Same here on VCSA 7.0.3 with the following error, after updating java-wrapper-vmon based on this KB: 87081 :

Service-control failed. Error: Failed to start services in profile ALL. RC=1, stderr=Failed to start eam, lookupsvc services. Error: Operation timed out

Regards

@cjobst Can you try the automated steps in https://kb.vmware.com/s/article/87088 after reverting the configuration file with the backup taken before the modification step ?

Hi @baijup, what is the difference to the manual way?

We changed the config file back to it's original, otherwise the vSphere won't come up.

Do we anyway have to revert to the original file then?

@cjobst Script does the exact same steps in manual way, so no difference. Just that we can avoid typos or permissions related issues while applying the workaround with automated script. You will have to revert the config files with the original one (with the backup taken before updating the files) before executing the script.

@baijup 

We just successfully tried the script (with the "non-original" file) and it's working!

We changed the last two lines in the vmon file back to it's original state. Is there anything to do now?

@cjobst Thanks for the update. Script will show the status of verification at the end of execution. Sample screenshot from 7.0 attached, if it is showing Success for all the steps, then the workarounds applied successfully. No other actions are required. Request you monitor the advisory as mentioned below.

This is an ongoing event, please check this advisory for frequent updates as they develop.
https://www.vmware.com/security/advisories/VMSA-2021-0028.html

It has broken SSO on two of our environments, I am trying to roll back, but how can I undo this command?

zip -q -d /usr/lib/vmware/common-jars/log4j-core-2.8.2.jar org/apache/logging/log4j/core/lookup/JndiLookup.class

I've tried unzip -q -d /usr/lib/vmware/common-jars/log4j-core-2.8.2.jar org/apache/logging/log4j/core/lookup/JndiLookup.class with no success

Backup file taken in the first step (pasted below) mentioned in the kB https://kb.vmware.com/s/article/87081 will help to revert the file. Ideally applying the workaround should not impact SSO, you may also contact VMware Support to troubleshoot the issue.

• Back up the log4j-core-2.8.2.jar file

• Run the zip command to disable the class

• Restart the Analytics service

Thanks for the reply.

Unfortunately is has broken our sso. How do I roll back the file?

Using the Python script has resolved all the issues, and we can log in using ip or FQDN. Using the name no longer works and gives the attached error. Is there an easy fix for this?

Thanks for the update, have responded on the other community thread. Request you to check KB https://kb.vmware.com/s/article/71387?lang=en_US

Amazing response baijup. Thank you so much!