Bug ID 574020: Safenet HSM installation script fails to install successfully if partition password contains special metacharacters (!#{}')

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2 HF1, 11.5.3 HF1, 11.5.3 HF2, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2

Fixed In:
13.0.0, 12.1.2 HF1, 11.6.1 HF2

Opened: Feb 16, 2016

Severity: 4-Minor

Related Article: K24307155

Symptoms

Safenet HSM installation script fails to install successfully if partition password contains special metacharacters (!#{}').

Impact

Script fails to work properly, and fails to properly install/configure the HSMs, requiring manual intervention. Performing the operation manually is very complex, because the user must account for both tmsh and shell quoting, which the some user environments might not have.

Conditions

This issue occurs when the following conditions are met: -- Safenet HSM installation. -- Password contains special metacharacters (!#{}').

Workaround

Change password, or manually run tmsh command to define the /sys crypto fips external-hsm object (using proper shell quoting).

Fix Information

Safenet HSM installation script install now completes successfully if partition password contains special metacharacters (!#{}'). Note: When using passwords with non-alphanumeric characters, make sure that they are escaped correctly, so that bash does not attempt to reinterpret or expand the password.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips