit]

vyos@vyos# rollback
Possible completions:
  <N>   Rollback to revision N (currently requires reboot)

  Revisions:
    0   2018-11-04 11:11:26 root by boot-config-loader
    1   2018-11-03 19:37:57 vyos by cli
    2   2018-11-03 19:30:56 vyos by cli

[edit]
vyos@vyos# rollback 1
Proceed with reboot? [confirm][y]

Couldn't open /opt/vyatta/etc/config/archive/config.boot - Permission denied at /opt/vyatta/share/perl5/Vyatta/ConfigMgmt.pm l

Details

Difficulty level
Easy (less than an hour)
Version
VyOS 1.2.0-rc5
Why the issue appeared?
Will be filled on close

Event Timeline

c-po assigned this task to dmbaturin.Nov 7 2018, 1:08 PM
c-po triaged this task as High priority.
c-po created this task.
c-po edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc6), VyOS-1.2.0-GA; removed VyOS 1.2 Crux.
syncer moved this task from VyOS 1.2.0-rc6 to VyOS 1.2.0-rc7 on the VyOS 1.2 Crux board.Nov 7 2018, 4:40 PM
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc7); removed VyOS 1.2 Crux (VyOS 1.2.0-rc6).
pasik added a subscriber: pasik.Nov 8 2018, 5:36 PM
dmbaturin added a comment.Nov 11 2018, 10:50 AM

I couldn't reproduce the issue on my rc6 setup. We'll need exact reproducing steps.

dmbaturin edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc8); removed VyOS 1.2 Crux (VyOS 1.2.0-rc7).Nov 11 2018, 10:50 AM
c-po added a comment.Nov 11 2018, 6:59 PM

@dmbaturin This is what I did:

  1. Install fresh VyOS 1.1.8 in ESXi VM
  2. Configure VM to be reachable by SSH
vyos@vyos# show
 interfaces {
     ethernet eth0 {
         address 172.16.34.2/29
         duplex auto
         hw-id 00:0c:29:43:a7:6f
         smp-affinity auto
         speed auto
     }
     loopback lo {
     }
 }
 protocols {
     static {
         route 0.0.0.0/0 {
             next-hop 172.16.34.6 {
             }
         }
     }
 }
 service {
     ssh {
         port 22
     }
 }
 system {
     config-management {
         commit-revisions 20
     }
     host-name vyos
     login {
         user vyos {
             authentication {
                 encrypted-password $1$UFAEObc2$M.HSpBZlFTK/kDdKbjlCR1
                 plaintext-password ""
             }
             level admin
         }
     }
     name-server 172.16.254.31
     name-server 172.16.254.32
     ntp {
         server 0.pool.ntp.org {
         }
         server 1.pool.ntp.org {
         }
         server 2.pool.ntp.org {
         }
     }
     syslog {
         global {
             facility all {
                 level notice
             }
             facility protocols {
                 level debug
             }
         }
     }
     time-zone UTC
 }
  1. Upgrade to 1.2.0-rc6
  2. Enter configurure mode
  3. Rollback config
vyos@vyos# rollback 1
Proceed with reboot? [confirm][y]
Couldn't open /opt/vyatta/etc/config/archive/config.boot - Permission denied at /opt/vyatta/share/perl5/Vyatta/ConfigMgmt.pm line 108.
dmbaturin renamed this task from Permission denied error when performing config rollback to Permission denied error when performing config rollback on a machine upgraded from VyOS 1.1.x.Nov 11 2018, 11:47 PM
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc9); removed VyOS 1.2 Crux (VyOS 1.2.0-rc8).Nov 20 2018, 12:44 PM
Merijn added a subscriber: Merijn.Nov 26 2018, 9:46 PM

Upgrade from 1.1.7 with a couple of changes in the rollback list to the current 1.2.0-rc9 also shows thi same error:
Couldn't open /opt/vyatta/etc/config/archive/config.boot - Permission denied at /opt/vyatta/share/perl5/Vyatta/ConfigMgmt.pm line 108.

Merijn added a comment.Nov 26 2018, 9:49 PM

This seems to be easy.
sudo chmod 776 /opt/vyatta/etc/config/archive/config.boot

The other files in the archive directory have these permissions set and setting the config.boot file to these permissions solves it.
Rollback is now possible.

syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-rc10); removed VyOS 1.2 Crux (VyOS 1.2.0-rc9).Nov 27 2018, 12:03 AM
syncer edited projects, added VyOS 1.2 Crux ( VyOS 1.2.0-rc11); removed VyOS 1.2 Crux (VyOS 1.2.0-rc10).Dec 5 2018, 11:58 PM
syncer edited projects, added VyOS 1.2 Crux ( VyOS 1.2.0-EPA); removed VyOS 1.2 Crux ( VyOS 1.2.0-rc11).Dec 21 2018, 10:07 AM
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-EPA2); removed VyOS 1.2 Crux ( VyOS 1.2.0-EPA).Jan 1 2019, 6:10 PM
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-EPA3); removed VyOS 1.2 Crux (VyOS 1.2.0-EPA2).Jan 3 2019, 1:54 PM
syncer closed this task as Resolved.Feb 7 2019, 11:26 PM
syncer moved this task from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.0-EPA3) board.
syncer edited projects, added VyOS 1.2 Crux (VyOS 1.2.0-GA); removed VyOS 1.2 Crux (VyOS 1.2.0-EPA3).
syncer moved this task from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.0-GA) board.