Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4, 15.1.0, 15.1.0.1
Fixed In:
16.0.0, 15.1.0.2, 14.1.2.5
Opened: Nov 23, 2019 Severity: 2-Critical Related Article:
K25037027
Directory cleanup for failed Attack Signature Updates (ASU) is too aggressive and may delete needed files in the middle of installation itself, which causes the update to fail.
The ASU fails to complete successfully.
An ASU runs at the same time as the file cleanup task.
The default clean interval is 300 seconds (5 minutes). 1. Run the following command to monitor the clean activity: #tailf /var/log/ts/asmcrond.log | grep CleanFiles 2. Watch for following message in the log: asmcrond|INFO|Mar 20 21:54:44.389|24036|F5::PeriodicTask::Base::run,,Running Task: CleanFiles 3. Upgrade the ASU immediately. If 5 minutes is not enough, you can increase the clean interval. 1. Adjust the interval in the /etc/ts/tools/asmcrond.cfg file: From: [CleanFiles] Interval=300 To: [CleanFiles] Interval=3000 Important: Do not set Interval too high. 50 minutes (3000 seconds) should be enough. 2. Restart the asmcrond by killing the process. It respawns after several seconds. ps -ef | grep asmcrond kill <pid> 3. Monitor the asmcrond.log until you see another Cleanfiles log message. # tailf /var/log/ts/asmcrond.log | grep CleanFiles 4. Install the ASU; the temp files can stay in the folder for 50 minutes. 5. After the ASU is installed, change the interval back to 300 and restart asmcrond. 6. Make sure asmcrond has been started correctly. # ps -ef | grep asmcrond # tailf /var/log/ts/asmcrond.log
The directory cleanup does not clean up files that are being actively used for an installation.