• State Verified Answer
  • Replies replies
    2
  • Subscribers subscribers
    13
  • Views views
    225
  • Users 0 members are here
Related
Options

I'm trying to update log4j vulnerability for DP10.70 I need to undeploy/deploy a new dp-gui.war file

Richard Bousquet
 

SO I need to run DP10.70 to maintain backups of some older systems. I'm running Linux CM/IS  and the GUI on a windows machine.  It's my windows installation I'm having an issue with.

My organization requires that all versions of log4j be updated to the latest.   

I've replaced the entries on DataProtector\OminiBack\bin\telemetry   So I updated log4j-core-2.11.2 to log4j-2.17.2.jar 

that was no problem.  

But when the AppServer is running I find log4j-1.2.16.jar under the tmp\AppServer\vfs\ folders.

I know that this Jar file is bundled into DP-GUI.war

I can extract the war and replace the log4j-1.2.16.jar with the latest (reload4j-1.2.18.1.jar)  My issue is now I need to undeploy / deploy this updated dp-gui.war file only I can't seem to figure the command.

So I fixed my linux install using the jboss-cli.sh -c --command="undeploy/deploy" --force /omni/bin/components/dp-gui.war"  (in case you are wondering this did indeed replace my old dp-gui.war file and when I run DP the AppServer/vfs now contains my new log4j jar file. And it works.

I can't seem to figure out what command will work to do this on windows though.  

I know its jboss-cli.bat  but so far i've not been able to connect and update this file.

I have a ticket with Microfocus but so far they have not been able to help and since I think in their opinion this file doesn't need to be updated to be compliant....however our security folks say otherwise.

Thanks.

Top Replies

Parents
  • 0  

    One other piece of info:   When I run jboss-cli.bat on my windows server the first thing it asks  me is 

    Authenticating against security realm: ManagementRealm

    Username:   

    I have no clue if I'm just not connected to the right jboss service or what a login might be.     There are also other applications running on this server.  Serena Buisness Manager to be specific.  

  • Verified Answer

    +1   in reply to Richard Bousquet

    I've solved this.  MF seems reluctant to give me the commands but I've figured it out on my own.  So my issue was that I was running the jboss-cli.bat as my domain admin account, and it needs to run as a local admin account.  I just had to open a cmd prompt as a local admin: 

    >runas /user:localAdminusername "c:\DataProtector\OmniBack\AppServer\bin\jboss-cli.bat"

    Then enter the local password and you are in.  type >connect then the following

    >deploy "c:\DataProtector\OmniBack\bin\components\dp-gui.war" --force

    Then restart the AppServer

    I'll just put this out there if someone has a similar issue with log4j patching and just say that this patch  IS NOT the official Microfocus patch in anyway.  You should defer to their guidance and not just do stuff...however I 100% have to update all of my versions of LOG4J and I am unable to upgrade to the latest's DP.   Hope this helps someone though.

Reply

  • Verified Answer

    +1   in reply to Richard Bousquet

    I've solved this.  MF seems reluctant to give me the commands but I've figured it out on my own.  So my issue was that I was running the jboss-cli.bat as my domain admin account, and it needs to run as a local admin account.  I just had to open a cmd prompt as a local admin: 

    >runas /user:localAdminusername "c:\DataProtector\OmniBack\AppServer\bin\jboss-cli.bat"

    Then enter the local password and you are in.  type >connect then the following

    >deploy "c:\DataProtector\OmniBack\bin\components\dp-gui.war" --force

    Then restart the AppServer

    I'll just put this out there if someone has a similar issue with log4j patching and just say that this patch  IS NOT the official Microfocus patch in anyway.  You should defer to their guidance and not just do stuff...however I 100% have to update all of my versions of LOG4J and I am unable to upgrade to the latest's DP.   Hope this helps someone though.

Children
No Data

Resources

Support
Documentation
Training
CyberRes Academy
Partner Portal
Contact us
Compliance
Help
Company
Privacy Policy
Terms of Use
Accessibility
Anti-Slavery Statement
Support
How To Buy
Careers
Investor Relations
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.