Symptom
On a virtual or physical device managed by the Firepower Device Manager (FDM), if a user updates the SRU package -manually or automatically-- (SRU version: - Sourcefire_Rule_Update-2018-07-23-001 or newer), subsequent deployments will fail.
Conditions
When a user tries to perform SRU update with latest SRU version or if it is being updated as part of scheduled updates, deployment fails.
Workaround
Workaround:
Login to the FTD console and access the expert mode then:
# Get admin privileges
sudo su
cd /var/sf/SRU
#Show the available SRU package. You will see 2 packages
ls -lrt
# Remove the latest SRU package from the directory. Filename shown below is an example
rm Sourcefire_Rule_Update-2018-07-23-001-vrt.sh
# Make sure only one package remains in the directory and it's older than 2018-07-23-001
ls -lrt
#Execute the following command:-
echo "-f" > /ngfw/var/cisco/ngfwWebUi/clisyncer/sru/sru
Note: -
1. This will trigger a force install of the last good SRU version and also trigger an automatic deployment. To confirm that a task is scheduled please check the Task list in the UI for successful deployment (there could be some delays).
2. To avoid getting back into the same failed state, please do not use the 2018-07-23 update and move directly to SRU 2018-07-30 or later release
Further Problem Description
