Knowledge Search


×
 

[SRX] Files that are deleted by 'request system zeroize' are recovered by the autorecovery feature

  [KB25782] Show Article Properties


Summary:
This articles describes the issue of the files, which are deleted by the request system zeroize command, being recovered by the autorecovery feature.
Symptoms:
The request system zeroize command deletes the configuration and license information, logs, and so on. However, the configuration and license information are recovered and are not deleted by the zeroize command.

From 11.2, the autorecovery feature was introduced. This feature keeps the following information:

  • configuration

  • license information

  • BSD label information

If autorecovery is enabled, the above data will be recovered, even after the zeroize command is used. The solution is to clear the recovery state and then issue the zeroize command again.
root@SRX> request system zeroize                  <<<  zeroize executed
warning: System will be rebooted and may not boot without configuration
Erase all data, including configuration and log files? [yes,no] (no) yes

warning: zeroizing re0

root@SRX> Waiting (max 60 seconds) for system process `vnlru_mem' to stop...done
Waiting (max 60 seconds) for system process `vnlru' to stop...done
Waiting (max 60 seconds) for system process `bufdaemon' to stop...done
Waiting (max 60 seconds) for system process `syncer' to stop...
Syncing disks, vnodes remaining...0 0 0 done

syncing disks... All buffers synced.

.
(snip)
.
Verified junos-11.4R5.5-domestic signed by PackageProduction_11_4_0
Checking integrity of BSD labels:
s1: Passed
s2: Passed
s3: Passed
s4: Passed
** /dev/bo0s3e
FILE SYSTEM CLEAN; SKIPPING CHECKS
clean, 12435 free (35 frags, 1550 blocks, 0.3% fragmentation)
** /dev/bo0s3f
FILE SYSTEM CLEAN; SKIPPING CHECKS
clean, 167310 free (126 frags, 20898 blocks, 0.1% fragmentation)
Checking integrity of licenses:
JUNOS396376.lic: Failed                                                <<< autorecovery restore data
JUNOS396376.lic: Performing recovery
JUNOS396376.lic: Recovered
JUNOS396377.lic: Failed
JUNOS396377.lic: Performing recovery
JUNOS396377.lic: Recovered
JUNOS396378.lic: Failed
JUNOS396378.lic: Performing recovery
JUNOS396378.lic: Recovered
JUNOS396379.lic: Failed
JUNOS396379.lic: Performing recovery
JUNOS396379.lic: Recovered
Checking integrity of configuration:
rescue.conf.gz: Failed
rescue.conf.gz: Performing recovery
rescue.conf.gz: Recovered
Loading configuration ...
mgd: error: Cannot open configuration file: /config/juniper.conf
mgd: warning: loading configuration from /config/rescue.conf.gz
The device is not initialized to the factory defaults by the command. The request system zeroize media command deletes the current Junos image and formats the partition; but the configuration and license information will be recovered by the request system zeroize media command.
Cause:
This behavior is by design.
Solution:
To flush and format your device via the zeroize command, perform the following procedure:

  1. Check if the autorecovery feature is enabled; In the followin output, Recovery Information is displayed as Saved; this means that the feature is enabled:
    root@SRX> show system autorecovery state
    Configuration:
        File                    Recovery Information Integrity Check Action / Status
        rescue.conf.gz Saved                          Passed             None
    Licenses:
        File                          Recovery Information Integrity Check Action / Status
        JUNOS396376.lic Saved                          Passed             None
        JUNOS396377.lic Saved                          Passed             None
        JUNOS396378.lic Saved                          Passed             None
        JUNOS396379.lic Saved                          Passed             None
    BSD Labels:
        Slice Recovery Information Integrity Check Action / Status
        s1     Saved                          Passed             None
        s2     Saved                          Passed             None
        s3     Saved                          Passed             None
        s4     Saved                          Passed             None
  2. If enabled, clear the information by using the request system autorecovery state clear command:
    root@SRX> request system autorecovery state clear
    Clearing config recovery information
    Clearing license recovery information
    Clearing bsdlabel recovery information
    
    Confirm that the saved data has been cleared:
    root@SRX> show system autorecovery state 
    Configuration:
        File              Recovery Information Integrity Check Action / Status
        rescue.conf.gz    Not Saved            Not checked     Requires save
    Licenses:
        File            Recovery Information Integrity Check Action / Status
        JUNOS396376.lic Not Saved            Not checked    Requires save
        JUNOS396377.lic Not Saved            Not checked    Requires save
        JUNOS396378.lic Not Saved            Not checked    Requires save
        JUNOS396379.lic Not Saved            Not checked    Requires save
    BSD Labels:
        Slice          Recovery Information Integrity Check Action / Status
        s1             Not Saved                   Not checked     Requires save
        s2             Not Saved                   Not checked     Requires save
        s3             Not Saved                   Not checked     Requires save
        s4             Not Saved                   Not checked     Requires save
         
  3. Execute the zeroize command:
    root@SRX> request system zeroize
    warning: System will be rebooted and may not boot without configuration
    Erase all data, including configuration and log files? [yes,no] (no) yes
Related Links: