Juniper EX4300 pam files corrupt

Amnesiac (ttyu0)
login: root
rts_filter_prep_fields error getting rt_flags in rtentry_t
Amnesiac (ttyu0)
login: root
Amnesiac (ttyu0)
Amnesiac (ttyu0)
login: root
Amnesiac (ttyu0)

Huh no prompt for a password there just login: over and over.
Boot into single user mode.

FreeBSD/PowerPC U-Boot bootstrap loader, Revision 2.4
(, Wed Jun 19 20:28:02 PDT 2013)
Memory: 2048MB
bootsequencing is enabled
bootsuccess is set
new boot device = disk0
Loading /boot/defaults/loader.conf
/kernel data=0xb5cbe6+0xd582a syms=[0x4+0x9d690+0x4+0xe62e2]

Hit [Enter] to boot immediately, or space bar for command prompt.

Type ‘?’ for a list of commands, ‘help’ for more detailed help.
loader> boot -s

Trying to mount root from ufs:/dev/da0s1a
Attaching /packages/junos via /dev/mdctl…
Mounted junos-ex package on /dev/md0…
System watchdog timer disabled
Enter full pathname of shell or ‘recovery’ for root password recovery or RETURN for /bin/sh:

Just hit enter and don’t go into recovery. Prompt changes to #.

NOTE: to go to multi-user operation, exit the single-user shell (with ^D)
# mount -a
WARNING: /config was not properly dismounted
WARNING: /var was not properly dismounted
/var: mount pending error: blocks 4 files 1

# chflags 0 /var/etc/pam.conf
# exit

chflags 0 /var/etc/pam.conf and exit to reboot. This fixed the problem where I just kept seeing login: over and over with no password prompt.

Amnesiac (ttyu0)

login: root
— JUNOS 14.1X53-D12.9 built 2015-06-25 03:06:46 UTC
rts_filter_prep_fields error getting rt_flags in rtentry_t
root@:RE:0% al daemons:set cores for group access

Logs in correctly now and I ran the JunOS upgrade from here and got everything stable again.

Annoying messages.
Auto Image Upgrade: To stop, on CLI apply
“delete chassis auto-image-upgrade” and commit

Auto Image Upgrade: No DHCP Client in bound state, reset all DHCP clients
Auto Upgrade: DHCP Client State Reset: irb.0 vme.0
Entering configuration mode

root# delete chassis auto-image-upgrade

set system root-authentication plain-text-password
New password:
Retype new password:

root# commit
configuration check succeeds
commit complete

root> request system software add /var/tmp/jinstall-ex-4300-17.3R3.10-signed.tgz reboot
NOTICE: Validating configuration against jinstall-ex-4300-17.3R3.10-signed.tgz.
NOTICE: Use the ‘no-validate’ option to skip this if desired.
Verify the signature of the new package
Verified jinstall-ex-4300-17.3R3.10.tgz signed by PackageProductionRSA_2018
WARNING: A reboot is required to install the software
WARNING: Use the ‘request system reboot’ command immediately
Rebooting …
shutdown: [pid 2254]
Shutdown NOW!

Boots up in the new OS
root@:RE:0% cli
root> show version
Model: ex4300-48p
Junos: 17.3R3.10
JUNOS EX Software Suite [17.3R3.10]
JUNOS FIPS mode utilities [17.3R3.10]
JUNOS Crypto Software Suite [17.3R3.10]
JUNOS Online Documentation [17.3R3.10]
JUNOS jsd [powerpc-17.3R3.10-jet-1]
JUNOS SDN Software Suite [17.3R3.10]
JUNOS EX 4300 Software Suite [17.3R3.10]
JUNOS Web Management Platform Package [17.3R3.10]
JUNOS py-base-powerpc [17.3R3.10]
JUNOS py-extensions-powerpc [17.3R3.10]

Get rid of some errors related to snapshots being different.
root> request system snapshot media internal slice alternate all-members
Formatting alternate root (/dev/da0s1a)…

Copying ‘/dev/da0s2a’ to ‘/dev/da0s1a’ .. (this may take a few minutes)
The following filesystems were archived: /

root> show system alarms
4 alarms currently active
Alarm time Class Description
2019-02-15 12:20:53 UTC Major FPC 0 PSU 1 Output Failure
2019-02-15 12:20:48 UTC Major FPC 0 PSU 1 Not OK
2019-02-15 12:20:38 UTC Major Management Ethernet Link Down
2019-02-15 12:20:01 UTC Minor Rescue configuration is not set

root> show chassis alarms
3 alarms currently active
Alarm time Class Description
2019-02-15 12:20:53 UTC Major FPC 0 PSU 1 Output Failure
2019-02-15 12:20:48 UTC Major FPC 0 PSU 1 Not OK
2019-02-15 12:20:38 UTC Major Management Ethernet Link Down

Clean up some more alarms.
root> request system configuration rescue save

Power it down and wait till I need this as it is now the spare.

RANCID on Ubuntu setup

Best Tools for Monitoring and Administering your LAN/WAN network better!!!: How to setup and configure Rancid integrated with …:

They covered almost everything there correctly for me but I did run into a few things I had to change..
apt-get install rancid cvsweb cvs
I’m using MS RADIUS for AD user integration and privilege level 15 on login and SSH so I needed to set:
add autoenable  *       1
add user        *       username
add password    *       userpassword     
add method      *       ssh

In /var/lib/rancid/.cloginrc.

I also used “su -s /bin/bash rancid” to change to the rancid user and run all the needed commands from there.
“crontab -e”
“1 10 * * * /usr/local/rancid/bin/rancid-run”
Edit that time in crontab to run at whatever interval you like.

I used exim4 for mail and it was installed by default. Edit /etc/aliases and restart mail “service exim4 restart”.
Everything pretty much worked out of the box.

More MS RADIUS setup information.