Page MenuHomePhabricator

Permission denied error when performing config rollback on a machine upgraded from VyOS 1.1.x
Closed, ResolvedPublicBUG

Description

vyos@vyos:~$ configure
[edit]

vyos@vyos# rollback
Possible completions:
  <N>   Rollback to revision N (currently requires reboot)

  Revisions:
    0   2018-11-04 11:11:26 root by boot-config-loader
    1   2018-11-03 19:37:57 vyos by cli
    2   2018-11-03 19:30:56 vyos by cli

[edit]
vyos@vyos# rollback 1
Proceed with reboot? [confirm][y]

Couldn't open /opt/vyatta/etc/config/archive/config.boot - Permission denied at /opt/vyatta/share/perl5/Vyatta/ConfigMgmt.pm l

Details

Difficulty level
Easy (less than an hour)
Version
VyOS 1.2.0-rc5
Why the issue appeared?
Will be filled on close

Event Timeline

c-po assigned this task to dmbaturin.Nov 7 2018, 1:08 PM
c-po triaged this task as High priority.
c-po created this task.
pasik added a subscriber: pasik.Nov 8 2018, 5:36 PM

I couldn't reproduce the issue on my rc6 setup. We'll need exact reproducing steps.

c-po added a comment.Nov 11 2018, 6:59 PM

@dmbaturin This is what I did:

  1. Install fresh VyOS 1.1.8 in ESXi VM
  2. Configure VM to be reachable by SSH
vyos@vyos# show
 interfaces {
     ethernet eth0 {
         address 172.16.34.2/29
         duplex auto
         hw-id 00:0c:29:43:a7:6f
         smp-affinity auto
         speed auto
     }
     loopback lo {
     }
 }
 protocols {
     static {
         route 0.0.0.0/0 {
             next-hop 172.16.34.6 {
             }
         }
     }
 }
 service {
     ssh {
         port 22
     }
 }
 system {
     config-management {
         commit-revisions 20
     }
     host-name vyos
     login {
         user vyos {
             authentication {
                 encrypted-password $1$UFAEObc2$M.HSpBZlFTK/kDdKbjlCR1
                 plaintext-password ""
             }
             level admin
         }
     }
     name-server 172.16.254.31
     name-server 172.16.254.32
     ntp {
         server 0.pool.ntp.org {
         }
         server 1.pool.ntp.org {
         }
         server 2.pool.ntp.org {
         }
     }
     syslog {
         global {
             facility all {
                 level notice
             }
             facility protocols {
                 level debug
             }
         }
     }
     time-zone UTC
 }
  1. Upgrade to 1.2.0-rc6
  2. Enter configurure mode
  3. Rollback config
vyos@vyos# rollback 1
Proceed with reboot? [confirm][y]
Couldn't open /opt/vyatta/etc/config/archive/config.boot - Permission denied at /opt/vyatta/share/perl5/Vyatta/ConfigMgmt.pm line 108.
dmbaturin renamed this task from Permission denied error when performing config rollback to Permission denied error when performing config rollback on a machine upgraded from VyOS 1.1.x.Nov 11 2018, 11:47 PM
Merijn added a subscriber: Merijn.Nov 26 2018, 9:46 PM

Upgrade from 1.1.7 with a couple of changes in the rollback list to the current 1.2.0-rc9 also shows thi same error:
Couldn't open /opt/vyatta/etc/config/archive/config.boot - Permission denied at /opt/vyatta/share/perl5/Vyatta/ConfigMgmt.pm line 108.

This seems to be easy.
sudo chmod 776 /opt/vyatta/etc/config/archive/config.boot

The other files in the archive directory have these permissions set and setting the config.boot file to these permissions solves it.
Rollback is now possible.

syncer closed this task as Resolved.Feb 7 2019, 11:26 PM
syncer moved this task from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.0-EPA3) board.
syncer moved this task from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.0-GA) board.