Bug ID 556277: Config Sync error after hotfix installation (chroot failed rsync error)

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP Install/Upgrade, TMOS(all modules)

Known Affected Versions:
11.6.1, 11.6.0, 11.5.4, 11.5.3, 11.5.2, 11.5.1, 11.5.0, 11.4.1, 11.2.1

Fixed In:
11.6.1 HF1, 11.6.0 HF8, 11.5.4 HF3, 11.5.1 HF11, 11.4.1 HF10

Opened: Nov 04, 2015

Severity: 3-Major

Related Article: K36285422


Once an installation has been booted into, applying a hotfix over that installation does not change the SELinux policy, but instead uses the previously installed SELinux policy.


Sync of file objects might fail with an error similar to the following: 01071488:3: Remote transaction for device group [name] to commit id [number] failed with error 01070712:3: Caught configuration exception (0), verify_sync_result:() :Failed to sync files. - sys/validation/FileObject.cpp, line 6276..


This affects installations of a later hotfix atop an earlier hotfix, or onto a base build of the same software version. Installation onto a new volume is unaffected. To determine whether the configuration will experience this issue, use md5sum to see whether the following have the same checksums: -- /etc/selinux/targeted/modules/active/modules/f5_mcpd.pp -- /usr/share/selinux/targeted/f5_mcpd.pp. If the checksums are the same, the system will use the SELinux policy installed with the previous hotfix, and this issue will occur.


Instead of installing the hotfix over an existing installation of the base build of that version (or an earlier hotfix), install the base ISO (for example 11.5.4) into a volume, and then install the hotfix onto that volume, without booting the volume in between.

Fix Information

Installing a hotfix over an existing base install now rebuilds the SELinux policy as expected.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips