Bug ID 589083: TMSH and iControl REST: When logged in as a remote user who has the admin role, cannot save config because of permission errors.

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP All(all modules)

Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3

Fixed In:
14.1.0, 14.0.0, 13.1.0.4, 12.1.2

Opened: Apr 21, 2016
Severity: 3-Major
Related Article:
K46205123

Symptoms

When a remotely authenticated user who has the admin role uses TMSH or iControl to save the configuration, the operation fails because of permission errors. Using iControl, the system posts an error similar to the following: Error processing request for URI:http://localhost:8110/mgmt/tm/sys/config {code:400,message: Can't create tmsh temp directory \"/config/.config.backup\" Permission denied, errorStack:[]}. Using TMSH (e.g., running the command: tmsh save sys config), the system posts an error similar to the following: Can't create tmsh temp directory "/config/.config.backup" Permission denied

Impact

Cannot save the configuration.

Conditions

This occurs when the following conditions are met: -- Remote Authentication is configured. -- User is logged in as a remote user who has the admin role. -- Using TMSH or iControl for remotely authenticated user operations.

Workaround

Use one of the following workarounds: -- Use the GUI to save the configuration. -- Have a locally authenticated user with admin role save the configuration.

Fix Information

When a remotely authenticated user who has the admin role uses TMSH or iControl to save the configuration, the operation now completes as expected, without permission errors.

Behavior Change