Cisco MDS 9000 Series: Unable to reconfigure Syslog server IP (session currently owned by a different user)
Summary: Unable to reconfigure Syslog server IP.
Symptoms
When trying to change the System Server IP address while there was a fabric lock to another user on the same machine:
- Customer was unable to reconfigure Syslog server IP. Rejection message (session currently owned by a different user) displays.
- Cisco Fabric Service (CFS) is enabled for the (syslogd) feature, and user (USER_X) has the lock, while the customer was logged in with (USER_Y).
`show cfs application` ---------------------------------------------- Application Enabled Scope ---------------------------------------------- ntp No Physical-fc-ip fscm Yes Physical-fc role No Physical-fc-ip rscn No Logical radius No Physical-fc-ip tacacs No Physical-fc-ip fctimer No Physical-fc syslogd Yes Physical-fc-ip callhome No Physical-fc-ip fcdomain No Logical fc-redirect Yes Physical-fc device-alias Yes Physical-fc Total number of entries = 12 `show cfs lock` Application: syslogd Scope : Physical-fc-ip -------------------------------------------------------------------------------- Switch WWN IP Address User Name User Type -------------------------------------------------------------------------------- xx:xx:xx:xx:xx:xx:xx:xx XX.XX.XX.XX USER_X CLI/SNMP v3 <Switch name>
Cause
Locking the Fabric:
When configuring (first-time configuration) a Cisco NX-OS feature (or application) that uses the Cisco Fabric Services (CFS) infrastructure, a CFS session starts and locks the fabric. When a fabric is locked, the Cisco NX-OS software does not allow configuration changes from switches to this feature, other than the switch holding the lock. It issues a message to inform the user about the locked status. The configuration changes are held in a pending database by that application.
If you start a CFS session that requires a fabric lock but forget to end the session, an administrator can clear the session. If you lock a fabric at any time, your username is remembered across restarts and switchovers. If another user (on the same machine) tries to run configuration tasks, that user's attempts are rejected.
Resolution
Workaround:
- Check the output of (# show cfs lock name syslogd) to know which Switch/User has the lock.
- Log in to the Switch/User has the lock and perform the required changes.
Resolution: Stop the configuration from the switch where the configuration lock was acquired.
This method clears the CFS lock for the (syslogd) application in the entire fabric:
Switch# Conf t
Switch(conf)# logging abort
This method clears the CFS lock for the (syslogd) application from any switch in the fabric:
Switch# clear logging session
Additional Information
A user is unable to make any configuration-related change for the corresponding CFS applications, for which a CFS lock is stuck or is unable to run an In-Service Software Upgrade (ISSU) if the CFS is locked for session-mgr.
This list shows some common error messages caused by a CFS lock:
Operation failed. Fabric is already locked.Session currently owned by a different user.Service "cfs" returned error: Operation failed. Fabric is already locked (0x40B30029)