Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[M/MX/T/PTX] How to upload the kernel core files to JTAC

0

0

Article ID: KB26688 KB Last Updated: 29 May 2013Version: 3.0
Summary:
This article provides information on how to upload the restricted kernel files to JTAC.
Symptoms:
By default, on Junos, kernel core files are generated with restrictive access rights, so that the sensitive information, which is contained within these files, is available only to a restricted set of users.

The following example is of such file access permissions (read/write for root user):
user@router1-re0> show system core-dumps
-rw------- 1 root wheel 278392832 Oct 10 17:25 /var/crash/vmcore.0
/var/tmp/*core*: No such file or directory
/var/tmp/pics/*core*: No such file or directory
-rw-r--r-- 1 root wheel 15273950 Oct 10 17:25 /var/crash/kernel.0
total files: 2
This may cause an issue, when these core files are requested by JTAC and the customer does not have immediate knowledge of the root password.
Cause:

Solution:
Within JunOS, every user, who is set with the maintenance level (root like) privilege, can access the file archive command. This command creates an archive with the current user as the owner; but also allows the root owned files to be archived. This allows the user to then upload the resulting file to an SFTP or FTP server.
  1. First,  confirm if you are with the maintenance level:
    user@router1-re0> show cli authorization | match maintenance
    maintenance -- Can become the super-user
  2. Create an compressed archive of the core file:
    user@router1-re0> file archive compress source /var/crash/vmcore.0 destination /var/tmp/vmcore.0
    /usr/bin/tar: Removing leading `/' from member names
  3. The following command displays the newly created file with the current user's ownership. The new file has a .tgz extension:
    user@router1-re0> file list detail /var/tmp/vmcore.0.tgz
    -rw------- 1 user field 68809080 Jan 7 19:34 /var/tmp/vmcore.0.tgz
    total 1
  4. You can then copy the files to a SFTP or FTP server (usually both the vmcore and kernel files are required):
    user@router1-re0> file copy /var/tmp/vmcore.0.tar scp://anonymous@sftp.juniper.net:/pub/incoming/2012-0107-0000/
    The authenticity of host 'sftp.juniper.net (66.129.230.52)' can't be established.
    RSA key fingerprint is 8b:6b:36:94:ea:6d:92:55:bb:1f:80:3e:54:ea:4d:30.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added 'sftp.juniper.net,66.129.230.52' (RSA) to the list of known hosts.
    anonymous@sftp.juniper.net's password:
For more information, refer to KB23337 - How to upload large files to a JTAC Case.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search