Brian, sk25398 refers to /dev/null being deleted when pushing policy to an Edge device. Affected systems are Solaris, Linux and SecurePlatform. I copied the text of the resolution, below.
Regards Shawn Behrens Senior Security Engineer CCMSE CCSE CCNA CNE INTEGRALIS Your Trusted Security Partner 111 Founders Plaza 13th Floor East Hartford, CT 06108 USA Tel: +1 860 291 0851 Fax: +1 860 291 0847 [EMAIL PROTECTED] www.integralis.com Symptoms # /dev/null is being deleted after installing a policy on VPN-1 Edge profile. # Errors on system console when booting into debug mode # Error: "mounting proc filesystem: dup2: bad file descriptor" # Error: "configuring kernel parameters: dup2: bad file descriptor" # Error: "/etc/rc.sysinit: /dev/null: Read-Only file system" Please follow the instructions bellow in order to resolve the problem; SecurePlatform =============== 1) Before applying the HFA to the system, please make sure that the file /dev/null is not corrupt. To ensure that this file is not corrupt, follow the instructions below: a. Enter the expert mode b. At the shell prompt, type "cd /dev" c. Re-create the /dev/null file: "./MAKEDEV null" 2) If you did not follow the instructions in (1), had already applied the HFA and rebooting the system results in a failure, follow the instructions below: a. Reboot the system. At the welcome screen, use arrow keys to navigate to the "Maintenance" entry b. Press "P" on the keyboard, and enter the expert password to unlock the boot menu editing facility c. When the "Maintenance" line is selected, press "e" button on the keyboard to edit the boot options d. In the next screen, select the third line (starting with the word "kernel") e. At the end of the line add a space and words: " init=/bin/bash" f. Press 'b' to boot g. Mount the /proc file system by typing "mount /proc" at the shell prompt h. Re-mount the / file system read-write by typing "mount -o remount,rw /" i. Enter the /dev directory by typing "cd /dev" j. Re-create the /dev/null file by typing "./MAKEDEV null" k. Type "sync" to flush file system fuffers l. Reboot the machine by resetting it via hardware reset. Linux: ====== 1) Before applying the HFA to the system, please make sure that the file /dev/null is not corrupt. To ensure that this file is not corrupt, follow the instructions below: a. Log in as root b. At the shell prompt, type "cd /dev" c. Re-create the /dev/null file: "./MAKEDEV null" 2) If you did not follow the instructions in (1), had already applied the HFA and rebooting the system results in a failure, follow the instructions below: Reboot the system. At the welcome screen, select the kernel that you are using as default Assuming that you are using GRUB boot loader, do the following: a. press "e" button on the keyboard to edit the boot options b. In the next screen, select the line starting with the word "kernel" c. At the end of the line add a space and words: " init=/bin/bash" d. Press 'b' to boot e. Mount the /proc file system by typing "mount /proc" at the shell prompt f. Re-mount the / file system read-write by typing "mount -o remount,rw /" j. Enter the /dev directory by typing "cd /dev" k. Re-create the /dev/null file by typing "./MAKEDEV null" l. Type "sync" to flush file system fuffers m. Reboot the machine by resetting it via hardware reset. Solaris: ======== 1) Before applying the HFA to the system, please make sure that the file /dev/null is not corrupt. To ensure that this file is not corrupt, follow the instructions below: a. run 'ls -l /dev/null' and you should see: lrwxrwxrwx 1 root 27 Jan 23 2002 /dev/null -> ../devices/pseudo/[EMAIL PROTECTED]:null 2) If you did not follow the instructions in (1), had already applied the HFA and rebooting the system results in a failure, follow the instructions below: a. run: 'reboot -- -r' - this should rebuild the link of /dev/null OR b. create the link manually by doing the following: # cd dev # ln -s ../devices/pseudo/[EMAIL PROTECTED]:null null > -----Original Message----- > From: Brian Panulla [mailto:[EMAIL PROTECTED] > Sent: Monday, March 22, 2004 10:20 AM > To: [EMAIL PROTECTED] > Subject: Re: [FW-1] R55 HFA02 released > > > "Prior to the installation of HFA_R55_02 on a SmartCenter > Server of version > NG with > Application Intelligence (R55), verify that the Secure > Knowledge directions > in > sk25398 were followed." > > Ummm... where can I find SK document sk25398? I've searched Please note that: 1. This e-mail may constitute privileged information. If you are not the intended recipient, you have received this confidential email and any attachments transmitted with it in error and you must not disclose, copy, circulate or in any other way use or rely on this information. 2. E-mails to and from the company are monitored for operational reasons and in accordance with lawful business practices. 3. The contents of this email are those of the individual and do not necessarily represent the views of the company. 4. The company does not conclude contracts by email and all negotiations are subject to contract. 5. The company accepts no responsibility once an e-mail and any attachments is sent. http://www.integralis.com ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
