Symptom
On FTD managed by FMC/FDM version 7.0.0 that has deployed Active Auth (Captive Portal) Identity Policies:
1. UI becomes unresponsive after login
2. [/ngfw]/var/log/idhttpsd/access_log|error_log has very large file size such that the log disk partition is possibly full
3. [/ngfw]/var/log/idhttpsd/ has permission 770.
4. [/ngfw]/var/log/cron has warning of logrotate is not able to rotate [/ngfw]/var/log/idhttpsd/access_log|error_log: Jun 21 04:02:01 ful01-p8-kp2110-1 CROND[52292]: (root) CMDOUT (error: skipping "/ngfw/var/log/idhttpsd/error_log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.)
Conditions
1. On FTD managed by FMC or FDM with version 7.0.0,
2. Active Auth (captive portal) identity policy has been enabled and deployed, and
3. Captive portal verification has been running for a while so that [/ngfw]/var/log/idhttpsd/access_log is too large
Workaround
On FTD
1. become su in expert mode, then do
2. pmtool disablebyid idhttpsd
3. chmod 750 [/ngfw]/var/log/idhttpsd
4. rm -f [/ngfw]/var/log/idhttpsd/*_log
5. pmtool enablebyid idhttpsd
(6. logrotate --force [/ngfw]/etc/logrotate.d/idhttpsd.logrotate <-- to verify that logrotate works)
Further Problem Description
On FDM managed FTD, the UI may become unresponsive after [/ngfw]/var/log/idhttpsd/*_log fill up the whole disk partition.
