Security

 View Only
last person joined: 6 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

6.11.3 - ClearPass - File System Integrity Check - Failure

This thread has been viewed 21 times

  • 1.  6.11.3 - ClearPass - File System Integrity Check - Failure

    Posted Dec 05, 2023 10:42 AM

    Hi all,

    I just noticed this error is happening every day. I cannot find relevant information.  Is this something to be concern about or need upgrade to latest? 

    ClearPass Version  6.11.3.253363

    Source: File System Integrity Check
    Level: WARN
    Category: Filesystem Integrity Check
    Action: Failure
    Timestamp    Dec 04, 2023 03:31:30 UTC
    Description    

    DBG: md_enable: algorithm 0 not available

    WARNING: file:/var/lib/aide/aide.db.gz: gcry_md_enable (gost) failed for 'file:/var/lib/aide/aide.db.gz'

    DBG: md_enable: algorithm 0 not available

    WARNING: file:/var/lib/aide/aide.db.gz: gcry_md_enable (stribog256) failed for 'file:/var/lib/aide/aide.db.gz'

    DBG: md_enable: algorithm 0 not available

    WARNING: file:/var/lib/aide/aide.db.gz: gcry_md_enable (stribog512) failed for 'file:/var/lib/aide/aide.db.gz'

    I found another similar issue 3 years ago 6.9.2 - File System Integrity Check (ERROR) | Security (arubanetworks.com) bug id is CP‑37640, but it fixed in 6.9.8 Policy Manager (arubanetworks.com). 

    It still happening on the later version device.

    Thanks



  • 2.  RE: 6.11.3 - ClearPass - File System Integrity Check - Failure

    EMPLOYEE
    Posted Dec 05, 2023 05:48 PM

    i have not seen this on CP6.11.6 that i am running.

    anyway it is best to run the latest maintenance release. Here is the consolidated release notes for 11.6.x



    ------------------------------
    If my post was useful accept solution and/or give kudos.
    Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
    ------------------------------

    Original Message


  • 3.  RE: 6.11.3 - ClearPass - File System Integrity Check - Failure

    Posted Dec 05, 2023 06:06 PM

    Hi Ariyap,

    Thank you for your help. We have two ClearPass are running 6.11.3.253363. One is no error, another is failure. So, I'm not sure what is reason. 

    This log is from few months ago and happed every day.


    Original Message


  • 4.  RE: 6.11.3 - ClearPass - File System Integrity Check - Failure

    Posted 14 days ago

    hello guys,

    is there any update on this issue? I am running 4 nodes in total on 6.11.7, two of them show the File System Integrity Check: WARNING: file:/var/lib/aide/aide.db.gz

    This happened a few weeks after adding the affected nodes to the new cluster after the 6.11 upgrade.

    Cheers


    Original Message


  • 5.  RE: 6.11.3 - ClearPass - File System Integrity Check - Failure

    EMPLOYEE
    Posted 13 days ago

    There seems to be a bug for this (CP-50540) applicable to version 6.11.7; and the message can be safely ignored. You may reach out to TAC to verify this is the issue/case.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------

    Original Message


  • 6.  RE: 6.11.3 - ClearPass - File System Integrity Check - Failure

    Posted 13 days ago

    Thank you Herman! Update to 6.11.8 is already on the list.


    Original Message