From jwbensley at gmail.com Thu Sep 5 10:05:40 2013 From: jwbensley at gmail.com (James Bensley) Date: Thu, 5 Sep 2013 11:05:40 +0100 Subject: [rancid] How to implement a diff filter? In-Reply-To: References: <20120218002841.GE25415@seti> Message-ID: Better late than never ;) Thanks to everyone for your input on this, the info provided was exactly the direction I needed. I have implemented a diff filter now. It's very basic but that's all it needed to be. I wanted my rancid update emails to change from this [1], to this [2]. So any section where there wasn't a configuration change, don't tell me about it (although do commit it to the repository). The simple pattern here is that updates without config changes have the same number of line start with "-" and "- !" and the same number of lines starting with "+" and "+ !". The script simple uses sed to cut out sections from the email update diff file that match this simple pattern. The script is here; http://null.53bits.co.uk/index.php?page=rancid-filter As pointed out, you need to make a minor modification to control_rancid in bin/ directory to call the filter script. Thanks again everyone, you have aided me in the never ending battle of reducing the number of emails I receive! Cheers, James. [1] http://pastebin.com/raw.php?i=hJX2mrmX [2] http://pastebin.com/raw.php?i=FMY5C6dp From yury.soldatov at rambler.ru Thu Sep 5 12:22:21 2013 From: yury.soldatov at rambler.ru (Yury Soldatov) Date: Thu, 05 Sep 2013 16:22:21 +0400 Subject: [rancid] Edge-core switches Message-ID: <5228777D.7040407@rambler.ru> Hi! I need add Edge-core switches 3552, 4649, 4650 to Rancid. Perhaps someone has already solved a similar problem? From paleola at gmail.com Thu Sep 5 13:00:04 2013 From: paleola at gmail.com (Aleksey P) Date: Thu, 5 Sep 2013 17:00:04 +0400 Subject: [rancid] Rancid update Message-ID: Hi to all. We have rancid version 2.3.4. Is there any manual how to update rancid to current version? -------------- next part -------------- An HTML attachment was scrubbed... URL: From Matthew.Mengel at mfsq.org.au Thu Sep 5 23:16:06 2013 From: Matthew.Mengel at mfsq.org.au (Matthew Mengel) Date: Thu, 5 Sep 2013 23:16:06 +0000 Subject: [rancid] Backing up backups Message-ID: <5EF04497240A7A4DAC1D9B3CBD13BF5D014D5008@EXMB02.mercynet.net> Hi. A quick query - I have a single RANCID server. Is there a recommended way to backup the config "database" (for want of a better word) if I don't want to run up a second server. Thanks Matthew [Description: Description: cid:img001.jpg at 01CE14E7.702BC280] Matthew Mengel Network Support Officer Mob: 0477 305 412 Ph: +61 7 3267 9076 MFS IT Helpdesk 125 Queens Road, Nudgee, Q 4014 PO Box 182, Banyo Q 4014 Ph: 3267 9099 Email: ithelp at mfsq.org.au www.mercyfamilyservices.org.au [Description: Description: cid:image005.jpg at 01CE312A.E04F3D80] -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 3187 bytes Desc: image001.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 9844 bytes Desc: image002.jpg URL: From rmilton at mvsusa.com Fri Sep 6 14:33:55 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Fri, 6 Sep 2013 14:33:55 +0000 Subject: [rancid] Rancid-Ubuntu-Juniper Message-ID: I have had quite a difficult time with the Rancid Installation. Firstly, I was having problems with svn saying that "/var/lib/rancid/New_York is not a working copy" meaning svn needed permissions? I don't know Then I tried to go BACK to cvs--- more errors. Is there a way to start over? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD small] -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 569 bytes Desc: image001.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.jpg Type: image/jpeg Size: 6493 bytes Desc: image004.jpg URL: From heas at shrubbery.net Fri Sep 6 18:36:37 2013 From: heas at shrubbery.net (heasley) Date: Fri, 6 Sep 2013 18:36:37 +0000 Subject: [rancid] Backing up backups In-Reply-To: <5EF04497240A7A4DAC1D9B3CBD13BF5D014D5008@EXMB02.mercynet.net> References: <5EF04497240A7A4DAC1D9B3CBD13BF5D014D5008@EXMB02.mercynet.net> Message-ID: <20130906183637.GB13446@shrubbery.net> Thu, Sep 05, 2013 at 11:16:06PM +0000, Matthew Mengel: > Hi. > > A quick query - I have a single RANCID server. Is there a recommended way to backup the config "database" (for want of a better word) if I don't want to run up a second server. tar(1), dump(8), rsync(1)? if you're using svn, google for svn-backup-dumps.py. From tlimoncelli at stackexchange.com Fri Sep 6 20:53:50 2013 From: tlimoncelli at stackexchange.com (Tom Limoncelli) Date: Fri, 6 Sep 2013 16:53:50 -0400 Subject: [rancid] Backing up backups In-Reply-To: <5EF04497240A7A4DAC1D9B3CBD13BF5D014D5008@EXMB02.mercynet.net> References: <5EF04497240A7A4DAC1D9B3CBD13BF5D014D5008@EXMB02.mercynet.net> Message-ID: On Thu, Sep 5, 2013 at 7:16 PM, Matthew Mengel wrote: > A quick query ? I have a single RANCID server. Is there a recommended way > to backup the config ?database? (for want of a better word) if I don?t want > to run up a second server.**** > > We back up our configs to a private Mercurial repository server. It has its own backups. Tom -------------- next part -------------- An HTML attachment was scrubbed... URL: From frnkblk at iname.com Sat Sep 7 03:07:20 2013 From: frnkblk at iname.com (Frank Bulk) Date: Fri, 6 Sep 2013 22:07:20 -0500 Subject: [rancid] Edge-core switches In-Reply-To: <5228777D.7040407@rambler.ru> References: <5228777D.7040407@rambler.ru> Message-ID: <008b01ceab77$5dd437d0$197ca770$@iname.com> I'd be interested in a working version, too. Frank -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Yury Soldatov Sent: Thursday, September 05, 2013 7:22 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Edge-core switches Hi! I need add Edge-core switches 3552, 4649, 4650 to Rancid. Perhaps someone has already solved a similar problem? _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss From gfleming at srk.com Tue Sep 10 23:34:56 2013 From: gfleming at srk.com (Fleming, Graham) Date: Tue, 10 Sep 2013 23:34:56 +0000 Subject: [rancid] Extreme Networks - Disable CLI Paging Message-ID: Hi there. I have very basic scripting knowledge so I?m not very good at figuring these things out and I?m finally resorting to asking some much smarter folk! I have a bunch of Extreme networks switches and Ive managed to tweak the ?xrancid? script to fix some issues that I had out of the box with RANCID and Extreme switches. The last issue that I cannot figure out is in my saved configs, it appears the word ?quit? gets mangled up in the output seemingly from the pager prompts. Example at the end. I looked through the ?clogin? script to see about disabling the pager but there are some comments in that script about how Extreme switches can?t have the pager disabled. Assuming this is old stuff as now they can. Running XOS v15 on these X440?s. The command ?disable cli paging? will disable the pager per-session. I?ve tried messing around with ?clogin? to try and get it to pass this command but it doesn?t work. Anyone know if this is easy to do? Please help. Here?s what my daily diffs look like (extract). Note the work quit appears spread out in random places: Index: configs/x440-0 =================================================================== # - u# # Module devmgr configuration. # enable ip-option record-timestamp - disable ipforwarding broadcast vlan + disabule ipforwarding broadcast vlan disable ipforwarding broadcast vlan - i # # Module dosprotect configuration. - t # configure mvrp stpd s0 + i # disable ripng export isis-level-1 + t # From jameserica156 at yahoo.com Thu Sep 12 08:08:38 2013 From: jameserica156 at yahoo.com (Erica James) Date: Thu, 12 Sep 2013 01:08:38 -0700 (PDT) Subject: [rancid] rancid not writting configurations to /config/ file Message-ID: <1378973318.8301.YahooMailNeo@web160801.mail.bf1.yahoo.com> hello there! ? I am facing a problem with rancid, please kindly advise. I am adding a Huawei MA5600T device to rancid, but rancid does not write configurations to the /config/? file.This is the only output I am getting in the file. ? [eserica at netflow configs]$ ls 10.3.4.5? CVS [eserica at netflow configs]$ less 10.3.4.5 # RANCID-CONTENT-TYPE: Huawei # ? and with the logs, ? Trying to get all of the configs. 10.3.4.5: missed cmd(s): display current-configuration,display version 10.3.4.5: End of run not found # All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs ? ? Does it have anything to do with the "missed cmds"? What about the end of run. I have checked out suggestions from the forum plus the FAQs but none has proved success. ? Can someone advise please.? I am currently using hulogin and hurancid scripts. Take a look at them ? https://github.com/ssinyagin/rancid-ssi/blob/master/bin/hulogin.in https://github.com/ssinyagin/rancid-ssi/blob/master/bin/hurancid.in ? Thanks in advance ? Eserica -------------- next part -------------- An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Thu Sep 12 09:06:12 2013 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Thu, 12 Sep 2013 11:06:12 +0200 Subject: [rancid] rancid not writting configurations to /config/ file In-Reply-To: <1378973318.8301.YahooMailNeo@web160801.mail.bf1.yahoo.com> References: <1378973318.8301.YahooMailNeo@web160801.mail.bf1.yahoo.com> Message-ID: <52318404.6010404@gmail.com> On 12/09/2013 10:08, Erica James wrote: > hello there! > > I am facing a problem with rancid, please kindly advise. I am adding a > Huawei MA5600T device to rancid, but rancid does not write > configurations to the /config/ file.This is the only output I am > getting in the file. > > [eserica at netflow configs]$ ls > 10.3.4.5 CVS > [eserica at netflow configs]$ less 10.3.4.5 > # RANCID-CONTENT-TYPE: Huawei > # > > and with the logs, > > Trying to get all of the configs. > 10.3.4.5: missed cmd(s): display current-configuration,display version > 10.3.4.5: End of run not found > # > All routers sucessfully completed. > cvs diff: Diffing . > cvs diff: Diffing configs > cvs commit: Examining . > cvs commit: Examining configs > > > Does it have anything to do with the "missed cmds"? What about the end > of run. I have checked out suggestions from the forum plus the FAQs but > none has proved success. "missed commands" means that the rancid parser looked for the output of those two commands, but did not find it for whatever reason. It's a general type of error message and all you know at this point is that something went wrong. "end of run not found" means exactly that - the parser looked for some text pattern that indicates all the text above it was processed correctly and the end happened exactly where it was expected to end. Again, we know something went wrong but have no idea what. I don't have the hu* scripts, but I assume they are forked from the original rancid scripts? Run "hurancid -d ", that should dump the entire raw output into the current directory and you can manually go through it to figure out what went wrong. Consider how rancid must work - it receives many lines of unstructured text that hopefully follow and expected pattern. It has to identify the prompt character, match the command entered later on that line, and process every line after it until it sees a prompt again, then repate for the next command. It's all driven by regular expressions and if one line does not match in the expected way it can throw out everything that follows. Plus, we have vendors who change the formatting of the output almost on a whim sometimes... There's no stock answer to the problem you have, it really does take eyeballs on the text to figure it out. > > Can someone advise please. I am currently using hulogin and hurancid > scripts. Take a look at them > > https://github.com/ssinyagin/rancid-ssi/blob/master/bin/hulogin.in > > https://github.com/ssinyagin/rancid-ssi/blob/master/bin/hurancid.in > > Thanks in advance > > Eserica > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- Alan McKinnon alan.mckinnon at gmail.com From rmilton at mvsusa.com Thu Sep 12 14:59:00 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Thu, 12 Sep 2013 14:59:00 +0000 Subject: [rancid] Permissions and files Message-ID: I don't know where to go on this. I can't tell if my Rancid configuration is even working. I'm at the point of testing rancid-run manually to see what happens. I am getting a combination of "Permission Denied" errors on the .cloginrc file, "End of Run Not found" errors, and some others that I excerpted below. That said, I have an example of the file in /var/log/rancid from today and from Friday: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 VS: starting: Fri Sep 6 15:57:50 EDT 2013 /usr/lib/rancid/bin/control_rancid: 206: /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission denied comm: file 2 is not in sorted order comm: file 2 is not in sorted order comm: file 2 is not in sorted order cvs add: scheduling file `94.229.11.1' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1 initial revision: 1.1 Added 94.229.11.1 cvs add: scheduling file `94.229.11.2' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2 initial revision: 1.1 Added 94.229.11.2 cvs add: scheduling file `94.229.11.3' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3 initial revision: 1.1 Added 94.229.11.3 ***TRUNCATED*** 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.2: End of run not found 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.3: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.3: End of run not found 94.229.11.1 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied ***TRUNCATED*** 94.229.14.250: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 94.229.14.250: End of run not found ; unknown router manufacturer for 94.229.11.218: junper 94.229.11.92 clogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied ***TRUNCATED*** 94.229.11.210: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.210: End of run not found Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 569 bytes Desc: image001.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.jpg Type: image/jpeg Size: 2723 bytes Desc: image004.jpg URL: From tosimpson at forchtgroup.com Thu Sep 12 15:38:49 2013 From: tosimpson at forchtgroup.com (Tom Simpson) Date: Thu, 12 Sep 2013 15:38:49 +0000 Subject: [rancid] Permissions and files In-Reply-To: Message-ID: An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 569 bytes Desc: image001.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.jpg Type: image/jpeg Size: 2723 bytes Desc: image004.jpg URL: From rmilton at mvsusa.com Thu Sep 12 15:51:36 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Thu, 12 Sep 2013 15:51:36 +0000 Subject: [rancid] Permissions and files In-Reply-To: References: Message-ID: <1f6a2e9105a0465086805e5edb543b58@BN1PR01MB119.prod.exchangelabs.com> Well, I was attempting to run as rancid. I don't know how it would run "normally". Here is what I show: -rwxr-x--- 1 rancid rancid 1946 Sep 6 15:57 .cloginrc I think that is chmod 750 .cloginrc (now). Would I make it something different? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Tom Simpson [mailto:tosimpson at forchtgroup.com] Sent: Thursday, September 12, 2013 11:39 AM To: Ryan Milton; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files The .cloginrc doesn't have the proper permissions set for the rancid user. Or are you running it as someone else? Mine is -rw-rw----. 2 apache rancid 4429 Aug 27 10:12 .cloginrc I tend to login as the rancid user, sudo su - rancid for testing purposes, since I disallow ssh login to the server for any user except normal users... -- Thanks, Tom Simpson LAN/WAN Engineer Forcht Group of Kentucky 859.259.9700 x538 "We all knew there was just one way to improve our odds for survival: train, train, train. Sometimes, if your training is properly intense it will kill you. More often -- much, much more often -- it will save your life." - Richard Marcinko, former US Navy SEAL Team Commander From: Ryan Milton > Date: Thursday, September 12, 2013 10:59 AM To: "rancid-discuss at shrubbery.net" > Subject: [rancid] Permissions and files [cid:image003.gif at 01CEAFAE.6DA34530] I don't know where to go on this. I can't tell if my Rancid configuration is even working. I'm at the point of testing rancid-run manually to see what happens. I am getting a combination of "Permission Denied" errors on the .cloginrc file, "End of Run Not found" errors, and some others that I excerpted below. That said, I have an example of the file in /var/log/rancid from today and from Friday: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 VS: starting: Fri Sep 6 15:57:50 EDT 2013 /usr/lib/rancid/bin/control_rancid: 206: /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission denied comm: file 2 is not in sorted order comm: file 2 is not in sorted order comm: file 2 is not in sorted order cvs add: scheduling file `94.229.11.1' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1 initial revision: 1.1 Added 94.229.11.1 cvs add: scheduling file `94.229.11.2' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2 initial revision: 1.1 Added 94.229.11.2 cvs add: scheduling file `94.229.11.3' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3 initial revision: 1.1 Added 94.229.11.3 ***TRUNCATED*** 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.2: End of run not found 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.3: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.3: End of run not found 94.229.11.1 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied ***TRUNCATED*** 94.229.14.250: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 94.229.14.250: End of run not found ; unknown router manufacturer for 94.229.11.218: junper 94.229.11.92 clogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied ***TRUNCATED*** 94.229.11.210: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.210: End of run not found Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] ________________________________ CONFIDENTIALITY NOTICE: This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. Forcht Group IT, 2400 South Main Street, Corbin, Ky. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 2724 bytes Desc: image002.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.gif Type: image/gif Size: 569 bytes Desc: image003.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.jpg Type: image/jpeg Size: 2723 bytes Desc: image004.jpg URL: From willie.s.hinote at nasa.gov Thu Sep 12 16:44:28 2013 From: willie.s.hinote at nasa.gov (Hinote, Scotty (MSFC-IS40)[NICS]) Date: Thu, 12 Sep 2013 16:44:28 +0000 Subject: [rancid] Permissions and files In-Reply-To: <1f6a2e9105a0465086805e5edb543b58@BN1PR01MB119.prod.exchangelabs.com> References: <1f6a2e9105a0465086805e5edb543b58@BN1PR01MB119.prod.exchangelabs.com> Message-ID: Hi Ryan, You should have permissions set to 600 on .cloginrc. Regards, Scotty From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Thursday, September 12, 2013 10:52 AM To: Tom Simpson; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Well, I was attempting to run as rancid. I don't know how it would run "normally". Here is what I show: -rwxr-x--- 1 rancid rancid 1946 Sep 6 15:57 .cloginrc I think that is chmod 750 .cloginrc (now). Would I make it something different? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Tom Simpson [mailto:tosimpson at forchtgroup.com] Sent: Thursday, September 12, 2013 11:39 AM To: Ryan Milton; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files The .cloginrc doesn't have the proper permissions set for the rancid user. Or are you running it as someone else? Mine is -rw-rw----. 2 apache rancid 4429 Aug 27 10:12 .cloginrc I tend to login as the rancid user, sudo su - rancid for testing purposes, since I disallow ssh login to the server for any user except normal users... -- Thanks, Tom Simpson LAN/WAN Engineer Forcht Group of Kentucky 859.259.9700 x538 "We all knew there was just one way to improve our odds for survival: train, train, train. Sometimes, if your training is properly intense it will kill you. More often -- much, much more often -- it will save your life." - Richard Marcinko, former US Navy SEAL Team Commander From: Ryan Milton > Date: Thursday, September 12, 2013 10:59 AM To: "rancid-discuss at shrubbery.net" > Subject: [rancid] Permissions and files [cid:image002.gif at 01CEAFAD.701BB4B0] I don't know where to go on this. I can't tell if my Rancid configuration is even working. I'm at the point of testing rancid-run manually to see what happens. I am getting a combination of "Permission Denied" errors on the .cloginrc file, "End of Run Not found" errors, and some others that I excerpted below. That said, I have an example of the file in /var/log/rancid from today and from Friday: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 VS: starting: Fri Sep 6 15:57:50 EDT 2013 /usr/lib/rancid/bin/control_rancid: 206: /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission denied comm: file 2 is not in sorted order comm: file 2 is not in sorted order comm: file 2 is not in sorted order cvs add: scheduling file `94.229.11.1' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1 initial revision: 1.1 Added 94.229.11.1 cvs add: scheduling file `94.229.11.2' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2 initial revision: 1.1 Added 94.229.11.2 cvs add: scheduling file `94.229.11.3' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3 initial revision: 1.1 Added 94.229.11.3 ***TRUNCATED*** 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.2: End of run not found 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.3: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.3: End of run not found 94.229.11.1 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied ***TRUNCATED*** 94.229.14.250: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 94.229.14.250: End of run not found ; unknown router manufacturer for 94.229.11.218: junper 94.229.11.92 clogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied ***TRUNCATED*** 94.229.11.210: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.210: End of run not found Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] ________________________________ CONFIDENTIALITY NOTICE: This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. Forcht Group IT, 2400 South Main Street, Corbin, Ky. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.gif Type: image/gif Size: 569 bytes Desc: image002.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 2723 bytes Desc: image003.jpg URL: From adudek16 at gmail.com Thu Sep 12 16:43:56 2013 From: adudek16 at gmail.com (Aaron Dudek) Date: Thu, 12 Sep 2013 12:43:56 -0400 Subject: [rancid] Permissions and files In-Reply-To: <1f6a2e9105a0465086805e5edb543b58@BN1PR01MB119.prod.exchangelabs.com> References: <1f6a2e9105a0465086805e5edb543b58@BN1PR01MB119.prod.exchangelabs.com> Message-ID: mine is -rw-r--r-- 1 rancid other 279 Mar 16 2011 .cshrc and I have no issues. You should be running as the rancid user, not root. On Thu, Sep 12, 2013 at 11:51 AM, Ryan Milton wrote: > Well, I was attempting to run as rancid. I don?t know how it would run > ?normally?.**** > > ** ** > > Here is what I show: **** > > ** ** > > -rwxr-x--- 1 rancid rancid 1946 Sep 6 15:57 .cloginrc**** > > ** ** > > I think that is chmod 750 .cloginrc (now). Would I make it something > different?**** > > ** ** > > Regards,**** > > Ryan Milton**** > > MVS Network Manager**** > > o: 201-447-1505 x124**** > > c: 862-249-5230**** > > www.mvsusa.com**** > > [image: MVS final logo GOOD very small]**** > > ** ** > > *From:* Tom Simpson [mailto:tosimpson at forchtgroup.com] > *Sent:* Thursday, September 12, 2013 11:39 AM > *To:* Ryan Milton; rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Permissions and files**** > > ** ** > > The .cloginrc doesn't have the proper permissions set for the rancid user. > Or are you running it as someone else?**** > > ** ** > > ** ** > > Mine is**** > > ** ** > > -rw-rw----. 2 apache rancid 4429 Aug 27 10:12 .cloginrc**** > > ** ** > > ** ** > > I tend to login as the rancid user, sudo su ? rancid for testing > purposes, since I disallow ssh login to the server for any user except > normal users?**** > > ** ** > > ** ** > > ** ** > > -- **** > > Thanks,**** > > ** ** > > Tom Simpson**** > > LAN/WAN Engineer**** > > Forcht Group of Kentucky**** > > 859.259.9700 x538**** > > ** ** > > "We all knew there was just one way to improve our odds for survival:**** > > train, train, train. Sometimes, if your training is properly intense it*** > * > > will kill you. More often -- much, much more often -- it will save your*** > * > > life." - Richard Marcinko, former US Navy SEAL Team Commander**** > > ** ** > > *From: *Ryan Milton > *Date: *Thursday, September 12, 2013 10:59 AM > *To: *"rancid-discuss at shrubbery.net" > *Subject: *[rancid] Permissions and files**** > > ** ** > > **** > > I don?t know where to go on this. I can?t tell if my Rancid configuration > is even working. I?m at the point of testing rancid-run manually to see > what happens. I am getting a combination of ?Permission Denied? errors on > the .cloginrc file, ?End of Run Not found? errors, and some others that I > excerpted below. That said, I have an example of the file in > /var/log/rancid from today and from Friday:**** > > **** > > sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid**** > > **** > > gets me: **** > > **** > > starting: Thu Sep 12 10:53:28 EDT 2013**** > > **** > > **** > > **** > > ending: Thu Sep 12 10:53:28 EDT 2013**** > > **** > > VS:**** > > **** > > starting: Fri Sep 6 15:57:50 EDT 2013**** > > **** > > /usr/lib/rancid/bin/control_rancid: 206: > /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission > denied**** > > comm: file 2 is not in sorted order**** > > comm: file 2 is not in sorted order**** > > comm: file 2 is not in sorted order**** > > cvs add: scheduling file `94.229.11.1' for addition**** > > cvs add: use `cvs commit' to add this file permanently**** > > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1**** > > initial revision: 1.1**** > > Added 94.229.11.1**** > > cvs add: scheduling file `94.229.11.2' for addition**** > > cvs add: use `cvs commit' to add this file permanently**** > > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2**** > > initial revision: 1.1**** > > Added 94.229.11.2**** > > cvs add: scheduling file `94.229.11.3' for addition**** > > cvs add: use `cvs commit' to add this file permanently**** > > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3**** > > initial revision: 1.1**** > > Added 94.229.11.3**** > > **** > > ***TRUNCATED******* > > **** > > 94.229.11.2 jlogin error: Error: couldn't read file > "/home/rancid/.cloginrc": permission denied**** > > 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware > detail,show system license,show chassis scb,show chassis feb,show chassis > routing-engine,show chassis firmware,show version detail,show chassis feb > detail,show configuration,show system boot-messages,show chassis cfeb,show > chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc > detail,show chassis environment,show system core-dumps**** > > 94.229.11.2: End of run not found**** > > 94.229.11.3 jlogin error: Error: couldn't read file > "/home/rancid/.cloginrc": permission denied**** > > 94.229.11.3: missed cmd(s): show chassis alarms,show chassis hardware > detail,show system license,show chassis scb,show chassis feb,show chassis > routing-engine,show chassis firmware,show version detail,show chassis feb > detail,show configuration,show system boot-messages,show chassis cfeb,show > chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc > detail,show chassis environment,show system core-dumps**** > > 94.229.11.3: End of run not found**** > > 94.229.11.1 jlogin error: Error: couldn't read file > "/home/rancid/.cloginrc": permission denied**** > > **** > > ***TRUNCATED******* > > **** > > 94.229.14.250: missed cmd(s): show stack,show module,show flash,show > version,show system-information,write term,show system information**** > > 94.229.14.250: End of run not found**** > > ;**** > > unknown router manufacturer for 94.229.11.218: junper**** > > 94.229.11.92 clogin error: Error: couldn't read file > "/home/rancid/.cloginrc": permission denied**** > > **** > > ***TRUNCATED******* > > **** > > 94.229.11.210: missed cmd(s): show chassis alarms,show chassis hardware > detail,show system license,show chassis scb,show chassis feb,show chassis > routing-engine,show chassis firmware,show version detail,show chassis feb > detail,show configuration,show system boot-messages,show chassis cfeb,show > chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc > detail,show chassis environment,show system core-dumps**** > > 94.229.11.210: End of run not found**** > > **** > > **** > > **** > > **** > > **** > > **** > > **** > > **** > > Regards,**** > > Ryan Milton**** > > MVS Network Manager**** > > o: 201-447-1505 x124**** > > c: 862-249-5230**** > > www.mvsusa.com**** > > [image: MVS final logo GOOD very small]**** > > **** > > ** ** > ------------------------------ > > > CONFIDENTIALITY NOTICE: > This message contains confidential information and is intended only for > the individual named. If you are not the named addressee you should not > disseminate, distribute or copy this e-mail. Please notify the sender > immediately by e-mail if you have received this e-mail by mistake and > delete this e-mail from your system. E-mail transmission cannot be > guaranteed to be secure or error-free as information could be intercepted, > corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. > The sender therefore does not accept liability for any errors or omissions > in the contents of this message, which arise as a result of e-mail > transmission. If verification is required please request a hard-copy > version. > > Forcht Group IT, 2400 South Main Street, Corbin, Ky.**** > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.gif Type: image/gif Size: 569 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.jpg Type: image/jpeg Size: 2723 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 2724 bytes Desc: not available URL: From rmilton at mvsusa.com Thu Sep 12 16:58:10 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Thu, 12 Sep 2013 16:58:10 +0000 Subject: [rancid] Permissions and files In-Reply-To: References: <1f6a2e9105a0465086805e5edb543b58@BN1PR01MB119.prod.exchangelabs.com> Message-ID: Just for clarity (and thanks for the assistance) what should be the permissions on the directories in /var/lib/rancid where the routers.db reside? The same 600? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] Sent: Thursday, September 12, 2013 12:44 PM To: Ryan Milton; Tom Simpson; rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files Hi Ryan, You should have permissions set to 600 on .cloginrc. Regards, Scotty From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Thursday, September 12, 2013 10:52 AM To: Tom Simpson; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Well, I was attempting to run as rancid. I don't know how it would run "normally". Here is what I show: -rwxr-x--- 1 rancid rancid 1946 Sep 6 15:57 .cloginrc I think that is chmod 750 .cloginrc (now). Would I make it something different? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Tom Simpson [mailto:tosimpson at forchtgroup.com] Sent: Thursday, September 12, 2013 11:39 AM To: Ryan Milton; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files The .cloginrc doesn't have the proper permissions set for the rancid user. Or are you running it as someone else? Mine is -rw-rw----. 2 apache rancid 4429 Aug 27 10:12 .cloginrc I tend to login as the rancid user, sudo su - rancid for testing purposes, since I disallow ssh login to the server for any user except normal users... -- Thanks, Tom Simpson LAN/WAN Engineer Forcht Group of Kentucky 859.259.9700 x538 "We all knew there was just one way to improve our odds for survival: train, train, train. Sometimes, if your training is properly intense it will kill you. More often -- much, much more often -- it will save your life." - Richard Marcinko, former US Navy SEAL Team Commander From: Ryan Milton > Date: Thursday, September 12, 2013 10:59 AM To: "rancid-discuss at shrubbery.net" > Subject: [rancid] Permissions and files [cid:image006.gif at 01CEAFB7.BA188C50] I don't know where to go on this. I can't tell if my Rancid configuration is even working. I'm at the point of testing rancid-run manually to see what happens. I am getting a combination of "Permission Denied" errors on the .cloginrc file, "End of Run Not found" errors, and some others that I excerpted below. That said, I have an example of the file in /var/log/rancid from today and from Friday: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 VS: starting: Fri Sep 6 15:57:50 EDT 2013 /usr/lib/rancid/bin/control_rancid: 206: /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission denied comm: file 2 is not in sorted order comm: file 2 is not in sorted order comm: file 2 is not in sorted order cvs add: scheduling file `94.229.11.1' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1 initial revision: 1.1 Added 94.229.11.1 cvs add: scheduling file `94.229.11.2' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2 initial revision: 1.1 Added 94.229.11.2 cvs add: scheduling file `94.229.11.3' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3 initial revision: 1.1 Added 94.229.11.3 ***TRUNCATED*** 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.2: End of run not found 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.3: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.3: End of run not found 94.229.11.1 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied ***TRUNCATED*** 94.229.14.250: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 94.229.14.250: End of run not found ; unknown router manufacturer for 94.229.11.218: junper 94.229.11.92 clogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied ***TRUNCATED*** 94.229.11.210: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.210: End of run not found Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] ________________________________ CONFIDENTIALITY NOTICE: This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. Forcht Group IT, 2400 South Main Street, Corbin, Ky. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.jpg Type: image/jpeg Size: 2724 bytes Desc: image004.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image005.jpg Type: image/jpeg Size: 2724 bytes Desc: image005.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image006.gif Type: image/gif Size: 569 bytes Desc: image006.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image007.jpg Type: image/jpeg Size: 2723 bytes Desc: image007.jpg URL: From jameserica156 at yahoo.com Wed Sep 11 14:51:15 2013 From: jameserica156 at yahoo.com (Erica James) Date: Wed, 11 Sep 2013 07:51:15 -0700 (PDT) Subject: [rancid] rancid-missed cmds Message-ID: <1378911075.69965.YahooMailNeo@web160803.mail.bf1.yahoo.com> hello there.. I am new to rancid, I need your help. I have got a new Huawei olt that has to be added to the rancid. I have made a few changes on the hurancid and hulogin scripts found at https://github.com/ssinyagin/rancid-ssi/blob/master/bin/hulogin.in https://github.com/ssinyagin/rancid-ssi/blob/master/bin/hurancid.in ?can successfully login after the minor changes made on the hulogin script, but currently, when, I do , I get the below logs, cvs status: conflict: 10.3.4.9 is modified but no longer in the repository Trying to get all of the configs. 10.3.4.9: missed cmd(s): display current-configuration\r,display version 10.3.4.9: End of run not found # All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs diff: cannot find revision control file for configs/10.3.4.9 cvs commit: Examining . cvs commit: Examining configs cvs commit: file `configs/10.3.4.9' had a conflict and has not been modified cvs [commit aborted]: correct above errors first! can someone please advise what I should do regarding the cvs issue plus the missed cmds?? Thanks in advance. -------------- next part -------------- An HTML attachment was scrubbed... URL: From maguiresf at gmail.com Thu Sep 12 14:59:42 2013 From: maguiresf at gmail.com (Sean Maguire) Date: Thu, 12 Sep 2013 15:59:42 +0100 Subject: [rancid] rancid not writting configurations to /config/ file In-Reply-To: <52318404.6010404@gmail.com> References: <1378973318.8301.YahooMailNeo@web160801.mail.bf1.yahoo.com> <52318404.6010404@gmail.com> Message-ID: On 12 September 2013 10:06, Alan McKinnon wrote: > On 12/09/2013 10:08, Erica James wrote: > > hello there! > > > > I am facing a problem with rancid, please kindly advise. I am adding a > > Huawei MA5600T device to rancid, but rancid does not write > > configurations to the /config/ file.This is the only output I am > > getting in the file. > > > > [eserica at netflow configs]$ ls > > 10.3.4.5 CVS > > [eserica at netflow configs]$ less 10.3.4.5 > > # RANCID-CONTENT-TYPE: Huawei > > # > > > > and with the logs, > > > > Trying to get all of the configs. > > 10.3.4.5: missed cmd(s): display current-configuration,display version > > 10.3.4.5: End of run not found > > # > > All routers sucessfully completed. > > cvs diff: Diffing . > > cvs diff: Diffing configs > > cvs commit: Examining . > > cvs commit: Examining configs > > > > > > Does it have anything to do with the "missed cmds"? What about the end > > of run. I have checked out suggestions from the forum plus the FAQs but > > none has proved success. > > "missed commands" means that the rancid parser looked for the output of > those two commands, but did not find it for whatever reason. It's a > general type of error message and all you know at this point is that > something went wrong. > > "end of run not found" means exactly that - the parser looked for some > text pattern that indicates all the text above it was processed > correctly and the end happened exactly where it was expected to end. > Again, we know something went wrong but have no idea what. > > I don't have the hu* scripts, but I assume they are forked from the > original rancid scripts? > > Run "hurancid -d ", that should dump the entire raw output > into the current directory and you can manually go through it to figure > out what went wrong. > > Consider how rancid must work - it receives many lines of unstructured > text that hopefully follow and expected pattern. It has to identify the > prompt character, match the command entered later on that line, and > process every line after it until it sees a prompt again, then repate > for the next command. It's all driven by regular expressions and if one > line does not match in the expected way it can throw out everything that > follows. Plus, we have vendors who change the formatting of the output > almost on a whim sometimes... > > There's no stock answer to the problem you have, it really does take > eyeballs on the text to figure it out. > > > > > > > Can someone advise please. I am currently using hulogin and hurancid > > scripts. Take a look at them > > > > https://github.com/ssinyagin/rancid-ssi/blob/master/bin/hulogin.in > > > > https://github.com/ssinyagin/rancid-ssi/blob/master/bin/hurancid.in > > > > Thanks in advance > > > > Eserica > > > > > > > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > I think you are going to struggle getting the Huawei 5600 to back up correctly in RANCID I'm afraid. The problem with Huawei is that they have very different CLIs across their product range. In fact, on their MSANs you see significant differences between the CLI of the data cards and the voice cards and neither of these have a CLI which is the same the that on their switches or firewalls. I suspect the RANCID script you are using was designed for switches and firewalls rather than the 5600 DSLAM. Some of the major differences are how the CLI handles things like turning off paging (I seem to remember at least some of their kit not supporting disabling paging) and the string that is output to inform the user of the end of a page (which RANCID uses internally if paging support cannot be disabled). I also seem to remember the DSLAMs spitting out all kinds of horrible control character which make your RANCID backups look a total mess. We've been through this process where I work and in the end we decided to just give up on the idea of using RANCID to backup the Huawei DSLAMs and MSANs and backed up the configs to a TFTP server instead (I think that's the only server type they supported on the code we run). Unless you are fairly handy at perl and tcl or know someone who is and have time to spend a lot of time digging around in the code for the plugin, I'd suggest doing the same to save yourself some massive headaches! -------------- next part -------------- An HTML attachment was scrubbed... URL: From adudek16 at gmail.com Thu Sep 12 17:31:53 2013 From: adudek16 at gmail.com (Aaron Dudek) Date: Thu, 12 Sep 2013 13:31:53 -0400 Subject: [rancid] Permissions and files In-Reply-To: References: <1f6a2e9105a0465086805e5edb543b58@BN1PR01MB119.prod.exchangelabs.com> Message-ID: that isn't your problem On Thursday, September 12, 2013, Ryan Milton wrote: > Just for clarity (and thanks for the assistance) what should be the > permissions on the directories in /var/lib/rancid where the routers.db > reside? The same 600?**** > > ** ** > > Regards,**** > > Ryan Milton**** > > MVS Network Manager**** > > o: 201-447-1505 x124**** > > c: 862-249-5230**** > > www.mvsusa.com**** > > [image: MVS final logo GOOD very small]**** > > ** ** > > *From:* Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] > > *Sent:* Thursday, September 12, 2013 12:44 PM > *To:* Ryan Milton; Tom Simpson; rancid-discuss at shrubbery.net > *Subject:* RE: [rancid] Permissions and files**** > > ** ** > > Hi Ryan,**** > > ** ** > > You should have permissions set to 600 on .cloginrc.**** > > ** ** > > Regards,**** > > Scotty**** > > ** ** > > *From:* rancid-discuss-bounces at shrubbery.net [ > mailto:rancid-discuss-bounces at shrubbery.net] *On Behalf Of *Ryan Milton > *Sent:* Thursday, September 12, 2013 10:52 AM > *To:* Tom Simpson; rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Permissions and files**** > > ** ** > > Well, I was attempting to run as rancid. I don?t know how it would run > ?normally?.**** > > ** ** > > Here is what I show: **** > > ** ** > > -rwxr-x--- 1 rancid rancid 1946 Sep 6 15:57 .cloginrc**** > > ** ** > > I think that is chmod 750 .cloginrc (now). Would I make it something > different?**** > > ** ** > > Regards,**** > > Ryan Milton**** > > MVS Network Manager**** > > o: 201-447-1505 x124**** > > c: 862-249-5230**** > > www.mvsusa.com**** > > [image: MVS final logo GOOD very small]**** > > ** ** > > *From:* Tom Simpson [mailto:tosimpson at forchtgroup.com] > *Sent:* Thursday, September 12, 2013 11:39 AM > *To:* Ryan Milton; > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image005.jpg Type: image/jpeg Size: 2724 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.jpg Type: image/jpeg Size: 2724 bytes Desc: not available URL: From heas at shrubbery.net Thu Sep 12 17:39:49 2013 From: heas at shrubbery.net (Heasley) Date: Thu, 12 Sep 2013 19:39:49 +0200 Subject: [rancid] Permissions and files In-Reply-To: References: Message-ID: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> Am Sep 12, 2013 um 16:59 schrieb Ryan Milton : > > I don?t know where to go on this. I can?t tell if my Rancid configuration is even working. I?m at the point of testing rancid-run manually to see what happens. I am getting a combination of ?Permission Denied? errors on the .cloginrc file, ?End of Run Not found? errors, and some others that I excerpted below. That said, I have an example of the file in /var/log/rancid from today and from Friday: > > sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid > > gets me: > > starting: Thu Sep 12 10:53:28 EDT 2013 > > > > ending: Thu Sep 12 10:53:28 EDT 2013 > > VS: > > starting: Fri Sep 6 15:57:50 EDT 2013 > > /usr/lib/rancid/bin/control_rancid: 206: /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission denied Fix that. chown -R rancid /var/rancid > comm: file 2 is not in sorted order > comm: file 2 is not in sorted order > comm: file 2 is not in sorted order > cvs add: scheduling file `94.229.11.1' for addition > cvs add: use `cvs commit' to add this file permanently > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1 > initial revision: 1.1 > Added 94.229.11.1 > cvs add: scheduling file `94.229.11.2' for addition > cvs add: use `cvs commit' to add this file permanently > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2 > initial revision: 1.1 > Added 94.229.11.2 > cvs add: scheduling file `94.229.11.3' for addition > cvs add: use `cvs commit' to add this file permanently > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3 > initial revision: 1.1 > Added 94.229.11.3 > > ***TRUNCATED*** > > 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied > 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps > 94.229.11.2: End of run not found > 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied > 94.229.11.3: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps > 94.229.11.3: End of run not found > 94.229.11.1 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied > > ***TRUNCATED*** > > 94.229.14.250: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information > 94.229.14.250: End of run not found > ; > unknown router manufacturer for 94.229.11.218: junper > 94.229.11.92 clogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied > > ***TRUNCATED*** > > 94.229.11.210: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps > 94.229.11.210: End of run not found > > > > > > > > > Regards, > Ryan Milton > MVS Network Manager > o: 201-447-1505 x124 > c: 862-249-5230 > www.mvsusa.com > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From rmilton at mvsusa.com Thu Sep 12 17:48:28 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Thu, 12 Sep 2013 17:48:28 +0000 Subject: [rancid] Permissions and files In-Reply-To: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> References: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> Message-ID: <11c83c57fecc4e3d9df44031b9e85ba1@BN1PR01MB119.prod.exchangelabs.com> Ok, I have changed the ownership. I made a test config change on a device, ran rancid and exactly the same as: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 So, the config change doesn?t show. Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Heasley [mailto:heas at shrubbery.net] Sent: Thursday, September 12, 2013 1:40 PM To: Ryan Milton Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Am Sep 12, 2013 um 16:59 schrieb Ryan Milton >: I don?t know where to go on this. I can?t tell if my Rancid configuration is even working. I?m at the point of testing rancid-run manually to see what happens. I am getting a combination of ?Permission Denied? errors on the .cloginrc file, ?End of Run Not found? errors, and some others that I excerpted below. That said, I have an example of the file in /var/log/rancid from today and from Friday: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 VS: starting: Fri Sep 6 15:57:50 EDT 2013 /usr/lib/rancid/bin/control_rancid: 206: /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission denied Fix that. chown -R rancid /var/rancid comm: file 2 is not in sorted order comm: file 2 is not in sorted order comm: file 2 is not in sorted order cvs add: scheduling file `94.229.11.1' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1 initial revision: 1.1 Added 94.229.11.1 cvs add: scheduling file `94.229.11.2' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2 initial revision: 1.1 Added 94.229.11.2 cvs add: scheduling file `94.229.11.3' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3 initial revision: 1.1 Added 94.229.11.3 ***TRUNCATED*** 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.2: End of run not found 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.3: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.3: End of run not found 94.229.11.1 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied ***TRUNCATED*** 94.229.14.250: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 94.229.14.250: End of run not found ; unknown router manufacturer for 94.229.11.218: junper 94.229.11.92 clogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied ***TRUNCATED*** 94.229.11.210: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.210: End of run not found Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: From adudek16 at gmail.com Thu Sep 12 18:21:36 2013 From: adudek16 at gmail.com (Aaron Dudek) Date: Thu, 12 Sep 2013 14:21:36 -0400 Subject: [rancid] Permissions and files In-Reply-To: <11c83c57fecc4e3d9df44031b9e85ba1@BN1PR01MB119.prod.exchangelabs.com> References: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> <11c83c57fecc4e3d9df44031b9e85ba1@BN1PR01MB119.prod.exchangelabs.com> Message-ID: what happens when you just run it as the rancid user? On Thursday, September 12, 2013, Ryan Milton wrote: > Ok, I have changed the ownership. I made a test config change on a > device, ran rancid and exactly the same as:**** > > sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid**** > > **** > > gets me: **** > > **** > > starting: Thu Sep 12 10:53:28 EDT 2013**** > > **** > > **** > > **** > > ending: Thu Sep 12 10:53:28 EDT 2013**** > > ** ** > > So, the config change doesn?t show.**** > > ** ** > > Regards,**** > > Ryan Milton**** > > MVS Network Manager**** > > o: 201-447-1505 x124**** > > c: 862-249-5230**** > > www.mvsusa.com**** > > [image: MVS final logo GOOD very small]**** > > ** ** > > *From:* Heasley [mailto:heas at shrubbery.net 'heas at shrubbery.net');>] > *Sent:* Thursday, September 12, 2013 1:40 PM > *To:* Ryan Milton > *Cc:* rancid-discuss at shrubbery.net 'rancid-discuss at shrubbery.net');> > *Subject:* Re: [rancid] Permissions and files**** > > ** ** > > Am Sep 12, 2013 um 16:59 schrieb Ryan Milton > >:**** > > ** ** > > **** > > I don?t know where to go on this. I can?t tell if my Rancid configuration > is even working. I?m at the point of testing rancid-run manually to see > what happens. I am getting a combination of ?Permission Denied? errors on > the .cloginrc file, ?End of Run Not found? errors, and some others that I > excerpted below. That said, I have an example of the file in > /var/log/rancid from today and from Friday:**** > > **** > > sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid**** > > **** > > gets me: **** > > **** > > starting: Thu Sep 12 10:53:28 EDT 2013**** > > **** > > **** > > **** > > ending: Thu Sep 12 10:53:28 EDT 2013**** > > **** > > VS:**** > > **** > > starting: Fri Sep 6 15:57:50 EDT 2013**** > > **** > > /usr/lib/rancid/bin/control_rancid: 206: > /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission > denied**** > > ** ** > > Fix that. chown -R rancid /var/rancid**** > > ** ** > > > > **** > > comm: file 2 is not in sorted order**** > > comm: file 2 is not in sorted order**** > > comm: file 2 is not in sorted order**** > > cvs add: scheduling file `94.229.11.1' for addition**** > > cvs add: use `cvs commit' to add this file permanently**** > > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1**** > > initial revision: 1.1**** > > Added 94.229.11.1**** > > cvs add: scheduling file `94.229.11.2' for addition**** > > cvs add: use `cvs commit' to add this file permanently**** > > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2**** > > initial revision: 1.1**** > > Added 94.229.11.2**** > > cvs add: scheduling file `94.229.11.3' for addition**** > > cvs add: use `cvs commit' to add this file permanently**** > > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3**** > > initial revision: 1.1**** > > Added 94.229.11.3**** > > **** > > ***TRUNCATED******* > > **** > > 94.229.11.2 jlogin error: Error: couldn't read file > "/home/rancid/.cloginrc": permission denied**** > > 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware > detail,show system license,show chassis scb,show chassis feb,show chassis > routing-engine,show chassis firmware,show version detail,show chassis feb > detail,show configuration,show system boot-messages,show chassis cfeb,show > chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc > detail,show chassis environment,show system core-dumps**** > > 94.229.11.2: End of run not found**** > > 94.229.11.3 jlogin error: Error: couldn't read file > "/home/rancid/.cloginrc": permission denied*<* > > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: not available URL: From rmilton at mvsusa.com Thu Sep 12 18:47:15 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Thu, 12 Sep 2013 18:47:15 +0000 Subject: [rancid] Permissions and files In-Reply-To: References: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> <11c83c57fecc4e3d9df44031b9e85ba1@BN1PR01MB119.prod.exchangelabs.com> Message-ID: Ok, so since I'm following various guides (mostly the "Ubuntu server install), I am assuming that the command is /usr/bin/rancid-run. rancid at ObserviumNYC:/var/log/rancid$ vi MVSNetwork.20130912.144417 gives me: starting: Thu Sep 12 14:44:17 EDT 2013 ending: Thu Sep 12 14:44:17 EDT 2013 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:22 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files what happens when you just run it as the rancid user? On Thursday, September 12, 2013, Ryan Milton wrote: Ok, I have changed the ownership. I made a test config change on a device, ran rancid and exactly the same as: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 So, the config change doesn't show. Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Heasley [mailto:heas at shrubbery.net] Sent: Thursday, September 12, 2013 1:40 PM To: Ryan Milton Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Am Sep 12, 2013 um 16:59 schrieb Ryan Milton >: I don't know where to go on this. I can't tell if my Rancid configuration is even working. I'm at the point of testing rancid-run manually to see what happens. I am getting a combination of "Permission Denied" errors on the .cloginrc file, "End of Run Not found" errors, and some others that I excerpted below. That said, I have an example of the file in /var/log/rancid from today and from Friday: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 VS: starting: Fri Sep 6 15:57:50 EDT 2013 /usr/lib/rancid/bin/control_rancid: 206: /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission denied Fix that. chown -R rancid /var/rancid comm: file 2 is not in sorted order comm: file 2 is not in sorted order comm: file 2 is not in sorted order cvs add: scheduling file `94.229.11.1' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1 initial revision: 1.1 Added 94.229.11.1 cvs add: scheduling file `94.229.11.2' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2 initial revision: 1.1 Added 94.229.11.2 cvs add: scheduling file `94.229.11.3' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3 initial revision: 1.1 Added 94.229.11.3 ***TRUNCATED*** 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.2: End of run not found 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied< -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 2724 bytes Desc: image002.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 2724 bytes Desc: image003.jpg URL: From tlimoncelli at stackexchange.com Thu Sep 12 17:47:34 2013 From: tlimoncelli at stackexchange.com (Tom Limoncelli) Date: Thu, 12 Sep 2013 13:47:34 -0400 Subject: [rancid] rancid not writting configurations to /config/ file In-Reply-To: <52318404.6010404@gmail.com> References: <1378973318.8301.YahooMailNeo@web160801.mail.bf1.yahoo.com> <52318404.6010404@gmail.com> Message-ID: On Thu, Sep 12, 2013 at 5:06 AM, Alan McKinnon wrote: > "missed commands" means that the rancid parser looked for the output of > those two commands, but did not find it for whatever reason. It's a > general type of error message and all you know at this point is that > something went wrong. > > "end of run not found" means exactly that - the parser looked for some > text pattern that indicates all the text above it was processed > correctly and the end happened exactly where it was expected to end. > Again, we know something went wrong but have no idea what. > > I don't have the hu* scripts, but I assume they are forked from the > original rancid scripts? > > Run "hurancid -d ", that should dump the entire raw output > into the current directory and you can manually go through it to figure > out what went wrong. > > Consider how rancid must work - it receives many lines of unstructured > text that hopefully follow and expected pattern. It has to identify the > prompt character, match the command entered later on that line, and > process every line after it until it sees a prompt again, then repate > for the next command. It's all driven by regular expressions and if one > line does not match in the expected way it can throw out everything that > follows. Plus, we have vendors who change the formatting of the output > almost on a whim sometimes... > > There's no stock answer to the problem you have, it really does take > eyeballs on the text to figure it out. > This is a great description. Can someone add it to the FAQ? Tom -------------- next part -------------- An HTML attachment was scrubbed... URL: From adudek16 at gmail.com Thu Sep 12 18:51:30 2013 From: adudek16 at gmail.com (Aaron Dudek) Date: Thu, 12 Sep 2013 14:51:30 -0400 Subject: [rancid] Permissions and files In-Reply-To: References: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> <11c83c57fecc4e3d9df44031b9e85ba1@BN1PR01MB119.prod.exchangelabs.com> Message-ID: Not what I meant. su - rancid then do pwd then /var/lib/rancid/bin/rancid-run Where did "/usr/bin/rancid-run" come from? Because that is different then what you were trying to run before. On Thu, Sep 12, 2013 at 2:47 PM, Ryan Milton wrote: > Ok, so since I?m following various guides (mostly the ?Ubuntu server > install), I am assuming that the command is /usr/bin/rancid-run.**** > > ** ** > > ** ** > > rancid at ObserviumNYC:/var/log/rancid$ vi MVSNetwork.20130912.144417**** > > gives me: **** > > starting: Thu Sep 12 14:44:17 EDT 2013**** > > ** ** > > ** ** > > ** ** > > ending: Thu Sep 12 14:44:17 EDT 2013**** > > ** ** > > Regards,**** > > Ryan Milton**** > > MVS Network Manager**** > > o: 201-447-1505 x124**** > > c: 862-249-5230**** > > www.mvsusa.com**** > > [image: MVS final logo GOOD very small]**** > > ** ** > > *From:* Aaron Dudek [mailto:adudek16 at gmail.com] > *Sent:* Thursday, September 12, 2013 2:22 PM > *To:* Ryan Milton > *Cc:* Heasley; rancid-discuss at shrubbery.net > > *Subject:* Re: [rancid] Permissions and files**** > > ** ** > > what happens when you just run it as the rancid user? > > On Thursday, September 12, 2013, Ryan Milton wrote:**** > > Ok, I have changed the ownership. I made a test config change on a > device, ran rancid and exactly the same as:**** > > sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid**** > > **** > > gets me: **** > > **** > > starting: Thu Sep 12 10:53:28 EDT 2013**** > > **** > > **** > > **** > > ending: Thu Sep 12 10:53:28 EDT 2013**** > > **** > > So, the config change doesn?t show.**** > > **** > > Regards,**** > > Ryan Milton**** > > MVS Network Manager**** > > o: 201-447-1505 x124**** > > c: 862-249-5230**** > > www.mvsusa.com**** > > [image: MVS final logo GOOD very small]**** > > **** > > *From:* Heasley [mailto:heas at shrubbery.net] > *Sent:* Thursday, September 12, 2013 1:40 PM > *To:* Ryan Milton > *Cc:* rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Permissions and files**** > > **** > > Am Sep 12, 2013 um 16:59 schrieb Ryan Milton :**** > > **** > > **** > > I don?t know where to go on this. I can?t tell if my Rancid configuration > is even working. I?m at the point of testing rancid-run manually to see > what happens. I am getting a combination of ?Permission Denied? errors on > the .cloginrc file, ?End of Run Not found? errors, and some others that I > excerpted below. That said, I have an example of the file in > /var/log/rancid from today and from Friday:**** > > **** > > sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid**** > > **** > > gets me: **** > > **** > > starting: Thu Sep 12 10:53:28 EDT 2013**** > > **** > > **** > > **** > > ending: Thu Sep 12 10:53:28 EDT 2013**** > > **** > > VS:**** > > **** > > starting: Fri Sep 6 15:57:50 EDT 2013**** > > **** > > /usr/lib/rancid/bin/control_rancid: 206: > /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission > denied**** > > **** > > Fix that. chown -R rancid /var/rancid**** > > **** > > ** ** > > comm: file 2 is not in sorted order**** > > comm: file 2 is not in sorted order**** > > comm: file 2 is not in sorted order**** > > cvs add: scheduling file `94.229.11.1' for addition**** > > cvs add: use `cvs commit' to add this file permanently**** > > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1**** > > initial revision: 1.1**** > > Added 94.229.11.1**** > > cvs add: scheduling file `94.229.11.2' for addition**** > > cvs add: use `cvs commit' to add this file permanently**** > > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2**** > > initial revision: 1.1**** > > Added 94.229.11.2**** > > cvs add: scheduling file `94.229.11.3' for addition**** > > cvs add: use `cvs commit' to add this file permanently**** > > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3**** > > initial revision: 1.1**** > > Added 94.229.11.3**** > > **** > > ***TRUNCATED******* > > **** > > 94.229.11.2 jlogin error: Error: couldn't read file > "/home/rancid/.cloginrc": permission denied**** > > 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware > detail,show system license,show chassis scb,show chassis feb,show chassis > routing-engine,show chassis firmware,show version detail,show chassis feb > detail,show configuration,show system boot-messages,show chassis cfeb,show > chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc > detail,show chassis environment,show system core-dumps**** > > 94.229.11.2: End of run not found**** > > 94.229.11.3 jlogin error: Error: couldn't read file > "/home/rancid/.cloginrc": permission denied*<***** > > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 2724 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 2724 bytes Desc: not available URL: From rmilton at mvsusa.com Thu Sep 12 18:58:09 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Thu, 12 Sep 2013 18:58:09 +0000 Subject: [rancid] Permissions and files In-Reply-To: References: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> <11c83c57fecc4e3d9df44031b9e85ba1@BN1PR01MB119.prod.exchangelabs.com> Message-ID: <17de9813c8c94eda9f9dc92751d03a52@BN1PR01MB119.prod.exchangelabs.com> Ok, I got you. Seems everything in /var/lib/rancid/bin is root: rancid at ObserviumNYC:/var/log/rancid$ cd /var/lib/rancid/bin/ rancid at ObserviumNYC:/var/lib/rancid/bin$ ls -lt -rwxr-xr-x 1 root root 67004 Mar 5 2012 rancid -rwxr-xr-x 1 root root 4420 Mar 5 2012 rancid-cvs Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:52 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Not what I meant. su - rancid then do pwd then /var/lib/rancid/bin/rancid-run Where did "/usr/bin/rancid-run" come from? Because that is different then what you were trying to run before. On Thu, Sep 12, 2013 at 2:47 PM, Ryan Milton > wrote: Ok, so since I'm following various guides (mostly the "Ubuntu server install), I am assuming that the command is /usr/bin/rancid-run. rancid at ObserviumNYC:/var/log/rancid$ vi MVSNetwork.20130912.144417 gives me: starting: Thu Sep 12 14:44:17 EDT 2013 ending: Thu Sep 12 14:44:17 EDT 2013 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:22 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files what happens when you just run it as the rancid user? On Thursday, September 12, 2013, Ryan Milton wrote: Ok, I have changed the ownership. I made a test config change on a device, ran rancid and exactly the same as: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 So, the config change doesn't show. Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Heasley [mailto:heas at shrubbery.net] Sent: Thursday, September 12, 2013 1:40 PM To: Ryan Milton Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Am Sep 12, 2013 um 16:59 schrieb Ryan Milton >: I don't know where to go on this. I can't tell if my Rancid configuration is even working. I'm at the point of testing rancid-run manually to see what happens. I am getting a combination of "Permission Denied" errors on the .cloginrc file, "End of Run Not found" errors, and some others that I excerpted below. That said, I have an example of the file in /var/log/rancid from today and from Friday: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 VS: starting: Fri Sep 6 15:57:50 EDT 2013 /usr/lib/rancid/bin/control_rancid: 206: /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission denied Fix that. chown -R rancid /var/rancid comm: file 2 is not in sorted order comm: file 2 is not in sorted order comm: file 2 is not in sorted order cvs add: scheduling file `94.229.11.1' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1 initial revision: 1.1 Added 94.229.11.1 cvs add: scheduling file `94.229.11.2' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2 initial revision: 1.1 Added 94.229.11.2 cvs add: scheduling file `94.229.11.3' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3 initial revision: 1.1 Added 94.229.11.3 ***TRUNCATED*** 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.2: End of run not found 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied< -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 2724 bytes Desc: image002.jpg URL: From adudek16 at gmail.com Thu Sep 12 19:15:20 2013 From: adudek16 at gmail.com (Aaron Dudek) Date: Thu, 12 Sep 2013 15:15:20 -0400 Subject: [rancid] Permissions and files In-Reply-To: <17de9813c8c94eda9f9dc92751d03a52@BN1PR01MB119.prod.exchangelabs.com> References: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> <11c83c57fecc4e3d9df44031b9e85ba1@BN1PR01MB119.prod.exchangelabs.com> <17de9813c8c94eda9f9dc92751d03a52@BN1PR01MB119.prod.exchangelabs.com> Message-ID: >From Healey earlier.. Fix that. chown -R rancid /var/rancid On Thu, Sep 12, 2013 at 2:58 PM, Ryan Milton wrote: > Ok,**** > > I got you. Seems everything in /var/lib/rancid/bin is root:**** > > ** ** > > rancid at ObserviumNYC:/var/log/rancid$ cd /var/lib/rancid/bin/**** > > rancid at ObserviumNYC:/var/lib/rancid/bin$ ls -lt**** > > -rwxr-xr-x 1 root root 67004 Mar 5 2012 rancid**** > > -rwxr-xr-x 1 root root 4420 Mar 5 2012 rancid-cvs**** > > ** ** > > Regards,**** > > Ryan Milton**** > > MVS Network Manager**** > > o: 201-447-1505 x124**** > > c: 862-249-5230**** > > www.mvsusa.com**** > > [image: MVS final logo GOOD very small]**** > > ** ** > > *From:* Aaron Dudek [mailto:adudek16 at gmail.com] > *Sent:* Thursday, September 12, 2013 2:52 PM > > *To:* Ryan Milton > *Cc:* Heasley; rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Permissions and files**** > > ** ** > > Not what I meant.**** > > su - rancid**** > > then do > pwd > then > /var/lib/rancid/bin/rancid-run**** > > Where did "/usr/bin/rancid-run" come from? Because that is different then > what you were trying to run before. **** > > ** ** > > ** ** > > On Thu, Sep 12, 2013 at 2:47 PM, Ryan Milton wrote:** > ** > > Ok, so since I?m following various guides (mostly the ?Ubuntu server > install), I am assuming that the command is /usr/bin/rancid-run.**** > > **** > > **** > > rancid at ObserviumNYC:/var/log/rancid$ vi MVSNetwork.20130912.144417**** > > gives me: **** > > starting: Thu Sep 12 14:44:17 EDT 2013**** > > **** > > **** > > **** > > ending: Thu Sep 12 14:44:17 EDT 2013**** > > **** > > Regards,**** > > Ryan Milton**** > > MVS Network Manager**** > > o: 201-447-1505 x124**** > > c: 862-249-5230**** > > www.mvsusa.com**** > > [image: MVS final logo GOOD very small]**** > > **** > > *From:* Aaron Dudek [mailto:adudek16 at gmail.com] > *Sent:* Thursday, September 12, 2013 2:22 PM > *To:* Ryan Milton > *Cc:* Heasley; rancid-discuss at shrubbery.net**** > > > *Subject:* Re: [rancid] Permissions and files**** > > **** > > what happens when you just run it as the rancid user? > > On Thursday, September 12, 2013, Ryan Milton wrote:**** > > Ok, I have changed the ownership. I made a test config change on a > device, ran rancid and exactly the same as:**** > > sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid**** > > **** > > gets me: **** > > **** > > starting: Thu Sep 12 10:53:28 EDT 2013**** > > **** > > **** > > **** > > ending: Thu Sep 12 10:53:28 EDT 2013**** > > **** > > So, the config change doesn?t show.**** > > **** > > Regards,**** > > Ryan Milton**** > > MVS Network Manager**** > > o: 201-447-1505 x124**** > > c: 862-249-5230**** > > www.mvsusa.com**** > > [image: MVS final logo GOOD very small]**** > > **** > > *From:* Heasley [mailto:heas at shrubbery.net ] > *Sent:* Thursday, September 12, 2013 1:40 PM > *To:* Ryan Milton > *Cc:* rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Permissions and files**** > > **** > > Am Sep 12, 2013 um 16:59 schrieb Ryan Milton :**** > > **** > > **** > > I don?t know where to go on this. I can?t tell if my Rancid configuration > is even working. I?m at the point of testing rancid-run manually to see > what happens. I am getting a combination of ?Permission Denied? errors on > the .cloginrc file, ?End of Run Not found? errors, and some others that I > excerpted below. That said, I have an example of the file in > /var/log/rancid from today and from Friday:**** > > **** > > sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid**** > > **** > > gets me: **** > > **** > > starting: Thu Sep 12 10:53:28 EDT 2013**** > > **** > > **** > > **** > > ending: Thu Sep 12 10:53:28 EDT 2013**** > > **** > > VS:**** > > **** > > starting: Fri Sep 6 15:57:50 EDT 2013**** > > **** > > /usr/lib/rancid/bin/control_rancid: 206: > /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission > denied**** > > **** > > Fix that. chown -R rancid /var/rancid**** > > **** > > **** > > comm: file 2 is not in sorted order**** > > comm: file 2 is not in sorted order**** > > comm: file 2 is not in sorted order**** > > cvs add: scheduling file `94.229.11.1' for addition**** > > cvs add: use `cvs commit' to add this file permanently**** > > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1**** > > initial revision: 1.1**** > > Added 94.229.11.1**** > > cvs add: scheduling file `94.229.11.2' for addition**** > > cvs add: use `cvs commit' to add this file permanently**** > > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2**** > > initial revision: 1.1**** > > Added 94.229.11.2**** > > cvs add: scheduling file `94.229.11.3' for addition**** > > cvs add: use `cvs commit' to add this file permanently**** > > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3**** > > initial revision: 1.1**** > > Added 94.229.11.3**** > > **** > > ***TRUNCATED******* > > **** > > 94.229.11.2 jlogin error: Error: couldn't read file > "/home/rancid/.cloginrc": permission denied**** > > 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware > detail,show system license,show chassis scb,show chassis feb,show chassis > routing-engine,show chassis firmware,show version detail,show chassis feb > detail,show configuration,show system boot-messages,show chassis cfeb,show > chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc > detail,show chassis environment,show system core-dumps**** > > 94.229.11.2: End of run not found**** > > 94.229.11.3 jlogin error: Error: couldn't read file > "/home/rancid/.cloginrc": permission denied*<***** > > ** ** > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 2724 bytes Desc: not available URL: From rmilton at mvsusa.com Thu Sep 12 19:32:14 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Thu, 12 Sep 2013 19:32:14 +0000 Subject: [rancid] Permissions and files In-Reply-To: References: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> <11c83c57fecc4e3d9df44031b9e85ba1@BN1PR01MB119.prod.exchangelabs.com> <17de9813c8c94eda9f9dc92751d03a52@BN1PR01MB119.prod.exchangelabs.com> Message-ID: <2ae78236d6d44851b8cfbfe7d0589298@BN1PR01MB119.prod.exchangelabs.com> OK, so now those permissions are fixed, I assume. That said, I still get nothing in that file when I just "rancid-run". Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 3:15 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files >From Healey earlier.. Fix that. chown -R rancid /var/rancid On Thu, Sep 12, 2013 at 2:58 PM, Ryan Milton > wrote: Ok, I got you. Seems everything in /var/lib/rancid/bin is root: rancid at ObserviumNYC:/var/log/rancid$ cd /var/lib/rancid/bin/ rancid at ObserviumNYC:/var/lib/rancid/bin$ ls -lt -rwxr-xr-x 1 root root 67004 Mar 5 2012 rancid -rwxr-xr-x 1 root root 4420 Mar 5 2012 rancid-cvs Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:52 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Not what I meant. su - rancid then do pwd then /var/lib/rancid/bin/rancid-run Where did "/usr/bin/rancid-run" come from? Because that is different then what you were trying to run before. On Thu, Sep 12, 2013 at 2:47 PM, Ryan Milton > wrote: Ok, so since I'm following various guides (mostly the "Ubuntu server install), I am assuming that the command is /usr/bin/rancid-run. rancid at ObserviumNYC:/var/log/rancid$ vi MVSNetwork.20130912.144417 gives me: starting: Thu Sep 12 14:44:17 EDT 2013 ending: Thu Sep 12 14:44:17 EDT 2013 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:22 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files what happens when you just run it as the rancid user? On Thursday, September 12, 2013, Ryan Milton wrote: Ok, I have changed the ownership. I made a test config change on a device, ran rancid and exactly the same as: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 So, the config change doesn't show. Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Heasley [mailto:heas at shrubbery.net] Sent: Thursday, September 12, 2013 1:40 PM To: Ryan Milton Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Am Sep 12, 2013 um 16:59 schrieb Ryan Milton >: I don't know where to go on this. I can't tell if my Rancid configuration is even working. I'm at the point of testing rancid-run manually to see what happens. I am getting a combination of "Permission Denied" errors on the .cloginrc file, "End of Run Not found" errors, and some others that I excerpted below. That said, I have an example of the file in /var/log/rancid from today and from Friday: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 VS: starting: Fri Sep 6 15:57:50 EDT 2013 /usr/lib/rancid/bin/control_rancid: 206: /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission denied Fix that. chown -R rancid /var/rancid comm: file 2 is not in sorted order comm: file 2 is not in sorted order comm: file 2 is not in sorted order cvs add: scheduling file `94.229.11.1' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1 initial revision: 1.1 Added 94.229.11.1 cvs add: scheduling file `94.229.11.2' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2 initial revision: 1.1 Added 94.229.11.2 cvs add: scheduling file `94.229.11.3' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3 initial revision: 1.1 Added 94.229.11.3 ***TRUNCATED*** 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.2: End of run not found 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied< -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 2724 bytes Desc: image002.jpg URL: From willie.s.hinote at nasa.gov Thu Sep 12 20:28:58 2013 From: willie.s.hinote at nasa.gov (Hinote, Scotty (MSFC-IS40)[NICS]) Date: Thu, 12 Sep 2013 20:28:58 +0000 Subject: [rancid] Permissions and files In-Reply-To: <2ae78236d6d44851b8cfbfe7d0589298@BN1PR01MB119.prod.exchangelabs.com> References: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> <11c83c57fecc4e3d9df44031b9e85ba1@BN1PR01MB119.prod.exchangelabs.com> <17de9813c8c94eda9f9dc92751d03a52@BN1PR01MB119.prod.exchangelabs.com> <2ae78236d6d44851b8cfbfe7d0589298@BN1PR01MB119.prod.exchangelabs.com> Message-ID: If you SSH from your rancid server to the device that you are trying to backup as the rancid user that you have configured and execute a show running-config, do you receive any errors? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Thursday, September 12, 2013 2:32 PM To: Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files OK, so now those permissions are fixed, I assume. That said, I still get nothing in that file when I just "rancid-run". Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 3:15 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files >From Healey earlier.. Fix that. chown -R rancid /var/rancid On Thu, Sep 12, 2013 at 2:58 PM, Ryan Milton > wrote: Ok, I got you. Seems everything in /var/lib/rancid/bin is root: rancid at ObserviumNYC:/var/log/rancid$ cd /var/lib/rancid/bin/ rancid at ObserviumNYC:/var/lib/rancid/bin$ ls -lt -rwxr-xr-x 1 root root 67004 Mar 5 2012 rancid -rwxr-xr-x 1 root root 4420 Mar 5 2012 rancid-cvs Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:52 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Not what I meant. su - rancid then do pwd then /var/lib/rancid/bin/rancid-run Where did "/usr/bin/rancid-run" come from? Because that is different then what you were trying to run before. On Thu, Sep 12, 2013 at 2:47 PM, Ryan Milton > wrote: Ok, so since I'm following various guides (mostly the "Ubuntu server install), I am assuming that the command is /usr/bin/rancid-run. rancid at ObserviumNYC:/var/log/rancid$ vi MVSNetwork.20130912.144417 gives me: starting: Thu Sep 12 14:44:17 EDT 2013 ending: Thu Sep 12 14:44:17 EDT 2013 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:22 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files what happens when you just run it as the rancid user? On Thursday, September 12, 2013, Ryan Milton wrote: Ok, I have changed the ownership. I made a test config change on a device, ran rancid and exactly the same as: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 So, the config change doesn't show. Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Heasley [mailto:heas at shrubbery.net] Sent: Thursday, September 12, 2013 1:40 PM To: Ryan Milton Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Am Sep 12, 2013 um 16:59 schrieb Ryan Milton >: I don't know where to go on this. I can't tell if my Rancid configuration is even working. I'm at the point of testing rancid-run manually to see what happens. I am getting a combination of "Permission Denied" errors on the .cloginrc file, "End of Run Not found" errors, and some others that I excerpted below. That said, I have an example of the file in /var/log/rancid from today and from Friday: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 VS: starting: Fri Sep 6 15:57:50 EDT 2013 /usr/lib/rancid/bin/control_rancid: 206: /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission denied Fix that. chown -R rancid /var/rancid comm: file 2 is not in sorted order comm: file 2 is not in sorted order comm: file 2 is not in sorted order cvs add: scheduling file `94.229.11.1' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1 initial revision: 1.1 Added 94.229.11.1 cvs add: scheduling file `94.229.11.2' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2 initial revision: 1.1 Added 94.229.11.2 cvs add: scheduling file `94.229.11.3' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3 initial revision: 1.1 Added 94.229.11.3 ***TRUNCATED*** 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.2: End of run not found 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied< -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: From rmilton at mvsusa.com Thu Sep 12 20:35:38 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Thu, 12 Sep 2013 20:35:38 +0000 Subject: [rancid] Permissions and files In-Reply-To: References: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> <11c83c57fecc4e3d9df44031b9e85ba1@BN1PR01MB119.prod.exchangelabs.com> <17de9813c8c94eda9f9dc92751d03a52@BN1PR01MB119.prod.exchangelabs.com> <2ae78236d6d44851b8cfbfe7d0589298@BN1PR01MB119.prod.exchangelabs.com> Message-ID: <5b70efe3a9824408b6b34764f525346d@BN1PR01MB119.prod.exchangelabs.com> Well, here is what I get, I am assuming its due to the fact that my equipment is Juniper: rancid at ObserviumNYC:/var/lib/rancid$ /usr/lib/rancid/bin/clogin -f /var/lib/rancid/.cloginrc 94.XXX.11.1 94.XXX.11.1 spawn ssh -c 3des -x -l ryan 94.XXX.11.1 ryan at 94.229.11.1's password: --- JUNOS 9.3R4.4 built 2009-08-12 04:44:38 UTC ryan at core1.ams1> enable ^ unknown command. ryan at core1.ams1> Error: TIMEOUT reached can not find channel named "exp6" while executing "send "\r"" ("foreach" body line 167) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. set platform "" send_user ..." (file "/usr/lib/rancid/bin/clogin" line 778) Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] Sent: Thursday, September 12, 2013 4:29 PM To: Ryan Milton; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files If you SSH from your rancid server to the device that you are trying to backup as the rancid user that you have configured and execute a show running-config, do you receive any errors? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Thursday, September 12, 2013 2:32 PM To: Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files OK, so now those permissions are fixed, I assume. That said, I still get nothing in that file when I just "rancid-run". Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 3:15 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files >From Healey earlier.. Fix that. chown -R rancid /var/rancid On Thu, Sep 12, 2013 at 2:58 PM, Ryan Milton > wrote: Ok, I got you. Seems everything in /var/lib/rancid/bin is root: rancid at ObserviumNYC:/var/log/rancid$ cd /var/lib/rancid/bin/ rancid at ObserviumNYC:/var/lib/rancid/bin$ ls -lt -rwxr-xr-x 1 root root 67004 Mar 5 2012 rancid -rwxr-xr-x 1 root root 4420 Mar 5 2012 rancid-cvs Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:52 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Not what I meant. su - rancid then do pwd then /var/lib/rancid/bin/rancid-run Where did "/usr/bin/rancid-run" come from? Because that is different then what you were trying to run before. On Thu, Sep 12, 2013 at 2:47 PM, Ryan Milton > wrote: Ok, so since I'm following various guides (mostly the "Ubuntu server install), I am assuming that the command is /usr/bin/rancid-run. rancid at ObserviumNYC:/var/log/rancid$ vi MVSNetwork.20130912.144417 gives me: starting: Thu Sep 12 14:44:17 EDT 2013 ending: Thu Sep 12 14:44:17 EDT 2013 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:22 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files what happens when you just run it as the rancid user? On Thursday, September 12, 2013, Ryan Milton wrote: Ok, I have changed the ownership. I made a test config change on a device, ran rancid and exactly the same as: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 So, the config change doesn't show. Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Heasley [mailto:heas at shrubbery.net] Sent: Thursday, September 12, 2013 1:40 PM To: Ryan Milton Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Am Sep 12, 2013 um 16:59 schrieb Ryan Milton >: I don't know where to go on this. I can't tell if my Rancid configuration is even working. I'm at the point of testing rancid-run manually to see what happens. I am getting a combination of "Permission Denied" errors on the .cloginrc file, "End of Run Not found" errors, and some others that I excerpted below. That said, I have an example of the file in /var/log/rancid from today and from Friday: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 VS: starting: Fri Sep 6 15:57:50 EDT 2013 /usr/lib/rancid/bin/control_rancid: 206: /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission denied Fix that. chown -R rancid /var/rancid comm: file 2 is not in sorted order comm: file 2 is not in sorted order comm: file 2 is not in sorted order cvs add: scheduling file `94.229.11.1' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1 initial revision: 1.1 Added 94.229.11.1 cvs add: scheduling file `94.229.11.2' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2 initial revision: 1.1 Added 94.229.11.2 cvs add: scheduling file `94.229.11.3' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3 initial revision: 1.1 Added 94.229.11.3 ***TRUNCATED*** 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.2: End of run not found 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied< -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 2724 bytes Desc: image002.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 2724 bytes Desc: image003.jpg URL: From willie.s.hinote at nasa.gov Thu Sep 12 20:38:38 2013 From: willie.s.hinote at nasa.gov (Hinote, Scotty (MSFC-IS40)[NICS]) Date: Thu, 12 Sep 2013 20:38:38 +0000 Subject: [rancid] Permissions and files In-Reply-To: <5b70efe3a9824408b6b34764f525346d@BN1PR01MB119.prod.exchangelabs.com> References: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> <11c83c57fecc4e3d9df44031b9e85ba1@BN1PR01MB119.prod.exchangelabs.com> <17de9813c8c94eda9f9dc92751d03a52@BN1PR01MB119.prod.exchangelabs.com> <2ae78236d6d44851b8cfbfe7d0589298@BN1PR01MB119.prod.exchangelabs.com> <5b70efe3a9824408b6b34764f525346d@BN1PR01MB119.prod.exchangelabs.com> Message-ID: You should use the jlogin script for Juniper devices /usr/lib/rancid/bin/jlogin -f /var/lib/rancid/.cloginrc X.X.X.X. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Thursday, September 12, 2013 3:36 PM To: Hinote, Scotty (MSFC-IS40)[NICS]; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files Well, here is what I get, I am assuming its due to the fact that my equipment is Juniper: rancid at ObserviumNYC:/var/lib/rancid$ /usr/lib/rancid/bin/clogin -f /var/lib/rancid/.cloginrc 94.XXX.11.1 94.XXX.11.1 spawn ssh -c 3des -x -l ryan 94.XXX.11.1 ryan at 94.229.11.1's password: --- JUNOS 9.3R4.4 built 2009-08-12 04:44:38 UTC ryan at core1.ams1> enable ^ unknown command. ryan at core1.ams1> Error: TIMEOUT reached can not find channel named "exp6" while executing "send "\r"" ("foreach" body line 167) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. set platform "" send_user ..." (file "/usr/lib/rancid/bin/clogin" line 778) Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] Sent: Thursday, September 12, 2013 4:29 PM To: Ryan Milton; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files If you SSH from your rancid server to the device that you are trying to backup as the rancid user that you have configured and execute a show running-config, do you receive any errors? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Thursday, September 12, 2013 2:32 PM To: Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files OK, so now those permissions are fixed, I assume. That said, I still get nothing in that file when I just "rancid-run". Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 3:15 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files >From Healey earlier.. Fix that. chown -R rancid /var/rancid On Thu, Sep 12, 2013 at 2:58 PM, Ryan Milton > wrote: Ok, I got you. Seems everything in /var/lib/rancid/bin is root: rancid at ObserviumNYC:/var/log/rancid$ cd /var/lib/rancid/bin/ rancid at ObserviumNYC:/var/lib/rancid/bin$ ls -lt -rwxr-xr-x 1 root root 67004 Mar 5 2012 rancid -rwxr-xr-x 1 root root 4420 Mar 5 2012 rancid-cvs Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:52 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Not what I meant. su - rancid then do pwd then /var/lib/rancid/bin/rancid-run Where did "/usr/bin/rancid-run" come from? Because that is different then what you were trying to run before. On Thu, Sep 12, 2013 at 2:47 PM, Ryan Milton > wrote: Ok, so since I'm following various guides (mostly the "Ubuntu server install), I am assuming that the command is /usr/bin/rancid-run. rancid at ObserviumNYC:/var/log/rancid$ vi MVSNetwork.20130912.144417 gives me: starting: Thu Sep 12 14:44:17 EDT 2013 ending: Thu Sep 12 14:44:17 EDT 2013 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:22 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files what happens when you just run it as the rancid user? On Thursday, September 12, 2013, Ryan Milton wrote: Ok, I have changed the ownership. I made a test config change on a device, ran rancid and exactly the same as: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 So, the config change doesn't show. Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Heasley [mailto:heas at shrubbery.net] Sent: Thursday, September 12, 2013 1:40 PM To: Ryan Milton Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Am Sep 12, 2013 um 16:59 schrieb Ryan Milton >: I don't know where to go on this. I can't tell if my Rancid configuration is even working. I'm at the point of testing rancid-run manually to see what happens. I am getting a combination of "Permission Denied" errors on the .cloginrc file, "End of Run Not found" errors, and some others that I excerpted below. That said, I have an example of the file in /var/log/rancid from today and from Friday: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 VS: starting: Fri Sep 6 15:57:50 EDT 2013 /usr/lib/rancid/bin/control_rancid: 206: /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission denied Fix that. chown -R rancid /var/rancid comm: file 2 is not in sorted order comm: file 2 is not in sorted order comm: file 2 is not in sorted order cvs add: scheduling file `94.229.11.1' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1 initial revision: 1.1 Added 94.229.11.1 cvs add: scheduling file `94.229.11.2' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2 initial revision: 1.1 Added 94.229.11.2 cvs add: scheduling file `94.229.11.3' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3 initial revision: 1.1 Added 94.229.11.3 ***TRUNCATED*** 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.2: End of run not found 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied< -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 2724 bytes Desc: image002.jpg URL: From adudek16 at gmail.com Thu Sep 12 20:37:43 2013 From: adudek16 at gmail.com (Aaron Dudek) Date: Thu, 12 Sep 2013 16:37:43 -0400 Subject: [rancid] Permissions and files In-Reply-To: <5b70efe3a9824408b6b34764f525346d@BN1PR01MB119.prod.exchangelabs.com> References: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> <11c83c57fecc4e3d9df44031b9e85ba1@BN1PR01MB119.prod.exchangelabs.com> <17de9813c8c94eda9f9dc92751d03a52@BN1PR01MB119.prod.exchangelabs.com> <2ae78236d6d44851b8cfbfe7d0589298@BN1PR01MB119.prod.exchangelabs.com> <5b70efe3a9824408b6b34764f525346d@BN1PR01MB119.prod.exchangelabs.com> Message-ID: You are using the incorrect script for Juniper devices you want jrancid/jlogin On Thu, Sep 12, 2013 at 4:35 PM, Ryan Milton wrote: > Well, here is what I get, I am assuming its due to the fact that my > equipment is Juniper:**** > > ** ** > > rancid at ObserviumNYC:/var/lib/rancid$ /usr/lib/rancid/bin/clogin -f > /var/lib/rancid/.cloginrc 94.XXX.11.1**** > > 94.XXX.11.1**** > > spawn ssh -c 3des -x -l ryan 94.XXX.11.1**** > > ryan at 94.229.11.1's password:**** > > --- JUNOS 9.3R4.4 built 2009-08-12 04:44:38 UTC**** > > ryan at core1.ams1> enable**** > > ^**** > > unknown command.**** > > ** ** > > ** ** > > ryan at core1.ams1>**** > > Error: TIMEOUT reached**** > > can not find channel named "exp6"**** > > while executing**** > > "send "\r""**** > > ("foreach" body line 167)**** > > invoked from within**** > > "foreach router [lrange $argv $i end] {**** > > set router [string tolower $router]**** > > # attempt at platform switching.**** > > set platform ""**** > > send_user ..."**** > > (file "/usr/lib/rancid/bin/clogin" line 778)**** > > ** ** > > ** ** > > ** ** > > Regards,**** > > Ryan Milton**** > > MVS Network Manager**** > > o: 201-447-1505 x124**** > > c: 862-249-5230**** > > www.mvsusa.com**** > > [image: MVS final logo GOOD very small]**** > > ** ** > > *From:* Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] > > *Sent:* Thursday, September 12, 2013 4:29 PM > *To:* Ryan Milton; Aaron Dudek > *Cc:* rancid-discuss at shrubbery.net > > *Subject:* RE: [rancid] Permissions and files**** > > ** ** > > If you SSH from your rancid server to the device that you are trying to > backup as the rancid user that you have configured and execute a show > running-config, do you receive any errors?**** > > ** ** > > *From:* rancid-discuss-bounces at shrubbery.net [ > mailto:rancid-discuss-bounces at shrubbery.net] > *On Behalf Of *Ryan Milton > *Sent:* Thursday, September 12, 2013 2:32 PM > *To:* Aaron Dudek > *Cc:* rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Permissions and files**** > > ** ** > > OK, so now those permissions are fixed, I assume. That said, I still get > nothing in that file when I just ?rancid-run?.**** > > ** ** > > Regards,**** > > Ryan Milton**** > > MVS Network Manager**** > > o: 201-447-1505 x124**** > > c: 862-249-5230**** > > www.mvsusa.com**** > > [image: MVS final logo GOOD very small]**** > > ** ** > > *From:* Aaron Dudek [mailto:adudek16 at gmail.com ] > *Sent:* Thursday, September 12, 2013 3:15 PM > *To:* Ryan Milton > *Cc:* Heasley; rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Permissions and files**** > > ** ** > > From Healey earlier.. > > Fix that. chown -R rancid /var/rancid**** > > ** ** > > On Thu, Sep 12, 2013 at 2:58 PM, Ryan Milton wrote:** > ** > > Ok,**** > > I got you. Seems everything in /var/lib/rancid/bin is root:**** > > **** > > rancid at ObserviumNYC:/var/log/rancid$ cd /var/lib/rancid/bin/**** > > rancid at ObserviumNYC:/var/lib/rancid/bin$ ls -lt**** > > -rwxr-xr-x 1 root root 67004 Mar 5 2012 rancid**** > > -rwxr-xr-x 1 root root 4420 Mar 5 2012 rancid-cvs**** > > **** > > Regards,**** > > Ryan Milton**** > > MVS Network Manager**** > > o: 201-447-1505 x124**** > > c: 862-249-5230**** > > www.mvsusa.com**** > > [image: MVS final logo GOOD very small]**** > > **** > > *From:* Aaron Dudek [mailto:adudek16 at gmail.com] > *Sent:* Thursday, September 12, 2013 2:52 PM**** > > > *To:* Ryan Milton > *Cc:* Heasley; rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Permissions and files**** > > **** > > Not what I meant.**** > > su - rancid**** > > then do > pwd > then > /var/lib/rancid/bin/rancid-run**** > > Where did "/usr/bin/rancid-run" come from? Because that is different then > what you were trying to run before. **** > > **** > > **** > > On Thu, Sep 12, 2013 at 2:47 PM, Ryan Milton wrote:** > ** > > Ok, so since I?m following various guides (mostly the ?Ubuntu server > install), I am assuming that the command is /usr/bin/rancid-run.**** > > **** > > **** > > rancid at ObserviumNYC:/var/log/rancid$ vi MVSNetwork.20130912.144417**** > > gives me: **** > > starting: Thu Sep 12 14:44:17 EDT 2013**** > > **** > > **** > > **** > > ending: Thu Sep 12 14:44:17 EDT 2013**** > > **** > > Regards,**** > > Ryan Milton**** > > MVS Network Manager**** > > o: 201-447-1505 x124**** > > c: 862-249-5230**** > > www.mvsusa.com**** > > [image: MVS final logo GOOD very small]**** > > **** > > *From:* Aaron Dudek [mailto:adudek16 at gmail.com] > *Sent:* Thursday, September 12, 2013 2:22 PM > *To:* Ryan Milton > *Cc:* Heasley; rancid-discuss at shrubbery.net**** > > > *Subject:* Re: [rancid] Permissions and files**** > > **** > > what happens when you just run it as the rancid user? > > On Thursday, September 12, 2013, Ryan Milton wrote:**** > > Ok, I have changed the ownership. I made a test config change on a > device, ran rancid and exactly the same as:**** > > sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid**** > > **** > > gets me: **** > > **** > > starting: Thu Sep 12 10:53:28 EDT 2013**** > > **** > > **** > > **** > > ending: Thu Sep 12 10:53:28 EDT 2013**** > > **** > > So, the config change doesn?t show.**** > > **** > > Regards,**** > > Ryan Milton**** > > MVS Network Manager**** > > o: 201-447-1505 x124**** > > c: 862-249-5230**** > > www.mvsusa.com**** > > [image: MVS final logo GOOD very small]**** > > **** > > *From:* Heasley [mailto:heas at shrubbery.net ] > *Sent:* Thursday, September 12, 2013 1:40 PM > *To:* Ryan Milton > *Cc:* rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Permissions and files**** > > **** > > Am Sep 12, 2013 um 16:59 schrieb Ryan Milton :**** > > **** > > **** > > I don?t know where to go on this. I can?t tell if my Rancid configuration > is even working. I?m at the point of testing rancid-run manually to see > what happens. I am getting a combination of ?Permission Denied? errors on > the .cloginrc file, ?End of Run Not found? errors, and some others that I > excerpted below. That said, I have an example of the file in > /var/log/rancid from today and from Friday:**** > > **** > > sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid**** > > **** > > gets me: **** > > **** > > starting: Thu Sep 12 10:53:28 EDT 2013**** > > **** > > **** > > **** > > ending: Thu Sep 12 10:53:28 EDT 2013**** > > **** > > VS:**** > > **** > > starting: Fri Sep 6 15:57:50 EDT 2013**** > > **** > > /usr/lib/rancid/bin/control_rancid: 206: > /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission > denied**** > > **** > > Fix that. chown -R rancid /var/rancid**** > > **** > > **** > > comm: file 2 is not in sorted order**** > > comm: file 2 is not in sorted order**** > > comm: file 2 is not in sorted order**** > > cvs add: scheduling file `94.229.11.1' for addition**** > > cvs add: use `cvs commit' to add this file permanently**** > > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1**** > > initial revision: 1.1**** > > Added 94.229.11.1**** > > cvs add: scheduling file `94.229.11.2' for addition**** > > cvs add: use `cvs commit' to add this file permanently**** > > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2**** > > initial revision: 1.1**** > > Added 94.229.11.2**** > > cvs add: scheduling file `94.229.11.3' for addition**** > > cvs add: use `cvs commit' to add this file permanently**** > > /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3**** > > initial revision: 1.1**** > > Added 94.229.11.3**** > > **** > > ***TRUNCATED******* > > **** > > 94.229.11.2 jlogin error: Error: couldn't read file > "/home/rancid/.cloginrc": permission denied**** > > 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware > detail,show system license,show chassis scb,show chassis feb,show chassis > routing-engine,show chassis firmware,show version detail,show chassis feb > detail,show configuration,show system boot-messages,show chassis cfeb,show > chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc > detail,show chassis environment,show system core-dumps**** > > 94.229.11.2: End of run not found**** > > 94.229.11.3 jlogin error: Error: couldn't read file > "/home/rancid/.cloginrc": permission denied*<***** > > **** > > ** ** > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 2724 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 2724 bytes Desc: not available URL: From rmilton at mvsusa.com Thu Sep 12 20:45:03 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Thu, 12 Sep 2013 20:45:03 +0000 Subject: [rancid] Permissions and files In-Reply-To: References: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> <11c83c57fecc4e3d9df44031b9e85ba1@BN1PR01MB119.prod.exchangelabs.com> <17de9813c8c94eda9f9dc92751d03a52@BN1PR01MB119.prod.exchangelabs.com> <2ae78236d6d44851b8cfbfe7d0589298@BN1PR01MB119.prod.exchangelabs.com> <5b70efe3a9824408b6b34764f525346d@BN1PR01MB119.prod.exchangelabs.com> Message-ID: <0a7c1e4ad4b842b7b7914cf862720c6b@BN1PR01MB119.prod.exchangelabs.com> Ahhhhh! Ok now if I am a multi-vendor operation, some Juniper, some HP, Netscreen, Cisco, etc, how do I set so that the correct script runs for various device types? And would that be set in the chronjob the same way? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] Sent: Thursday, September 12, 2013 4:39 PM To: Ryan Milton; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files You should use the jlogin script for Juniper devices /usr/lib/rancid/bin/jlogin -f /var/lib/rancid/.cloginrc X.X.X.X. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Thursday, September 12, 2013 3:36 PM To: Hinote, Scotty (MSFC-IS40)[NICS]; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files Well, here is what I get, I am assuming its due to the fact that my equipment is Juniper: rancid at ObserviumNYC:/var/lib/rancid$ /usr/lib/rancid/bin/clogin -f /var/lib/rancid/.cloginrc 94.XXX.11.1 94.XXX.11.1 spawn ssh -c 3des -x -l ryan 94.XXX.11.1 ryan at 94.229.11.1's password: --- JUNOS 9.3R4.4 built 2009-08-12 04:44:38 UTC ryan at core1.ams1> enable ^ unknown command. ryan at core1.ams1> Error: TIMEOUT reached can not find channel named "exp6" while executing "send "\r"" ("foreach" body line 167) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. set platform "" send_user ..." (file "/usr/lib/rancid/bin/clogin" line 778) Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] Sent: Thursday, September 12, 2013 4:29 PM To: Ryan Milton; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files If you SSH from your rancid server to the device that you are trying to backup as the rancid user that you have configured and execute a show running-config, do you receive any errors? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Thursday, September 12, 2013 2:32 PM To: Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files OK, so now those permissions are fixed, I assume. That said, I still get nothing in that file when I just "rancid-run". Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 3:15 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files >From Healey earlier.. Fix that. chown -R rancid /var/rancid On Thu, Sep 12, 2013 at 2:58 PM, Ryan Milton > wrote: Ok, I got you. Seems everything in /var/lib/rancid/bin is root: rancid at ObserviumNYC:/var/log/rancid$ cd /var/lib/rancid/bin/ rancid at ObserviumNYC:/var/lib/rancid/bin$ ls -lt -rwxr-xr-x 1 root root 67004 Mar 5 2012 rancid -rwxr-xr-x 1 root root 4420 Mar 5 2012 rancid-cvs Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:52 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Not what I meant. su - rancid then do pwd then /var/lib/rancid/bin/rancid-run Where did "/usr/bin/rancid-run" come from? Because that is different then what you were trying to run before. On Thu, Sep 12, 2013 at 2:47 PM, Ryan Milton > wrote: Ok, so since I'm following various guides (mostly the "Ubuntu server install), I am assuming that the command is /usr/bin/rancid-run. rancid at ObserviumNYC:/var/log/rancid$ vi MVSNetwork.20130912.144417 gives me: starting: Thu Sep 12 14:44:17 EDT 2013 ending: Thu Sep 12 14:44:17 EDT 2013 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:22 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files what happens when you just run it as the rancid user? On Thursday, September 12, 2013, Ryan Milton wrote: Ok, I have changed the ownership. I made a test config change on a device, ran rancid and exactly the same as: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 So, the config change doesn't show. Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Heasley [mailto:heas at shrubbery.net] Sent: Thursday, September 12, 2013 1:40 PM To: Ryan Milton Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Am Sep 12, 2013 um 16:59 schrieb Ryan Milton >: I don't know where to go on this. I can't tell if my Rancid configuration is even working. I'm at the point of testing rancid-run manually to see what happens. I am getting a combination of "Permission Denied" errors on the .cloginrc file, "End of Run Not found" errors, and some others that I excerpted below. That said, I have an example of the file in /var/log/rancid from today and from Friday: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 VS: starting: Fri Sep 6 15:57:50 EDT 2013 /usr/lib/rancid/bin/control_rancid: 206: /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission denied Fix that. chown -R rancid /var/rancid comm: file 2 is not in sorted order comm: file 2 is not in sorted order comm: file 2 is not in sorted order cvs add: scheduling file `94.229.11.1' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1 initial revision: 1.1 Added 94.229.11.1 cvs add: scheduling file `94.229.11.2' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2 initial revision: 1.1 Added 94.229.11.2 cvs add: scheduling file `94.229.11.3' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3 initial revision: 1.1 Added 94.229.11.3 ***TRUNCATED*** 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.2: End of run not found 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied< -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 2724 bytes Desc: image003.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.jpg Type: image/jpeg Size: 2724 bytes Desc: image004.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image005.jpg Type: image/jpeg Size: 2724 bytes Desc: image005.jpg URL: From Douglas.Hughes at DEShawResearch.com Thu Sep 12 20:48:47 2013 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Thu, 12 Sep 2013 20:48:47 +0000 Subject: [rancid] Permissions and files In-Reply-To: <0a7c1e4ad4b842b7b7914cf862720c6b@BN1PR01MB119.prod.exchangelabs.com> References: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> <11c83c57fecc4e3d9df44031b9e85ba1@BN1PR01MB119.prod.exchangelabs.com> <17de9813c8c94eda9f9dc92751d03a52@BN1PR01MB119.prod.exchangelabs.com> <2ae78236d6d44851b8cfbfe7d0589298@BN1PR01MB119.prod.exchangelabs.com> <5b70efe3a9824408b6b34764f525346d@BN1PR01MB119.prod.exchangelabs.com> <0a7c1e4ad4b842b7b7914cf862720c6b@BN1PR01MB119.prod.exchangelabs.com> Message-ID: In your rancid router.db file that lists the devices you list the device type e.g. sw1:cisco:up sw2:juniper:up sw3:force10:up sw4:hp:up etc. From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Thursday, September 12, 2013 4:45 PM To: Hinote, Scotty (MSFC-IS40)[NICS]; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Ahhhhh! Ok now if I am a multi-vendor operation, some Juniper, some HP, Netscreen, Cisco, etc, how do I set so that the correct script runs for various device types? And would that be set in the chronjob the same way? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] Sent: Thursday, September 12, 2013 4:39 PM To: Ryan Milton; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files You should use the jlogin script for Juniper devices /usr/lib/rancid/bin/jlogin -f /var/lib/rancid/.cloginrc X.X.X.X. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Thursday, September 12, 2013 3:36 PM To: Hinote, Scotty (MSFC-IS40)[NICS]; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files Well, here is what I get, I am assuming its due to the fact that my equipment is Juniper: rancid at ObserviumNYC:/var/lib/rancid$ /usr/lib/rancid/bin/clogin -f /var/lib/rancid/.cloginrc 94.XXX.11.1 94.XXX.11.1 spawn ssh -c 3des -x -l ryan 94.XXX.11.1 ryan at 94.229.11.1's password: --- JUNOS 9.3R4.4 built 2009-08-12 04:44:38 UTC ryan at core1.ams1> enable ^ unknown command. ryan at core1.ams1> Error: TIMEOUT reached can not find channel named "exp6" while executing "send "\r"" ("foreach" body line 167) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. set platform "" send_user ..." (file "/usr/lib/rancid/bin/clogin" line 778) Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] Sent: Thursday, September 12, 2013 4:29 PM To: Ryan Milton; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files If you SSH from your rancid server to the device that you are trying to backup as the rancid user that you have configured and execute a show running-config, do you receive any errors? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Thursday, September 12, 2013 2:32 PM To: Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files OK, so now those permissions are fixed, I assume. That said, I still get nothing in that file when I just "rancid-run". Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 3:15 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files >From Healey earlier.. Fix that. chown -R rancid /var/rancid On Thu, Sep 12, 2013 at 2:58 PM, Ryan Milton > wrote: Ok, I got you. Seems everything in /var/lib/rancid/bin is root: rancid at ObserviumNYC:/var/log/rancid$ cd /var/lib/rancid/bin/ rancid at ObserviumNYC:/var/lib/rancid/bin$ ls -lt -rwxr-xr-x 1 root root 67004 Mar 5 2012 rancid -rwxr-xr-x 1 root root 4420 Mar 5 2012 rancid-cvs Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:52 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Not what I meant. su - rancid then do pwd then /var/lib/rancid/bin/rancid-run Where did "/usr/bin/rancid-run" come from? Because that is different then what you were trying to run before. On Thu, Sep 12, 2013 at 2:47 PM, Ryan Milton > wrote: Ok, so since I'm following various guides (mostly the "Ubuntu server install), I am assuming that the command is /usr/bin/rancid-run. rancid at ObserviumNYC:/var/log/rancid$ vi MVSNetwork.20130912.144417 gives me: starting: Thu Sep 12 14:44:17 EDT 2013 ending: Thu Sep 12 14:44:17 EDT 2013 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:22 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files what happens when you just run it as the rancid user? On Thursday, September 12, 2013, Ryan Milton wrote: Ok, I have changed the ownership. I made a test config change on a device, ran rancid and exactly the same as: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 So, the config change doesn't show. Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Heasley [mailto:heas at shrubbery.net] Sent: Thursday, September 12, 2013 1:40 PM To: Ryan Milton Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Am Sep 12, 2013 um 16:59 schrieb Ryan Milton >: I don't know where to go on this. I can't tell if my Rancid configuration is even working. I'm at the point of testing rancid-run manually to see what happens. I am getting a combination of "Permission Denied" errors on the .cloginrc file, "End of Run Not found" errors, and some others that I excerpted below. That said, I have an example of the file in /var/log/rancid from today and from Friday: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 VS: starting: Fri Sep 6 15:57:50 EDT 2013 /usr/lib/rancid/bin/control_rancid: 206: /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission denied Fix that. chown -R rancid /var/rancid comm: file 2 is not in sorted order comm: file 2 is not in sorted order comm: file 2 is not in sorted order cvs add: scheduling file `94.229.11.1' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1 initial revision: 1.1 Added 94.229.11.1 cvs add: scheduling file `94.229.11.2' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2 initial revision: 1.1 Added 94.229.11.2 cvs add: scheduling file `94.229.11.3' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3 initial revision: 1.1 Added 94.229.11.3 ***TRUNCATED*** 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.2: End of run not found 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied< -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 2724 bytes Desc: image002.jpg URL: From rwest at zyedge.com Thu Sep 12 20:50:07 2013 From: rwest at zyedge.com (Ryan West) Date: Thu, 12 Sep 2013 20:50:07 +0000 Subject: [rancid] Permissions and files In-Reply-To: References: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> <11c83c57fecc4e3d9df44031b9e85ba1@BN1PR01MB119.prod.exchangelabs.com> <17de9813c8c94eda9f9dc92751d03a52@BN1PR01MB119.prod.exchangelabs.com> <2ae78236d6d44851b8cfbfe7d0589298@BN1PR01MB119.prod.exchangelabs.com> <5b70efe3a9824408b6b34764f525346d@BN1PR01MB119.prod.exchangelabs.com> <0a7c1e4ad4b842b7b7914cf862720c6b@BN1PR01MB119.prod.exchangelabs.com> Message-ID: <8903D0A8F70EA74FBE57CA9B846B42C0A81C5F6D@ZY-MBX2.zyedge.local> And rancid-fe in the bin directory shows the device types. From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Thursday, September 12, 2013 4:49 PM To: 'Ryan Milton'; Hinote, Scotty (MSFC-IS40)[NICS]; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files In your rancid router.db file that lists the devices you list the device type e.g. sw1:cisco:up sw2:juniper:up sw3:force10:up sw4:hp:up etc. From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Thursday, September 12, 2013 4:45 PM To: Hinote, Scotty (MSFC-IS40)[NICS]; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Ahhhhh! Ok now if I am a multi-vendor operation, some Juniper, some HP, Netscreen, Cisco, etc, how do I set so that the correct script runs for various device types? And would that be set in the chronjob the same way? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] Sent: Thursday, September 12, 2013 4:39 PM To: Ryan Milton; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files You should use the jlogin script for Juniper devices /usr/lib/rancid/bin/jlogin -f /var/lib/rancid/.cloginrc X.X.X.X. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Thursday, September 12, 2013 3:36 PM To: Hinote, Scotty (MSFC-IS40)[NICS]; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files Well, here is what I get, I am assuming its due to the fact that my equipment is Juniper: rancid at ObserviumNYC:/var/lib/rancid$ /usr/lib/rancid/bin/clogin -f /var/lib/rancid/.cloginrc 94.XXX.11.1 94.XXX.11.1 spawn ssh -c 3des -x -l ryan 94.XXX.11.1 ryan at 94.229.11.1's password: --- JUNOS 9.3R4.4 built 2009-08-12 04:44:38 UTC ryan at core1.ams1> enable ^ unknown command. ryan at core1.ams1> Error: TIMEOUT reached can not find channel named "exp6" while executing "send "\r"" ("foreach" body line 167) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. set platform "" send_user ..." (file "/usr/lib/rancid/bin/clogin" line 778) Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] Sent: Thursday, September 12, 2013 4:29 PM To: Ryan Milton; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files If you SSH from your rancid server to the device that you are trying to backup as the rancid user that you have configured and execute a show running-config, do you receive any errors? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Thursday, September 12, 2013 2:32 PM To: Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files OK, so now those permissions are fixed, I assume. That said, I still get nothing in that file when I just "rancid-run". Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 3:15 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files >From Healey earlier.. Fix that. chown -R rancid /var/rancid On Thu, Sep 12, 2013 at 2:58 PM, Ryan Milton > wrote: Ok, I got you. Seems everything in /var/lib/rancid/bin is root: rancid at ObserviumNYC:/var/log/rancid$ cd /var/lib/rancid/bin/ rancid at ObserviumNYC:/var/lib/rancid/bin$ ls -lt -rwxr-xr-x 1 root root 67004 Mar 5 2012 rancid -rwxr-xr-x 1 root root 4420 Mar 5 2012 rancid-cvs Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:52 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Not what I meant. su - rancid then do pwd then /var/lib/rancid/bin/rancid-run Where did "/usr/bin/rancid-run" come from? Because that is different then what you were trying to run before. On Thu, Sep 12, 2013 at 2:47 PM, Ryan Milton > wrote: Ok, so since I'm following various guides (mostly the "Ubuntu server install), I am assuming that the command is /usr/bin/rancid-run. rancid at ObserviumNYC:/var/log/rancid$ vi MVSNetwork.20130912.144417 gives me: starting: Thu Sep 12 14:44:17 EDT 2013 ending: Thu Sep 12 14:44:17 EDT 2013 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:22 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files what happens when you just run it as the rancid user? On Thursday, September 12, 2013, Ryan Milton wrote: Ok, I have changed the ownership. I made a test config change on a device, ran rancid and exactly the same as: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 So, the config change doesn't show. Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Heasley [mailto:heas at shrubbery.net] Sent: Thursday, September 12, 2013 1:40 PM To: Ryan Milton Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Am Sep 12, 2013 um 16:59 schrieb Ryan Milton >: I don't know where to go on this. I can't tell if my Rancid configuration is even working. I'm at the point of testing rancid-run manually to see what happens. I am getting a combination of "Permission Denied" errors on the .cloginrc file, "End of Run Not found" errors, and some others that I excerpted below. That said, I have an example of the file in /var/log/rancid from today and from Friday: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 VS: starting: Fri Sep 6 15:57:50 EDT 2013 /usr/lib/rancid/bin/control_rancid: 206: /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission denied Fix that. chown -R rancid /var/rancid comm: file 2 is not in sorted order comm: file 2 is not in sorted order comm: file 2 is not in sorted order cvs add: scheduling file `94.229.11.1' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1 initial revision: 1.1 Added 94.229.11.1 cvs add: scheduling file `94.229.11.2' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2 initial revision: 1.1 Added 94.229.11.2 cvs add: scheduling file `94.229.11.3' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3 initial revision: 1.1 Added 94.229.11.3 ***TRUNCATED*** 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.2: End of run not found 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied< -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 2724 bytes Desc: image002.jpg URL: From willie.s.hinote at nasa.gov Thu Sep 12 20:50:21 2013 From: willie.s.hinote at nasa.gov (Hinote, Scotty (MSFC-IS40)[NICS]) Date: Thu, 12 Sep 2013 20:50:21 +0000 Subject: [rancid] Permissions and files In-Reply-To: <0a7c1e4ad4b842b7b7914cf862720c6b@BN1PR01MB119.prod.exchangelabs.com> References: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> <11c83c57fecc4e3d9df44031b9e85ba1@BN1PR01MB119.prod.exchangelabs.com> <17de9813c8c94eda9f9dc92751d03a52@BN1PR01MB119.prod.exchangelabs.com> <2ae78236d6d44851b8cfbfe7d0589298@BN1PR01MB119.prod.exchangelabs.com> <5b70efe3a9824408b6b34764f525346d@BN1PR01MB119.prod.exchangelabs.com> <0a7c1e4ad4b842b7b7914cf862720c6b@BN1PR01MB119.prod.exchangelabs.com> Message-ID: The vendor type is set in your router.db files. You specify your device then the type and finally a status of up or down eg. X.X.X.X:juniper:up or X.X.X.X:cisco:up. The supported device types are in the rancid-fe file which states the device type and what files are used to access the device. List -- %vendortable = ( 'agm' => 'agmrancid', 'alteon' => 'arancid', 'arista' => 'arrancid', 'avocent' => 'avorancid', 'baynet' => 'brancid', 'cat5' => 'cat5rancid', 'cisco' => 'rancid', 'cisco-nx' => 'nxrancid', 'cisco-xr' => 'xrrancid', 'css' => 'cssrancid', 'enterasys' => 'rivrancid', 'erx' => 'jerancid', 'extreme' => 'xrancid', 'ezt3' => 'erancid', 'f5' => 'f5rancid', 'force10' => 'f10rancid', 'fortigate' => 'fnrancid', 'foundry' => 'francid', 'hitachi' => 'htrancid', 'hp' => 'hrancid', 'juniper' => 'jrancid', 'mrtd' => 'mrancid', 'mrv' => 'mrvrancid', 'netopia' => 'trancid', 'netscaler' => 'nsrancid', 'netscreen' => 'nrancid', 'procket' => 'prancid', 'redback' => 'rrancid', 'riverstone' => 'rivrancid', 'smc' => 'srancid', 'tnt' => 'tntrancid', 'zebra' => 'zrancid' ); From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Thursday, September 12, 2013 3:45 PM To: Hinote, Scotty (MSFC-IS40)[NICS]; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files Ahhhhh! Ok now if I am a multi-vendor operation, some Juniper, some HP, Netscreen, Cisco, etc, how do I set so that the correct script runs for various device types? And would that be set in the chronjob the same way? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] Sent: Thursday, September 12, 2013 4:39 PM To: Ryan Milton; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files You should use the jlogin script for Juniper devices /usr/lib/rancid/bin/jlogin -f /var/lib/rancid/.cloginrc X.X.X.X. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Thursday, September 12, 2013 3:36 PM To: Hinote, Scotty (MSFC-IS40)[NICS]; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files Well, here is what I get, I am assuming its due to the fact that my equipment is Juniper: rancid at ObserviumNYC:/var/lib/rancid$ /usr/lib/rancid/bin/clogin -f /var/lib/rancid/.cloginrc 94.XXX.11.1 94.XXX.11.1 spawn ssh -c 3des -x -l ryan 94.XXX.11.1 ryan at 94.229.11.1's password: --- JUNOS 9.3R4.4 built 2009-08-12 04:44:38 UTC ryan at core1.ams1> enable ^ unknown command. ryan at core1.ams1> Error: TIMEOUT reached can not find channel named "exp6" while executing "send "\r"" ("foreach" body line 167) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. set platform "" send_user ..." (file "/usr/lib/rancid/bin/clogin" line 778) Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] Sent: Thursday, September 12, 2013 4:29 PM To: Ryan Milton; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files If you SSH from your rancid server to the device that you are trying to backup as the rancid user that you have configured and execute a show running-config, do you receive any errors? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Thursday, September 12, 2013 2:32 PM To: Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files OK, so now those permissions are fixed, I assume. That said, I still get nothing in that file when I just "rancid-run". Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 3:15 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files >From Healey earlier.. Fix that. chown -R rancid /var/rancid On Thu, Sep 12, 2013 at 2:58 PM, Ryan Milton > wrote: Ok, I got you. Seems everything in /var/lib/rancid/bin is root: rancid at ObserviumNYC:/var/log/rancid$ cd /var/lib/rancid/bin/ rancid at ObserviumNYC:/var/lib/rancid/bin$ ls -lt -rwxr-xr-x 1 root root 67004 Mar 5 2012 rancid -rwxr-xr-x 1 root root 4420 Mar 5 2012 rancid-cvs Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:52 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Not what I meant. su - rancid then do pwd then /var/lib/rancid/bin/rancid-run Where did "/usr/bin/rancid-run" come from? Because that is different then what you were trying to run before. On Thu, Sep 12, 2013 at 2:47 PM, Ryan Milton > wrote: Ok, so since I'm following various guides (mostly the "Ubuntu server install), I am assuming that the command is /usr/bin/rancid-run. rancid at ObserviumNYC:/var/log/rancid$ vi MVSNetwork.20130912.144417 gives me: starting: Thu Sep 12 14:44:17 EDT 2013 ending: Thu Sep 12 14:44:17 EDT 2013 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:22 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files what happens when you just run it as the rancid user? On Thursday, September 12, 2013, Ryan Milton wrote: Ok, I have changed the ownership. I made a test config change on a device, ran rancid and exactly the same as: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 So, the config change doesn't show. Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Heasley [mailto:heas at shrubbery.net] Sent: Thursday, September 12, 2013 1:40 PM To: Ryan Milton Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Am Sep 12, 2013 um 16:59 schrieb Ryan Milton >: I don't know where to go on this. I can't tell if my Rancid configuration is even working. I'm at the point of testing rancid-run manually to see what happens. I am getting a combination of "Permission Denied" errors on the .cloginrc file, "End of Run Not found" errors, and some others that I excerpted below. That said, I have an example of the file in /var/log/rancid from today and from Friday: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 VS: starting: Fri Sep 6 15:57:50 EDT 2013 /usr/lib/rancid/bin/control_rancid: 206: /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission denied Fix that. chown -R rancid /var/rancid comm: file 2 is not in sorted order comm: file 2 is not in sorted order comm: file 2 is not in sorted order cvs add: scheduling file `94.229.11.1' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1 initial revision: 1.1 Added 94.229.11.1 cvs add: scheduling file `94.229.11.2' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2 initial revision: 1.1 Added 94.229.11.2 cvs add: scheduling file `94.229.11.3' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3 initial revision: 1.1 Added 94.229.11.3 ***TRUNCATED*** 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.2: End of run not found 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied< -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 2724 bytes Desc: image002.jpg URL: From rmilton at mvsusa.com Thu Sep 12 21:27:06 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Thu, 12 Sep 2013 21:27:06 +0000 Subject: [rancid] Permissions and files In-Reply-To: <8903D0A8F70EA74FBE57CA9B846B42C0A81C5F6D@ZY-MBX2.zyedge.local> References: <2E7E6CD0-568F-4463-96B6-FE653347531A@shrubbery.net> <11c83c57fecc4e3d9df44031b9e85ba1@BN1PR01MB119.prod.exchangelabs.com> <17de9813c8c94eda9f9dc92751d03a52@BN1PR01MB119.prod.exchangelabs.com> <2ae78236d6d44851b8cfbfe7d0589298@BN1PR01MB119.prod.exchangelabs.com> <5b70efe3a9824408b6b34764f525346d@BN1PR01MB119.prod.exchangelabs.com> <0a7c1e4ad4b842b7b7914cf862720c6b@BN1PR01MB119.prod.exchangelabs.com> <8903D0A8F70EA74FBE57CA9B846B42C0A81C5F6D@ZY-MBX2.zyedge.local> Message-ID: <3e527533c1e24a09b0d59bef3c767f92@BN1PR01MB119.prod.exchangelabs.com> So, for ex: AAA.BBB.CCC.DDD:juniper:up AAA.BBB.CCC.DDD:hp:up AAA.BBB.CCC.DDD:netscreen:up Should work. Now, running rancid-run gives me simply those devices listed the exact same way, but as "devices added". I thought I changed the permissions that are in error bottom, but when I ran again I got: hourly config diffs failed: /tmp/.MVSNetwork.run.lock exists -rw-r----- 1 rancid rancid 0 Sep 12 17:08 /tmp/.MVSNetwork.run.lock SO I KNOW ITS CLOSE, but not there yet. Before I go off and do something new, confirm for me that this solution that I found is MOST likely to solve above issue: It sounds like you're checking too many hosts in one single linear run and it's taking too long. You may want to either increase PAR_COUNT in etc/rancid.conf or you may want to run each of the groups listed in LIST_OF_GROUPS from cron separately. 0 */1 * * * rancid-run abc ---- where abc is what?? 0 */1 * * * rancid-run def 0 */1 * * * rancid-run ghi 0 */1 * * * rancid-run jkl 0 */1 * * * rancid-run mno I do both. I set PAR_COUNT to 5 and I run each of our POPs (how I break up LIST_OF_GROUPS) separately from cron. That way a slow speed link in one POP won't hold up the rancid on the other POPs. That's my take on your problem. Justin Fixed Permissions to the below: Trying to get all of the configs. 195.3.164.154 nlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 195.3.164.154: missed cmd(s): get system,get conf 195.3.164.154: End of run not found # 94.229.11.190 nlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.190: missed cmd(s): get system,get conf 94.229.11.190: End of run not found # 94.229.11.1 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.1: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.1: End of run not found 94.229.11.210 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.210: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.210: End of run not found # # 94.229.11.218 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.218: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.218: End of run not found # 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.3: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.3: End of run not found # 94.229.11.4 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.4: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.4: End of run not found # 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.2: End of run not found Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Ryan West [mailto:rwest at zyedge.com] Sent: Thursday, September 12, 2013 4:50 PM To: Hughes, Doug; Ryan Milton; Hinote, Scotty (MSFC-IS40)[NICS]; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files And rancid-fe in the bin directory shows the device types. From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Thursday, September 12, 2013 4:49 PM To: 'Ryan Milton'; Hinote, Scotty (MSFC-IS40)[NICS]; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files In your rancid router.db file that lists the devices you list the device type e.g. sw1:cisco:up sw2:juniper:up sw3:force10:up sw4:hp:up etc. From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Thursday, September 12, 2013 4:45 PM To: Hinote, Scotty (MSFC-IS40)[NICS]; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Ahhhhh! Ok now if I am a multi-vendor operation, some Juniper, some HP, Netscreen, Cisco, etc, how do I set so that the correct script runs for various device types? And would that be set in the chronjob the same way? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] Sent: Thursday, September 12, 2013 4:39 PM To: Ryan Milton; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files You should use the jlogin script for Juniper devices /usr/lib/rancid/bin/jlogin -f /var/lib/rancid/.cloginrc X.X.X.X. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Thursday, September 12, 2013 3:36 PM To: Hinote, Scotty (MSFC-IS40)[NICS]; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files Well, here is what I get, I am assuming its due to the fact that my equipment is Juniper: rancid at ObserviumNYC:/var/lib/rancid$ /usr/lib/rancid/bin/clogin -f /var/lib/rancid/.cloginrc 94.XXX.11.1 94.XXX.11.1 spawn ssh -c 3des -x -l ryan 94.XXX.11.1 ryan at 94.229.11.1's password: --- JUNOS 9.3R4.4 built 2009-08-12 04:44:38 UTC ryan at core1.ams1> enable ^ unknown command. ryan at core1.ams1> Error: TIMEOUT reached can not find channel named "exp6" while executing "send "\r"" ("foreach" body line 167) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. set platform "" send_user ..." (file "/usr/lib/rancid/bin/clogin" line 778) Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] Sent: Thursday, September 12, 2013 4:29 PM To: Ryan Milton; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions and files If you SSH from your rancid server to the device that you are trying to backup as the rancid user that you have configured and execute a show running-config, do you receive any errors? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Thursday, September 12, 2013 2:32 PM To: Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files OK, so now those permissions are fixed, I assume. That said, I still get nothing in that file when I just "rancid-run". Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 3:15 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files >From Healey earlier.. Fix that. chown -R rancid /var/rancid On Thu, Sep 12, 2013 at 2:58 PM, Ryan Milton > wrote: Ok, I got you. Seems everything in /var/lib/rancid/bin is root: rancid at ObserviumNYC:/var/log/rancid$ cd /var/lib/rancid/bin/ rancid at ObserviumNYC:/var/lib/rancid/bin$ ls -lt -rwxr-xr-x 1 root root 67004 Mar 5 2012 rancid -rwxr-xr-x 1 root root 4420 Mar 5 2012 rancid-cvs Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:52 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Not what I meant. su - rancid then do pwd then /var/lib/rancid/bin/rancid-run Where did "/usr/bin/rancid-run" come from? Because that is different then what you were trying to run before. On Thu, Sep 12, 2013 at 2:47 PM, Ryan Milton > wrote: Ok, so since I'm following various guides (mostly the "Ubuntu server install), I am assuming that the command is /usr/bin/rancid-run. rancid at ObserviumNYC:/var/log/rancid$ vi MVSNetwork.20130912.144417 gives me: starting: Thu Sep 12 14:44:17 EDT 2013 ending: Thu Sep 12 14:44:17 EDT 2013 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Thursday, September 12, 2013 2:22 PM To: Ryan Milton Cc: Heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files what happens when you just run it as the rancid user? On Thursday, September 12, 2013, Ryan Milton wrote: Ok, I have changed the ownership. I made a test config change on a device, ran rancid and exactly the same as: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 So, the config change doesn't show. Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Heasley [mailto:heas at shrubbery.net] Sent: Thursday, September 12, 2013 1:40 PM To: Ryan Milton Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions and files Am Sep 12, 2013 um 16:59 schrieb Ryan Milton >: I don't know where to go on this. I can't tell if my Rancid configuration is even working. I'm at the point of testing rancid-run manually to see what happens. I am getting a combination of "Permission Denied" errors on the .cloginrc file, "End of Run Not found" errors, and some others that I excerpted below. That said, I have an example of the file in /var/log/rancid from today and from Friday: sudo -i su -c /var/lib/rancid/bin/rancid-run -s /bin/bash -l rancid gets me: starting: Thu Sep 12 10:53:28 EDT 2013 ending: Thu Sep 12 10:53:28 EDT 2013 VS: starting: Fri Sep 6 15:57:50 EDT 2013 /usr/lib/rancid/bin/control_rancid: 206: /usr/lib/rancid/bin/control_rancid: cannot create routers.db: Permission denied Fix that. chown -R rancid /var/rancid comm: file 2 is not in sorted order comm: file 2 is not in sorted order comm: file 2 is not in sorted order cvs add: scheduling file `94.229.11.1' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.1,v <-- 94.229.11.1 initial revision: 1.1 Added 94.229.11.1 cvs add: scheduling file `94.229.11.2' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.2,v <-- 94.229.11.2 initial revision: 1.1 Added 94.229.11.2 cvs add: scheduling file `94.229.11.3' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/MVSNetwork/configs/94.229.11.3,v <-- 94.229.11.3 initial revision: 1.1 Added 94.229.11.3 ***TRUNCATED*** 94.229.11.2 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied 94.229.11.2: missed cmd(s): show chassis alarms,show chassis hardware detail,show system license,show chassis scb,show chassis feb,show chassis routing-engine,show chassis firmware,show version detail,show chassis feb detail,show configuration,show system boot-messages,show chassis cfeb,show chassis clocks,show chassis sfm detail,show chassis ssb,show chassis fpc detail,show chassis environment,show system core-dumps 94.229.11.2: End of run not found 94.229.11.3 jlogin error: Error: couldn't read file "/home/rancid/.cloginrc": permission denied< -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image005.jpg Type: image/jpeg Size: 2724 bytes Desc: image005.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image006.jpg Type: image/jpeg Size: 2724 bytes Desc: image006.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 2723 bytes Desc: image002.jpg URL: From jethro.binks at strath.ac.uk Thu Sep 12 23:49:58 2013 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Fri, 13 Sep 2013 00:49:58 +0100 (BST) Subject: [rancid] rancid not writting configurations to /config/ file In-Reply-To: References: <1378973318.8301.YahooMailNeo@web160801.mail.bf1.yahoo.com> <52318404.6010404@gmail.com> Message-ID: On Thu, 12 Sep 2013, Sean Maguire wrote: > I think you are going to struggle getting the Huawei 5600 to back up > correctly in RANCID I'm afraid. The problem with Huawei is that they > have very different CLIs across their product range. In fact, on their > MSANs you see significant differences between the CLI of the data cards > and the voice cards and neither of these have a CLI which is the same > the that on their switches or firewalls. I suspect the RANCID script you > are using was designed for switches and firewalls rather than the 5600 > DSLAM. There may be a little hope; my h3c scripts have been tested on some Huawei kit, and I was sent a few modifications which improve support on at least the MA5600. I was not aware of the github.com/ssinyagin stuff, so I do not know if there are any parts of that that may be useful. > Some of the major differences are how the CLI handles things like > turning off paging (I seem to remember at least some of their kit not > supporting disabling paging) and the string that is output to inform the > user of the end of a page (which RANCID uses internally if paging > support cannot be disabled). I also seem to remember the DSLAMs spitting > out all kinds of horrible control character which make your RANCID > backups look a total mess. There are some features in the patch I was sent that may address these issues. I've been meaning to merge them and some other bits in for a while but never found the time so far. Unfortunately, I do not have access to any 5600 to test :) Maybe more news on this soon. Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. From r.engehausen at gmail.com Thu Sep 12 23:23:42 2013 From: r.engehausen at gmail.com (Roy) Date: Thu, 12 Sep 2013 16:23:42 -0700 Subject: [rancid] Permissions and files In-Reply-To: <3e527533c1e24a09b0d59bef3c767f92@BN1PR01MB119.prod.exchangelabs.com> References: <17de9813c8c94eda9f9dc92751d03a52@BN1PR01MB119.prod.exchangelabs.com> <2ae78236d6d44851b8cfbfe7d0589298@BN1PR01MB119.prod.exchangelabs.com> <5b70efe3a9824408b6b34764f525346d@BN1PR01MB119.prod.exchangelabs.com> <0a7c1e4ad4b842b7b7914cf862720c6b@BN1PR01MB119.prod.exchangelabs.com> <8903D0A8F70EA74FBE57CA9B846B42C0A81C5F6D@ZY-MBX2.zyedge.local> <3e527533c1e24a09b0d59bef3c767f92@BN1PR01MB119.prod.exchangelabs.com> Message-ID: <52324CFE.9040206@gmail.com> An HTML attachment was scrubbed... URL: From jameserica156 at yahoo.com Fri Sep 13 06:46:20 2013 From: jameserica156 at yahoo.com (Erica James) Date: Thu, 12 Sep 2013 23:46:20 -0700 (PDT) Subject: [rancid] rancid not writting configurations to /config/ file In-Reply-To: References: <1378973318.8301.YahooMailNeo@web160801.mail.bf1.yahoo.com> <52318404.6010404@gmail.com> Message-ID: <1379054780.9487.YahooMailNeo@web160804.mail.bf1.yahoo.com> I have the h3c* scripts Jethro, made a few changes on the h3clogin and?I observe the below ? can login: /home/eserica/rancid/bin/h3clogin 10.3.4.5, successfully ? but?/home/eserica/rancid/bin/h3clogin -t 90 -c "display current-configuration"?10.3.4.5 just hangs in the privilege exec mode. ? On the other hand, the h3crancid gives the below ? [eserica at netflow ~]$ /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 executing hulogin -t 90 -c"display current-configuration" 10.3.4.5 sh: hulogin: command not found 10.3.4.5: missed cmd(s): display current-configuration 10.3.4.5: missed cmd(s): display current-configuration 10.3.4.5: End of run not found 10.3.4.5: End of run not found?? ? ?What else should I do regarding the above? May you kindly share with me the patch for this device. ? Eserica ? ? ________________________________ From: Jethro R Binks To: rancid-discuss at shrubbery.net Sent: Friday, September 13, 2013 2:49 AM Subject: Re: [rancid] rancid not writting configurations to /config/ file On Thu, 12 Sep 2013, Sean Maguire wrote: > I think you are going to struggle getting the Huawei 5600 to back up > correctly in RANCID I'm afraid. The problem with Huawei is that they > have very different CLIs across their product range. In fact, on their > MSANs you see significant differences between the CLI of the data cards > and the voice cards and neither of these have a CLI which is the same > the that on their switches or firewalls. I suspect the RANCID script you > are using was designed for switches and firewalls rather than the 5600 > DSLAM. There may be a little hope; my h3c scripts have been tested on some Huawei kit, and I was sent a few modifications which improve support on at least the MA5600. I was not aware of the github.com/ssinyagin stuff, so I do not know if there are any parts of that that may be useful. > Some of the major differences are how the CLI handles things like > turning off paging (I seem to remember at least some of their kit not > supporting disabling paging) and the string that is output to inform the > user of the end of a page (which RANCID uses internally if paging > support cannot be disabled). I also seem to remember the DSLAMs spitting > out all kinds of horrible control character which make your RANCID > backups look a total mess. There are some features in the patch I was sent that may address these issues. I've been meaning to merge them and some other bits in for a while but never found the time so far.? Unfortunately, I do not have access to any 5600 to test :) Maybe more news on this soon. Jethro. .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From jethro.binks at strath.ac.uk Fri Sep 13 06:50:14 2013 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Fri, 13 Sep 2013 07:50:14 +0100 (BST) Subject: [rancid] rancid not writting configurations to /config/ file In-Reply-To: <1379054780.9487.YahooMailNeo@web160804.mail.bf1.yahoo.com> References: <1378973318.8301.YahooMailNeo@web160801.mail.bf1.yahoo.com> <52318404.6010404@gmail.com> <1379054780.9487.YahooMailNeo@web160804.mail.bf1.yahoo.com> Message-ID: On Thu, 12 Sep 2013, Erica James wrote: > I have the h3c* scripts Jethro, made a few changes on the h3clogin and?I observe the below > ? > can login: /home/eserica/rancid/bin/h3clogin 10.3.4.5, successfully > ? > but?/home/eserica/rancid/bin/h3clogin -t 90 -c "display current-configuration"?10.3.4.5 just hangs in the privilege exec mode. > ? > On the other hand, the h3crancid gives the below > ? > [eserica at netflow ~]$ /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 > executing hulogin -t 90 -c"display current-configuration" 10.3.4.5 > sh: hulogin: command not found > 10.3.4.5: missed cmd(s): display current-configuration > 10.3.4.5: missed cmd(s): display current-configuration You need to modify h3crancid to call h3clogin, not hulogin. I am not that hopeful that the version you are using will help though, I will try and get something better to you soon. Jethro. > 10.3.4.5: End of run not found > 10.3.4.5: End of run not found?? > ? > ?What else should I do regarding the above? May you kindly share with me the patch for this device. > ? > Eserica > ? > ? > > ________________________________ > From: Jethro R Binks > To: rancid-discuss at shrubbery.net > Sent: Friday, September 13, 2013 2:49 AM > Subject: Re: [rancid] rancid not writting configurations to /config/ file > > > On Thu, 12 Sep 2013, Sean Maguire wrote: > > > I think you are going to struggle getting the Huawei 5600 to back up > > correctly in RANCID I'm afraid. The problem with Huawei is that they > > have very different CLIs across their product range. In fact, on their > > MSANs you see significant differences between the CLI of the data cards > > and the voice cards and neither of these have a CLI which is the same > > the that on their switches or firewalls. I suspect the RANCID script you > > are using was designed for switches and firewalls rather than the 5600 > > DSLAM. > > There may be a little hope; my h3c scripts have been tested on some Huawei > kit, and I was sent a few modifications which improve support on at least > the MA5600. > > I was not aware of the github.com/ssinyagin stuff, so I do not know if > there are any parts of that that may be useful. > > > Some of the major differences are how the CLI handles things like > > turning off paging (I seem to remember at least some of their kit not > > supporting disabling paging) and the string that is output to inform the > > user of the end of a page (which RANCID uses internally if paging > > support cannot be disabled). I also seem to remember the DSLAMs spitting > > out all kinds of horrible control character which make your RANCID > > backups look a total mess. > > There are some features in the patch I was sent that may address these > issues. > > I've been meaning to merge them and some other bits in for a while but > never found the time so far.? Unfortunately, I do not have access to any > 5600 to test :) > > Maybe more news on this soon. > > Jethro. > > .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? .? . > Jethro R Binks, Network Manager, > Information Services Directorate, University Of Strathclyde, Glasgow, UK > > The University of Strathclyde is a charitable body, registered in > Scotland, number SC015263. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. From rmilton at mvsusa.com Fri Sep 13 13:46:11 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Fri, 13 Sep 2013 13:46:11 +0000 Subject: [rancid] Permissions errors Message-ID: What is the possible solution to this: Is this yet another permissions issue? hourly config diffs failed: /tmp/.MVSNetwork.run.lock exists -rw-r----- 1 rancid rancid 0 Sep 12 17:08 /tmp/.MVSNetwork.run.lock Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 569 bytes Desc: image001.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.jpg Type: image/jpeg Size: 2724 bytes Desc: image004.jpg URL: From willie.s.hinote at nasa.gov Fri Sep 13 13:51:03 2013 From: willie.s.hinote at nasa.gov (Hinote, Scotty (MSFC-IS40)[NICS]) Date: Fri, 13 Sep 2013 13:51:03 +0000 Subject: [rancid] Permissions errors In-Reply-To: References: Message-ID: I would try removing the lock file and execute rancid-run again. From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Friday, September 13, 2013 8:46 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Permissions errors What is the possible solution to this: Is this yet another permissions issue? hourly config diffs failed: /tmp/.MVSNetwork.run.lock exists -rw-r----- 1 rancid rancid 0 Sep 12 17:08 /tmp/.MVSNetwork.run.lock Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.gif Type: image/gif Size: 569 bytes Desc: image002.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 2724 bytes Desc: image003.jpg URL: From adudek16 at gmail.com Fri Sep 13 13:57:25 2013 From: adudek16 at gmail.com (Aaron Dudek) Date: Fri, 13 Sep 2013 09:57:25 -0400 Subject: [rancid] Permissions errors In-Reply-To: References: Message-ID: +1 On Fri, Sep 13, 2013 at 9:51 AM, Hinote, Scotty (MSFC-IS40)[NICS] < willie.s.hinote at nasa.gov> wrote: > I would try removing the lock file and execute rancid-run again.**** > > ** ** > > *From:* rancid-discuss-bounces at shrubbery.net [mailto: > rancid-discuss-bounces at shrubbery.net] *On Behalf Of *Ryan Milton > *Sent:* Friday, September 13, 2013 8:46 AM > *To:* rancid-discuss at shrubbery.net > *Subject:* [rancid] Permissions errors**** > > ** ** > > What is the possible solution to this:**** > > Is this yet another permissions issue?**** > > ** ** > > hourly config diffs failed: /tmp/.MVSNetwork.run.lock exists**** > > -rw-r----- 1 rancid rancid 0 Sep 12 17:08 /tmp/.MVSNetwork.run.lock**** > > ** ** > > ** ** > > Regards,**** > > Ryan Milton**** > > MVS Network Manager**** > > o: 201-447-1505 x124**** > > c: 862-249-5230**** > > www.mvsusa.com**** > > [image: MVS final logo GOOD very small]**** > > ** ** > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.gif Type: image/gif Size: 569 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 2724 bytes Desc: not available URL: From prt at prt.org Fri Sep 13 14:17:03 2013 From: prt at prt.org (Paul Thornton) Date: Fri, 13 Sep 2013 15:17:03 +0100 Subject: [rancid] Extreme Networks - Disable CLI Paging In-Reply-To: <52331E10.8080509@prtsystems.ltd.uk> References: <52331E10.8080509@prtsystems.ltd.uk> Message-ID: <52331E5F.6030801@prt.org> Hi I have had this exact same issue; and we fixed it with the attached patch to clogin (not xrancid - the problem is a mis-identification of the prompt). However, there is a patch on the mailing list here: http://www.shrubbery.net/pipermail/rancid-discuss/2009-February/003645.html which should also achieve the same thing (although I have not tried this). Paul. On 11/09/2013 00:34, Fleming, Graham wrote: > Hi there. I have very basic scripting knowledge so I?m not very good at figuring these things out and I?m finally resorting to asking some much smarter folk! > > I have a bunch of Extreme networks switches and Ive managed to tweak the ?xrancid? script to fix some issues that I had out of the box with RANCID and Extreme switches. > > The last issue that I cannot figure out is in my saved configs, it appears the word ?quit? gets mangled up in the output seemingly from the pager prompts. Example at the end. > > I looked through the ?clogin? script to see about disabling the pager but there are some comments in that script about how Extreme switches can?t have the pager disabled. Assuming this is old stuff as now they can. Running XOS v15 on these X440?s. The command ?disable cli paging? will disable the pager per-session. > > I?ve tried messing around with ?clogin? to try and get it to pass this command but it doesn?t work. Anyone know if this is easy to do? Please help. > > Here?s what my daily diffs look like (extract). Note the work quit appears spread out in random places: > > Index: configs/x440-0 > =================================================================== > # > - u# > # Module devmgr configuration. > # > enable ip-option record-timestamp > - disable ipforwarding broadcast vlan > + disabule ipforwarding broadcast vlan > disable ipforwarding broadcast vlan > - i > # > # Module dosprotect configuration. > - t > # > configure mvrp stpd s0 > + i > # > disable ripng export isis-level-1 > + t > # > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -------------- next part -------------- --- clogin.prev 2013-08-12 15:14:13.000000000 +0000 +++ clogin 2013-08-12 15:19:06.000000000 +0000 @@ -567,8 +567,22 @@ } exp_continue } - -re "$prompt" { - set prompt_match $expect_out(0,string); + -indices -re "$prompt" { + set prompt_match $expect_out(0,string); + if {"$prompt_match" == ">"} { + # Extreme XOS >= 12.5 by default sends a banner after login + # including this line: + # "Press the or '?' key at any time for completions." + # Match and discard it, as it is not a prompt. + if [string match "\r\nPress the " \ + [string range $expect_out(buffer) \ + [expr $expect_out(0,start) - 16] \ + $expect_out(0,start) \ + ] + ] { + exp_continue + } + } break; } "Login invalid" { From rmilton at mvsusa.com Fri Sep 13 14:24:02 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Fri, 13 Sep 2013 14:24:02 +0000 Subject: [rancid] Permissions errors In-Reply-To: References: Message-ID: <6a7b37e332424114992af86e438ffcdc@BN1PR01MB119.prod.exchangelabs.com> Ok, I attempted this a few times: Trying to get all of the configs. 94.229.11.92 clogin error: Error: TIMEOUT reached 94.229.11.92: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 94.229.11.92: End of run not found And then the /.MVSNetwork.run.lock happens again Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Friday, September 13, 2013 9:57 AM To: Hinote, Scotty (MSFC-IS40)[NICS] Cc: Ryan Milton; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions errors +1 On Fri, Sep 13, 2013 at 9:51 AM, Hinote, Scotty (MSFC-IS40)[NICS] > wrote: [cid:image002.gif at 01CEB06B.5C1878E0] I would try removing the lock file and execute rancid-run again. From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Friday, September 13, 2013 8:46 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Permissions errors What is the possible solution to this: Is this yet another permissions issue? hourly config diffs failed: /tmp/.MVSNetwork.run.lock exists -rw-r----- 1 rancid rancid 0 Sep 12 17:08 /tmp/.MVSNetwork.run.lock Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.gif Type: image/gif Size: 569 bytes Desc: image002.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 2724 bytes Desc: image003.jpg URL: From willie.s.hinote at nasa.gov Fri Sep 13 14:30:31 2013 From: willie.s.hinote at nasa.gov (Hinote, Scotty (MSFC-IS40)[NICS]) Date: Fri, 13 Sep 2013 14:30:31 +0000 Subject: [rancid] Permissions errors In-Reply-To: <6a7b37e332424114992af86e438ffcdc@BN1PR01MB119.prod.exchangelabs.com> References: <6a7b37e332424114992af86e438ffcdc@BN1PR01MB119.prod.exchangelabs.com> Message-ID: Timeout reached usually indicates that the server is not able to establish a connection to the device due to routing, firewall, etc. Try SSHing from the rancid server to the device eg. ssh rancid_user at device. Do not use the login scripts. You can also increase the verbose output of SSH by specifying the -v flag. If you cannot SSH to the device then the rancid scripts will not work either but it rules out rancid as the issue. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 13, 2013 9:24 AM To: Aaron Dudek; Hinote, Scotty (MSFC-IS40)[NICS] Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions errors Ok, I attempted this a few times: Trying to get all of the configs. 94.229.11.92 clogin error: Error: TIMEOUT reached 94.229.11.92: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 94.229.11.92: End of run not found And then the /.MVSNetwork.run.lock happens again Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Friday, September 13, 2013 9:57 AM To: Hinote, Scotty (MSFC-IS40)[NICS] Cc: Ryan Milton; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions errors +1 On Fri, Sep 13, 2013 at 9:51 AM, Hinote, Scotty (MSFC-IS40)[NICS] > wrote: [cid:image002.gif at 01CEB063.E37B69D0] I would try removing the lock file and execute rancid-run again. From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Friday, September 13, 2013 8:46 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Permissions errors What is the possible solution to this: Is this yet another permissions issue? hourly config diffs failed: /tmp/.MVSNetwork.run.lock exists -rw-r----- 1 rancid rancid 0 Sep 12 17:08 /tmp/.MVSNetwork.run.lock Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.gif Type: image/gif Size: 569 bytes Desc: image002.gif URL: From willie.s.hinote at nasa.gov Fri Sep 13 14:44:15 2013 From: willie.s.hinote at nasa.gov (Hinote, Scotty (MSFC-IS40)[NICS]) Date: Fri, 13 Sep 2013 14:44:15 +0000 Subject: [rancid] Permissions errors In-Reply-To: References: <6a7b37e332424114992af86e438ffcdc@BN1PR01MB119.prod.exchangelabs.com> Message-ID: You can set autoenable X.X.X.X 1 in your cloginrc stanzas. Or you can specify your enable password on the same line as your password as password X.X.X.X {password} {enable_password}. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 13, 2013 9:41 AM To: Hinote, Scotty (MSFC-IS40)[NICS]; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions errors I'm wondering, if the issue may have to do with the login procedure. Typically we login directly into enable mode, not into operator mode. If the script is looking to do it the traditional way, would that cause the error too? Because, I can login via ssh to the HP switch in question from the rancid sever. When I run this script (vs an ssh -v login that works): /usr/lib/rancid/bin/hlogin -f /var/lib/rancid/.cloginrc 94.2 94.229.11.92 Error: no enable password for 94.229.11.92 in /var/lib/rancid/.cloginrc. Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] Sent: Friday, September 13, 2013 10:31 AM To: Ryan Milton; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions errors Timeout reached usually indicates that the server is not able to establish a connection to the device due to routing, firewall, etc. Try SSHing from the rancid server to the device eg. ssh rancid_user at device. Do not use the login scripts. You can also increase the verbose output of SSH by specifying the -v flag. If you cannot SSH to the device then the rancid scripts will not work either but it rules out rancid as the issue. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 13, 2013 9:24 AM To: Aaron Dudek; Hinote, Scotty (MSFC-IS40)[NICS] Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions errors Ok, I attempted this a few times: Trying to get all of the configs. 94.229.11.92 clogin error: Error: TIMEOUT reached 94.229.11.92: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 94.229.11.92: End of run not found And then the /.MVSNetwork.run.lock happens again Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Friday, September 13, 2013 9:57 AM To: Hinote, Scotty (MSFC-IS40)[NICS] Cc: Ryan Milton; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions errors +1 On Fri, Sep 13, 2013 at 9:51 AM, Hinote, Scotty (MSFC-IS40)[NICS] > wrote: [cid:image002.gif at 01CEB065.CEDE1750] I would try removing the lock file and execute rancid-run again. From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Friday, September 13, 2013 8:46 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Permissions errors What is the possible solution to this: Is this yet another permissions issue? hourly config diffs failed: /tmp/.MVSNetwork.run.lock exists -rw-r----- 1 rancid rancid 0 Sep 12 17:08 /tmp/.MVSNetwork.run.lock Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.gif Type: image/gif Size: 569 bytes Desc: image002.gif URL: From rmilton at mvsusa.com Fri Sep 13 14:40:54 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Fri, 13 Sep 2013 14:40:54 +0000 Subject: [rancid] Permissions errors In-Reply-To: References: <6a7b37e332424114992af86e438ffcdc@BN1PR01MB119.prod.exchangelabs.com> Message-ID: I'm wondering, if the issue may have to do with the login procedure. Typically we login directly into enable mode, not into operator mode. If the script is looking to do it the traditional way, would that cause the error too? Because, I can login via ssh to the HP switch in question from the rancid sever. When I run this script (vs an ssh -v login that works): /usr/lib/rancid/bin/hlogin -f /var/lib/rancid/.cloginrc 94.2 94.229.11.92 Error: no enable password for 94.229.11.92 in /var/lib/rancid/.cloginrc. Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] Sent: Friday, September 13, 2013 10:31 AM To: Ryan Milton; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions errors Timeout reached usually indicates that the server is not able to establish a connection to the device due to routing, firewall, etc. Try SSHing from the rancid server to the device eg. ssh rancid_user at device. Do not use the login scripts. You can also increase the verbose output of SSH by specifying the -v flag. If you cannot SSH to the device then the rancid scripts will not work either but it rules out rancid as the issue. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 13, 2013 9:24 AM To: Aaron Dudek; Hinote, Scotty (MSFC-IS40)[NICS] Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions errors Ok, I attempted this a few times: Trying to get all of the configs. 94.229.11.92 clogin error: Error: TIMEOUT reached 94.229.11.92: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 94.229.11.92: End of run not found And then the /.MVSNetwork.run.lock happens again Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Friday, September 13, 2013 9:57 AM To: Hinote, Scotty (MSFC-IS40)[NICS] Cc: Ryan Milton; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions errors +1 On Fri, Sep 13, 2013 at 9:51 AM, Hinote, Scotty (MSFC-IS40)[NICS] > wrote: [cid:image006.gif at 01CEB06D.9F0E4740] I would try removing the lock file and execute rancid-run again. From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Friday, September 13, 2013 8:46 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Permissions errors What is the possible solution to this: Is this yet another permissions issue? hourly config diffs failed: /tmp/.MVSNetwork.run.lock exists -rw-r----- 1 rancid rancid 0 Sep 12 17:08 /tmp/.MVSNetwork.run.lock Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image005.jpg Type: image/jpeg Size: 2724 bytes Desc: image005.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image006.gif Type: image/gif Size: 569 bytes Desc: image006.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: From rmilton at mvsusa.com Fri Sep 13 16:00:14 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Fri, 13 Sep 2013 16:00:14 +0000 Subject: [rancid] Permissions errors In-Reply-To: References: <6a7b37e332424114992af86e438ffcdc@BN1PR01MB119.prod.exchangelabs.com> Message-ID: OK, that is solved too, I think, but still getting a series of errors: 94.229.14.250 clogin error: Error: TIMEOUT reached 94.229.14.250: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 94.229.14.250: End of run not found ; 94.229.11.218: missed cmd(s): show configuration 94.229.11.218: End of run not found ; ; ; Getting missed routers: round 4. Received signal - ending run (1). /usr/lib/rancid/bin/control_rancid: 461: /usr/lib/rancid/bin/control_rancid: cannot create /tmp/tmp.EACqI3Q2IP/rancid.MVSNetwork.14801.diff: Directory nonexistent cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] Sent: Friday, September 13, 2013 10:44 AM To: Ryan Milton; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions errors You can set autoenable X.X.X.X 1 in your cloginrc stanzas. Or you can specify your enable password on the same line as your password as password X.X.X.X {password} {enable_password}. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 13, 2013 9:41 AM To: Hinote, Scotty (MSFC-IS40)[NICS]; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions errors I'm wondering, if the issue may have to do with the login procedure. Typically we login directly into enable mode, not into operator mode. If the script is looking to do it the traditional way, would that cause the error too? Because, I can login via ssh to the HP switch in question from the rancid sever. When I run this script (vs an ssh -v login that works): /usr/lib/rancid/bin/hlogin -f /var/lib/rancid/.cloginrc 94.2 94.229.11.92 Error: no enable password for 94.229.11.92 in /var/lib/rancid/.cloginrc. Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hinote, Scotty (MSFC-IS40)[NICS] [mailto:willie.s.hinote at nasa.gov] Sent: Friday, September 13, 2013 10:31 AM To: Ryan Milton; Aaron Dudek Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions errors Timeout reached usually indicates that the server is not able to establish a connection to the device due to routing, firewall, etc. Try SSHing from the rancid server to the device eg. ssh rancid_user at device. Do not use the login scripts. You can also increase the verbose output of SSH by specifying the -v flag. If you cannot SSH to the device then the rancid scripts will not work either but it rules out rancid as the issue. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 13, 2013 9:24 AM To: Aaron Dudek; Hinote, Scotty (MSFC-IS40)[NICS] Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Permissions errors Ok, I attempted this a few times: Trying to get all of the configs. 94.229.11.92 clogin error: Error: TIMEOUT reached 94.229.11.92: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 94.229.11.92: End of run not found And then the /.MVSNetwork.run.lock happens again Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Aaron Dudek [mailto:adudek16 at gmail.com] Sent: Friday, September 13, 2013 9:57 AM To: Hinote, Scotty (MSFC-IS40)[NICS] Cc: Ryan Milton; rancid-discuss at shrubbery.net Subject: Re: [rancid] Permissions errors +1 On Fri, Sep 13, 2013 at 9:51 AM, Hinote, Scotty (MSFC-IS40)[NICS] > wrote: [cid:image006.gif at 01CEB077.B4D8B1A0] I would try removing the lock file and execute rancid-run again. From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Friday, September 13, 2013 8:46 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Permissions errors What is the possible solution to this: Is this yet another permissions issue? hourly config diffs failed: /tmp/.MVSNetwork.run.lock exists -rw-r----- 1 rancid rancid 0 Sep 12 17:08 /tmp/.MVSNetwork.run.lock Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image005.jpg Type: image/jpeg Size: 2724 bytes Desc: image005.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image006.gif Type: image/gif Size: 569 bytes Desc: image006.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: From rmilton at mvsusa.com Fri Sep 13 19:24:26 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Fri, 13 Sep 2013 19:24:26 +0000 Subject: [rancid] Groups Message-ID: <6d5d3f3965404f0e8005083b9bd14b2f@BN1PR01MB119.prod.exchangelabs.com> I have been getting no emails from Rancid, while I am getting cvs updates (when I logon to the web). I tested the mail send application (exim4), and it is sending mail. Would I not get a message because the rancid-run is timing out (I get TIMEOUT errors in /var/log/rancid messages) I'm trying to see if I have a problem here or not. Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 569 bytes Desc: image001.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.jpg Type: image/jpeg Size: 2724 bytes Desc: image004.jpg URL: From rmilton at mvsusa.com Fri Sep 13 19:09:27 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Fri, 13 Sep 2013 19:09:27 +0000 Subject: [rancid] Debugging TIMEOUT ERRORS Message-ID: <0c945c10424c413b8d31d0acc7c625b0@BN1PR01MB119.prod.exchangelabs.com> Debugging rancid-run timeout errors /usr/lib/rancid/bin/jlogin -t 180 -c "show config;quit" -f /var/lib/rancid/.cloginrc 94.229.11.218 n Connection to 94.229.11.218 closed. n n Error: EOF received /usr/lib/rancid/bin/hlogin -t 90 -c "show run;exit" -f /var/lib/rancid/.cloginrc 94.229.11.59 n Yields a proper log out. /usr/lib/rancid/bin/nlogin -t 90 -c "get config;quit" -f /var/lib/rancid/.cloginrc 195.3.164.125 n Basically logs out BUT, when I "rancid-run" I get the following error, and the file locks in /tmp Trying to get all of the configs. 94.229.11.92 clogin error: Error: TIMEOUT reached 94.229.11.92: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 94.229.11.92: End of run not found ; 94.229.11.91 clogin error: Error: TIMEOUT reached 94.229.11.91: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 94.229.11.91: End of run not found ; 94.229.11.60 clogin error: Error: TIMEOUT reached 94.229.11.60: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 94.229.11.60: End of run not found ; 94.229.11.59 clogin error: Error: TIMEOUT reached 94.229.11.59: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 94.229.11.59: End of run not found ; 94.229.14.250 clogin error: Error: TIMEOUT reached 94.229.14.250: missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information 94.229.14.250: End of run not found ; 94.229.11.218: missed cmd(s): show configuration 94.229.11.218: End of run not found Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.gif Type: image/gif Size: 569 bytes Desc: image001.gif URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 2723 bytes Desc: image003.jpg URL: From r.engehausen at gmail.com Fri Sep 13 19:46:56 2013 From: r.engehausen at gmail.com (Roy) Date: Fri, 13 Sep 2013 12:46:56 -0700 Subject: [rancid] Groups In-Reply-To: <6d5d3f3965404f0e8005083b9bd14b2f@BN1PR01MB119.prod.exchangelabs.com> References: <6d5d3f3965404f0e8005083b9bd14b2f@BN1PR01MB119.prod.exchangelabs.com> Message-ID: <52336BB0.1020606@gmail.com> An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/gif Size: 569 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/jpeg Size: 2724 bytes Desc: not available URL: From alan.mckinnon at gmail.com Fri Sep 13 20:50:14 2013 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Fri, 13 Sep 2013 22:50:14 +0200 Subject: [rancid] Groups In-Reply-To: <6d5d3f3965404f0e8005083b9bd14b2f@BN1PR01MB119.prod.exchangelabs.com> References: <6d5d3f3965404f0e8005083b9bd14b2f@BN1PR01MB119.prod.exchangelabs.com> Message-ID: <52337A86.2000405@gmail.com> On 13/09/2013 21:24, Ryan Milton wrote: > I have been getting no emails from Rancid, while I am getting cvs > updates (when I logon to the web). I tested the mail send application > (exim4), and it is sending mail. > > > > Would I not get a message because the rancid-run is timing out (I get > TIMEOUT errors in /var/log/rancid messages) > > > > I?m trying to see if I have a problem here or not. out of the box, rancid sends two kinds of mails: diffs and admin diffs are just that, diffs when config changes admin is notice of routers added and removed, plus notices of routers that haven't been contacted for X number of hours (set in rancid.conf) rancid does not by default spam you with alerts about timeouts. This makes sense - presumably you have proper monitoring systems in place and there is no need for rancid to add to the noise. Check your mail logs to see if a) rancid did send any mails and b) what happened to them. There can be many reasons for lack of mail, ranging from no config changes have happened yet on your systems, to mail is getting lost, and lots of other things in between. I think you need to do more conventional Unix troubleshooting and gather information before anyone here can really help you properly with specifics. On the whole, you seem to be having an inordinate amount of trouble with rancid, this is highly unusual. The software routinely builds and installs just fine without any of these permission problems you are having. I suspect you have a faulty installation of rancid. How exactly did you install it? Did you follow the README, or do it some other way? -- Alan McKinnon alan.mckinnon at gmail.com From paul at prtsystems.ltd.uk Fri Sep 13 14:15:44 2013 From: paul at prtsystems.ltd.uk (Paul Thornton) Date: Fri, 13 Sep 2013 15:15:44 +0100 Subject: [rancid] Extreme Networks - Disable CLI Paging In-Reply-To: References: Message-ID: <52331E10.8080509@prtsystems.ltd.uk> Hi I have had this exact same issue; and we fixed it with the attached patch to clogin (not xrancid - the problem is a mis-identification of the prompt). However, there is a patch on the mailing list here: http://www.shrubbery.net/pipermail/rancid-discuss/2009-February/003645.html which should also achieve the same thing (although I have not tried this). Paul. On 11/09/2013 00:34, Fleming, Graham wrote: > Hi there. I have very basic scripting knowledge so I?m not very good at figuring these things out and I?m finally resorting to asking some much smarter folk! > > I have a bunch of Extreme networks switches and Ive managed to tweak the ?xrancid? script to fix some issues that I had out of the box with RANCID and Extreme switches. > > The last issue that I cannot figure out is in my saved configs, it appears the word ?quit? gets mangled up in the output seemingly from the pager prompts. Example at the end. > > I looked through the ?clogin? script to see about disabling the pager but there are some comments in that script about how Extreme switches can?t have the pager disabled. Assuming this is old stuff as now they can. Running XOS v15 on these X440?s. The command ?disable cli paging? will disable the pager per-session. > > I?ve tried messing around with ?clogin? to try and get it to pass this command but it doesn?t work. Anyone know if this is easy to do? Please help. > > Here?s what my daily diffs look like (extract). Note the work quit appears spread out in random places: > > Index: configs/x440-0 > =================================================================== > # > - u# > # Module devmgr configuration. > # > enable ip-option record-timestamp > - disable ipforwarding broadcast vlan > + disabule ipforwarding broadcast vlan > disable ipforwarding broadcast vlan > - i > # > # Module dosprotect configuration. > - t > # > configure mvrp stpd s0 > + i > # > disable ripng export isis-level-1 > + t > # > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -------------- next part -------------- --- clogin.prev 2013-08-12 15:14:13.000000000 +0000 +++ clogin 2013-08-12 15:19:06.000000000 +0000 @@ -567,8 +567,22 @@ } exp_continue } - -re "$prompt" { - set prompt_match $expect_out(0,string); + -indices -re "$prompt" { + set prompt_match $expect_out(0,string); + if {"$prompt_match" == ">"} { + # Extreme XOS >= 12.5 by default sends a banner after login + # including this line: + # "Press the or '?' key at any time for completions." + # Match and discard it, as it is not a prompt. + if [string match "\r\nPress the " \ + [string range $expect_out(buffer) \ + [expr $expect_out(0,start) - 16] \ + $expect_out(0,start) \ + ] + ] { + exp_continue + } + } break; } "Login invalid" { From jameserica156 at yahoo.com Mon Sep 16 13:11:27 2013 From: jameserica156 at yahoo.com (Erica James) Date: Mon, 16 Sep 2013 06:11:27 -0700 (PDT) Subject: [rancid] Rancid-missed cmds Message-ID: <1379337087.61091.YahooMailNeo@web160804.mail.bf1.yahoo.com> Hello I have a problem with rancid parsing script. Logs show missed cmd(s). Trying to get all of the configs. 10.3.4.5: missed cmd(s): display current-configuration,display version 10.3.4.5: End of run not found # All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs ? The script is for Huawei. The problem now seems to be that rancid is not collecting configs. Anyone with an idea on what to do? ? Below is the rancid-script ? #! /usr/bin/perl ## ## $Id$ ## ## rancid 2.3.8 ## ## Copyright (C) 1997-2004 by Terrapin Communications, Inc. ## All rights reserved. ## ## This software may be freely copied, modified and redistributed ## without fee for non-commerical purposes provided that this license ## remains intact and unmodified with any RANCID distribution. ## ## There is no warranty or other guarantee of fitness of this software. ## It is provided solely "as is".? The author(s) disclaim(s) all ## responsibility and liability with respect to this software's usage ## or its effect upon hardware, computer systems, other software, or ## anything else. ## ## Except where noted otherwise, rancid was written by and is maintained by ## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz. ## # # hurancid - Interface to Huawei devices # #? RANCID - Really Awesome New Cisco confIg Differ # # usage: rancid [-d] [-l] [-f filename | $host] # use Getopt::Std; getopts('dfl'); $log = $opt_l; $debug = $opt_d; $file = $opt_f; $host = $ARGV[0]; $clean_run = 0; $found_end = 0; $timeo = 90;??????????????????? # hulogin timeout in seconds my(%filter_pwds);?????????????? # password filtering mode # This routine is used to print out the router configuration sub ProcessHistory { ??? my($new_hist_tag,$new_command,$command_string, at string)=(@_); if((($new_hist_tag ne $hist_tag) || ($new_command ne $command)) ?????? && defined %history) { ??????? print eval "$command \%history"; ??????? undef %history; ??? } ??? if (($new_hist_tag) && ($new_command) && ($command_string)) { ??????? if ($history{$command_string}) { ??????????? $history{$command_string} = "mailto:$history%7B$command_string%7D at string"; ??????? } else { ??????????? $history{$command_string} = "@string"; ??????? } ??? } elsif (($new_hist_tag) && ($new_command)) { ??????? $history{++$#history} = "@string"; ??? } else { ??????? print "@string"; ??? } ??? $hist_tag = $new_hist_tag; ??? $command = $new_command; ??? 1; } sub numerically { $a <=> $b; } # This is a sort routing that will sort numerically on the # keys of a hash as if it were a normal array. sub keynsort { ??? local(%lines)=@_; ??? local($i) = 0; ??? local(@sorted_lines); ??? foreach $key (sort numerically keys(%lines)) { ??????? $sorted_lines[$i] = $lines{$key}; ??????? $i++; ??? } ??? @sorted_lines; } # This is a sort routing that will sort on the # keys of a hash as if it were a normal array. sub keysort { ??? local(%lines)=@_; ??? local($i) = 0; ??? local(@sorted_lines); ??? foreach $key (sort keys(%lines)) { ??????? $sorted_lines[$i] = $lines{$key}; ??????? $i++; ??? } ??? @sorted_lines; } # This is a sort routing that will sort on the # values of a hash as if it were a normal array. sub valsort{ ??? local(%lines)=@_; ??? local($i) = 0; ??? local(@sorted_lines); ??? foreach $key (sort values %lines) { ??????? $sorted_lines[$i] = $key; ??????? $i++; ??? } ??? @sorted_lines; } # This is a numerical sort routing (ascending). sub numsort { ??? local(%lines)=@_; ??? local($i) = 0; ??? local(@sorted_lines); ??? foreach $num (sort {$a <=> $b} keys %lines) { ??????? $sorted_lines[$i] = $lines{$num}; ??????? $i++; ??? } ??? @sorted_lines; } # This is a sort routine that will sort on the # ip address when the ip address is anywhere in # the strings. sub ipsort { ??? local(%lines)=@_; ??? local($i) = 0; ??? local(@sorted_lines); ??? foreach $addr (sort sortbyipaddr keys %lines) { ??????? $sorted_lines[$i] = $lines{$addr}; ??????? $i++; ??? } ??? @sorted_lines; } # These two routines will sort based upon IP addresses sub ipaddrval { ??? my(@a) = ($_[0] =~ m#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#); ??? $a[3]+256*($a[2]+256*($a[1]+256*$a[0])); } sub sortbyipaddr { ??? &ipaddrval($a) <=> &ipaddrval($b); } ? # This routine processes a "show configuration" # This routine processes a "show configuration" sub WriteTerm { ??? print STDERR "??? In WriteTerm: $_" if ($debug); ??? #my($lineauto) = 0; ??? while () { #print STDERR "History $_\n";??? ??? ??????? tr/\015//d; ??????? last if(/^$prompt/); ?????? next if (/^(\s*|\s*$cmd\s*)$/); ??????? return(1) if (/^\s*\^\s*$/); ??????? return(1) if (/Line has invalid autocommand /); ??????? return(1) if (/(Invalid (input|command) detected|Type help or )/i); ??????? return(-1) if (/command authorization failed/i); ??????? # the pager can not be disabled per-session on the PIX ??????? if (/^(<-+ More -+>)/) { ??????????? my($len) = length($1); ??????????? s/^$1\s{$len}//; ??????? } ??????? ??????? /^/ && next; ??????? ProcessHistory("COMMENTS","keysort","B1","# $_") && next; ??? } ? ??????? # end of config...is a comment. ??????? if (/^return/i) { $found_end = 1; ??????????? return(1); ??????? } ??? ??????? return(0); } # This routine copies everything with precefing "#" sub CopyComment { ??? print STDERR "??? In CopyComment: $_" if ($debug); ??? while () { ??????? tr/\015//d; ??????? last if (/^$prompt/); ??????? ProcessHistory("","","","# $_"); ??????? # end of config ??? } ??? return(0); } # filter out "uptime" lines sub FilterUptime { ??? print STDERR "??? In FilterUptime: $_" if ($debug); ??? while () { ??????? tr/\015//d; ??????? last if (/^$prompt/); #nmeongeza ??????? next if (/^(\s*|\s*$cmd\s*)$/); ??????? return(-1) if (/command authorization failed/i); ??????? /^VERSION\=>(\s+.*)$/ && ProcessHistory("COMMENTS","keysort","C1","\#\n# Version: $1\n") && next; ??????? /^PATCH\=>(\s+.*)$/ && ProcessHistory("COMMENTS","keysort","C2","\# Patch: $1\n") && next; ??????? /^PRODUCT\=>(\s+.*)$/ && ProcessHistory("COMMENTS","keysort","C3","\# Version: $1\n") && next; } return(0); } ? ? # dummy function sub DoNothing {print STDOUT;} # Main @commandtable = ( ??????? {'display version'?????????????????????? => 'FilterUptime'}, ??????? {'display patch-information'???????????? => 'CopyComment'}, ??????? {'display device'??????????????????????? => 'CopyComment'}, ??????? {'display device pic-status'???????????? => 'CopyComment'}, ??????? {'display current-configuration'???????? => 'WriteTerm'}, ); # Use an array to preserve the order of the commands and a hash for mapping # commands to the subroutine and track commands that have been completed. @commands = map(keys(%$_), @commandtable); %commands = map(%$_, @commandtable); $huaw_cmds=join(";", at commands); $cmds_regexp=join("|", at commands); open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: $!\n"; select(OUTPUT); # make OUTPUT unbuffered if debugging if ($debug) { $| = 1; } if ($file) { ??? print STDERR "opening file $host\n" if ($debug); ??? print STDOUT "opening file $host\n" if ($log); ??? open(INPUT,"<$host") || die "open failed for $host: $!\n"; } else { ??? print STDERR "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" if ($debug); ??? print STDOUT "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" if ($debug); ??? if (defined($ENV{NOPIPE}) && $ENV{NOPIPE} =~ /^YES/i) { ??????? system "hulogin -t $timeo -c \"$huaw_cmds\" $host $host.raw" || die "hulogin failed for $host: $!\n"; ??????? open(INPUT, "< $host.raw") || die "hulogin failed for $host: $!\n"; ??? } else { ??????? open(INPUT,"hulogin -t $timeo -c \"$huaw_cmds\" $host ) { ??? tr/\015//d; #print STDERR ("CMD: $_\n");??? ??? ??? if (/\>\s?quit.*$/) { ??????? $clean_run=1; ??????? last; ??? } ? ??? if (/^Error:/) { ??????? print STDOUT ("$host hulogin error: $_"); ??????? print STDERR ("$host hulogin error: $_") if ($debug); ??????? $clean_run=0; ??????? last; } ??? ??? while (/\>\007*\s*($cmds_regexp)\s*$/) { ??????? $cmd = $1; ??????? if (!defined($prompt)) { ??????????? $prompt = ($_ =~ /^([^>]+\>)/)[0]; ??????????? $prompt =~ s/([][}{)(file://])///$1/g; ??????????? print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); ??????? } ??????? print STDERR ("HIT COMMAND:$_") if ($debug); ??????? if (! defined($commands{$cmd})) { ??????????? print STDERR "$host: found unexpected command - \"$cmd\"\n"; ??????????? $clean_run = 0; ??????????? last TOP; ??????? } ??????? $rval = &{$commands{$cmd}}; ??????? delete($commands{$cmd}); ??????? if ($rval == -1) { ??????????? $clean_run = 0; ??????????? last TOP; ??????? } ??? } } print STDOUT "Done $logincmd: $_\n" if ($log); # Flush History ProcessHistory("","","",""); # Cleanup close(INPUT); close(OUTPUT); ? if (defined($ENV{NOPIPE})) { ??? #unlink("$host.raw") if (! $debug); } # check for completeness if (scalar(%commands) || !$clean_run || !$found_end) { ??? if (scalar(%commands)) { ??????? printf(STDOUT "$host: missed cmd(s): %s\n", join(',', keys(%commands))); ??????? printf(STDERR "$host: missed cmd(s): %s\n", join(',', keys(%commands))) if ($debug); ??? } ??? if (!$clean_run || !$found_end) { ??????? print STDOUT "$host: End of run not found\n"; ??????? print STDERR "$host: End of run not found\n" if ($debug); ??????? system("/usr/bin/tail -1 $host.new"); ??? } ??? #unlink "$host.new" if (! $debug); } -------------- next part -------------- An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Mon Sep 16 13:33:32 2013 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Mon, 16 Sep 2013 15:33:32 +0200 Subject: [rancid] Rancid-missed cmds In-Reply-To: <1379337087.61091.YahooMailNeo@web160804.mail.bf1.yahoo.com> References: <1379337087.61091.YahooMailNeo@web160804.mail.bf1.yahoo.com> Message-ID: <523708AC.1060303@gmail.com> The approach to fixing this is always the same, at this point nothing rancid is outputting helps debug in the slightest - all it says is that something went wrong, but we already know that. Do the following: 1. telnet to device and check you can auth manually 2. "hulogin " and check it logs in and enables properly, and that the prompt etc on the screen is correct 3. run "hulogin -t 90 -c"display current-configuration,display version" " and check that the commands do actually run correctly 4. run "hurancid -d " - this dumps a *complete* log in the current directory containing more info than the regular log you quoted and often reveals the problem (but not always). But first a few prior steps need to be verified: - the command in #3 I pasted from your log output, and that has comma separators. Your device might need semicolons, I have no idea as I don;t know that vendors stuff - the relevant line in router.db must contain the appropriate type string in field 3 - you will have had to edit rancid-fe and add a line for huawei to a perl hash. Without this, rancid-run doesn't know what parser script to call and it cannot work. - the device you have must be supported by the script you are using; just because Huawei made it is no guarantee it works similarly to anything else they might have made. If all of that checks out, then we need to look into the running perl itself. I believe we've been over most of this before, I don't recall getting a definitive answer. You really do need to go through all these steps as given, nothing else is going to get to the root of your problem. On 16/09/2013 15:11, Erica James wrote: > Hello > I have a problem with rancid parsing script. Logs show missed cmd(s). > Trying to get all of the configs. > 10.3.4.5: missed cmd(s): display current-configuration,display version > 10.3.4.5: End of run not found > # > All routers sucessfully completed. > cvs diff: Diffing . > cvs diff: Diffing configs > cvs commit: Examining . > cvs commit: Examining configs > > The script is for Huawei. The problem now seems to be that rancid is not > collecting configs. > Anyone with an idea on what to do? > > Below is the rancid-script > > #! /usr/bin/perl > ## > ## $Id$ > ## > ## rancid 2.3.8 > ## > ## Copyright (C) 1997-2004 by Terrapin Communications, Inc. > ## All rights reserved. > ## > ## This software may be freely copied, modified and redistributed > ## without fee for non-commerical purposes provided that this license > ## remains intact and unmodified with any RANCID distribution. > ## > ## There is no warranty or other guarantee of fitness of this software. > ## It is provided solely "as is". The author(s) disclaim(s) all > ## responsibility and liability with respect to this software's usage > ## or its effect upon hardware, computer systems, other software, or > ## anything else. > ## > ## Except where noted otherwise, rancid was written by and is maintained by > ## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin > Schutz. > ## > # > # hurancid - Interface to Huawei devices > # > # RANCID - Really Awesome New Cisco confIg Differ > # > # usage: rancid [-d] [-l] [-f filename | $host] > # > use Getopt::Std; > getopts('dfl'); > $log = $opt_l; > $debug = $opt_d; > $file = $opt_f; > $host = $ARGV[0]; > $clean_run = 0; > $found_end = 0; > $timeo = 90; # hulogin timeout in seconds > > my(%filter_pwds); # password filtering mode > # This routine is used to print out the router configuration > sub ProcessHistory { > my($new_hist_tag,$new_command,$command_string, at string)=(@_); > if((($new_hist_tag ne $hist_tag) || ($new_command ne $command)) > && defined %history) { > print eval "$command \%history"; > undef %history; > } > if (($new_hist_tag) && ($new_command) && ($command_string)) { > if ($history{$command_string}) { > $history{$command_string} = > "mailto:$history%7B$command_string%7D at string"; > } else { > $history{$command_string} = "@string"; > } > } elsif (($new_hist_tag) && ($new_command)) { > $history{++$#history} = "@string"; > } else { > print "@string"; > } > $hist_tag = $new_hist_tag; > $command = $new_command; > 1; > } > > sub numerically { $a <=> $b; } > > # This is a sort routing that will sort numerically on the > # keys of a hash as if it were a normal array. > sub keynsort { > local(%lines)=@_; > local($i) = 0; > local(@sorted_lines); > foreach $key (sort numerically keys(%lines)) { > $sorted_lines[$i] = $lines{$key}; > $i++; > } > @sorted_lines; > } > > # This is a sort routing that will sort on the > # keys of a hash as if it were a normal array. > sub keysort { > local(%lines)=@_; > local($i) = 0; > local(@sorted_lines); > foreach $key (sort keys(%lines)) { > $sorted_lines[$i] = $lines{$key}; > $i++; > } > @sorted_lines; > } > > # This is a sort routing that will sort on the > # values of a hash as if it were a normal array. > sub valsort{ > local(%lines)=@_; > local($i) = 0; > local(@sorted_lines); > foreach $key (sort values %lines) { > $sorted_lines[$i] = $key; > $i++; > } > @sorted_lines; > } > > # This is a numerical sort routing (ascending). > sub numsort { > local(%lines)=@_; > local($i) = 0; > local(@sorted_lines); > foreach $num (sort {$a <=> $b} keys %lines) { > $sorted_lines[$i] = $lines{$num}; > $i++; > } > @sorted_lines; > } > > # This is a sort routine that will sort on the > # ip address when the ip address is anywhere in > # the strings. > sub ipsort { > local(%lines)=@_; > local($i) = 0; > local(@sorted_lines); > foreach $addr (sort sortbyipaddr keys %lines) { > $sorted_lines[$i] = $lines{$addr}; > $i++; > } > @sorted_lines; > } > > # These two routines will sort based upon IP addresses > sub ipaddrval { > my(@a) = ($_[0] =~ m#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#); > $a[3]+256*($a[2]+256*($a[1]+256*$a[0])); > } > sub sortbyipaddr { > &ipaddrval($a) <=> &ipaddrval($b); > } > > > # This routine processes a "show configuration" > # This routine processes a "show configuration" > sub WriteTerm { > print STDERR " In WriteTerm: $_" if ($debug); > #my($lineauto) = 0; > > while () { > #print STDERR "History $_\n"; > > tr/\015//d; > last if(/^$prompt/); > next if (/^(\s*|\s*$cmd\s*)$/); > return(1) if (/^\s*\^\s*$/); > return(1) if (/Line has invalid autocommand /); > return(1) if (/(Invalid (input|command) detected|Type help or )/i); > return(-1) if (/command authorization failed/i); > # the pager can not be disabled per-session on the PIX > if (/^(<-+ More -+>)/) { > my($len) = length($1); > s/^$1\s{$len}//; > } > > /^/ && next; > ProcessHistory("COMMENTS","keysort","B1","# $_") && next; > } > > # end of config...is a comment. > if (/^return/i) { > $found_end = 1; > return(1); > } > > return(0); > } > > # This routine copies everything with precefing "#" > sub CopyComment { > print STDERR " In CopyComment: $_" if ($debug); > > while () { > tr/\015//d; > last if (/^$prompt/); > > ProcessHistory("","","","# $_"); > # end of config > } > return(0); > } > > # filter out "uptime" lines > sub FilterUptime { > print STDERR " In FilterUptime: $_" if ($debug); > > while () { > tr/\015//d; > last if (/^$prompt/); > #nmeongeza > next if (/^(\s*|\s*$cmd\s*)$/); > return(-1) if (/command authorization failed/i); > /^VERSION\=>(\s+.*)$/ && > ProcessHistory("COMMENTS","keysort","C1","\#\n# Version: $1\n") > && next; > /^PATCH\=>(\s+.*)$/ && > ProcessHistory("COMMENTS","keysort","C2","\# Patch: $1\n") > && next; > > /^PRODUCT\=>(\s+.*)$/ && > ProcessHistory("COMMENTS","keysort","C3","\# Version: $1\n") > && next; > } > return(0); > } > > > # dummy function > sub DoNothing {print STDOUT;} > > # Main > @commandtable = ( > {'display version' => 'FilterUptime'}, > {'display patch-information' => 'CopyComment'}, > {'display device' => 'CopyComment'}, > {'display device pic-status' => 'CopyComment'}, > {'display current-configuration' => 'WriteTerm'}, > ); > > # Use an array to preserve the order of the commands and a hash for mapping > # commands to the subroutine and track commands that have been completed. > @commands = map(keys(%$_), @commandtable); > %commands = map(%$_, @commandtable); > > $huaw_cmds=join(";", at commands); > $cmds_regexp=join("|", at commands); > > open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: $!\n"; > select(OUTPUT); > # make OUTPUT unbuffered if debugging > if ($debug) { $| = 1; } > > if ($file) { > print STDERR "opening file $host\n" if ($debug); > print STDOUT "opening file $host\n" if ($log); > open(INPUT,"<$host") || die "open failed for $host: $!\n"; > } else { > print STDERR "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" > if ($debug); > print STDOUT "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" > if ($debug); > if (defined($ENV{NOPIPE}) && $ENV{NOPIPE} =~ /^YES/i) { > system "hulogin -t $timeo -c \"$huaw_cmds\" $host > $host.raw" || die "hulogin failed for $host: $!\n"; > open(INPUT, "< $host.raw") || die "hulogin failed for $host: $!\n"; > } else { > open(INPUT,"hulogin -t $timeo -c \"$huaw_cmds\" $host |") || die "hulogin failed for $host: $!\n"; > } > } > > # determine password filtering mode > if ($ENV{"FILTER_PWDS"} =~ /no/i) { > $filter_pwds = 0; > } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { > $filter_pwds = 2; > } else { > $filter_pwds = 1; > } > > ProcessHistory("","","","#RANCID-CONTENT-TYPE: Huawei\n#\n"); > ProcessHistory("COMMENTS","keysort","B0","#\n"); > ProcessHistory("COMMENTS","keysort","F0","#\n"); > ProcessHistory("COMMENTS","keysort","G0","#\n"); > TOP: while() { > tr/\015//d; > > #print STDERR ("CMD: $_\n"); > > if (/\>\s?quit.*$/) { > $clean_run=1; > last; > } > > if (/^Error:/) { > print STDOUT ("$host hulogin error: $_"); > print STDERR ("$host hulogin error: $_") if ($debug); > $clean_run=0; > last; > } > > while (/\>\007*\s*($cmds_regexp)\s*$/) { > $cmd = $1; > > if (!defined($prompt)) { > $prompt = ($_ =~ /^([^>]+\>)/)[0]; > $prompt =~ s/([][}{)(file://])///$1/g; > print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); > } > print STDERR ("HIT COMMAND:$_") if ($debug); > if (! defined($commands{$cmd})) { > print STDERR "$host: found unexpected command - \"$cmd\"\n"; > $clean_run = 0; > last TOP; > } > $rval = &{$commands{$cmd}}; > delete($commands{$cmd}); > if ($rval == -1) { > $clean_run = 0; > last TOP; > } > } > } > print STDOUT "Done $logincmd: $_\n" if ($log); > # Flush History > ProcessHistory("","","",""); > # Cleanup > close(INPUT); > close(OUTPUT); > > if (defined($ENV{NOPIPE})) { > #unlink("$host.raw") if (! $debug); > } > # check for completeness > if (scalar(%commands) || !$clean_run || !$found_end) { > if (scalar(%commands)) { > printf(STDOUT "$host: missed cmd(s): %s\n", join(',', > keys(%commands))); > printf(STDERR "$host: missed cmd(s): %s\n", join(',', > keys(%commands))) if ($debug); > } > if (!$clean_run || !$found_end) { > print STDOUT "$host: End of run not found\n"; > print STDERR "$host: End of run not found\n" if ($debug); > system("/usr/bin/tail -1 $host.new"); > } > #unlink "$host.new" if (! $debug); > } > > -- Alan McKinnon alan.mckinnon at gmail.com From jameserica156 at yahoo.com Mon Sep 16 14:32:51 2013 From: jameserica156 at yahoo.com (Erica James) Date: Mon, 16 Sep 2013 07:32:51 -0700 (PDT) Subject: [rancid] Rancid-missed cmds In-Reply-To: <523708AC.1060303@gmail.com> References: <1379337087.61091.YahooMailNeo@web160804.mail.bf1.yahoo.com> <523708AC.1060303@gmail.com> Message-ID: <1379341971.35444.YahooMailNeo@web160806.mail.bf1.yahoo.com> Alan, ? Thank you . Please see the below, ? 1. Can telnet to device and authenticate manually ? 2. /home/eserica/rancid/bin/hulogin -d 10.3.4.5 logs in successfully, and enables properly. Prompt is correct as well ? 3. /home/eserica/rancid/bin/hulogin -t 90 -c"display current-configuration ; display version" 10.3.4.5 runs cleanly. commands are run neatly. automatic login and logout4.[eserica at netflow logs]$ /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 executing hulogin -t 90 -c"display version ; display current-configuration" 10.3.4.5 executing hulogin -t 90 -c"display version ; display current-configuration" 10.3.4.5 sh: hulogin: command not found 10.3.4.5: missed cmd(s): display current-configuration,display version 10.3.4.5: missed cmd(s): display current-configuration,display version 10.3.4.5: End of run not found 10.3.4.5: End of run not found The router.db 10.3.4.5:huawei:up ? The rancid-fe? ??? 'huawei'??????????? => 'h3crancid', ?? Don't understand why am getting such an output??from /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 Any comments on the above? ? Still the same logs. ? Eserica ? ________________________________ From: Alan McKinnon To: rancid shrubbery Sent: Monday, September 16, 2013 4:33 PM Subject: Re: [rancid] Rancid-missed cmds The approach to fixing this is always the same, at this point nothing rancid is outputting helps debug in the slightest - all it says is that something went wrong, but we already know that. Do the following: 1. telnet to device and check you can auth manually 2. "hulogin " and check it logs in and enables properly, and that the prompt etc on the screen is correct 3. run "hulogin -t 90 -c"display current-configuration,display version" " and check that the commands do actually run correctly 4. run "hurancid -d " - this dumps a *complete* log in the current directory containing more info than the regular log you quoted and often reveals the problem (but not always). But first a few prior steps need to be verified: - the command in #3 I pasted from your log output, and that has comma separators. Your device might need semicolons, I have no idea as I don;t know that vendors stuff - the relevant line in router.db must contain the appropriate type string in field 3 - you will have had to edit rancid-fe and add a line for huawei to a perl hash. Without this, rancid-run doesn't know what parser script to call and it cannot work. - the device you have must be supported by the script you are using; just because Huawei made it is no guarantee it works similarly to anything else they might have made. If all of that checks out, then we need to look into the running perl itself. I believe we've been over most of this before, I don't recall getting a definitive answer. You really do need to go through all these steps as given, nothing else is going to get to the root of your problem. On 16/09/2013 15:11, Erica James wrote: > Hello > I have a problem with rancid parsing script. Logs show missed cmd(s). > Trying to get all of the configs. > 10.3.4.5: missed cmd(s): display current-configuration,display version > 10.3.4.5: End of run not found > # > All routers sucessfully completed. > cvs diff: Diffing . > cvs diff: Diffing configs > cvs commit: Examining . > cvs commit: Examining configs >? > The script is for Huawei. The problem now seems to be that rancid is not > collecting configs. > Anyone with an idea on what to do? >? > Below is the rancid-script >? > #! /usr/bin/perl > ## > ## $Id$ > ## > ## rancid 2.3.8 > ## > ## Copyright (C) 1997-2004 by Terrapin Communications, Inc. > ## All rights reserved. > ## > ## This software may be freely copied, modified and redistributed > ## without fee for non-commerical purposes provided that this license > ## remains intact and unmodified with any RANCID distribution. > ## > ## There is no warranty or other guarantee of fitness of this software. > ## It is provided solely "as is".? The author(s) disclaim(s) all > ## responsibility and liability with respect to this software's usage > ## or its effect upon hardware, computer systems, other software, or > ## anything else. > ## > ## Except where noted otherwise, rancid was written by and is maintained by > ## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin > Schutz. > ## > # > # hurancid - Interface to Huawei devices > # > #? RANCID - Really Awesome New Cisco confIg Differ > # > # usage: rancid [-d] [-l] [-f filename | $host] > # > use Getopt::Std; > getopts('dfl'); > $log = $opt_l; > $debug = $opt_d; > $file = $opt_f; > $host = $ARGV[0]; > $clean_run = 0; > $found_end = 0; > $timeo = 90;? ? ? ? ? ? ? ? ? ? # hulogin timeout in seconds > > my(%filter_pwds);? ? ? ? ? ? ? # password filtering mode > # This routine is used to print out the router configuration > sub ProcessHistory { >? ? my($new_hist_tag,$new_command,$command_string, at string)=(@_); > if((($new_hist_tag ne $hist_tag) || ($new_command ne $command)) >? ? ? ? && defined %history) { >? ? ? ? print eval "$command \%history"; >? ? ? ? undef %history; >? ? } >? ? if (($new_hist_tag) && ($new_command) && ($command_string)) { >? ? ? ? if ($history{$command_string}) { >? ? ? ? ? ? $history{$command_string} = > "mailto:$history%7B$command_string%7D at string"; >? ? ? ? } else { >? ? ? ? ? ? $history{$command_string} = "@string"; >? ? ? ? } >? ? } elsif (($new_hist_tag) && ($new_command)) { >? ? ? ? $history{++$#history} = "@string"; >? ? } else { >? ? ? ? print "@string"; >? ? } >? ? $hist_tag = $new_hist_tag; >? ? $command = $new_command; >? ? 1; > } > > sub numerically { $a <=> $b; } > > # This is a sort routing that will sort numerically on the > # keys of a hash as if it were a normal array. > sub keynsort { >? ? local(%lines)=@_; >? ? local($i) = 0; >? ? local(@sorted_lines); >? ? foreach $key (sort numerically keys(%lines)) { >? ? ? ? $sorted_lines[$i] = $lines{$key}; >? ? ? ? $i++; >? ? } >? ? @sorted_lines; > } > > # This is a sort routing that will sort on the > # keys of a hash as if it were a normal array. > sub keysort { >? ? local(%lines)=@_; >? ? local($i) = 0; >? ? local(@sorted_lines); >? ? foreach $key (sort keys(%lines)) { >? ? ? ? $sorted_lines[$i] = $lines{$key}; >? ? ? ? $i++; >? ? } >? ? @sorted_lines; > } > > # This is a sort routing that will sort on the > # values of a hash as if it were a normal array. > sub valsort{ >? ? local(%lines)=@_; >? ? local($i) = 0; >? ? local(@sorted_lines); >? ? foreach $key (sort values %lines) { >? ? ? ? $sorted_lines[$i] = $key; >? ? ? ? $i++; >? ? } >? ? @sorted_lines; > } > > # This is a numerical sort routing (ascending). > sub numsort { >? ? local(%lines)=@_; >? ? local($i) = 0; >? ? local(@sorted_lines); >? ? foreach $num (sort {$a <=> $b} keys %lines) { >? ? ? ? $sorted_lines[$i] = $lines{$num}; >? ? ? ? $i++; >? ? } >? ? @sorted_lines; > } > > # This is a sort routine that will sort on the > # ip address when the ip address is anywhere in > # the strings. > sub ipsort { >? ? local(%lines)=@_; >? ? local($i) = 0; >? ? local(@sorted_lines); >? ? foreach $addr (sort sortbyipaddr keys %lines) { >? ? ? ? $sorted_lines[$i] = $lines{$addr}; >? ? ? ? $i++; >? ? } >? ? @sorted_lines; > } > > # These two routines will sort based upon IP addresses > sub ipaddrval { >? ? my(@a) = ($_[0] =~ m#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#); >? ? $a[3]+256*($a[2]+256*($a[1]+256*$a[0])); > } > sub sortbyipaddr { >? ? &ipaddrval($a) <=> &ipaddrval($b); > } >? > > # This routine processes a "show configuration" > # This routine processes a "show configuration" > sub WriteTerm { >? ? print STDERR "? ? In WriteTerm: $_" if ($debug); >? ? #my($lineauto) = 0; > >? ? while () { > #print STDERR "History $_\n";? >? ? >? ? ? ? tr/\015//d; >? ? ? ? last if(/^$prompt/); >? ? ? ? next if (/^(\s*|\s*$cmd\s*)$/); >? ? ? ? return(1) if (/^\s*\^\s*$/); >? ? ? ? return(1) if (/Line has invalid autocommand /); >? ? ? ? return(1) if (/(Invalid (input|command) detected|Type help or )/i); >? ? ? ? return(-1) if (/command authorization failed/i); >? ? ? ? # the pager can not be disabled per-session on the PIX >? ? ? ? if (/^(<-+ More -+>)/) { >? ? ? ? ? ? my($len) = length($1); >? ? ? ? ? ? s/^$1\s{$len}//; >? ? ? ? } >? ? ? ? >? ? ? ? /^/ && next; >? ? ? ? ProcessHistory("COMMENTS","keysort","B1","# $_") && next; >? ? } >? >? ? ? ? # end of config...is a comment. >? ? ? ? if (/^return/i) { > $found_end = 1; >? ? ? ? ? ? return(1); >? ? ? ? } >? ? >? ? ? ? return(0); > } > > # This routine copies everything with precefing "#" > sub CopyComment { >? ? print STDERR "? ? In CopyComment: $_" if ($debug); > >? ? while () { >? ? ? ? tr/\015//d; >? ? ? ? last if (/^$prompt/); > >? ? ? ? ProcessHistory("","","","# $_"); >? ? ? ? # end of config >? ? } >? ? return(0); > } > > # filter out "uptime" lines > sub FilterUptime { >? ? print STDERR "? ? In FilterUptime: $_" if ($debug); > >? ? while () { >? ? ? ? tr/\015//d; >? ? ? ? last if (/^$prompt/); > #nmeongeza >? ? ? ? next if (/^(\s*|\s*$cmd\s*)$/); >? ? ? ? return(-1) if (/command authorization failed/i); >? ? ? ? /^VERSION\=>(\s+.*)$/ && > ProcessHistory("COMMENTS","keysort","C1","\#\n# Version: $1\n") > && next; >? ? ? ? /^PATCH\=>(\s+.*)$/ && > ProcessHistory("COMMENTS","keysort","C2","\# Patch: $1\n") > && next; > >? ? ? ? /^PRODUCT\=>(\s+.*)$/ && > ProcessHistory("COMMENTS","keysort","C3","\# Version: $1\n") > && next; > } > return(0); > } >? >? > # dummy function > sub DoNothing {print STDOUT;} > > # Main > @commandtable = ( >? ? ? ? {'display version'? ? ? ? ? ? ? ? ? ? ? => 'FilterUptime'}, >? ? ? ? {'display patch-information'? ? ? ? ? ? => 'CopyComment'}, >? ? ? ? {'display device'? ? ? ? ? ? ? ? ? ? ? ? => 'CopyComment'}, >? ? ? ? {'display device pic-status'? ? ? ? ? ? => 'CopyComment'}, >? ? ? ? {'display current-configuration'? ? ? ? => 'WriteTerm'}, > ); > > # Use an array to preserve the order of the commands and a hash for mapping > # commands to the subroutine and track commands that have been completed. > @commands = map(keys(%$_), @commandtable); > %commands = map(%$_, @commandtable); > > $huaw_cmds=join(";", at commands); > $cmds_regexp=join("|", at commands); > > open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: $!\n"; > select(OUTPUT); > # make OUTPUT unbuffered if debugging > if ($debug) { $| = 1; } > > if ($file) { >? ? print STDERR "opening file $host\n" if ($debug); >? ? print STDOUT "opening file $host\n" if ($log); >? ? open(INPUT,"<$host") || die "open failed for $host: $!\n"; > } else { >? ? print STDERR "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" > if ($debug); >? ? print STDOUT "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" > if ($debug); >? ? if (defined($ENV{NOPIPE}) && $ENV{NOPIPE} =~ /^YES/i) { >? ? ? ? system "hulogin -t $timeo -c \"$huaw_cmds\" $host > $host.raw" || die "hulogin failed for $host: $!\n"; >? ? ? ? open(INPUT, "< $host.raw") || die "hulogin failed for $host: $!\n"; >? ? } else { >? ? ? ? open(INPUT,"hulogin -t $timeo -c \"$huaw_cmds\" $host |") || die "hulogin failed for $host: $!\n"; >? ? } > } > > # determine password filtering mode > if ($ENV{"FILTER_PWDS"} =~ /no/i) { >? ? ? ? $filter_pwds = 0; > } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { >? ? ? ? $filter_pwds = 2; > } else { >? ? ? ? $filter_pwds = 1; > } > > ProcessHistory("","","","#RANCID-CONTENT-TYPE: Huawei\n#\n"); > ProcessHistory("COMMENTS","keysort","B0","#\n"); > ProcessHistory("COMMENTS","keysort","F0","#\n"); > ProcessHistory("COMMENTS","keysort","G0","#\n"); > TOP: while() { >? ? tr/\015//d; > > #print STDERR ("CMD: $_\n");? >? ? >? ? if (/\>\s?quit.*$/) { >? ? ? ? $clean_run=1; >? ? ? ? last; >? ? } >? >? ? if (/^Error:/) { >? ? ? ? print STDOUT ("$host hulogin error: $_"); >? ? ? ? print STDERR ("$host hulogin error: $_") if ($debug); >? ? ? ? $clean_run=0; >? ? ? ? last; > } >? ? >? ? while (/\>\007*\s*($cmds_regexp)\s*$/) { >? ? ? ? $cmd = $1; > >? ? ? ? if (!defined($prompt)) { >? ? ? ? ? ? $prompt = ($_ =~ /^([^>]+\>)/)[0]; >? ? ? ? ? ? $prompt =~ s/([][}{)(file://])///$1/g; >? ? ? ? ? ? print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); >? ? ? ? } >? ? ? ? print STDERR ("HIT COMMAND:$_") if ($debug); >? ? ? ? if (! defined($commands{$cmd})) { >? ? ? ? ? ? print STDERR "$host: found unexpected command - \"$cmd\"\n"; >? ? ? ? ? ? $clean_run = 0; >? ? ? ? ? ? last TOP; >? ? ? ? } >? ? ? ? $rval = &{$commands{$cmd}}; >? ? ? ? delete($commands{$cmd}); >? ? ? ? if ($rval == -1) { >? ? ? ? ? ? $clean_run = 0; >? ? ? ? ? ? last TOP; >? ? ? ? } >? ? } > } > print STDOUT "Done $logincmd: $_\n" if ($log); > # Flush History > ProcessHistory("","","",""); > # Cleanup > close(INPUT); > close(OUTPUT); >? > if (defined($ENV{NOPIPE})) { >? ? #unlink("$host.raw") if (! $debug); > } > # check for completeness > if (scalar(%commands) || !$clean_run || !$found_end) { >? ? if (scalar(%commands)) { >? ? ? ? printf(STDOUT "$host: missed cmd(s): %s\n", join(',', > keys(%commands))); >? ? ? ? printf(STDERR "$host: missed cmd(s): %s\n", join(',', > keys(%commands))) if ($debug); >? ? } >? ? if (!$clean_run || !$found_end) { >? ? ? ? print STDOUT "$host: End of run not found\n"; >? ? ? ? print STDERR "$host: End of run not found\n" if ($debug); >? ? ? ? system("/usr/bin/tail -1 $host.new"); >? ? } >? ? #unlink "$host.new" if (! $debug); > } >? >? -- Alan McKinnon alan.mckinnon at gmail.com _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From jethro.binks at strath.ac.uk Mon Sep 16 14:57:27 2013 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Mon, 16 Sep 2013 15:57:27 +0100 (BST) Subject: [rancid] Rancid-missed cmds In-Reply-To: <1379341971.35444.YahooMailNeo@web160806.mail.bf1.yahoo.com> References: <1379337087.61091.YahooMailNeo@web160804.mail.bf1.yahoo.com> <523708AC.1060303@gmail.com> <1379341971.35444.YahooMailNeo@web160806.mail.bf1.yahoo.com> Message-ID: h3crancid would ordinarily expect to use h3clogin, however: > sh: hulogin: command not found h3crancid can't find it. Try replacing with the full path to hulogin in h3crandid. Jethro. On Mon, 16 Sep 2013, Erica James wrote: > Alan, > ? > Thank you . Please see the below, > ? > 1. Can telnet to device and authenticate manually > ? > 2. /home/eserica/rancid/bin/hulogin -d 10.3.4.5 logs in successfully, and enables properly. Prompt is correct as well > ? > 3. /home/eserica/rancid/bin/hulogin -t 90 -c"display current-configuration ; display version" 10.3.4.5 runs cleanly. commands are run neatly. automatic login and logout4.[eserica at netflow logs]$ /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 > executing hulogin -t 90 -c"display version ; display current-configuration" 10.3.4.5 > executing hulogin -t 90 -c"display version ; display current-configuration" 10.3.4.5 > sh: hulogin: command not found > 10.3.4.5: missed cmd(s): display current-configuration,display version > 10.3.4.5: missed cmd(s): display current-configuration,display version > 10.3.4.5: End of run not found > 10.3.4.5: End of run not found > > The router.db > 10.3.4.5:huawei:up > ? > The rancid-fe? > ??? 'huawei'??????????? => 'h3crancid', > ?? > Don't understand why am getting such an output??from /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 > Any comments on the above? > ? > Still the same logs. > ? > Eserica > ? > > > ________________________________ > From: Alan McKinnon > To: rancid shrubbery > Sent: Monday, September 16, 2013 4:33 PM > Subject: Re: [rancid] Rancid-missed cmds > > > The approach to fixing this is always the same, at this point nothing > rancid is outputting helps debug in the slightest - all it says is that > something went wrong, but we already know that. > > Do the following: > > 1. telnet to device and check you can auth manually > 2. "hulogin " and check it logs in and enables properly, and > that the prompt etc on the screen is correct > 3. run "hulogin -t 90 -c"display current-configuration,display version" > " and check that the commands do actually run correctly > 4. run "hurancid -d " - this dumps a *complete* log in the > current directory containing more info than the regular log you quoted > and often reveals the problem (but not always). > > > But first a few prior steps need to be verified: > > - the command in #3 I pasted from your log output, and that has comma > separators. Your device might need semicolons, I have no idea as I don;t > know that vendors stuff > - the relevant line in router.db must contain the appropriate type > string in field 3 > - you will have had to edit rancid-fe and add a line for huawei to a > perl hash. Without this, rancid-run doesn't know what parser script to > call and it cannot work. > - the device you have must be supported by the script you are using; > just because Huawei made it is no guarantee it works similarly to > anything else they might have made. > > > If all of that checks out, then we need to look into the running perl > itself. > > I believe we've been over most of this before, I don't recall getting a > definitive answer. You really do need to go through all these steps as > given, nothing else is going to get to the root of your problem. > > > > On 16/09/2013 15:11, Erica James wrote: > > Hello > > I have a problem with rancid parsing script. Logs show missed cmd(s). > > Trying to get all of the configs. > > 10.3.4.5: missed cmd(s): display current-configuration,display version > > 10.3.4.5: End of run not found > > # > > All routers sucessfully completed. > > cvs diff: Diffing . > > cvs diff: Diffing configs > > cvs commit: Examining . > > cvs commit: Examining configs > >? > > The script is for Huawei. The problem now seems to be that rancid is not > > collecting configs. > > Anyone with an idea on what to do? > >? > > Below is the rancid-script > >? > > #! /usr/bin/perl > > ## > > ## $Id$ > > ## > > ## rancid 2.3.8 > > ## > > ## Copyright (C) 1997-2004 by Terrapin Communications, Inc. > > ## All rights reserved. > > ## > > ## This software may be freely copied, modified and redistributed > > ## without fee for non-commerical purposes provided that this license > > ## remains intact and unmodified with any RANCID distribution. > > ## > > ## There is no warranty or other guarantee of fitness of this software. > > ## It is provided solely "as is".? The author(s) disclaim(s) all > > ## responsibility and liability with respect to this software's usage > > ## or its effect upon hardware, computer systems, other software, or > > ## anything else. > > ## > > ## Except where noted otherwise, rancid was written by and is maintained by > > ## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin > > Schutz. > > ## > > # > > # hurancid - Interface to Huawei devices > > # > > #? RANCID - Really Awesome New Cisco confIg Differ > > # > > # usage: rancid [-d] [-l] [-f filename | $host] > > # > > use Getopt::Std; > > getopts('dfl'); > > $log = $opt_l; > > $debug = $opt_d; > > $file = $opt_f; > > $host = $ARGV[0]; > > $clean_run = 0; > > $found_end = 0; > > $timeo = 90;? ? ? ? ? ? ? ? ? ? # hulogin timeout in seconds > > > > my(%filter_pwds);? ? ? ? ? ? ? # password filtering mode > > # This routine is used to print out the router configuration > > sub ProcessHistory { > >? ? my($new_hist_tag,$new_command,$command_string, at string)=(@_); > > if((($new_hist_tag ne $hist_tag) || ($new_command ne $command)) > >? ? ? ? && defined %history) { > >? ? ? ? print eval "$command \%history"; > >? ? ? ? undef %history; > >? ? } > >? ? if (($new_hist_tag) && ($new_command) && ($command_string)) { > >? ? ? ? if ($history{$command_string}) { > >? ? ? ? ? ? $history{$command_string} = > > "mailto:$history%7B$command_string%7D at string"; > >? ? ? ? } else { > >? ? ? ? ? ? $history{$command_string} = "@string"; > >? ? ? ? } > >? ? } elsif (($new_hist_tag) && ($new_command)) { > >? ? ? ? $history{++$#history} = "@string"; > >? ? } else { > >? ? ? ? print "@string"; > >? ? } > >? ? $hist_tag = $new_hist_tag; > >? ? $command = $new_command; > >? ? 1; > > } > > > > sub numerically { $a <=> $b; } > > > > # This is a sort routing that will sort numerically on the > > # keys of a hash as if it were a normal array. > > sub keynsort { > >? ? local(%lines)=@_; > >? ? local($i) = 0; > >? ? local(@sorted_lines); > >? ? foreach $key (sort numerically keys(%lines)) { > >? ? ? ? $sorted_lines[$i] = $lines{$key}; > >? ? ? ? $i++; > >? ? } > >? ? @sorted_lines; > > } > > > > # This is a sort routing that will sort on the > > # keys of a hash as if it were a normal array. > > sub keysort { > >? ? local(%lines)=@_; > >? ? local($i) = 0; > >? ? local(@sorted_lines); > >? ? foreach $key (sort keys(%lines)) { > >? ? ? ? $sorted_lines[$i] = $lines{$key}; > >? ? ? ? $i++; > >? ? } > >? ? @sorted_lines; > > } > > > > # This is a sort routing that will sort on the > > # values of a hash as if it were a normal array. > > sub valsort{ > >? ? local(%lines)=@_; > >? ? local($i) = 0; > >? ? local(@sorted_lines); > >? ? foreach $key (sort values %lines) { > >? ? ? ? $sorted_lines[$i] = $key; > >? ? ? ? $i++; > >? ? } > >? ? @sorted_lines; > > } > > > > # This is a numerical sort routing (ascending). > > sub numsort { > >? ? local(%lines)=@_; > >? ? local($i) = 0; > >? ? local(@sorted_lines); > >? ? foreach $num (sort {$a <=> $b} keys %lines) { > >? ? ? ? $sorted_lines[$i] = $lines{$num}; > >? ? ? ? $i++; > >? ? } > >? ? @sorted_lines; > > } > > > > # This is a sort routine that will sort on the > > # ip address when the ip address is anywhere in > > # the strings. > > sub ipsort { > >? ? local(%lines)=@_; > >? ? local($i) = 0; > >? ? local(@sorted_lines); > >? ? foreach $addr (sort sortbyipaddr keys %lines) { > >? ? ? ? $sorted_lines[$i] = $lines{$addr}; > >? ? ? ? $i++; > >? ? } > >? ? @sorted_lines; > > } > > > > # These two routines will sort based upon IP addresses > > sub ipaddrval { > >? ? my(@a) = ($_[0] =~ m#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#); > >? ? $a[3]+256*($a[2]+256*($a[1]+256*$a[0])); > > } > > sub sortbyipaddr { > >? ? &ipaddrval($a) <=> &ipaddrval($b); > > } > >? > > > > # This routine processes a "show configuration" > > # This routine processes a "show configuration" > > sub WriteTerm { > >? ? print STDERR "? ? In WriteTerm: $_" if ($debug); > >? ? #my($lineauto) = 0; > > > >? ? while () { > > #print STDERR "History $_\n";? > >? ? > >? ? ? ? tr/\015//d; > >? ? ? ? last if(/^$prompt/); > >? ? ? ? next if (/^(\s*|\s*$cmd\s*)$/); > >? ? ? ? return(1) if (/^\s*\^\s*$/); > >? ? ? ? return(1) if (/Line has invalid autocommand /); > >? ? ? ? return(1) if (/(Invalid (input|command) detected|Type help or )/i); > >? ? ? ? return(-1) if (/command authorization failed/i); > >? ? ? ? # the pager can not be disabled per-session on the PIX > >? ? ? ? if (/^(<-+ More -+>)/) { > >? ? ? ? ? ? my($len) = length($1); > >? ? ? ? ? ? s/^$1\s{$len}//; > >? ? ? ? } > >? ? ? ? > >? ? ? ? /^/ && next; > >? ? ? ? ProcessHistory("COMMENTS","keysort","B1","# $_") && next; > >? ? } > >? > >? ? ? ? # end of config...is a comment. > >? ? ? ? if (/^return/i) { > > $found_end = 1; > >? ? ? ? ? ? return(1); > >? ? ? ? } > >? ? > >? ? ? ? return(0); > > } > > > > # This routine copies everything with precefing "#" > > sub CopyComment { > >? ? print STDERR "? ? In CopyComment: $_" if ($debug); > > > >? ? while () { > >? ? ? ? tr/\015//d; > >? ? ? ? last if (/^$prompt/); > > > >? ? ? ? ProcessHistory("","","","# $_"); > >? ? ? ? # end of config > >? ? } > >? ? return(0); > > } > > > > # filter out "uptime" lines > > sub FilterUptime { > >? ? print STDERR "? ? In FilterUptime: $_" if ($debug); > > > >? ? while () { > >? ? ? ? tr/\015//d; > >? ? ? ? last if (/^$prompt/); > > #nmeongeza > >? ? ? ? next if (/^(\s*|\s*$cmd\s*)$/); > >? ? ? ? return(-1) if (/command authorization failed/i); > >? ? ? ? /^VERSION\=>(\s+.*)$/ && > > ProcessHistory("COMMENTS","keysort","C1","\#\n# Version: $1\n") > > && next; > >? ? ? ? /^PATCH\=>(\s+.*)$/ && > > ProcessHistory("COMMENTS","keysort","C2","\# Patch: $1\n") > > && next; > > > >? ? ? ? /^PRODUCT\=>(\s+.*)$/ && > > ProcessHistory("COMMENTS","keysort","C3","\# Version: $1\n") > > && next; > > } > > return(0); > > } > >? > >? > > # dummy function > > sub DoNothing {print STDOUT;} > > > > # Main > > @commandtable = ( > >? ? ? ? {'display version'? ? ? ? ? ? ? ? ? ? ? => 'FilterUptime'}, > >? ? ? ? {'display patch-information'? ? ? ? ? ? => 'CopyComment'}, > >? ? ? ? {'display device'? ? ? ? ? ? ? ? ? ? ? ? => 'CopyComment'}, > >? ? ? ? {'display device pic-status'? ? ? ? ? ? => 'CopyComment'}, > >? ? ? ? {'display current-configuration'? ? ? ? => 'WriteTerm'}, > > ); > > > > # Use an array to preserve the order of the commands and a hash for mapping > > # commands to the subroutine and track commands that have been completed. > > @commands = map(keys(%$_), @commandtable); > > %commands = map(%$_, @commandtable); > > > > $huaw_cmds=join(";", at commands); > > $cmds_regexp=join("|", at commands); > > > > open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: $!\n"; > > select(OUTPUT); > > # make OUTPUT unbuffered if debugging > > if ($debug) { $| = 1; } > > > > if ($file) { > >? ? print STDERR "opening file $host\n" if ($debug); > >? ? print STDOUT "opening file $host\n" if ($log); > >? ? open(INPUT,"<$host") || die "open failed for $host: $!\n"; > > } else { > >? ? print STDERR "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" > > if ($debug); > >? ? print STDOUT "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" > > if ($debug); > >? ? if (defined($ENV{NOPIPE}) && $ENV{NOPIPE} =~ /^YES/i) { > >? ? ? ? system "hulogin -t $timeo -c \"$huaw_cmds\" $host > > $host.raw" || die "hulogin failed for $host: $!\n"; > >? ? ? ? open(INPUT, "< $host.raw") || die "hulogin failed for $host: $!\n"; > >? ? } else { > >? ? ? ? open(INPUT,"hulogin -t $timeo -c \"$huaw_cmds\" $host > |") || die "hulogin failed for $host: $!\n"; > >? ? } > > } > > > > # determine password filtering mode > > if ($ENV{"FILTER_PWDS"} =~ /no/i) { > >? ? ? ? $filter_pwds = 0; > > } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { > >? ? ? ? $filter_pwds = 2; > > } else { > >? ? ? ? $filter_pwds = 1; > > } > > > > ProcessHistory("","","","#RANCID-CONTENT-TYPE: Huawei\n#\n"); > > ProcessHistory("COMMENTS","keysort","B0","#\n"); > > ProcessHistory("COMMENTS","keysort","F0","#\n"); > > ProcessHistory("COMMENTS","keysort","G0","#\n"); > > TOP: while() { > >? ? tr/\015//d; > > > > #print STDERR ("CMD: $_\n");? > >? ? > >? ? if (/\>\s?quit.*$/) { > >? ? ? ? $clean_run=1; > >? ? ? ? last; > >? ? } > >? > >? ? if (/^Error:/) { > >? ? ? ? print STDOUT ("$host hulogin error: $_"); > >? ? ? ? print STDERR ("$host hulogin error: $_") if ($debug); > >? ? ? ? $clean_run=0; > >? ? ? ? last; > > } > >? ? > >? ? while (/\>\007*\s*($cmds_regexp)\s*$/) { > >? ? ? ? $cmd = $1; > > > >? ? ? ? if (!defined($prompt)) { > >? ? ? ? ? ? $prompt = ($_ =~ /^([^>]+\>)/)[0]; > >? ? ? ? ? ? $prompt =~ s/([][}{)(file://])///$1/g; > >? ? ? ? ? ? print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); > >? ? ? ? } > >? ? ? ? print STDERR ("HIT COMMAND:$_") if ($debug); > >? ? ? ? if (! defined($commands{$cmd})) { > >? ? ? ? ? ? print STDERR "$host: found unexpected command - \"$cmd\"\n"; > >? ? ? ? ? ? $clean_run = 0; > >? ? ? ? ? ? last TOP; > >? ? ? ? } > >? ? ? ? $rval = &{$commands{$cmd}}; > >? ? ? ? delete($commands{$cmd}); > >? ? ? ? if ($rval == -1) { > >? ? ? ? ? ? $clean_run = 0; > >? ? ? ? ? ? last TOP; > >? ? ? ? } > >? ? } > > } > > print STDOUT "Done $logincmd: $_\n" if ($log); > > # Flush History > > ProcessHistory("","","",""); > > # Cleanup > > close(INPUT); > > close(OUTPUT); > >? > > if (defined($ENV{NOPIPE})) { > >? ? #unlink("$host.raw") if (! $debug); > > } > > # check for completeness > > if (scalar(%commands) || !$clean_run || !$found_end) { > >? ? if (scalar(%commands)) { > >? ? ? ? printf(STDOUT "$host: missed cmd(s): %s\n", join(',', > > keys(%commands))); > >? ? ? ? printf(STDERR "$host: missed cmd(s): %s\n", join(',', > > keys(%commands))) if ($debug); > >? ? } > >? ? if (!$clean_run || !$found_end) { > >? ? ? ? print STDOUT "$host: End of run not found\n"; > >? ? ? ? print STDERR "$host: End of run not found\n" if ($debug); > >? ? ? ? system("/usr/bin/tail -1 $host.new"); > >? ? } > >? ? #unlink "$host.new" if (! $debug); > > } > >? > >? > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. From r.engehausen at gmail.com Mon Sep 16 14:53:39 2013 From: r.engehausen at gmail.com (Roy) Date: Mon, 16 Sep 2013 07:53:39 -0700 Subject: [rancid] Rancid-missed cmds In-Reply-To: <1379341971.35444.YahooMailNeo@web160806.mail.bf1.yahoo.com> References: <1379337087.61091.YahooMailNeo@web160804.mail.bf1.yahoo.com> <523708AC.1060303@gmail.com> <1379341971.35444.YahooMailNeo@web160806.mail.bf1.yahoo.com> Message-ID: <52371B73.6000108@gmail.com> An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Mon Sep 16 19:37:06 2013 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Mon, 16 Sep 2013 21:37:06 +0200 Subject: [rancid] Rancid-missed cmds In-Reply-To: <1379341971.35444.YahooMailNeo@web160806.mail.bf1.yahoo.com> References: <1379337087.61091.YahooMailNeo@web160804.mail.bf1.yahoo.com> <523708AC.1060303@gmail.com> <1379341971.35444.YahooMailNeo@web160806.mail.bf1.yahoo.com> Message-ID: <52375DE2.1020300@gmail.com> On 16/09/2013 16:32, Erica James wrote: > Alan, > > Thank you . Please see the below, > > 1. Can telnet to device and authenticate manually > > 2. /home/eserica/rancid/bin/hulogin -d 10.3.4.5 logs in successfully, > and enables properly. Prompt is correct as well > > 3. /home/eserica/rancid/bin/hulogin -t 90 -c"display > current-configuration ; display version" 10.3.4.5 runs cleanly. commands > are run neatly. automatic login and logout > 4.[eserica at netflow logs]$ /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 > executing hulogin -t 90 -c"display version ; display > current-configuration" 10.3.4.5 > executing hulogin -t 90 -c"display version ; display > current-configuration" 10.3.4.5 > sh: hulogin: command not found ^^^^^^^^^^^^^^^^^^^^^^^^^^ You almost certainly do not have "/home/eserica/rancid/bin/" in rancid's PATH. It is set in $RANCID_DIR/etc/rancid.conf. As to why this happened, it is very likely an installation failure. Did you install all of rancid to /home/eserica/rancid, or is that just a convenient place to put rancid scripts you are testing? The rancid build system works almost perfectly every time. It uses autotools and is designed to install the entire package to /usr/local/rancid/ by default and for the scripts to be run by user "rancid". As with all Unix apps it is sensitive to ownership and permission errors The errors you are getting indicate a faulty install, possibly trying to do itmanually. > 10.3.4.5: missed cmd(s): display current-configuration,display version > 10.3.4.5: missed cmd(s): display current-configuration,display version > 10.3.4.5: End of run not found > 10.3.4.5: End of run not found > The router.db > 10.3.4.5:huawei:up > > The rancid-fe > 'huawei' => 'h3crancid', > > Don't understand why am getting such an output from > /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 > Any comments on the above? > > Still the same logs. > > Eserica > > > *From:* Alan McKinnon > *To:* rancid shrubbery > *Sent:* Monday, September 16, 2013 4:33 PM > *Subject:* Re: [rancid] Rancid-missed cmds > > The approach to fixing this is always the same, at this point nothing > rancid is outputting helps debug in the slightest - all it says is that > something went wrong, but we already know that. > > Do the following: > > 1. telnet to device and check you can auth manually > 2. "hulogin " and check it logs in and enables properly, and > that the prompt etc on the screen is correct > 3. run "hulogin -t 90 -c"display current-configuration,display version" > " and check that the commands do actually run correctly > 4. run "hurancid -d " - this dumps a *complete* log in the > current directory containing more info than the regular log you quoted > and often reveals the problem (but not always). > > > But first a few prior steps need to be verified: > > - the command in #3 I pasted from your log output, and that has comma > separators. Your device might need semicolons, I have no idea as I don;t > know that vendors stuff > - the relevant line in router.db must contain the appropriate type > string in field 3 > - you will have had to edit rancid-fe and add a line for huawei to a > perl hash. Without this, rancid-run doesn't know what parser script to > call and it cannot work. > - the device you have must be supported by the script you are using; > just because Huawei made it is no guarantee it works similarly to > anything else they might have made. > > > If all of that checks out, then we need to look into the running perl > itself. > > I believe we've been over most of this before, I don't recall getting a > definitive answer. You really do need to go through all these steps as > given, nothing else is going to get to the root of your problem. > > > > On 16/09/2013 15:11, Erica James wrote: >> Hello >> I have a problem with rancid parsing script. Logs show missed cmd(s). >> Trying to get all of the configs. >> 10.3.4.5: missed cmd(s): display current-configuration,display version >> 10.3.4.5: End of run not found >> # >> All routers sucessfully completed. >> cvs diff: Diffing . >> cvs diff: Diffing configs >> cvs commit: Examining . >> cvs commit: Examining configs >> >> The script is for Huawei. The problem now seems to be that rancid is not >> collecting configs. >> Anyone with an idea on what to do? >> >> Below is the rancid-script >> >> #! /usr/bin/perl >> ## >> ## $Id$ >> ## >> ## rancid 2.3.8 >> ## >> ## Copyright (C) 1997-2004 by Terrapin Communications, Inc. >> ## All rights reserved. >> ## >> ## This software may be freely copied, modified and redistributed >> ## without fee for non-commerical purposes provided that this license >> ## remains intact and unmodified with any RANCID distribution. >> ## >> ## There is no warranty or other guarantee of fitness of this software. >> ## It is provided solely "as is". The author(s) disclaim(s) all >> ## responsibility and liability with respect to this software's usage >> ## or its effect upon hardware, computer systems, other software, or >> ## anything else. >> ## >> ## Except where noted otherwise, rancid was written by and is > maintained by >> ## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin >> Schutz. >> ## >> # >> # hurancid - Interface to Huawei devices >> # >> # RANCID - Really Awesome New Cisco confIg Differ >> # >> # usage: rancid [-d] [-l] [-f filename | $host] >> # >> use Getopt::Std; >> getopts('dfl'); >> $log = $opt_l; >> $debug = $opt_d; >> $file = $opt_f; >> $host = $ARGV[0]; >> $clean_run = 0; >> $found_end = 0; >> $timeo = 90; # hulogin timeout in seconds >> >> my(%filter_pwds); # password filtering mode >> # This routine is used to print out the router configuration >> sub ProcessHistory { >> my($new_hist_tag,$new_command,$command_string, at string)=(@_); >> if((($new_hist_tag ne $hist_tag) || ($new_command ne $command)) >> && defined %history) { >> print eval "$command \%history"; >> undef %history; >> } >> if (($new_hist_tag) && ($new_command) && ($command_string)) { >> if ($history{$command_string}) { >> $history{$command_string} = >> "mailto:$history%7B$command_string%7D at string "; >> } else { >> $history{$command_string} = "@string"; >> } >> } elsif (($new_hist_tag) && ($new_command)) { >> $history{++$#history} = "@string"; >> } else { >> print "@string"; >> } >> $hist_tag = $new_hist_tag; >> $command = $new_command; >> 1; >> } >> >> sub numerically { $a <=> $b; } >> >> # This is a sort routing that will sort numerically on the >> # keys of a hash as if it were a normal array. >> sub keynsort { >> local(%lines)=@_; >> local($i) = 0; >> local(@sorted_lines); >> foreach $key (sort numerically keys(%lines)) { >> $sorted_lines[$i] = $lines{$key}; >> $i++; >> } >> @sorted_lines; >> } >> >> # This is a sort routing that will sort on the >> # keys of a hash as if it were a normal array. >> sub keysort { >> local(%lines)=@_; >> local($i) = 0; >> local(@sorted_lines); >> foreach $key (sort keys(%lines)) { >> $sorted_lines[$i] = $lines{$key}; >> $i++; >> } >> @sorted_lines; >> } >> >> # This is a sort routing that will sort on the >> # values of a hash as if it were a normal array. >> sub valsort{ >> local(%lines)=@_; >> local($i) = 0; >> local(@sorted_lines); >> foreach $key (sort values %lines) { >> $sorted_lines[$i] = $key; >> $i++; >> } >> @sorted_lines; >> } >> >> # This is a numerical sort routing (ascending). >> sub numsort { >> local(%lines)=@_; >> local($i) = 0; >> local(@sorted_lines); >> foreach $num (sort {$a <=> $b} keys %lines) { >> $sorted_lines[$i] = $lines{$num}; >> $i++; >> } >> @sorted_lines; >> } >> >> # This is a sort routine that will sort on the >> # ip address when the ip address is anywhere in >> # the strings. >> sub ipsort { >> local(%lines)=@_; >> local($i) = 0; >> local(@sorted_lines); >> foreach $addr (sort sortbyipaddr keys %lines) { >> $sorted_lines[$i] = $lines{$addr}; >> $i++; >> } >> @sorted_lines; >> } >> >> # These two routines will sort based upon IP addresses >> sub ipaddrval { >> my(@a) = ($_[0] =~ m#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#); >> $a[3]+256*($a[2]+256*($a[1]+256*$a[0])); >> } >> sub sortbyipaddr { >> &ipaddrval($a) <=> &ipaddrval($b); >> } >> >> >> # This routine processes a "show configuration" >> # This routine processes a "show configuration" >> sub WriteTerm { >> print STDERR " In WriteTerm: $_" if ($debug); >> #my($lineauto) = 0; >> >> while () { >> #print STDERR "History $_\n"; >> >> tr/\015//d; >> last if(/^$prompt/); >> next if (/^(\s*|\s*$cmd\s*)$/); >> return(1) if (/^\s*\^\s*$/); >> return(1) if (/Line has invalid autocommand /); >> return(1) if (/(Invalid (input|command) detected|Type help or )/i); >> return(-1) if (/command authorization failed/i); >> # the pager can not be disabled per-session on the PIX >> if (/^(<-+ More -+>)/) { >> my($len) = length($1); >> s/^$1\s{$len}//; >> } >> >> /^/ && next; >> ProcessHistory("COMMENTS","keysort","B1","# $_") && next; >> } >> >> # end of config...is a comment. >> if (/^return/i) { >> $found_end = 1; >> return(1); >> } >> >> return(0); >> } >> >> # This routine copies everything with precefing "#" >> sub CopyComment { >> print STDERR " In CopyComment: $_" if ($debug); >> >> while () { >> tr/\015//d; >> last if (/^$prompt/); >> >> ProcessHistory("","","","# $_"); >> # end of config >> } >> return(0); >> } >> >> # filter out "uptime" lines >> sub FilterUptime { >> print STDERR " In FilterUptime: $_" if ($debug); >> >> while () { >> tr/\015//d; >> last if (/^$prompt/); >> #nmeongeza >> next if (/^(\s*|\s*$cmd\s*)$/); >> return(-1) if (/command authorization failed/i); >> /^VERSION\=>(\s+.*)$/ && >> ProcessHistory("COMMENTS","keysort","C1","\#\n# Version: $1\n") >> && next; >> /^PATCH\=>(\s+.*)$/ && >> ProcessHistory("COMMENTS","keysort","C2","\# Patch: $1\n") >> && next; >> >> /^PRODUCT\=>(\s+.*)$/ && >> ProcessHistory("COMMENTS","keysort","C3","\# Version: $1\n") >> && next; >> } >> return(0); >> } >> >> >> # dummy function >> sub DoNothing {print STDOUT;} >> >> # Main >> @commandtable = ( >> {'display version' => 'FilterUptime'}, >> {'display patch-information' => 'CopyComment'}, >> {'display device' => 'CopyComment'}, >> {'display device pic-status' => 'CopyComment'}, >> {'display current-configuration' => 'WriteTerm'}, >> ); >> >> # Use an array to preserve the order of the commands and a hash for > mapping >> # commands to the subroutine and track commands that have been completed. >> @commands = map(keys(%$_), @commandtable); >> %commands = map(%$_, @commandtable); >> >> $huaw_cmds=join(";", at commands); >> $cmds_regexp=join("|", at commands); >> >> open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: $!\n"; >> select(OUTPUT); >> # make OUTPUT unbuffered if debugging >> if ($debug) { $| = 1; } >> >> if ($file) { >> print STDERR "opening file $host\n" if ($debug); >> print STDOUT "opening file $host\n" if ($log); >> open(INPUT,"<$host") || die "open failed for $host: $!\n"; >> } else { >> print STDERR "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" >> if ($debug); >> print STDOUT "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" >> if ($debug); >> if (defined($ENV{NOPIPE}) && $ENV{NOPIPE} =~ /^YES/i) { >> system "hulogin -t $timeo -c \"$huaw_cmds\" $host >> $host.raw" || die "hulogin failed for $host: $!\n"; >> open(INPUT, "< $host.raw") || die "hulogin failed for $host: $!\n"; >> } else { >> open(INPUT,"hulogin -t $timeo -c \"$huaw_cmds\" $host > |") || die "hulogin failed for $host: $!\n"; >> } >> } >> >> # determine password filtering mode >> if ($ENV{"FILTER_PWDS"} =~ /no/i) { >> $filter_pwds = 0; >> } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { >> $filter_pwds = 2; >> } else { >> $filter_pwds = 1; >> } >> >> ProcessHistory("","","","#RANCID-CONTENT-TYPE: Huawei\n#\n"); >> ProcessHistory("COMMENTS","keysort","B0","#\n"); >> ProcessHistory("COMMENTS","keysort","F0","#\n"); >> ProcessHistory("COMMENTS","keysort","G0","#\n"); >> TOP: while() { >> tr/\015//d; >> >> #print STDERR ("CMD: $_\n"); >> >> if (/\>\s?quit.*$/) { >> $clean_run=1; >> last; >> } >> >> if (/^Error:/) { >> print STDOUT ("$host hulogin error: $_"); >> print STDERR ("$host hulogin error: $_") if ($debug); >> $clean_run=0; >> last; >> } >> >> while (/\>\007*\s*($cmds_regexp)\s*$/) { >> $cmd = $1; >> >> if (!defined($prompt)) { >> $prompt = ($_ =~ /^([^>]+\>)/)[0]; >> $prompt =~ s/([][}{)(file://])///$1/g; >> print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); >> } >> print STDERR ("HIT COMMAND:$_") if ($debug); >> if (! defined($commands{$cmd})) { >> print STDERR "$host: found unexpected command - \"$cmd\"\n"; >> $clean_run = 0; >> last TOP; >> } >> $rval = &{$commands{$cmd}}; >> delete($commands{$cmd}); >> if ($rval == -1) { >> $clean_run = 0; >> last TOP; >> } >> } >> } >> print STDOUT "Done $logincmd: $_\n" if ($log); >> # Flush History >> ProcessHistory("","","",""); >> # Cleanup >> close(INPUT); >> close(OUTPUT); >> >> if (defined($ENV{NOPIPE})) { >> #unlink("$host.raw") if (! $debug); >> } >> # check for completeness >> if (scalar(%commands) || !$clean_run || !$found_end) { >> if (scalar(%commands)) { >> printf(STDOUT "$host: missed cmd(s): %s\n", join(',', >> keys(%commands))); >> printf(STDERR "$host: missed cmd(s): %s\n", join(',', >> keys(%commands))) if ($debug); >> } >> if (!$clean_run || !$found_end) { >> print STDOUT "$host: End of run not found\n"; >> print STDERR "$host: End of run not found\n" if ($debug); >> system("/usr/bin/tail -1 $host.new"); >> } >> #unlink "$host.new" if (! $debug); >> } >> >> > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > -- Alan McKinnon alan.mckinnon at gmail.com From jameserica156 at yahoo.com Tue Sep 17 06:08:03 2013 From: jameserica156 at yahoo.com (Erica James) Date: Mon, 16 Sep 2013 23:08:03 -0700 (PDT) Subject: [rancid] Rancid-missed cmds In-Reply-To: <52375DE2.1020300@gmail.com> References: <1379337087.61091.YahooMailNeo@web160804.mail.bf1.yahoo.com> <523708AC.1060303@gmail.com> <1379341971.35444.YahooMailNeo@web160806.mail.bf1.yahoo.com> <52375DE2.1020300@gmail.com> Message-ID: <1379398083.59748.YahooMailNeo@web160804.mail.bf1.yahoo.com> Hello. I have checked in rancid's PATH. this is a portion of the rancid.conf file. BASEDIR=/home/eserica/rancid/var/rancid; export BASEDIR PATH=/home/eserica/rancid/bin:/usr/bin:.:/bin:/usr/kerberos/bin:/usr/local/bin:/usr/bin; export PATH ? ________________________________ From: Alan McKinnon To: Erica James Cc: rancid shrubbery Sent: Monday, September 16, 2013 10:37 PM Subject: Re: [rancid] Rancid-missed cmds On 16/09/2013 16:32, Erica James wrote: > Alan, >? > Thank you . Please see the below, >? > 1. Can telnet to device and authenticate manually >? > 2. /home/eserica/rancid/bin/hulogin -d 10.3.4.5 logs in successfully, > and enables properly. Prompt is correct as well >? > 3. /home/eserica/rancid/bin/hulogin -t 90 -c"display > current-configuration ; display version" 10.3.4.5 runs cleanly. commands > are run neatly. automatic login and logout > 4.[eserica at netflow logs]$ /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 > executing hulogin -t 90 -c"display version ; display > current-configuration" 10.3.4.5 > executing hulogin -t 90 -c"display version ; display > current-configuration" 10.3.4.5 > sh: hulogin: command not found ? ? ? ^^^^^^^^^^^^^^^^^^^^^^^^^^ You almost certainly do not have "/home/eserica/rancid/bin/" in rancid's PATH. It is set in $RANCID_DIR/etc/rancid.conf. As to why this happened, it is very likely an installation failure. Did you install all of rancid to /home/eserica/rancid, or is that just a convenient place to put rancid scripts you are testing? The rancid build system works almost perfectly every time. It uses autotools and is designed to install the entire package to /usr/local/rancid/ by default and for the scripts to be run by user "rancid". As with all Unix apps it is sensitive to ownership and permission errors The errors you are getting indicate a faulty install, possibly trying to do itmanually. > 10.3.4.5: missed cmd(s): display current-configuration,display version > 10.3.4.5: missed cmd(s): display current-configuration,display version > 10.3.4.5: End of run not found > 10.3.4.5: End of run not found > The router.db > 10.3.4.5:huawei:up >? > The rancid-fe >? ? 'huawei'? ? ? ? ? ? => 'h3crancid', >? > Don't understand why am getting such an output? from > /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 > Any comments on the above? >? > Still the same logs. >? > Eserica >? > > *From:* Alan McKinnon > *To:* rancid shrubbery > *Sent:* Monday, September 16, 2013 4:33 PM > *Subject:* Re: [rancid] Rancid-missed cmds > > The approach to fixing this is always the same, at this point nothing > rancid is outputting helps debug in the slightest - all it says is that > something went wrong, but we already know that. > > Do the following: > > 1. telnet to device and check you can auth manually > 2. "hulogin " and check it logs in and enables properly, and > that the prompt etc on the screen is correct > 3. run "hulogin -t 90 -c"display current-configuration,display version" > " and check that the commands do actually run correctly > 4. run "hurancid -d " - this dumps a *complete* log in the > current directory containing more info than the regular log you quoted > and often reveals the problem (but not always). > > > But first a few prior steps need to be verified: > > - the command in #3 I pasted from your log output, and that has comma > separators. Your device might need semicolons, I have no idea as I don;t > know that vendors stuff > - the relevant line in router.db must contain the appropriate type > string in field 3 > - you will have had to edit rancid-fe and add a line for huawei to a > perl hash. Without this, rancid-run doesn't know what parser script to > call and it cannot work. > - the device you have must be supported by the script you are using; > just because Huawei made it is no guarantee it works similarly to > anything else they might have made. > > > If all of that checks out, then we need to look into the running perl > itself. > > I believe we've been over most of this before, I don't recall getting a > definitive answer. You really do need to go through all these steps as > given, nothing else is going to get to the root of your problem. > > > > On 16/09/2013 15:11, Erica James wrote: >> Hello >> I have a problem with rancid parsing script. Logs show missed cmd(s). >> Trying to get all of the configs. >> 10.3.4.5: missed cmd(s): display current-configuration,display version >> 10.3.4.5: End of run not found >> # >> All routers sucessfully completed. >> cvs diff: Diffing . >> cvs diff: Diffing configs >> cvs commit: Examining . >> cvs commit: Examining configs >> >> The script is for Huawei. The problem now seems to be that rancid is not >> collecting configs. >> Anyone with an idea on what to do? >> >> Below is the rancid-script >> >> #! /usr/bin/perl >> ## >> ## $Id$ >> ## >> ## rancid 2.3.8 >> ## >> ## Copyright (C) 1997-2004 by Terrapin Communications, Inc. >> ## All rights reserved. >> ## >> ## This software may be freely copied, modified and redistributed >> ## without fee for non-commerical purposes provided that this license >> ## remains intact and unmodified with any RANCID distribution. >> ## >> ## There is no warranty or other guarantee of fitness of this software. >> ## It is provided solely "as is".? The author(s) disclaim(s) all >> ## responsibility and liability with respect to this software's usage >> ## or its effect upon hardware, computer systems, other software, or >> ## anything else. >> ## >> ## Except where noted otherwise, rancid was written by and is > maintained by >> ## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin >> Schutz. >> ## >> # >> # hurancid - Interface to Huawei devices >> # >> #? RANCID - Really Awesome New Cisco confIg Differ >> # >> # usage: rancid [-d] [-l] [-f filename | $host] >> # >> use Getopt::Std; >> getopts('dfl'); >> $log = $opt_l; >> $debug = $opt_d; >> $file = $opt_f; >> $host = $ARGV[0]; >> $clean_run = 0; >> $found_end = 0; >> $timeo = 90;? ? ? ? ? ? ? ? ? ? # hulogin timeout in seconds >> >> my(%filter_pwds);? ? ? ? ? ? ? # password filtering mode >> # This routine is used to print out the router configuration >> sub ProcessHistory { >>? ? my($new_hist_tag,$new_command,$command_string, at string)=(@_); >> if((($new_hist_tag ne $hist_tag) || ($new_command ne $command)) >>? ? ? ? && defined %history) { >>? ? ? ? print eval "$command \%history"; >>? ? ? ? undef %history; >>? ? } >>? ? if (($new_hist_tag) && ($new_command) && ($command_string)) { >>? ? ? ? if ($history{$command_string}) { >>? ? ? ? ? ? $history{$command_string} = >> "mailto:$history%7B$command_string%7D at string "; >>? ? ? ? } else { >>? ? ? ? ? ? $history{$command_string} = "@string"; >>? ? ? ? } >>? ? } elsif (($new_hist_tag) && ($new_command)) { >>? ? ? ? $history{++$#history} = "@string"; >>? ? } else { >>? ? ? ? print "@string"; >>? ? } >>? ? $hist_tag = $new_hist_tag; >>? ? $command = $new_command; >>? ? 1; >> } >> >> sub numerically { $a <=> $b; } >> >> # This is a sort routing that will sort numerically on the >> # keys of a hash as if it were a normal array. >> sub keynsort { >>? ? local(%lines)=@_; >>? ? local($i) = 0; >>? ? local(@sorted_lines); >>? ? foreach $key (sort numerically keys(%lines)) { >>? ? ? ? $sorted_lines[$i] = $lines{$key}; >>? ? ? ? $i++; >>? ? } >>? ? @sorted_lines; >> } >> >> # This is a sort routing that will sort on the >> # keys of a hash as if it were a normal array. >> sub keysort { >>? ? local(%lines)=@_; >>? ? local($i) = 0; >>? ? local(@sorted_lines); >>? ? foreach $key (sort keys(%lines)) { >>? ? ? ? $sorted_lines[$i] = $lines{$key}; >>? ? ? ? $i++; >>? ? } >>? ? @sorted_lines; >> } >> >> # This is a sort routing that will sort on the >> # values of a hash as if it were a normal array. >> sub valsort{ >>? ? local(%lines)=@_; >>? ? local($i) = 0; >>? ? local(@sorted_lines); >>? ? foreach $key (sort values %lines) { >>? ? ? ? $sorted_lines[$i] = $key; >>? ? ? ? $i++; >>? ? } >>? ? @sorted_lines; >> } >> >> # This is a numerical sort routing (ascending). >> sub numsort { >>? ? local(%lines)=@_; >>? ? local($i) = 0; >>? ? local(@sorted_lines); >>? ? foreach $num (sort {$a <=> $b} keys %lines) { >>? ? ? ? $sorted_lines[$i] = $lines{$num}; >>? ? ? ? $i++; >>? ? } >>? ? @sorted_lines; >> } >> >> # This is a sort routine that will sort on the >> # ip address when the ip address is anywhere in >> # the strings. >> sub ipsort { >>? ? local(%lines)=@_; >>? ? local($i) = 0; >>? ? local(@sorted_lines); >>? ? foreach $addr (sort sortbyipaddr keys %lines) { >>? ? ? ? $sorted_lines[$i] = $lines{$addr}; >>? ? ? ? $i++; >>? ? } >>? ? @sorted_lines; >> } >> >> # These two routines will sort based upon IP addresses >> sub ipaddrval { >>? ? my(@a) = ($_[0] =~ m#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#); >>? ? $a[3]+256*($a[2]+256*($a[1]+256*$a[0])); >> } >> sub sortbyipaddr { >>? ? &ipaddrval($a) <=> &ipaddrval($b); >> } >> >> >> # This routine processes a "show configuration" >> # This routine processes a "show configuration" >> sub WriteTerm { >>? ? print STDERR "? ? In WriteTerm: $_" if ($debug); >>? ? #my($lineauto) = 0; >> >>? ? while () { >> #print STDERR "History $_\n"; >>? >>? ? ? ? tr/\015//d; >>? ? ? ? last if(/^$prompt/); >>? ? ? ? next if (/^(\s*|\s*$cmd\s*)$/); >>? ? ? ? return(1) if (/^\s*\^\s*$/); >>? ? ? ? return(1) if (/Line has invalid autocommand /); >>? ? ? ? return(1) if (/(Invalid (input|command) detected|Type help or )/i); >>? ? ? ? return(-1) if (/command authorization failed/i); >>? ? ? ? # the pager can not be disabled per-session on the PIX >>? ? ? ? if (/^(<-+ More -+>)/) { >>? ? ? ? ? ? my($len) = length($1); >>? ? ? ? ? ? s/^$1\s{$len}//; >>? ? ? ? } >>? ? ? >>? ? ? ? /^/ && next; >>? ? ? ? ProcessHistory("COMMENTS","keysort","B1","# $_") && next; >>? ? } >> >>? ? ? ? # end of config...is a comment. >>? ? ? ? if (/^return/i) { >> $found_end = 1; >>? ? ? ? ? ? return(1); >>? ? ? ? } >>? >>? ? ? ? return(0); >> } >> >> # This routine copies everything with precefing "#" >> sub CopyComment { >>? ? print STDERR "? ? In CopyComment: $_" if ($debug); >> >>? ? while () { >>? ? ? ? tr/\015//d; >>? ? ? ? last if (/^$prompt/); >> >>? ? ? ? ProcessHistory("","","","# $_"); >>? ? ? ? # end of config >>? ? } >>? ? return(0); >> } >> >> # filter out "uptime" lines >> sub FilterUptime { >>? ? print STDERR "? ? In FilterUptime: $_" if ($debug); >> >>? ? while () { >>? ? ? ? tr/\015//d; >>? ? ? ? last if (/^$prompt/); >> #nmeongeza >>? ? ? ? next if (/^(\s*|\s*$cmd\s*)$/); >>? ? ? ? return(-1) if (/command authorization failed/i); >>? ? ? ? /^VERSION\=>(\s+.*)$/ && >> ProcessHistory("COMMENTS","keysort","C1","\#\n# Version: $1\n") >> && next; >>? ? ? ? /^PATCH\=>(\s+.*)$/ && >> ProcessHistory("COMMENTS","keysort","C2","\# Patch: $1\n") >> && next; >> >>? ? ? ? /^PRODUCT\=>(\s+.*)$/ && >> ProcessHistory("COMMENTS","keysort","C3","\# Version: $1\n") >> && next; >> } >> return(0); >> } >> >> >> # dummy function >> sub DoNothing {print STDOUT;} >> >> # Main >> @commandtable = ( >>? ? ? ? {'display version'? ? ? ? ? ? ? ? ? ? ? => 'FilterUptime'}, >>? ? ? ? {'display patch-information'? ? ? ? ? ? => 'CopyComment'}, >>? ? ? ? {'display device'? ? ? ? ? ? ? ? ? ? ? ? => 'CopyComment'}, >>? ? ? ? {'display device pic-status'? ? ? ? ? ? => 'CopyComment'}, >>? ? ? ? {'display current-configuration'? ? ? ? => 'WriteTerm'}, >> ); >> >> # Use an array to preserve the order of the commands and a hash for > mapping >> # commands to the subroutine and track commands that have been completed. >> @commands = map(keys(%$_), @commandtable); >> %commands = map(%$_, @commandtable); >> >> $huaw_cmds=join(";", at commands); >> $cmds_regexp=join("|", at commands); >> >> open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: $!\n"; >> select(OUTPUT); >> # make OUTPUT unbuffered if debugging >> if ($debug) { $| = 1; } >> >> if ($file) { >>? ? print STDERR "opening file $host\n" if ($debug); >>? ? print STDOUT "opening file $host\n" if ($log); >>? ? open(INPUT,"<$host") || die "open failed for $host: $!\n"; >> } else { >>? ? print STDERR "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" >> if ($debug); >>? ? print STDOUT "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" >> if ($debug); >>? ? if (defined($ENV{NOPIPE}) && $ENV{NOPIPE} =~ /^YES/i) { >>? ? ? ? system "hulogin -t $timeo -c \"$huaw_cmds\" $host >> $host.raw" || die "hulogin failed for $host: $!\n"; >>? ? ? ? open(INPUT, "< $host.raw") || die "hulogin failed for $host: $!\n"; >>? ? } else { >>? ? ? ? open(INPUT,"hulogin -t $timeo -c \"$huaw_cmds\" $host > |") || die "hulogin failed for $host: $!\n"; >>? ? } >> } >> >> # determine password filtering mode >> if ($ENV{"FILTER_PWDS"} =~ /no/i) { >>? ? ? ? $filter_pwds = 0; >> } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { >>? ? ? ? $filter_pwds = 2; >> } else { >>? ? ? ? $filter_pwds = 1; >> } >> >> ProcessHistory("","","","#RANCID-CONTENT-TYPE: Huawei\n#\n"); >> ProcessHistory("COMMENTS","keysort","B0","#\n"); >> ProcessHistory("COMMENTS","keysort","F0","#\n"); >> ProcessHistory("COMMENTS","keysort","G0","#\n"); >> TOP: while() { >>? ? tr/\015//d; >> >> #print STDERR ("CMD: $_\n"); >>? >>? ? if (/\>\s?quit.*$/) { >>? ? ? ? $clean_run=1; >>? ? ? ? last; >>? ? } >> >>? ? if (/^Error:/) { >>? ? ? ? print STDOUT ("$host hulogin error: $_"); >>? ? ? ? print STDERR ("$host hulogin error: $_") if ($debug); >>? ? ? ? $clean_run=0; >>? ? ? ? last; >> } >>? >>? ? while (/\>\007*\s*($cmds_regexp)\s*$/) { >>? ? ? ? $cmd = $1; >> >>? ? ? ? if (!defined($prompt)) { >>? ? ? ? ? ? $prompt = ($_ =~ /^([^>]+\>)/)[0]; >>? ? ? ? ? ? $prompt =~ s/([][}{)(file://])///$1/g; >>? ? ? ? ? ? print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); >>? ? ? ? } >>? ? ? ? print STDERR ("HIT COMMAND:$_") if ($debug); >>? ? ? ? if (! defined($commands{$cmd})) { >>? ? ? ? ? ? print STDERR "$host: found unexpected command - \"$cmd\"\n"; >>? ? ? ? ? ? $clean_run = 0; >>? ? ? ? ? ? last TOP; >>? ? ? ? } >>? ? ? ? $rval = &{$commands{$cmd}}; >>? ? ? ? delete($commands{$cmd}); >>? ? ? ? if ($rval == -1) { >>? ? ? ? ? ? $clean_run = 0; >>? ? ? ? ? ? last TOP; >>? ? ? ? } >>? ? } >> } >> print STDOUT "Done $logincmd: $_\n" if ($log); >> # Flush History >> ProcessHistory("","","",""); >> # Cleanup >> close(INPUT); >> close(OUTPUT); >> >> if (defined($ENV{NOPIPE})) { >>? ? #unlink("$host.raw") if (! $debug); >> } >> # check for completeness >> if (scalar(%commands) || !$clean_run || !$found_end) { >>? ? if (scalar(%commands)) { >>? ? ? ? printf(STDOUT "$host: missed cmd(s): %s\n", join(',', >> keys(%commands))); >>? ? ? ? printf(STDERR "$host: missed cmd(s): %s\n", join(',', >> keys(%commands))) if ($debug); >>? ? } >>? ? if (!$clean_run || !$found_end) { >>? ? ? ? print STDOUT "$host: End of run not found\n"; >>? ? ? ? print STDERR "$host: End of run not found\n" if ($debug); >>? ? ? ? system("/usr/bin/tail -1 $host.new"); >>? ? } >>? ? #unlink "$host.new" if (! $debug); >> } >> >> > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > -- Alan McKinnon alan.mckinnon at gmail.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Tue Sep 17 08:19:40 2013 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Tue, 17 Sep 2013 10:19:40 +0200 Subject: [rancid] Rancid-missed cmds In-Reply-To: <1379398083.59748.YahooMailNeo@web160804.mail.bf1.yahoo.com> References: <1379337087.61091.YahooMailNeo@web160804.mail.bf1.yahoo.com> <523708AC.1060303@gmail.com> <1379341971.35444.YahooMailNeo@web160806.mail.bf1.yahoo.com> <52375DE2.1020300@gmail.com> <1379398083.59748.YahooMailNeo@web160804.mail.bf1.yahoo.com> Message-ID: <5238109C.1080803@gmail.com> Ah, I see it now. The PATH is set in rancid.conf correctly so it is available when run from cron. You now need to add it to *your* path so it's available when you run the command on the cli. Add it in your .bashrc or .profile as appropriate, then log out, log in and run the test commands again. If rancid also runs as a different user yu should add the same to that users environment too. These steps won't affect how rancid runs on a cron schedule, it will only affect cli commands so our debugging efforts work On 17/09/2013 08:08, Erica James wrote: > Hello. > I have checked in rancid's PATH. > this is a portion of the rancid.conf file. > BASEDIR=/home/eserica/rancid/var/rancid; export BASEDIR > PATH=/home/eserica/rancid/bin:/usr/bin:.:/bin:/usr/kerberos/bin:/usr/local/bin:/usr/bin; > export PATH > > > > *From:* Alan McKinnon > *To:* Erica James > *Cc:* rancid shrubbery > *Sent:* Monday, September 16, 2013 10:37 PM > *Subject:* Re: [rancid] Rancid-missed cmds > > On 16/09/2013 16:32, Erica James wrote: >> Alan, >> >> Thank you . Please see the below, >> >> 1. Can telnet to device and authenticate manually >> >> 2. /home/eserica/rancid/bin/hulogin -d 10.3.4.5 logs in successfully, >> and enables properly. Prompt is correct as well >> >> 3. /home/eserica/rancid/bin/hulogin -t 90 -c"display >> current-configuration ; display version" 10.3.4.5 runs cleanly. commands >> are run neatly. automatic login and logout >> 4.[eserica at netflow logs]$ > /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 >> executing hulogin -t 90 -c"display version ; display >> current-configuration" 10.3.4.5 >> executing hulogin -t 90 -c"display version ; display >> current-configuration" 10.3.4.5 >> sh: hulogin: command not found > > ^^^^^^^^^^^^^^^^^^^^^^^^^^ > > You almost certainly do not have "/home/eserica/rancid/bin/" in rancid's > PATH. It is set in $RANCID_DIR/etc/rancid.conf. > > As to why this happened, it is very likely an installation failure. > > Did you install all of rancid to /home/eserica/rancid, or is that just a > convenient place to put rancid scripts you are testing? > > > The rancid build system works almost perfectly every time. It uses > autotools and is designed to install the entire package to > /usr/local/rancid/ by default and for the scripts to be run by user > "rancid". As with all Unix apps it is sensitive to ownership and > permission errors > > The errors you are getting indicate a faulty install, possibly trying to > do itmanually. > > > > >> 10.3.4.5: missed cmd(s): display current-configuration,display version >> 10.3.4.5: missed cmd(s): display current-configuration,display version >> 10.3.4.5: End of run not found >> 10.3.4.5: End of run not found >> The router.db >> 10.3.4.5:huawei:up >> >> The rancid-fe >> 'huawei' => 'h3crancid', >> >> Don't understand why am getting such an output from >> /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 >> Any comments on the above? >> >> Still the same logs. >> >> Eserica >> >> >> *From:* Alan McKinnon > >> *To:* rancid shrubbery > >> *Sent:* Monday, September 16, 2013 4:33 PM >> *Subject:* Re: [rancid] Rancid-missed cmds >> >> The approach to fixing this is always the same, at this point nothing >> rancid is outputting helps debug in the slightest - all it says is that >> something went wrong, but we already know that. >> >> Do the following: >> >> 1. telnet to device and check you can auth manually >> 2. "hulogin " and check it logs in and enables properly, and >> that the prompt etc on the screen is correct >> 3. run "hulogin -t 90 -c"display current-configuration,display version" >> " and check that the commands do actually run correctly >> 4. run "hurancid -d " - this dumps a *complete* log in the >> current directory containing more info than the regular log you quoted >> and often reveals the problem (but not always). >> >> >> But first a few prior steps need to be verified: >> >> - the command in #3 I pasted from your log output, and that has comma >> separators. Your device might need semicolons, I have no idea as I don;t >> know that vendors stuff >> - the relevant line in router.db must contain the appropriate type >> string in field 3 >> - you will have had to edit rancid-fe and add a line for huawei to a >> perl hash. Without this, rancid-run doesn't know what parser script to >> call and it cannot work. >> - the device you have must be supported by the script you are using; >> just because Huawei made it is no guarantee it works similarly to >> anything else they might have made. >> >> >> If all of that checks out, then we need to look into the running perl >> itself. >> >> I believe we've been over most of this before, I don't recall getting a >> definitive answer. You really do need to go through all these steps as >> given, nothing else is going to get to the root of your problem. >> >> >> >> On 16/09/2013 15:11, Erica James wrote: >>> Hello >>> I have a problem with rancid parsing script. Logs show missed cmd(s). >>> Trying to get all of the configs. >>> 10.3.4.5: missed cmd(s): display current-configuration,display version >>> 10.3.4.5: End of run not found >>> # >>> All routers sucessfully completed. >>> cvs diff: Diffing . >>> cvs diff: Diffing configs >>> cvs commit: Examining . >>> cvs commit: Examining configs >>> >>> The script is for Huawei. The problem now seems to be that rancid is not >>> collecting configs. >>> Anyone with an idea on what to do? >>> >>> Below is the rancid-script >>> >>> #! /usr/bin/perl >>> ## >>> ## $Id$ >>> ## >>> ## rancid 2.3.8 >>> ## >>> ## Copyright (C) 1997-2004 by Terrapin Communications, Inc. >>> ## All rights reserved. >>> ## >>> ## This software may be freely copied, modified and redistributed >>> ## without fee for non-commerical purposes provided that this license >>> ## remains intact and unmodified with any RANCID distribution. >>> ## >>> ## There is no warranty or other guarantee of fitness of this software. >>> ## It is provided solely "as is". The author(s) disclaim(s) all >>> ## responsibility and liability with respect to this software's usage >>> ## or its effect upon hardware, computer systems, other software, or >>> ## anything else. >>> ## >>> ## Except where noted otherwise, rancid was written by and is >> maintained by >>> ## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin >>> Schutz. >>> ## >>> # >>> # hurancid - Interface to Huawei devices >>> # >>> # RANCID - Really Awesome New Cisco confIg Differ >>> # >>> # usage: rancid [-d] [-l] [-f filename | $host] >>> # >>> use Getopt::Std; >>> getopts('dfl'); >>> $log = $opt_l; >>> $debug = $opt_d; >>> $file = $opt_f; >>> $host = $ARGV[0]; >>> $clean_run = 0; >>> $found_end = 0; >>> $timeo = 90; # hulogin timeout in seconds >>> >>> my(%filter_pwds); # password filtering mode >>> # This routine is used to print out the router configuration >>> sub ProcessHistory { >>> my($new_hist_tag,$new_command,$command_string, at string)=(@_); >>> if((($new_hist_tag ne $hist_tag) || ($new_command ne $command)) >>> && defined %history) { >>> print eval "$command \%history"; >>> undef %history; >>> } >>> if (($new_hist_tag) && ($new_command) && ($command_string)) { >>> if ($history{$command_string}) { >>> $history{$command_string} = >>> "mailto:$history%7B$command_string%7D at string > >"; >>> } else { >>> $history{$command_string} = "@string"; >>> } >>> } elsif (($new_hist_tag) && ($new_command)) { >>> $history{++$#history} = "@string"; >>> } else { >>> print "@string"; >>> } >>> $hist_tag = $new_hist_tag; >>> $command = $new_command; >>> 1; >>> } >>> >>> sub numerically { $a <=> $b; } >>> >>> # This is a sort routing that will sort numerically on the >>> # keys of a hash as if it were a normal array. >>> sub keynsort { >>> local(%lines)=@_; >>> local($i) = 0; >>> local(@sorted_lines); >>> foreach $key (sort numerically keys(%lines)) { >>> $sorted_lines[$i] = $lines{$key}; >>> $i++; >>> } >>> @sorted_lines; >>> } >>> >>> # This is a sort routing that will sort on the >>> # keys of a hash as if it were a normal array. >>> sub keysort { >>> local(%lines)=@_; >>> local($i) = 0; >>> local(@sorted_lines); >>> foreach $key (sort keys(%lines)) { >>> $sorted_lines[$i] = $lines{$key}; >>> $i++; >>> } >>> @sorted_lines; >>> } >>> >>> # This is a sort routing that will sort on the >>> # values of a hash as if it were a normal array. >>> sub valsort{ >>> local(%lines)=@_; >>> local($i) = 0; >>> local(@sorted_lines); >>> foreach $key (sort values %lines) { >>> $sorted_lines[$i] = $key; >>> $i++; >>> } >>> @sorted_lines; >>> } >>> >>> # This is a numerical sort routing (ascending). >>> sub numsort { >>> local(%lines)=@_; >>> local($i) = 0; >>> local(@sorted_lines); >>> foreach $num (sort {$a <=> $b} keys %lines) { >>> $sorted_lines[$i] = $lines{$num}; >>> $i++; >>> } >>> @sorted_lines; >>> } >>> >>> # This is a sort routine that will sort on the >>> # ip address when the ip address is anywhere in >>> # the strings. >>> sub ipsort { >>> local(%lines)=@_; >>> local($i) = 0; >>> local(@sorted_lines); >>> foreach $addr (sort sortbyipaddr keys %lines) { >>> $sorted_lines[$i] = $lines{$addr}; >>> $i++; >>> } >>> @sorted_lines; >>> } >>> >>> # These two routines will sort based upon IP addresses >>> sub ipaddrval { >>> my(@a) = ($_[0] =~ m#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#); >>> $a[3]+256*($a[2]+256*($a[1]+256*$a[0])); >>> } >>> sub sortbyipaddr { >>> &ipaddrval($a) <=> &ipaddrval($b); >>> } >>> >>> >>> # This routine processes a "show configuration" >>> # This routine processes a "show configuration" >>> sub WriteTerm { >>> print STDERR " In WriteTerm: $_" if ($debug); >>> #my($lineauto) = 0; >>> >>> while () { >>> #print STDERR "History $_\n"; >>> >>> tr/\015//d; >>> last if(/^$prompt/); >>> next if (/^(\s*|\s*$cmd\s*)$/); >>> return(1) if (/^\s*\^\s*$/); >>> return(1) if (/Line has invalid autocommand /); >>> return(1) if (/(Invalid (input|command) detected|Type help or > )/i); >>> return(-1) if (/command authorization failed/i); >>> # the pager can not be disabled per-session on the PIX >>> if (/^(<-+ More -+>)/) { >>> my($len) = length($1); >>> s/^$1\s{$len}//; >>> } >>> >>> /^/ && next; >>> ProcessHistory("COMMENTS","keysort","B1","# $_") && next; >>> } >>> >>> # end of config...is a comment. >>> if (/^return/i) { >>> $found_end = 1; >>> return(1); >>> } >>> >>> return(0); >>> } >>> >>> # This routine copies everything with precefing "#" >>> sub CopyComment { >>> print STDERR " In CopyComment: $_" if ($debug); >>> >>> while () { >>> tr/\015//d; >>> last if (/^$prompt/); >>> >>> ProcessHistory("","","","# $_"); >>> # end of config >>> } >>> return(0); >>> } >>> >>> # filter out "uptime" lines >>> sub FilterUptime { >>> print STDERR " In FilterUptime: $_" if ($debug); >>> >>> while () { >>> tr/\015//d; >>> last if (/^$prompt/); >>> #nmeongeza >>> next if (/^(\s*|\s*$cmd\s*)$/); >>> return(-1) if (/command authorization failed/i); >>> /^VERSION\=>(\s+.*)$/ && >>> ProcessHistory("COMMENTS","keysort","C1","\#\n# Version: $1\n") >>> && next; >>> /^PATCH\=>(\s+.*)$/ && >>> ProcessHistory("COMMENTS","keysort","C2","\# Patch: $1\n") >>> && next; >>> >>> /^PRODUCT\=>(\s+.*)$/ && >>> ProcessHistory("COMMENTS","keysort","C3","\# Version: $1\n") >>> && next; >>> } >>> return(0); >>> } >>> >>> >>> # dummy function >>> sub DoNothing {print STDOUT;} >>> >>> # Main >>> @commandtable = ( >>> {'display version' => 'FilterUptime'}, >>> {'display patch-information' => 'CopyComment'}, >>> {'display device' => 'CopyComment'}, >>> {'display device pic-status' => 'CopyComment'}, >>> {'display current-configuration' => 'WriteTerm'}, >>> ); >>> >>> # Use an array to preserve the order of the commands and a hash for >> mapping >>> # commands to the subroutine and track commands that have been completed. >>> @commands = map(keys(%$_), @commandtable); >>> %commands = map(%$_, @commandtable); >>> >>> $huaw_cmds=join(";", at commands); >>> $cmds_regexp=join("|", at commands); >>> >>> open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: > $!\n"; >>> select(OUTPUT); >>> # make OUTPUT unbuffered if debugging >>> if ($debug) { $| = 1; } >>> >>> if ($file) { >>> print STDERR "opening file $host\n" if ($debug); >>> print STDOUT "opening file $host\n" if ($log); >>> open(INPUT,"<$host") || die "open failed for $host: $!\n"; >>> } else { >>> print STDERR "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" >>> if ($debug); >>> print STDOUT "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" >>> if ($debug); >>> if (defined($ENV{NOPIPE}) && $ENV{NOPIPE} =~ /^YES/i) { >>> system "hulogin -t $timeo -c \"$huaw_cmds\" $host >>> $host.raw" || die "hulogin failed for $host: $!\n"; >>> open(INPUT, "< $host.raw") || die "hulogin failed for $host: > $!\n"; >>> } else { >>> open(INPUT,"hulogin -t $timeo -c \"$huaw_cmds\" $host >> |") || die "hulogin failed for $host: $!\n"; >>> } >>> } >>> >>> # determine password filtering mode >>> if ($ENV{"FILTER_PWDS"} =~ /no/i) { >>> $filter_pwds = 0; >>> } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { >>> $filter_pwds = 2; >>> } else { >>> $filter_pwds = 1; >>> } >>> >>> ProcessHistory("","","","#RANCID-CONTENT-TYPE: Huawei\n#\n"); >>> ProcessHistory("COMMENTS","keysort","B0","#\n"); >>> ProcessHistory("COMMENTS","keysort","F0","#\n"); >>> ProcessHistory("COMMENTS","keysort","G0","#\n"); >>> TOP: while() { >>> tr/\015//d; >>> >>> #print STDERR ("CMD: $_\n"); >>> >>> if (/\>\s?quit.*$/) { >>> $clean_run=1; >>> last; >>> } >>> >>> if (/^Error:/) { >>> print STDOUT ("$host hulogin error: $_"); >>> print STDERR ("$host hulogin error: $_") if ($debug); >>> $clean_run=0; >>> last; >>> } >>> >>> while (/\>\007*\s*($cmds_regexp)\s*$/) { >>> $cmd = $1; >>> >>> if (!defined($prompt)) { >>> $prompt = ($_ =~ /^([^>]+\>)/)[0]; >>> $prompt =~ s/([][}{)(file://])///$1/g; >>> print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); >>> } >>> print STDERR ("HIT COMMAND:$_") if ($debug); >>> if (! defined($commands{$cmd})) { >>> print STDERR "$host: found unexpected command - \"$cmd\"\n"; >>> $clean_run = 0; >>> last TOP; >>> } >>> $rval = &{$commands{$cmd}}; >>> delete($commands{$cmd}); >>> if ($rval == -1) { >>> $clean_run = 0; >>> last TOP; >>> } >>> } >>> } >>> print STDOUT "Done $logincmd: $_\n" if ($log); >>> # Flush History >>> ProcessHistory("","","",""); >>> # Cleanup >>> close(INPUT); >>> close(OUTPUT); >>> >>> if (defined($ENV{NOPIPE})) { >>> #unlink("$host.raw") if (! $debug); >>> } >>> # check for completeness >>> if (scalar(%commands) || !$clean_run || !$found_end) { >>> if (scalar(%commands)) { >>> printf(STDOUT "$host: missed cmd(s): %s\n", join(',', >>> keys(%commands))); >>> printf(STDERR "$host: missed cmd(s): %s\n", join(',', >>> keys(%commands))) if ($debug); >>> } >>> if (!$clean_run || !$found_end) { >>> print STDOUT "$host: End of run not found\n"; >>> print STDERR "$host: End of run not found\n" if ($debug); >>> system("/usr/bin/tail -1 $host.new"); >>> } >>> #unlink "$host.new" if (! $debug); >>> } >>> >>> >> >> >> -- >> Alan McKinnon >> alan.mckinnon at gmail.com > > >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net > > >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> >> > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > > > -- Alan McKinnon alan.mckinnon at gmail.com From jameserica156 at yahoo.com Tue Sep 17 10:11:45 2013 From: jameserica156 at yahoo.com (Erica James) Date: Tue, 17 Sep 2013 03:11:45 -0700 (PDT) Subject: [rancid] Rancid-missed cmds In-Reply-To: <5238109C.1080803@gmail.com> References: <1379337087.61091.YahooMailNeo@web160804.mail.bf1.yahoo.com> <523708AC.1060303@gmail.com> <1379341971.35444.YahooMailNeo@web160806.mail.bf1.yahoo.com> <52375DE2.1020300@gmail.com> <1379398083.59748.YahooMailNeo@web160804.mail.bf1.yahoo.com> <5238109C.1080803@gmail.com> Message-ID: <1379412705.60044.YahooMailNeo@web160801.mail.bf1.yahoo.com> Hello, Alan, thank you. ? I can see something better now. ? [eserica at netflow bin]$ /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 executing /home/eserica/rancid/bin/hulogin -t 90 -c"display version ; display current-configuration" 10.3.4.5 executing /home/eserica/rancid/bin/hulogin -t 90 -c"display version ; display current-configuration" 10.3.4.5 10.3.4.5: missed cmd(s): display current-configuration,display version 10.3.4.5: missed cmd(s): display current-configuration,display version 10.3.4.5: End of run not found 10.3.4.5: End of run not found # ________________________________ From: Alan McKinnon To: Erica James Cc: rancid shrubbery Sent: Tuesday, September 17, 2013 11:19 AM Subject: Re: [rancid] Rancid-missed cmds Ah, I see it now. The PATH is set in rancid.conf correctly so it is available when run from cron. You now need to add it to *your* path so it's available when you run the command on the cli. Add it in your .bashrc or .profile as appropriate, then log out, log in and run the test commands again. If rancid also runs as a different user yu should add the same to that users environment too. These steps won't affect how rancid runs on a cron schedule, it will only affect cli commands so our debugging efforts work On 17/09/2013 08:08, Erica James wrote: > Hello. > I have checked in rancid's PATH. > this is a portion of the rancid.conf file. > BASEDIR=/home/eserica/rancid/var/rancid; export BASEDIR > PATH=/home/eserica/rancid/bin:/usr/bin:.:/bin:/usr/kerberos/bin:/usr/local/bin:/usr/bin; > export PATH > >? > > *From:* Alan McKinnon > *To:* Erica James > *Cc:* rancid shrubbery > *Sent:* Monday, September 16, 2013 10:37 PM > *Subject:* Re: [rancid] Rancid-missed cmds > > On 16/09/2013 16:32, Erica James wrote: >> Alan, >> >> Thank you . Please see the below, >> >> 1. Can telnet to device and authenticate manually >> >> 2. /home/eserica/rancid/bin/hulogin -d 10.3.4.5 logs in successfully, >> and enables properly. Prompt is correct as well >> >> 3. /home/eserica/rancid/bin/hulogin -t 90 -c"display >> current-configuration ; display version" 10.3.4.5 runs cleanly. commands >> are run neatly. automatic login and logout >> 4.[eserica at netflow logs]$ > /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 >> executing hulogin -t 90 -c"display version ; display >> current-configuration" 10.3.4.5 >> executing hulogin -t 90 -c"display version ; display >> current-configuration" 10.3.4.5 >> sh: hulogin: command not found > >? ? ? ^^^^^^^^^^^^^^^^^^^^^^^^^^ > > You almost certainly do not have "/home/eserica/rancid/bin/" in rancid's > PATH. It is set in $RANCID_DIR/etc/rancid.conf. > > As to why this happened, it is very likely an installation failure. > > Did you install all of rancid to /home/eserica/rancid, or is that just a > convenient place to put rancid scripts you are testing? > > > The rancid build system works almost perfectly every time. It uses > autotools and is designed to install the entire package to > /usr/local/rancid/ by default and for the scripts to be run by user > "rancid". As with all Unix apps it is sensitive to ownership and > permission errors > > The errors you are getting indicate a faulty install, possibly trying to > do itmanually. > > > > >> 10.3.4.5: missed cmd(s): display current-configuration,display version >> 10.3.4.5: missed cmd(s): display current-configuration,display version >> 10.3.4.5: End of run not found >> 10.3.4.5: End of run not found >> The router.db >> 10.3.4.5:huawei:up >> >> The rancid-fe >>? ? 'huawei'? ? ? ? ? ? => 'h3crancid', >> >> Don't understand why am getting such an output? from >> /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 >> Any comments on the above? >> >> Still the same logs. >> >> Eserica >> >> >> *From:* Alan McKinnon > >> *To:* rancid shrubbery > >> *Sent:* Monday, September 16, 2013 4:33 PM >> *Subject:* Re: [rancid] Rancid-missed cmds >> >> The approach to fixing this is always the same, at this point nothing >> rancid is outputting helps debug in the slightest - all it says is that >> something went wrong, but we already know that. >> >> Do the following: >> >> 1. telnet to device and check you can auth manually >> 2. "hulogin " and check it logs in and enables properly, and >> that the prompt etc on the screen is correct >> 3. run "hulogin -t 90 -c"display current-configuration,display version" >> " and check that the commands do actually run correctly >> 4. run "hurancid -d " - this dumps a *complete* log in the >> current directory containing more info than the regular log you quoted >> and often reveals the problem (but not always). >> >> >> But first a few prior steps need to be verified: >> >> - the command in #3 I pasted from your log output, and that has comma >> separators. Your device might need semicolons, I have no idea as I don;t >> know that vendors stuff >> - the relevant line in router.db must contain the appropriate type >> string in field 3 >> - you will have had to edit rancid-fe and add a line for huawei to a >> perl hash. Without this, rancid-run doesn't know what parser script to >> call and it cannot work. >> - the device you have must be supported by the script you are using; >> just because Huawei made it is no guarantee it works similarly to >> anything else they might have made. >> >> >> If all of that checks out, then we need to look into the running perl >> itself. >> >> I believe we've been over most of this before, I don't recall getting a >> definitive answer. You really do need to go through all these steps as >> given, nothing else is going to get to the root of your problem. >> >> >> >> On 16/09/2013 15:11, Erica James wrote: >>> Hello >>> I have a problem with rancid parsing script. Logs show missed cmd(s). >>> Trying to get all of the configs. >>> 10.3.4.5: missed cmd(s): display current-configuration,display version >>> 10.3.4.5: End of run not found >>> # >>> All routers sucessfully completed. >>> cvs diff: Diffing . >>> cvs diff: Diffing configs >>> cvs commit: Examining . >>> cvs commit: Examining configs >>> >>> The script is for Huawei. The problem now seems to be that rancid is not >>> collecting configs. >>> Anyone with an idea on what to do? >>> >>> Below is the rancid-script >>> >>> #! /usr/bin/perl >>> ## >>> ## $Id$ >>> ## >>> ## rancid 2.3.8 >>> ## >>> ## Copyright (C) 1997-2004 by Terrapin Communications, Inc. >>> ## All rights reserved. >>> ## >>> ## This software may be freely copied, modified and redistributed >>> ## without fee for non-commerical purposes provided that this license >>> ## remains intact and unmodified with any RANCID distribution. >>> ## >>> ## There is no warranty or other guarantee of fitness of this software. >>> ## It is provided solely "as is".? The author(s) disclaim(s) all >>> ## responsibility and liability with respect to this software's usage >>> ## or its effect upon hardware, computer systems, other software, or >>> ## anything else. >>> ## >>> ## Except where noted otherwise, rancid was written by and is >> maintained by >>> ## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin >>> Schutz. >>> ## >>> # >>> # hurancid - Interface to Huawei devices >>> # >>> #? RANCID - Really Awesome New Cisco confIg Differ >>> # >>> # usage: rancid [-d] [-l] [-f filename | $host] >>> # >>> use Getopt::Std; >>> getopts('dfl'); >>> $log = $opt_l; >>> $debug = $opt_d; >>> $file = $opt_f; >>> $host = $ARGV[0]; >>> $clean_run = 0; >>> $found_end = 0; >>> $timeo = 90;? ? ? ? ? ? ? ? ? ? # hulogin timeout in seconds >>> >>> my(%filter_pwds);? ? ? ? ? ? ? # password filtering mode >>> # This routine is used to print out the router configuration >>> sub ProcessHistory { >>>? ? my($new_hist_tag,$new_command,$command_string, at string)=(@_); >>> if((($new_hist_tag ne $hist_tag) || ($new_command ne $command)) >>>? ? ? ? && defined %history) { >>>? ? ? ? print eval "$command \%history"; >>>? ? ? ? undef %history; >>>? ? } >>>? ? if (($new_hist_tag) && ($new_command) && ($command_string)) { >>>? ? ? ? if ($history{$command_string}) { >>>? ? ? ? ? ? $history{$command_string} = >>> "mailto:$history%7B$command_string%7D at string > >"; >>>? ? ? ? } else { >>>? ? ? ? ? ? $history{$command_string} = "@string"; >>>? ? ? ? } >>>? ? } elsif (($new_hist_tag) && ($new_command)) { >>>? ? ? ? $history{++$#history} = "@string"; >>>? ? } else { >>>? ? ? ? print "@string"; >>>? ? } >>>? ? $hist_tag = $new_hist_tag; >>>? ? $command = $new_command; >>>? ? 1; >>> } >>> >>> sub numerically { $a <=> $b; } >>> >>> # This is a sort routing that will sort numerically on the >>> # keys of a hash as if it were a normal array. >>> sub keynsort { >>>? ? local(%lines)=@_; >>>? ? local($i) = 0; >>>? ? local(@sorted_lines); >>>? ? foreach $key (sort numerically keys(%lines)) { >>>? ? ? ? $sorted_lines[$i] = $lines{$key}; >>>? ? ? ? $i++; >>>? ? } >>>? ? @sorted_lines; >>> } >>> >>> # This is a sort routing that will sort on the >>> # keys of a hash as if it were a normal array. >>> sub keysort { >>>? ? local(%lines)=@_; >>>? ? local($i) = 0; >>>? ? local(@sorted_lines); >>>? ? foreach $key (sort keys(%lines)) { >>>? ? ? ? $sorted_lines[$i] = $lines{$key}; >>>? ? ? ? $i++; >>>? ? } >>>? ? @sorted_lines; >>> } >>> >>> # This is a sort routing that will sort on the >>> # values of a hash as if it were a normal array. >>> sub valsort{ >>>? ? local(%lines)=@_; >>>? ? local($i) = 0; >>>? ? local(@sorted_lines); >>>? ? foreach $key (sort values %lines) { >>>? ? ? ? $sorted_lines[$i] = $key; >>>? ? ? ? $i++; >>>? ? } >>>? ? @sorted_lines; >>> } >>> >>> # This is a numerical sort routing (ascending). >>> sub numsort { >>>? ? local(%lines)=@_; >>>? ? local($i) = 0; >>>? ? local(@sorted_lines); >>>? ? foreach $num (sort {$a <=> $b} keys %lines) { >>>? ? ? ? $sorted_lines[$i] = $lines{$num}; >>>? ? ? ? $i++; >>>? ? } >>>? ? @sorted_lines; >>> } >>> >>> # This is a sort routine that will sort on the >>> # ip address when the ip address is anywhere in >>> # the strings. >>> sub ipsort { >>>? ? local(%lines)=@_; >>>? ? local($i) = 0; >>>? ? local(@sorted_lines); >>>? ? foreach $addr (sort sortbyipaddr keys %lines) { >>>? ? ? ? $sorted_lines[$i] = $lines{$addr}; >>>? ? ? ? $i++; >>>? ? } >>>? ? @sorted_lines; >>> } >>> >>> # These two routines will sort based upon IP addresses >>> sub ipaddrval { >>>? ? my(@a) = ($_[0] =~ m#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#); >>>? ? $a[3]+256*($a[2]+256*($a[1]+256*$a[0])); >>> } >>> sub sortbyipaddr { >>>? ? &ipaddrval($a) <=> &ipaddrval($b); >>> } >>> >>> >>> # This routine processes a "show configuration" >>> # This routine processes a "show configuration" >>> sub WriteTerm { >>>? ? print STDERR "? ? In WriteTerm: $_" if ($debug); >>>? ? #my($lineauto) = 0; >>> >>>? ? while () { >>> #print STDERR "History $_\n"; >>> >>>? ? ? ? tr/\015//d; >>>? ? ? ? last if(/^$prompt/); >>>? ? ? ? next if (/^(\s*|\s*$cmd\s*)$/); >>>? ? ? ? return(1) if (/^\s*\^\s*$/); >>>? ? ? ? return(1) if (/Line has invalid autocommand /); >>>? ? ? ? return(1) if (/(Invalid (input|command) detected|Type help or > )/i); >>>? ? ? ? return(-1) if (/command authorization failed/i); >>>? ? ? ? # the pager can not be disabled per-session on the PIX >>>? ? ? ? if (/^(<-+ More -+>)/) { >>>? ? ? ? ? ? my($len) = length($1); >>>? ? ? ? ? ? s/^$1\s{$len}//; >>>? ? ? ? } >>>? ? >>>? ? ? ? /^/ && next; >>>? ? ? ? ProcessHistory("COMMENTS","keysort","B1","# $_") && next; >>>? ? } >>> >>>? ? ? ? # end of config...is a comment. >>>? ? ? ? if (/^return/i) { >>> $found_end = 1; >>>? ? ? ? ? ? return(1); >>>? ? ? ? } >>> >>>? ? ? ? return(0); >>> } >>> >>> # This routine copies everything with precefing "#" >>> sub CopyComment { >>>? ? print STDERR "? ? In CopyComment: $_" if ($debug); >>> >>>? ? while () { >>>? ? ? ? tr/\015//d; >>>? ? ? ? last if (/^$prompt/); >>> >>>? ? ? ? ProcessHistory("","","","# $_"); >>>? ? ? ? # end of config >>>? ? } >>>? ? return(0); >>> } >>> >>> # filter out "uptime" lines >>> sub FilterUptime { >>>? ? print STDERR "? ? In FilterUptime: $_" if ($debug); >>> >>>? ? while () { >>>? ? ? ? tr/\015//d; >>>? ? ? ? last if (/^$prompt/); >>> #nmeongeza >>>? ? ? ? next if (/^(\s*|\s*$cmd\s*)$/); >>>? ? ? ? return(-1) if (/command authorization failed/i); >>>? ? ? ? /^VERSION\=>(\s+.*)$/ && >>> ProcessHistory("COMMENTS","keysort","C1","\#\n# Version: $1\n") >>> && next; >>>? ? ? ? /^PATCH\=>(\s+.*)$/ && >>> ProcessHistory("COMMENTS","keysort","C2","\# Patch: $1\n") >>> && next; >>> >>>? ? ? ? /^PRODUCT\=>(\s+.*)$/ && >>> ProcessHistory("COMMENTS","keysort","C3","\# Version: $1\n") >>> && next; >>> } >>> return(0); >>> } >>> >>> >>> # dummy function >>> sub DoNothing {print STDOUT;} >>> >>> # Main >>> @commandtable = ( >>>? ? ? ? {'display version'? ? ? ? ? ? ? ? ? ? ? => 'FilterUptime'}, >>>? ? ? ? {'display patch-information'? ? ? ? ? ? => 'CopyComment'}, >>>? ? ? ? {'display device'? ? ? ? ? ? ? ? ? ? ? ? => 'CopyComment'}, >>>? ? ? ? {'display device pic-status'? ? ? ? ? ? => 'CopyComment'}, >>>? ? ? ? {'display current-configuration'? ? ? ? => 'WriteTerm'}, >>> ); >>> >>> # Use an array to preserve the order of the commands and a hash for >> mapping >>> # commands to the subroutine and track commands that have been completed. >>> @commands = map(keys(%$_), @commandtable); >>> %commands = map(%$_, @commandtable); >>> >>> $huaw_cmds=join(";", at commands); >>> $cmds_regexp=join("|", at commands); >>> >>> open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: > $!\n"; >>> select(OUTPUT); >>> # make OUTPUT unbuffered if debugging >>> if ($debug) { $| = 1; } >>> >>> if ($file) { >>>? ? print STDERR "opening file $host\n" if ($debug); >>>? ? print STDOUT "opening file $host\n" if ($log); >>>? ? open(INPUT,"<$host") || die "open failed for $host: $!\n"; >>> } else { >>>? ? print STDERR "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" >>> if ($debug); >>>? ? print STDOUT "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" >>> if ($debug); >>>? ? if (defined($ENV{NOPIPE}) && $ENV{NOPIPE} =~ /^YES/i) { >>>? ? ? ? system "hulogin -t $timeo -c \"$huaw_cmds\" $host >>> $host.raw" || die "hulogin failed for $host: $!\n"; >>>? ? ? ? open(INPUT, "< $host.raw") || die "hulogin failed for $host: > $!\n"; >>>? ? } else { >>>? ? ? ? open(INPUT,"hulogin -t $timeo -c \"$huaw_cmds\" $host >> |") || die "hulogin failed for $host: $!\n"; >>>? ? } >>> } >>> >>> # determine password filtering mode >>> if ($ENV{"FILTER_PWDS"} =~ /no/i) { >>>? ? ? ? $filter_pwds = 0; >>> } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { >>>? ? ? ? $filter_pwds = 2; >>> } else { >>>? ? ? ? $filter_pwds = 1; >>> } >>> >>> ProcessHistory("","","","#RANCID-CONTENT-TYPE: Huawei\n#\n"); >>> ProcessHistory("COMMENTS","keysort","B0","#\n"); >>> ProcessHistory("COMMENTS","keysort","F0","#\n"); >>> ProcessHistory("COMMENTS","keysort","G0","#\n"); >>> TOP: while() { >>>? ? tr/\015//d; >>> >>> #print STDERR ("CMD: $_\n"); >>> >>>? ? if (/\>\s?quit.*$/) { >>>? ? ? ? $clean_run=1; >>>? ? ? ? last; >>>? ? } >>> >>>? ? if (/^Error:/) { >>>? ? ? ? print STDOUT ("$host hulogin error: $_"); >>>? ? ? ? print STDERR ("$host hulogin error: $_") if ($debug); >>>? ? ? ? $clean_run=0; >>>? ? ? ? last; >>> } >>> >>>? ? while (/\>\007*\s*($cmds_regexp)\s*$/) { >>>? ? ? ? $cmd = $1; >>> >>>? ? ? ? if (!defined($prompt)) { >>>? ? ? ? ? ? $prompt = ($_ =~ /^([^>]+\>)/)[0]; >>>? ? ? ? ? ? $prompt =~ s/([][}{)(file://])///$1/g; >>>? ? ? ? ? ? print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); >>>? ? ? ? } >>>? ? ? ? print STDERR ("HIT COMMAND:$_") if ($debug); >>>? ? ? ? if (! defined($commands{$cmd})) { >>>? ? ? ? ? ? print STDERR "$host: found unexpected command - \"$cmd\"\n"; >>>? ? ? ? ? ? $clean_run = 0; >>>? ? ? ? ? ? last TOP; >>>? ? ? ? } >>>? ? ? ? $rval = &{$commands{$cmd}}; >>>? ? ? ? delete($commands{$cmd}); >>>? ? ? ? if ($rval == -1) { >>>? ? ? ? ? ? $clean_run = 0; >>>? ? ? ? ? ? last TOP; >>>? ? ? ? } >>>? ? } >>> } >>> print STDOUT "Done $logincmd: $_\n" if ($log); >>> # Flush History >>> ProcessHistory("","","",""); >>> # Cleanup >>> close(INPUT); >>> close(OUTPUT); >>> >>> if (defined($ENV{NOPIPE})) { >>>? ? #unlink("$host.raw") if (! $debug); >>> } >>> # check for completeness >>> if (scalar(%commands) || !$clean_run || !$found_end) { >>>? ? if (scalar(%commands)) { >>>? ? ? ? printf(STDOUT "$host: missed cmd(s): %s\n", join(',', >>> keys(%commands))); >>>? ? ? ? printf(STDERR "$host: missed cmd(s): %s\n", join(',', >>> keys(%commands))) if ($debug); >>>? ? } >>>? ? if (!$clean_run || !$found_end) { >>>? ? ? ? print STDOUT "$host: End of run not found\n"; >>>? ? ? ? print STDERR "$host: End of run not found\n" if ($debug); >>>? ? ? ? system("/usr/bin/tail -1 $host.new"); >>>? ? } >>>? ? #unlink "$host.new" if (! $debug); >>> } >>> >>> >> >> >> -- >> Alan McKinnon >> alan.mckinnon at gmail.com > > >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net > > >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> >> > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > > > -- Alan McKinnon alan.mckinnon at gmail.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From jameserica156 at yahoo.com Tue Sep 17 10:52:50 2013 From: jameserica156 at yahoo.com (Erica James) Date: Tue, 17 Sep 2013 03:52:50 -0700 (PDT) Subject: [rancid] Rancid-missed cmds In-Reply-To: <52382D56.5010800@gmail.com> References: <1379337087.61091.YahooMailNeo@web160804.mail.bf1.yahoo.com> <523708AC.1060303@gmail.com> <1379341971.35444.YahooMailNeo@web160806.mail.bf1.yahoo.com> <52375DE2.1020300@gmail.com> <1379398083.59748.YahooMailNeo@web160804.mail.bf1.yahoo.com> <5238109C.1080803@gmail.com> <1379412705.60044.YahooMailNeo@web160801.mail.bf1.yahoo.com> <52382D56.5010800@gmail.com> Message-ID: <1379415170.29461.YahooMailNeo@web160804.mail.bf1.yahoo.com> ? /home/eserica/rancid/bin/hulogin -t 90 -c"display version ; display current-configuration" 10.3.4.5 ? runs neatly. Actually, It logs in, to the enable mode, then runs "display version" gives the output of the command, afterwards runs "display current-configuration" and gives the output of the command as well. thereafter logs out, ? [eserica at netflow bin]$ /home/eserica/rancid/bin/hulogin -t 90 -c "display version ; display current-configuration" 10.3.4.5 10.3.4.5 spawn telnet 10.3.4.5 Trying 10.3.4.5... Connected to 10.3.4.5 (10.3.4.5). Escape character is '^]'. >>User name:xxx >>User password: ? Huawei Integrated Access SoftwareMA5600T. ? <> ? MA5600T>enable MA5600T# ? <> ? MA5600T#display version ? <> ? MA5600T# display current-configuration ?? <> ? # return MA5600T#quit ? Check whether system data has been changed. Please save data before logout. Are you sure to log out? (y/n)[n]:y MA5600T# ? Configuration console exit, please retry to log on Connection closed by foreign host. [eserica at netflow bin]$ ? ? ________________________________ ??From: Alan McKinnon To: Erica James Sent: Tuesday, September 17, 2013 1:22 PM Subject: Re: [rancid] Rancid-missed cmds Yes, that is much better now. The commands we need to run to debug now run properly. If you run /home/eserica/rancid/bin/hulogin -t 90 -c"display version ; display current-configuration" 10.3.4.5 from the command line, do you get sensible output on the screen? What's the exit code from running that command? I need to establish if hulogin is doing the right thing or not before we dig into the rancid parser On 17/09/2013 12:11, Erica James wrote: > Hello, > Alan, thank you. >? > I can see something better now. >? > [eserica at netflow bin]$ /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 > executing /home/eserica/rancid/bin/hulogin -t 90 -c"display version ; > display current-configuration" 10.3.4.5 > executing /home/eserica/rancid/bin/hulogin -t 90 -c"display version ; > display current-configuration" 10.3.4.5 > 10.3.4.5: missed cmd(s): display current-configuration,display version > 10.3.4.5: missed cmd(s): display current-configuration,display version > 10.3.4.5: End of run not found > 10.3.4.5: End of run not found > # > > *From:* Alan McKinnon > *To:* Erica James > *Cc:* rancid shrubbery > *Sent:* Tuesday, September 17, 2013 11:19 AM > *Subject:* Re: [rancid] Rancid-missed cmds > > Ah, I see it now. The PATH is set in rancid.conf correctly so it is > available when run from cron. > > You now need to add it to *your* path so it's available when you run the > command on the cli. Add it in your .bashrc or .profile as appropriate, > then log out, log in and run the test commands again. If rancid also > runs as a different user yu should add the same to that users > environment too. > > These steps won't affect how rancid runs on a cron schedule, it will > only affect cli commands so our debugging efforts work > > > On 17/09/2013 08:08, Erica James wrote: >> Hello. >> I have checked in rancid's PATH. >> this is a portion of the rancid.conf file. >> BASEDIR=/home/eserica/rancid/var/rancid; export BASEDIR >> > PATH=/home/eserica/rancid/bin:/usr/bin:.:/bin:/usr/kerberos/bin:/usr/local/bin:/usr/bin; >> export PATH >> >> >> >> *From:* Alan McKinnon > >> *To:* Erica James > >> *Cc:* rancid shrubbery > >> *Sent:* Monday, September 16, 2013 10:37 PM >> *Subject:* Re: [rancid] Rancid-missed cmds >> >> On 16/09/2013 16:32, Erica James wrote: >>> Alan, >>> >>> Thank you . Please see the below, >>> >>> 1. Can telnet to device and authenticate manually >>> >>> 2. /home/eserica/rancid/bin/hulogin -d 10.3.4.5 logs in successfully, >>> and enables properly. Prompt is correct as well >>> >>> 3. /home/eserica/rancid/bin/hulogin -t 90 -c"display >>> current-configuration ; display version" 10.3.4.5 runs cleanly. commands >>> are run neatly. automatic login and logout >>> 4.[eserica at netflow > logs]$ >> /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 >>> executing hulogin -t 90 -c"display version ; display >>> current-configuration" 10.3.4.5 >>> executing hulogin -t 90 -c"display version ; display >>> current-configuration" 10.3.4.5 >>> sh: hulogin: command not found >> >>? ? ? ^^^^^^^^^^^^^^^^^^^^^^^^^^ >> >> You almost certainly do not have "/home/eserica/rancid/bin/" in rancid's >> PATH. It is set in $RANCID_DIR/etc/rancid.conf. >> >> As to why this happened, it is very likely an installation failure. >> >> Did you install all of rancid to /home/eserica/rancid, or is that just a >> convenient place to put rancid scripts you are testing? >> >> >> The rancid build system works almost perfectly every time. It uses >> autotools and is designed to install the entire package to >> /usr/local/rancid/ by default and for the scripts to be run by user >> "rancid". As with all Unix apps it is sensitive to ownership and >> permission errors >> >> The errors you are getting indicate a faulty install, possibly trying to >> do itmanually. >> >> >> >> >>> 10.3.4.5: missed cmd(s): display current-configuration,display version >>> 10.3.4.5: missed cmd(s): display current-configuration,display version >>> 10.3.4.5: End of run not found >>> 10.3.4.5: End of run not found >>> The router.db >>> 10.3.4.5:huawei:up >>> >>> The rancid-fe >>>? ? 'huawei'? ? ? ? ? ? => 'h3crancid', >>> >>> Don't understand why am getting such an output? from >>> /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 >>> Any comments on the above? >>> >>> Still the same logs. >>> >>> Eserica >>> >>> >>> *From:* Alan McKinnon >> >> >>> *To:* rancid shrubbery >> >> >>> *Sent:* Monday, September 16, 2013 4:33 PM >>> *Subject:* Re: [rancid] Rancid-missed cmds >>> >>> The approach to fixing this is always the same, at this point nothing >>> rancid is outputting helps debug in the slightest - all it says is that >>> something went wrong, but we already know that. >>> >>> Do the following: >>> >>> 1. telnet to device and check you can auth manually >>> 2. "hulogin " and check it logs in and enables properly, and >>> that the prompt etc on the screen is correct >>> 3. run "hulogin -t 90 -c"display current-configuration,display version" >>> " and check that the commands do actually run correctly >>> 4. run "hurancid -d " - this dumps a *complete* log in the >>> current directory containing more info than the regular log you quoted >>> and often reveals the problem (but not always). >>> >>> >>> But first a few prior steps need to be verified: >>> >>> - the command in #3 I pasted from your log output, and that has comma >>> separators. Your device might need semicolons, I have no idea as I don;t >>> know that vendors stuff >>> - the relevant line in router.db must contain the appropriate type >>> string in field 3 >>> - you will have had to edit rancid-fe and add a line for huawei to a >>> perl hash. Without this, rancid-run doesn't know what parser script to >>> call and it cannot work. >>> - the device you have must be supported by the script you are using; >>> just because Huawei made it is no guarantee it works similarly to >>> anything else they might have made. >>> >>> >>> If all of that checks out, then we need to look into the running perl >>> itself. >>> >>> I believe we've been over most of this before, I don't recall getting a >>> definitive answer. You really do need to go through all these steps as >>> given, nothing else is going to get to the root of your problem. >>> >>> >>> >>> On 16/09/2013 15:11, Erica James wrote: >>>> Hello >>>> I have a problem with rancid parsing script. Logs show missed cmd(s). >>>> Trying to get all of the configs. >>>> 10.3.4.5: missed cmd(s): display current-configuration,display version >>>> 10.3.4.5: End of run not found >>>> # >>>> All routers sucessfully completed. >>>> cvs diff: Diffing . >>>> cvs diff: Diffing configs >>>> cvs commit: Examining . >>>> cvs commit: Examining configs >>>> >>>> The script is for Huawei. The problem now seems to be that rancid is not >>>> collecting configs. >>>> Anyone with an idea on what to do? >>>> >>>> Below is the rancid-script >>>> >>>> #! /usr/bin/perl >>>> ## >>>> ## $Id$ >>>> ## >>>> ## rancid 2.3.8 >>>> ## >>>> ## Copyright (C) 1997-2004 by Terrapin Communications, Inc. >>>> ## All rights reserved. >>>> ## >>>> ## This software may be freely copied, modified and redistributed >>>> ## without fee for non-commerical purposes provided that this license >>>> ## remains intact and unmodified with any RANCID distribution. >>>> ## >>>> ## There is no warranty or other guarantee of fitness of this software. >>>> ## It is provided solely "as is".? The author(s) disclaim(s) all >>>> ## responsibility and liability with respect to this software's usage >>>> ## or its effect upon hardware, computer systems, other software, or >>>> ## anything else. >>>> ## >>>> ## Except where noted otherwise, rancid was written by and is >>> maintained by >>>> ## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin >>>> Schutz. >>>> ## >>>> # >>>> # hurancid - Interface to Huawei devices >>>> # >>>> #? RANCID - Really Awesome New Cisco confIg Differ >>>> # >>>> # usage: rancid [-d] [-l] [-f filename | $host] >>>> # >>>> use Getopt::Std; >>>> getopts('dfl'); >>>> $log = $opt_l; >>>> $debug = $opt_d; >>>> $file = $opt_f; >>>> $host = $ARGV[0]; >>>> $clean_run = 0; >>>> $found_end = 0; >>>> $timeo = 90;? ? ? ? ? ? ? ? ? ? # hulogin timeout in seconds >>>> >>>> my(%filter_pwds);? ? ? ? ? ? ? # password filtering mode >>>> # This routine is used to print out the router configuration >>>> sub ProcessHistory { >>>>? ? my($new_hist_tag,$new_command,$command_string, at string)=(@_); >>>> if((($new_hist_tag ne $hist_tag) || ($new_command ne $command)) >>>>? ? ? ? && defined %history) { >>>>? ? ? ? print eval "$command \%history"; >>>>? ? ? ? undef %history; >>>>? ? } >>>>? ? if (($new_hist_tag) && ($new_command) && ($command_string)) { >>>>? ? ? ? if ($history{$command_string}) { >>>>? ? ? ? ? ? $history{$command_string} = >>>> "mailto:$history%7B$command_string%7D at string > > >> >>"; >>>>? ? ? ? } else { >>>>? ? ? ? ? ? $history{$command_string} = "@string"; >>>>? ? ? ? } >>>>? ? } elsif (($new_hist_tag) && ($new_command)) { >>>>? ? ? ? $history{++$#history} = "@string"; >>>>? ? } else { >>>>? ? ? ? print "@string"; >>>>? ? } >>>>? ? $hist_tag = $new_hist_tag; >>>>? ? $command = $new_command; >>>>? ? 1; >>>> } >>>> >>>> sub numerically { $a <=> $b; } >>>> >>>> # This is a sort routing that will sort numerically on the >>>> # keys of a hash as if it were a normal array. >>>> sub keynsort { >>>>? ? local(%lines)=@_; >>>>? ? local($i) = 0; >>>>? ? local(@sorted_lines); >>>>? ? foreach $key (sort numerically keys(%lines)) { >>>>? ? ? ? $sorted_lines[$i] = $lines{$key}; >>>>? ? ? ? $i++; >>>>? ? } >>>>? ? @sorted_lines; >>>> } >>>> >>>> # This is a sort routing that will sort on the >>>> # keys of a hash as if it were a normal array. >>>> sub keysort { >>>>? ? local(%lines)=@_; >>>>? ? local($i) = 0; >>>>? ? local(@sorted_lines); >>>>? ? foreach $key (sort keys(%lines)) { >>>>? ? ? ? $sorted_lines[$i] = $lines{$key}; >>>>? ? ? ? $i++; >>>>? ? } >>>>? ? @sorted_lines; >>>> } >>>> >>>> # This is a sort routing that will sort on the >>>> # values of a hash as if it were a normal array. >>>> sub valsort{ >>>>? ? local(%lines)=@_; >>>>? ? local($i) = 0; >>>>? ? local(@sorted_lines); >>>>? ? foreach $key (sort values %lines) { >>>>? ? ? ? $sorted_lines[$i] = $key; >>>>? ? ? ? $i++; >>>>? ? } >>>>? ? @sorted_lines; >>>> } >>>> >>>> # This is a numerical sort routing (ascending). >>>> sub numsort { >>>>? ? local(%lines)=@_; >>>>? ? local($i) = 0; >>>>? ? local(@sorted_lines); >>>>? ? foreach $num (sort {$a <=> $b} keys %lines) { >>>>? ? ? ? $sorted_lines[$i] = $lines{$num}; >>>>? ? ? ? $i++; >>>>? ? } >>>>? ? @sorted_lines; >>>> } >>>> >>>> # This is a sort routine that will sort on the >>>> # ip address when the ip address is anywhere in >>>> # the strings. >>>> sub ipsort { >>>>? ? local(%lines)=@_; >>>>? ? local($i) = 0; >>>>? ? local(@sorted_lines); >>>>? ? foreach $addr (sort sortbyipaddr keys %lines) { >>>>? ? ? ? $sorted_lines[$i] = $lines{$addr}; >>>>? ? ? ? $i++; >>>>? ? } >>>>? ? @sorted_lines; >>>> } >>>> >>>> # These two routines will sort based upon IP addresses >>>> sub ipaddrval { >>>>? ? my(@a) = ($_[0] =~ m#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#); >>>>? ? $a[3]+256*($a[2]+256*($a[1]+256*$a[0])); >>>> } >>>> sub sortbyipaddr { >>>>? ? &ipaddrval($a) <=> &ipaddrval($b); >>>> } >>>> >>>> >>>> # This routine processes a "show configuration" >>>> # This routine processes a "show configuration" >>>> sub WriteTerm { >>>>? ? print STDERR "? ? In WriteTerm: $_" if ($debug); >>>>? ? #my($lineauto) = 0; >>>> >>>>? ? while () { >>>> #print STDERR "History $_\n"; >>>> >>>>? ? ? ? tr/\015//d; >>>>? ? ? ? last if(/^$prompt/); >>>>? ? ? ? next if (/^(\s*|\s*$cmd\s*)$/); >>>>? ? ? ? return(1) if (/^\s*\^\s*$/); >>>>? ? ? ? return(1) if (/Line has invalid autocommand /); >>>>? ? ? ? return(1) if (/(Invalid (input|command) detected|Type help or >> )/i); >>>>? ? ? ? return(-1) if (/command authorization failed/i); >>>>? ? ? ? # the pager can not be disabled per-session on the PIX >>>>? ? ? ? if (/^(<-+ More -+>)/) { >>>>? ? ? ? ? ? my($len) = length($1); >>>>? ? ? ? ? ? s/^$1\s{$len}//; >>>>? ? ? ? } >>>>? >>>>? ? ? ? /^/ && next; >>>>? ? ? ? ProcessHistory("COMMENTS","keysort","B1","# $_") && next; >>>>? ? } >>>> >>>>? ? ? ? # end of config...is a comment. >>>>? ? ? ? if (/^return/i) { >>>> $found_end = 1; >>>>? ? ? ? ? ? return(1); >>>>? ? ? ? } >>>> >>>>? ? ? ? return(0); >>>> } >>>> >>>> # This routine copies everything with precefing "#" >>>> sub CopyComment { >>>>? ? print STDERR "? ? In CopyComment: $_" if ($debug); >>>> >>>>? ? while () { >>>>? ? ? ? tr/\015//d; >>>>? ? ? ? last if (/^$prompt/); >>>> >>>>? ? ? ? ProcessHistory("","","","# $_"); >>>>? ? ? ? # end of config >>>>? ? } >>>>? ? return(0); >>>> } >>>> >>>> # filter out "uptime" lines >>>> sub FilterUptime { >>>>? ? print STDERR "? ? In FilterUptime: $_" if ($debug); >>>> >>>>? ? while () { >>>>? ? ? ? tr/\015//d; >>>>? ? ? ? last if (/^$prompt/); >>>> #nmeongeza >>>>? ? ? ? next if (/^(\s*|\s*$cmd\s*)$/); >>>>? ? ? ? return(-1) if (/command authorization failed/i); >>>>? ? ? ? /^VERSION\=>(\s+.*)$/ && >>>> ProcessHistory("COMMENTS","keysort","C1","\#\n# Version: $1\n") >>>> && next; >>>>? ? ? ? /^PATCH\=>(\s+.*)$/ && >>>> ProcessHistory("COMMENTS","keysort","C2","\# Patch: $1\n") >>>> && next; >>>> >>>>? ? ? ? /^PRODUCT\=>(\s+.*)$/ && >>>> ProcessHistory("COMMENTS","keysort","C3","\# Version: $1\n") >>>> && next; >>>> } >>>> return(0); >>>> } >>>> >>>> >>>> # dummy function >>>> sub DoNothing {print STDOUT;} >>>> >>>> # Main >>>> @commandtable = ( >>>>? ? ? ? {'display version'? ? ? ? ? ? ? ? ? ? ? => 'FilterUptime'}, >>>>? ? ? ? {'display patch-information'? ? ? ? ? ? => 'CopyComment'}, >>>>? ? ? ? {'display device'? ? ? ? ? ? ? ? ? ? ? ? => 'CopyComment'}, >>>>? ? ? ? {'display device pic-status'? ? ? ? ? ? => 'CopyComment'}, >>>>? ? ? ? {'display current-configuration'? ? ? ? => 'WriteTerm'}, >>>> ); >>>> >>>> # Use an array to preserve the order of the commands and a hash for >>> mapping >>>> # commands to the subroutine and track commands that have been > completed. >>>> @commands = map(keys(%$_), @commandtable); >>>> %commands = map(%$_, @commandtable); >>>> >>>> $huaw_cmds=join(";", at commands); >>>> $cmds_regexp=join("|", at commands); >>>> >>>> open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: >> $!\n"; >>>> select(OUTPUT); >>>> # make OUTPUT unbuffered if debugging >>>> if ($debug) { $| = 1; } >>>> >>>> if ($file) { >>>>? ? print STDERR "opening file $host\n" if ($debug); >>>>? ? print STDOUT "opening file $host\n" if ($log); >>>>? ? open(INPUT,"<$host") || die "open failed for $host: $!\n"; >>>> } else { >>>>? ? print STDERR "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" >>>> if ($debug); >>>>? ? print STDOUT "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" >>>> if ($debug); >>>>? ? if (defined($ENV{NOPIPE}) && $ENV{NOPIPE} =~ /^YES/i) { >>>>? ? ? ? system "hulogin -t $timeo -c \"$huaw_cmds\" $host >>>> $host.raw" || die "hulogin failed for $host: $!\n"; >>>>? ? ? ? open(INPUT, "< $host.raw") || die "hulogin failed for $host: >> $!\n"; >>>>? ? } else { >>>>? ? ? ? open(INPUT,"hulogin -t $timeo -c \"$huaw_cmds\" $host >>> |") || die "hulogin failed for $host: $!\n"; >>>>? ? } >>>> } >>>> >>>> # determine password filtering mode >>>> if ($ENV{"FILTER_PWDS"} =~ /no/i) { >>>>? ? ? ? $filter_pwds = 0; >>>> } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { >>>>? ? ? ? $filter_pwds = 2; >>>> } else { >>>>? ? ? ? $filter_pwds = 1; >>>> } >>>> >>>> ProcessHistory("","","","#RANCID-CONTENT-TYPE: Huawei\n#\n"); >>>> ProcessHistory("COMMENTS","keysort","B0","#\n"); >>>> ProcessHistory("COMMENTS","keysort","F0","#\n"); >>>> ProcessHistory("COMMENTS","keysort","G0","#\n"); >>>> TOP: while() { >>>>? ? tr/\015//d; >>>> >>>> #print STDERR ("CMD: $_\n"); >>>> >>>>? ? if (/\>\s?quit.*$/) { >>>>? ? ? ? $clean_run=1; >>>>? ? ? ? last; >>>>? ? } >>>> >>>>? ? if (/^Error:/) { >>>>? ? ? ? print STDOUT ("$host hulogin error: $_"); >>>>? ? ? ? print STDERR ("$host hulogin error: $_") if ($debug); >>>>? ? ? ? $clean_run=0; >>>>? ? ? ? last; >>>> } >>>> >>>>? ? while (/\>\007*\s*($cmds_regexp)\s*$/) { >>>>? ? ? ? $cmd = $1; >>>> >>>>? ? ? ? if (!defined($prompt)) { >>>>? ? ? ? ? ? $prompt = ($_ =~ /^([^>]+\>)/)[0]; >>>>? ? ? ? ? ? $prompt =~ s/([][}{)(file://])///$1/g; >>>>? ? ? ? ? ? print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); >>>>? ? ? ? } >>>>? ? ? ? print STDERR ("HIT COMMAND:$_") if ($debug); >>>>? ? ? ? if (! defined($commands{$cmd})) { >>>>? ? ? ? ? ? print STDERR "$host: found unexpected command - \"$cmd\"\n"; >>>>? ? ? ? ? ? $clean_run = 0; >>>>? ? ? ? ? ? last TOP; >>>>? ? ? ? } >>>>? ? ? ? $rval = &{$commands{$cmd}}; >>>>? ? ? ? delete($commands{$cmd}); >>>>? ? ? ? if ($rval == -1) { >>>>? ? ? ? ? ? $clean_run = 0; >>>>? ? ? ? ? ? last TOP; >>>>? ? ? ? } >>>>? ? } >>>> } >>>> print STDOUT "Done $logincmd: $_\n" if ($log); >>>> # Flush History >>>> ProcessHistory("","","",""); >>>> # Cleanup >>>> close(INPUT); >>>> close(OUTPUT); >>>> >>>> if (defined($ENV{NOPIPE})) { >>>>? ? #unlink("$host.raw") if (! $debug); >>>> } >>>> # check for completeness >>>> if (scalar(%commands) || !$clean_run || !$found_end) { >>>>? ? if (scalar(%commands)) { >>>>? ? ? ? printf(STDOUT "$host: missed cmd(s): %s\n", join(',', >>>> keys(%commands))); >>>>? ? ? ? printf(STDERR "$host: missed cmd(s): %s\n", join(',', >>>> keys(%commands))) if ($debug); >>>>? ? } >>>>? ? if (!$clean_run || !$found_end) { >>>>? ? ? ? print STDOUT "$host: End of run not found\n"; >>>>? ? ? ? print STDERR "$host: End of run not found\n" if ($debug); >>>>? ? ? ? system("/usr/bin/tail -1 $host.new"); >>>>? ? } >>>>? ? #unlink "$host.new" if (! $debug); >>>> } >>>> >>>> >>> >>> >>> -- >>> Alan McKinnon >>> alan.mckinnon at gmail.com > > >> > >> >>> >>> _______________________________________________ >>> Rancid-discuss mailing list >>> Rancid-discuss at shrubbery.net > > >> > >> >>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>> >>> >> >> >> -- >> Alan McKinnon >> alan.mckinnon at gmail.com > > >> >> >> > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > > > -- Alan McKinnon alan.mckinnon at gmail.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From charlesvds at yahoo.com Tue Sep 17 11:32:38 2013 From: charlesvds at yahoo.com (Charles van der Spuy) Date: Tue, 17 Sep 2013 13:32:38 +0200 Subject: [rancid] New Device - Ligowave PTP-5N Message-ID: <52383DD6.5070508@yahoo.com> I am about to start the adventure of writing the necessary scripts to add a new device to the current collection. I am supporting a client who requires his bridge radio links backed up as well as router configs. I will be hoping to add Ligowave, Radwin and Strix devices to the mix. Firstly, if anybody has done any of the above, I would love to piggyback on what you have already done if you are willing to share. Otherwise, any words of wisdom on the approach I should take would be welcome. I hope that from this exercise I can write some kind of 'Adding Rancid Devices for Dummies' to make all our lives easier. Ah well, off to read my Expect Primer. Charles van der Spuy. From alan.mckinnon at gmail.com Tue Sep 17 11:44:57 2013 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Tue, 17 Sep 2013 13:44:57 +0200 Subject: [rancid] Rancid-missed cmds In-Reply-To: <1379415170.29461.YahooMailNeo@web160804.mail.bf1.yahoo.com> References: <1379337087.61091.YahooMailNeo@web160804.mail.bf1.yahoo.com> <523708AC.1060303@gmail.com> <1379341971.35444.YahooMailNeo@web160806.mail.bf1.yahoo.com> <52375DE2.1020300@gmail.com> <1379398083.59748.YahooMailNeo@web160804.mail.bf1.yahoo.com> <5238109C.1080803@gmail.com> <1379412705.60044.YahooMailNeo@web160801.mail.bf1.yahoo.com> <52382D56.5010800@gmail.com> <1379415170.29461.YahooMailNeo@web160804.mail.bf1.yahoo.com> Message-ID: <523840B9.3010109@gmail.com> OK, so now hulogin is working properly. You need to turn your attention to what the parser does with the output you feed it. Does hurancid/h3rancid support a -f option? This lets you use an existing .raw file as input instead of running hulogin each time. Makes life easier. I'm a little concerned about this snippet of output: MA5600T#quit Check whether system data has been changed. Please save data before logout. Are you sure to log out? (y/n)[n]:y MA5600T# Configuration console exit, please retry to log on Connection closed by foreign host. That interactive prompt might cause issues. On 17/09/2013 12:52, Erica James wrote: > > /home/eserica/rancid/bin/hulogin -t 90 -c"display version ; display > current-configuration" 10.3.4.5 > > runs neatly. Actually, > It logs in, to the enable mode, then runs "display version" gives the > output of the command, afterwards runs "display current-configuration" > and gives the output of the command as well. thereafter logs out, > > [eserica at netflow bin]$ /home/eserica/rancid/bin/hulogin -t 90 -c > "display version ; display current-configuration" 10.3.4.5 > 10.3.4.5 > spawn telnet 10.3.4.5 > Trying 10.3.4.5... > Connected to 10.3.4.5 (10.3.4.5). > Escape character is '^]'. >>>User name:xxx >>>User password: > > Huawei Integrated Access SoftwareMA5600T. > > <> > > MA5600T>enable > MA5600T# > > <> > > MA5600T#display version > > <> > > MA5600T# display current-configuration > > > <> > > # > return > MA5600T#quit > Check whether system data has been changed. Please save data before > logout. > Are you sure to log out? (y/n)[n]:y > MA5600T# > Configuration console exit, please retry to log on > Connection closed by foreign host. > [eserica at netflow bin]$ > > > *From:* Alan McKinnon > *To:* Erica James > *Sent:* Tuesday, September 17, 2013 1:22 PM > *Subject:* Re: [rancid] Rancid-missed cmds > > Yes, that is much better now. The commands we need to run to debug now > run properly. If you run > > /home/eserica/rancid/bin/hulogin -t 90 -c"display version ; display > current-configuration" 10.3.4.5 > > from the command line, do you get sensible output on the screen? What's > the exit code from running that command? > > I need to establish if hulogin is doing the right thing or not before we > dig into the rancid parser > > > > > On 17/09/2013 12:11, Erica James wrote: >> Hello, >> Alan, thank you. >> >> I can see something better now. >> >> [eserica at netflow bin]$ /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 >> executing /home/eserica/rancid/bin/hulogin -t 90 -c"display version ; >> display current-configuration" 10.3.4.5 >> executing /home/eserica/rancid/bin/hulogin -t 90 -c"display version ; >> display current-configuration" 10.3.4.5 >> 10.3.4.5: missed cmd(s): display current-configuration,display version >> 10.3.4.5: missed cmd(s): display current-configuration,display version >> 10.3.4.5: End of run not found >> 10.3.4.5: End of run not found >> # >> >> *From:* Alan McKinnon > >> *To:* Erica James > >> *Cc:* rancid shrubbery > >> *Sent:* Tuesday, September 17, 2013 11:19 AM >> *Subject:* Re: [rancid] Rancid-missed cmds >> >> Ah, I see it now. The PATH is set in rancid.conf correctly so it is >> available when run from cron. >> >> You now need to add it to *your* path so it's available when you run the >> command on the cli. Add it in your .bashrc or .profile as appropriate, >> then log out, log in and run the test commands again. If rancid also >> runs as a different user yu should add the same to that users >> environment too. >> >> These steps won't affect how rancid runs on a cron schedule, it will >> only affect cli commands so our debugging efforts work >> >> >> On 17/09/2013 08:08, Erica James wrote: >>> Hello. >>> I have checked in rancid's PATH. >>> this is a portion of the rancid.conf file. >>> BASEDIR=/home/eserica/rancid/var/rancid; export BASEDIR >>> >> > PATH=/home/eserica/rancid/bin:/usr/bin:.:/bin:/usr/kerberos/bin:/usr/local/bin:/usr/bin; >>> export PATH >>> >>> >>> >>> *From:* Alan McKinnon >> >> >>> *To:* Erica James >> >> >>> *Cc:* rancid shrubbery >> >> >>> *Sent:* Monday, September 16, 2013 10:37 PM >>> *Subject:* Re: [rancid] Rancid-missed cmds >>> >>> On 16/09/2013 16:32, Erica James wrote: >>>> Alan, >>>> >>>> Thank you . Please see the below, >>>> >>>> 1. Can telnet to device and authenticate manually >>>> >>>> 2. /home/eserica/rancid/bin/hulogin -d 10.3.4.5 logs in successfully, >>>> and enables properly. Prompt is correct as well >>>> >>>> 3. /home/eserica/rancid/bin/hulogin -t 90 -c"display >>>> current-configuration ; display version" 10.3.4.5 runs cleanly. commands >>>> are run neatly. automatic login and logout >>>> 4.[eserica at netflow > > logs]$ >>> /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 >>>> executing hulogin -t 90 -c"display version ; display >>>> current-configuration" 10.3.4.5 >>>> executing hulogin -t 90 -c"display version ; display >>>> current-configuration" 10.3.4.5 >>>> sh: hulogin: command not found >>> >>> ^^^^^^^^^^^^^^^^^^^^^^^^^^ >>> >>> You almost certainly do not have "/home/eserica/rancid/bin/" in rancid's >>> PATH. It is set in $RANCID_DIR/etc/rancid.conf. >>> >>> As to why this happened, it is very likely an installation failure. >>> >>> Did you install all of rancid to /home/eserica/rancid, or is that just a >>> convenient place to put rancid scripts you are testing? >>> >>> >>> The rancid build system works almost perfectly every time. It uses >>> autotools and is designed to install the entire package to >>> /usr/local/rancid/ by default and for the scripts to be run by user >>> "rancid". As with all Unix apps it is sensitive to ownership and >>> permission errors >>> >>> The errors you are getting indicate a faulty install, possibly trying to >>> do itmanually. >>> >>> >>> >>> >>>> 10.3.4.5: missed cmd(s): display current-configuration,display version >>>> 10.3.4.5: missed cmd(s): display current-configuration,display version >>>> 10.3.4.5: End of run not found >>>> 10.3.4.5: End of run not found >>>> The router.db >>>> 10.3.4.5:huawei:up >>>> >>>> The rancid-fe >>>> 'huawei' => 'h3crancid', >>>> >>>> Don't understand why am getting such an output from >>>> /home/eserica/rancid/bin/h3crancid -d 10.3.4.5 >>>> Any comments on the above? >>>> >>>> Still the same logs. >>>> >>>> Eserica >>>> >>>> >>>> *From:* Alan McKinnon >> > >>> > >>> >>>> *To:* rancid shrubbery >> > >>> >> >>> >>>> *Sent:* Monday, September 16, 2013 4:33 PM >>>> *Subject:* Re: [rancid] Rancid-missed cmds >>>> >>>> The approach to fixing this is always the same, at this point nothing >>>> rancid is outputting helps debug in the slightest - all it says is that >>>> something went wrong, but we already know that. >>>> >>>> Do the following: >>>> >>>> 1. telnet to device and check you can auth manually >>>> 2. "hulogin " and check it logs in and enables properly, and >>>> that the prompt etc on the screen is correct >>>> 3. run "hulogin -t 90 -c"display current-configuration,display version" >>>> " and check that the commands do actually run correctly >>>> 4. run "hurancid -d " - this dumps a *complete* log in the >>>> current directory containing more info than the regular log you quoted >>>> and often reveals the problem (but not always). >>>> >>>> >>>> But first a few prior steps need to be verified: >>>> >>>> - the command in #3 I pasted from your log output, and that has comma >>>> separators. Your device might need semicolons, I have no idea as I don;t >>>> know that vendors stuff >>>> - the relevant line in router.db must contain the appropriate type >>>> string in field 3 >>>> - you will have had to edit rancid-fe and add a line for huawei to a >>>> perl hash. Without this, rancid-run doesn't know what parser script to >>>> call and it cannot work. >>>> - the device you have must be supported by the script you are using; >>>> just because Huawei made it is no guarantee it works similarly to >>>> anything else they might have made. >>>> >>>> >>>> If all of that checks out, then we need to look into the running perl >>>> itself. >>>> >>>> I believe we've been over most of this before, I don't recall getting a >>>> definitive answer. You really do need to go through all these steps as >>>> given, nothing else is going to get to the root of your problem. >>>> >>>> >>>> >>>> On 16/09/2013 15:11, Erica James wrote: >>>>> Hello >>>>> I have a problem with rancid parsing script. Logs show missed cmd(s). >>>>> Trying to get all of the configs. >>>>> 10.3.4.5: missed cmd(s): display current-configuration,display version >>>>> 10.3.4.5: End of run not found >>>>> # >>>>> All routers sucessfully completed. >>>>> cvs diff: Diffing . >>>>> cvs diff: Diffing configs >>>>> cvs commit: Examining . >>>>> cvs commit: Examining configs >>>>> >>>>> The script is for Huawei. The problem now seems to be that rancid > is not >>>>> collecting configs. >>>>> Anyone with an idea on what to do? >>>>> >>>>> Below is the rancid-script >>>>> >>>>> #! /usr/bin/perl >>>>> ## >>>>> ## $Id$ >>>>> ## >>>>> ## rancid 2.3.8 >>>>> ## >>>>> ## Copyright (C) 1997-2004 by Terrapin Communications, Inc. >>>>> ## All rights reserved. >>>>> ## >>>>> ## This software may be freely copied, modified and redistributed >>>>> ## without fee for non-commerical purposes provided that this license >>>>> ## remains intact and unmodified with any RANCID distribution. >>>>> ## >>>>> ## There is no warranty or other guarantee of fitness of this software. >>>>> ## It is provided solely "as is". The author(s) disclaim(s) all >>>>> ## responsibility and liability with respect to this software's usage >>>>> ## or its effect upon hardware, computer systems, other software, or >>>>> ## anything else. >>>>> ## >>>>> ## Except where noted otherwise, rancid was written by and is >>>> maintained by >>>>> ## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin >>>>> Schutz. >>>>> ## >>>>> # >>>>> # hurancid - Interface to Huawei devices >>>>> # >>>>> # RANCID - Really Awesome New Cisco confIg Differ >>>>> # >>>>> # usage: rancid [-d] [-l] [-f filename | $host] >>>>> # >>>>> use Getopt::Std; >>>>> getopts('dfl'); >>>>> $log = $opt_l; >>>>> $debug = $opt_d; >>>>> $file = $opt_f; >>>>> $host = $ARGV[0]; >>>>> $clean_run = 0; >>>>> $found_end = 0; >>>>> $timeo = 90; # hulogin timeout in seconds >>>>> >>>>> my(%filter_pwds); # password filtering mode >>>>> # This routine is used to print out the router configuration >>>>> sub ProcessHistory { >>>>> my($new_hist_tag,$new_command,$command_string, at string)=(@_); >>>>> if((($new_hist_tag ne $hist_tag) || ($new_command ne $command)) >>>>> && defined %history) { >>>>> print eval "$command \%history"; >>>>> undef %history; >>>>> } >>>>> if (($new_hist_tag) && ($new_command) && ($command_string)) { >>>>> if ($history{$command_string}) { >>>>> $history{$command_string} = >>>>> "mailto:$history%7B$command_string%7D at string >> > >>> > >>"; >>>>> } else { >>>>> $history{$command_string} = "@string"; >>>>> } >>>>> } elsif (($new_hist_tag) && ($new_command)) { >>>>> $history{++$#history} = "@string"; >>>>> } else { >>>>> print "@string"; >>>>> } >>>>> $hist_tag = $new_hist_tag; >>>>> $command = $new_command; >>>>> 1; >>>>> } >>>>> >>>>> sub numerically { $a <=> $b; } >>>>> >>>>> # This is a sort routing that will sort numerically on the >>>>> # keys of a hash as if it were a normal array. >>>>> sub keynsort { >>>>> local(%lines)=@_; >>>>> local($i) = 0; >>>>> local(@sorted_lines); >>>>> foreach $key (sort numerically keys(%lines)) { >>>>> $sorted_lines[$i] = $lines{$key}; >>>>> $i++; >>>>> } >>>>> @sorted_lines; >>>>> } >>>>> >>>>> # This is a sort routing that will sort on the >>>>> # keys of a hash as if it were a normal array. >>>>> sub keysort { >>>>> local(%lines)=@_; >>>>> local($i) = 0; >>>>> local(@sorted_lines); >>>>> foreach $key (sort keys(%lines)) { >>>>> $sorted_lines[$i] = $lines{$key}; >>>>> $i++; >>>>> } >>>>> @sorted_lines; >>>>> } >>>>> >>>>> # This is a sort routing that will sort on the >>>>> # values of a hash as if it were a normal array. >>>>> sub valsort{ >>>>> local(%lines)=@_; >>>>> local($i) = 0; >>>>> local(@sorted_lines); >>>>> foreach $key (sort values %lines) { >>>>> $sorted_lines[$i] = $key; >>>>> $i++; >>>>> } >>>>> @sorted_lines; >>>>> } >>>>> >>>>> # This is a numerical sort routing (ascending). >>>>> sub numsort { >>>>> local(%lines)=@_; >>>>> local($i) = 0; >>>>> local(@sorted_lines); >>>>> foreach $num (sort {$a <=> $b} keys %lines) { >>>>> $sorted_lines[$i] = $lines{$num}; >>>>> $i++; >>>>> } >>>>> @sorted_lines; >>>>> } >>>>> >>>>> # This is a sort routine that will sort on the >>>>> # ip address when the ip address is anywhere in >>>>> # the strings. >>>>> sub ipsort { >>>>> local(%lines)=@_; >>>>> local($i) = 0; >>>>> local(@sorted_lines); >>>>> foreach $addr (sort sortbyipaddr keys %lines) { >>>>> $sorted_lines[$i] = $lines{$addr}; >>>>> $i++; >>>>> } >>>>> @sorted_lines; >>>>> } >>>>> >>>>> # These two routines will sort based upon IP addresses >>>>> sub ipaddrval { >>>>> my(@a) = ($_[0] =~ m#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#); >>>>> $a[3]+256*($a[2]+256*($a[1]+256*$a[0])); >>>>> } >>>>> sub sortbyipaddr { >>>>> &ipaddrval($a) <=> &ipaddrval($b); >>>>> } >>>>> >>>>> >>>>> # This routine processes a "show configuration" >>>>> # This routine processes a "show configuration" >>>>> sub WriteTerm { >>>>> print STDERR " In WriteTerm: $_" if ($debug); >>>>> #my($lineauto) = 0; >>>>> >>>>> while () { >>>>> #print STDERR "History $_\n"; >>>>> >>>>> tr/\015//d; >>>>> last if(/^$prompt/); >>>>> next if (/^(\s*|\s*$cmd\s*)$/); >>>>> return(1) if (/^\s*\^\s*$/); >>>>> return(1) if (/Line has invalid autocommand /); >>>>> return(1) if (/(Invalid (input|command) detected|Type help or >>> )/i); >>>>> return(-1) if (/command authorization failed/i); >>>>> # the pager can not be disabled per-session on the PIX >>>>> if (/^(<-+ More -+>)/) { >>>>> my($len) = length($1); >>>>> s/^$1\s{$len}//; >>>>> } >>>>> >>>>> /^/ && next; >>>>> ProcessHistory("COMMENTS","keysort","B1","# $_") && next; >>>>> } >>>>> >>>>> # end of config...is a comment. >>>>> if (/^return/i) { >>>>> $found_end = 1; >>>>> return(1); >>>>> } >>>>> >>>>> return(0); >>>>> } >>>>> >>>>> # This routine copies everything with precefing "#" >>>>> sub CopyComment { >>>>> print STDERR " In CopyComment: $_" if ($debug); >>>>> >>>>> while () { >>>>> tr/\015//d; >>>>> last if (/^$prompt/); >>>>> >>>>> ProcessHistory("","","","# $_"); >>>>> # end of config >>>>> } >>>>> return(0); >>>>> } >>>>> >>>>> # filter out "uptime" lines >>>>> sub FilterUptime { >>>>> print STDERR " In FilterUptime: $_" if ($debug); >>>>> >>>>> while () { >>>>> tr/\015//d; >>>>> last if (/^$prompt/); >>>>> #nmeongeza >>>>> next if (/^(\s*|\s*$cmd\s*)$/); >>>>> return(-1) if (/command authorization failed/i); >>>>> /^VERSION\=>(\s+.*)$/ && >>>>> ProcessHistory("COMMENTS","keysort","C1","\#\n# Version: $1\n") >>>>> && next; >>>>> /^PATCH\=>(\s+.*)$/ && >>>>> ProcessHistory("COMMENTS","keysort","C2","\# Patch: $1\n") >>>>> && next; >>>>> >>>>> /^PRODUCT\=>(\s+.*)$/ && >>>>> ProcessHistory("COMMENTS","keysort","C3","\# Version: $1\n") >>>>> && next; >>>>> } >>>>> return(0); >>>>> } >>>>> >>>>> >>>>> # dummy function >>>>> sub DoNothing {print STDOUT;} >>>>> >>>>> # Main >>>>> @commandtable = ( >>>>> {'display version' => 'FilterUptime'}, >>>>> {'display patch-information' => 'CopyComment'}, >>>>> {'display device' => 'CopyComment'}, >>>>> {'display device pic-status' => 'CopyComment'}, >>>>> {'display current-configuration' => 'WriteTerm'}, >>>>> ); >>>>> >>>>> # Use an array to preserve the order of the commands and a hash for >>>> mapping >>>>> # commands to the subroutine and track commands that have been >> completed. >>>>> @commands = map(keys(%$_), @commandtable); >>>>> %commands = map(%$_, @commandtable); >>>>> >>>>> $huaw_cmds=join(";", at commands); >>>>> $cmds_regexp=join("|", at commands); >>>>> >>>>> open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: >>> $!\n"; >>>>> select(OUTPUT); >>>>> # make OUTPUT unbuffered if debugging >>>>> if ($debug) { $| = 1; } >>>>> >>>>> if ($file) { >>>>> print STDERR "opening file $host\n" if ($debug); >>>>> print STDOUT "opening file $host\n" if ($log); >>>>> open(INPUT,"<$host") || die "open failed for $host: $!\n"; >>>>> } else { >>>>> print STDERR "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" >>>>> if ($debug); >>>>> print STDOUT "executing hulogin -t $timeo -c\"$huaw_cmds\" $host\n" >>>>> if ($debug); >>>>> if (defined($ENV{NOPIPE}) && $ENV{NOPIPE} =~ /^YES/i) { >>>>> system "hulogin -t $timeo -c \"$huaw_cmds\" $host >>>>> $host.raw" || die "hulogin failed for $host: $!\n"; >>>>> open(INPUT, "< $host.raw") || die "hulogin failed for $host: >>> $!\n"; >>>>> } else { >>>>> open(INPUT,"hulogin -t $timeo -c \"$huaw_cmds\" $host >>>> |") || die "hulogin failed for $host: $!\n"; >>>>> } >>>>> } >>>>> >>>>> # determine password filtering mode >>>>> if ($ENV{"FILTER_PWDS"} =~ /no/i) { >>>>> $filter_pwds = 0; >>>>> } elsif ($ENV{"FILTER_PWDS"} =~ /all/i) { >>>>> $filter_pwds = 2; >>>>> } else { >>>>> $filter_pwds = 1; >>>>> } >>>>> >>>>> ProcessHistory("","","","#RANCID-CONTENT-TYPE: Huawei\n#\n"); >>>>> ProcessHistory("COMMENTS","keysort","B0","#\n"); >>>>> ProcessHistory("COMMENTS","keysort","F0","#\n"); >>>>> ProcessHistory("COMMENTS","keysort","G0","#\n"); >>>>> TOP: while() { >>>>> tr/\015//d; >>>>> >>>>> #print STDERR ("CMD: $_\n"); >>>>> >>>>> if (/\>\s?quit.*$/) { >>>>> $clean_run=1; >>>>> last; >>>>> } >>>>> >>>>> if (/^Error:/) { >>>>> print STDOUT ("$host hulogin error: $_"); >>>>> print STDERR ("$host hulogin error: $_") if ($debug); >>>>> $clean_run=0; >>>>> last; >>>>> } >>>>> >>>>> while (/\>\007*\s*($cmds_regexp)\s*$/) { >>>>> $cmd = $1; >>>>> >>>>> if (!defined($prompt)) { >>>>> $prompt = ($_ =~ /^([^>]+\>)/)[0]; >>>>> $prompt =~ s/([][}{)(file://])///$1/g; >>>>> print STDERR ("PROMPT MATCH: $prompt\n") if ($debug); >>>>> } >>>>> print STDERR ("HIT COMMAND:$_") if ($debug); >>>>> if (! defined($commands{$cmd})) { >>>>> print STDERR "$host: found unexpected command - \"$cmd\"\n"; >>>>> $clean_run = 0; >>>>> last TOP; >>>>> } >>>>> $rval = &{$commands{$cmd}}; >>>>> delete($commands{$cmd}); >>>>> if ($rval == -1) { >>>>> $clean_run = 0; >>>>> last TOP; >>>>> } >>>>> } >>>>> } >>>>> print STDOUT "Done $logincmd: $_\n" if ($log); >>>>> # Flush History >>>>> ProcessHistory("","","",""); >>>>> # Cleanup >>>>> close(INPUT); >>>>> close(OUTPUT); >>>>> >>>>> if (defined($ENV{NOPIPE})) { >>>>> #unlink("$host.raw") if (! $debug); >>>>> } >>>>> # check for completeness >>>>> if (scalar(%commands) || !$clean_run || !$found_end) { >>>>> if (scalar(%commands)) { >>>>> printf(STDOUT "$host: missed cmd(s): %s\n", join(',', >>>>> keys(%commands))); >>>>> printf(STDERR "$host: missed cmd(s): %s\n", join(',', >>>>> keys(%commands))) if ($debug); >>>>> } >>>>> if (!$clean_run || !$found_end) { >>>>> print STDOUT "$host: End of run not found\n"; >>>>> print STDERR "$host: End of run not found\n" if ($debug); >>>>> system("/usr/bin/tail -1 $host.new"); >>>>> } >>>>> #unlink "$host.new" if (! $debug); >>>>> } >>>>> >>>>> >>>> >>>> >>>> -- >>>> Alan McKinnon >>>> alan.mckinnon at gmail.com > > >> > >> >>> > > >> > >>> >>>> >>>> _______________________________________________ >>>> Rancid-discuss mailing list >>>> Rancid-discuss at shrubbery.net > > >> > >> >>> >> > >> > >>> >>>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>>> >>>> >>> >>> >>> -- >>> Alan McKinnon >>> alan.mckinnon at gmail.com > > >> > >> >>> >>> >>> >> >> >> -- >> Alan McKinnon >> alan.mckinnon at gmail.com > > >> >> >> > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > > > -- Alan McKinnon alan.mckinnon at gmail.com From alan.mckinnon at gmail.com Tue Sep 17 11:40:56 2013 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Tue, 17 Sep 2013 13:40:56 +0200 Subject: [rancid] New Device - Ligowave PTP-5N In-Reply-To: <52383DD6.5070508@yahoo.com> References: <52383DD6.5070508@yahoo.com> Message-ID: <52383FC8.7080808@gmail.com> On 17/09/2013 13:32, Charles van der Spuy wrote: > I am about to start the adventure of writing the necessary scripts to > add a new device to the current collection. > I am supporting a client who requires his bridge radio links backed up > as well as router configs. > > I will be hoping to add Ligowave, Radwin and Strix devices to the mix. > Firstly, if anybody has done any of the above, I would love to piggyback > on what you have already done if you are willing to share. > > Otherwise, any words of wisdom on the approach I should take would be > welcome. > I hope that from this exercise I can write some kind of 'Adding Rancid > Devices for Dummies' to make all our lives easier. First thing is to explore the device and get a very firm grip in your mind how it works. Log into it and observe how it does this process, run the commands that give you back the useful config and note places where the device gives you anything back other than pure ASCII separated by newlines. What you want to achieve is a good mental picture of how much it deviates from the general Cisco way of doing things (rancid is very Cisco-centric in it's design, you have to take this into account). The only really clever part then is a *login script that does the right thing, followed by the config parser. This last bit is mostly drudge work consisting of lots of subs that themselves consist of lots of regular expressions (read the "rancid" script to get the sense of it) If it turns out these devices are hugely different from Cisco's approach, then you have your work cut out for you and should probably find some other similar device with rancid support and use that as a base. I can't be of much more help than this, I've never worked on your devices. Everything I have is rather Cisco-like. > > Ah well, off to read my Expect Primer. > > Charles van der Spuy. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -- Alan McKinnon alan.mckinnon at gmail.com From jason at biel-tech.com Tue Sep 17 11:00:51 2013 From: jason at biel-tech.com (Jason Biel) Date: Tue, 17 Sep 2013 06:00:51 -0500 Subject: [rancid] Adding more commands during Rancid / Development Message-ID: While I understand the basics of adding additional commands to RANCID, what is the ideal way to be testing new commands as I am debugging them? Are most people running a dev RANCID install for testing? -- Jason -------------- next part -------------- An HTML attachment was scrubbed... URL: From charlesvds at yahoo.com Tue Sep 17 14:35:46 2013 From: charlesvds at yahoo.com (Charles van der Spuy) Date: Tue, 17 Sep 2013 16:35:46 +0200 Subject: [rancid] New Device - Ligowave PTP-5N In-Reply-To: <52383FC8.7080808@gmail.com> References: <52383DD6.5070508@yahoo.com> <52383FC8.7080808@gmail.com> Message-ID: <523868C2.2050707@yahoo.com> Alan, Thanks for the outline and words of encouragement. I'm sure I'll be back for more before too long. Charles. On 2013-09-17 01:40 PM, Alan McKinnon wrote: > On 17/09/2013 13:32, Charles van der Spuy wrote: >> I am about to start the adventure of writing the necessary scripts to >> add a new device to the current collection. >> I am supporting a client who requires his bridge radio links backed up >> as well as router configs. >> >> I will be hoping to add Ligowave, Radwin and Strix devices to the mix. >> Firstly, if anybody has done any of the above, I would love to piggyback >> on what you have already done if you are willing to share. >> >> Otherwise, any words of wisdom on the approach I should take would be >> welcome. >> I hope that from this exercise I can write some kind of 'Adding Rancid >> Devices for Dummies' to make all our lives easier. > First thing is to explore the device and get a very firm grip in your > mind how it works. Log into it and observe how it does this process, run > the commands that give you back the useful config and note places where > the device gives you anything back other than pure ASCII separated by > newlines. > > What you want to achieve is a good mental picture of how much it > deviates from the general Cisco way of doing things (rancid is very > Cisco-centric in it's design, you have to take this into account). > > The only really clever part then is a *login script that does the right > thing, followed by the config parser. This last bit is mostly drudge > work consisting of lots of subs that themselves consist of lots of > regular expressions (read the "rancid" script to get the sense of it) > > > > If it turns out these devices are hugely different from Cisco's > approach, then you have your work cut out for you and should probably > find some other similar device with rancid support and use that as a base. > > I can't be of much more help than this, I've never worked on your > devices. Everything I have is rather Cisco-like. > > >> Ah well, off to read my Expect Primer. >> >> Charles van der Spuy. >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss > From alan.mckinnon at gmail.com Tue Sep 17 14:34:15 2013 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Tue, 17 Sep 2013 16:34:15 +0200 Subject: [rancid] Adding more commands during Rancid / Development In-Reply-To: References: Message-ID: <52386867.3020902@gmail.com> On 17/09/2013 13:00, Jason Biel wrote: > While I understand the basics of adding additional commands to RANCID, > what is the ideal way to be testing new commands as I am debugging > them? Are most people running a dev RANCID install for testing? Most definitely :-) In any kind of real-life scenario, your rancid data in configs/ naturally evolves into a very critical data source. Almost nothing else out there is capable of documenting real life systems to the extent rancid can. This is great for your ego, but also means you can't fiddle with it so much. I keep 2 dev installs for different purposes and follow the classic dev/test/debug/deploy strategy. There's a second reason why this is a good idea - it is very common for sysadmins to maintain their own little patchset to customize rancid behaviour (mostly to account for quirks between device models) and then repatch new releases if your tweaks didn't make it into the codebase. A dev setup makes this process so much easier. -- -- Alan McKinnon alan.mckinnon at gmail.com From jason at biel-tech.com Wed Sep 18 00:36:04 2013 From: jason at biel-tech.com (Jason Biel) Date: Tue, 17 Sep 2013 19:36:04 -0500 Subject: [rancid] Adding more commands during Rancid / Development In-Reply-To: <52386867.3020902@gmail.com> References: <52386867.3020902@gmail.com> Message-ID: Understood, but even when in a dev environment, what is the best way to test changes to file for added commands? For example, I want to add new commands to jrancid, but I am not 100% sure on the sub routine configuration for parsing output. I suppose I can make the changes, use rancid-run, and just keep tweaking until the output in the configs/ directory is what I want I'm trying to mentally build out a process of adding commands for the different devices we use without just shotgunning it. On Tue, Sep 17, 2013 at 9:34 AM, Alan McKinnon wrote: > On 17/09/2013 13:00, Jason Biel wrote: > > While I understand the basics of adding additional commands to RANCID, > > what is the ideal way to be testing new commands as I am debugging > > them? Are most people running a dev RANCID install for testing? > > Most definitely :-) > > In any kind of real-life scenario, your rancid data in configs/ > naturally evolves into a very critical data source. Almost nothing else > out there is capable of documenting real life systems to the extent > rancid can. This is great for your ego, but also means you can't fiddle > with it so much. > > I keep 2 dev installs for different purposes and follow the classic > dev/test/debug/deploy strategy. > > There's a second reason why this is a good idea - it is very common for > sysadmins to maintain their own little patchset to customize rancid > behaviour (mostly to account for quirks between device models) and then > repatch new releases if your tweaks didn't make it into the codebase. A > dev setup makes this process so much easier. > > > -- > -- > Alan McKinnon > alan.mckinnon at gmail.com > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- Jason -------------- next part -------------- An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Wed Sep 18 06:12:31 2013 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 18 Sep 2013 08:12:31 +0200 Subject: [rancid] Adding more commands during Rancid / Development In-Reply-To: References: <52386867.3020902@gmail.com> Message-ID: <5239444F.5030708@gmail.com> It's an iterative process where you tweak your subs and regular expressions until you get the output you want. Running rancid-run repeatedly puts strain on your routers though, so use a short cut: jrancid -d gives the jlogin command to use use that and save the output to a file use the file as input to jrancid -f Now you can run it as many times as you like without hitting the network As for writing subs, add the command to @commandtable with the literal command as a key and a suitably named sub as the value. The subs all follow this pattern: # This routine parses "show chassis environment" sub ShowChassisEnvironment { print STDERR " In ShowChassisEnvironment: $_" if ($debug); s/^[a-z]+@//; ProcessHistory("","","","# $_"); while () { tr/\015//d; last if (/^$prompt/); <= regex magic goes here } return(0); } For me the hard part was figuring out how ProcessHistory() works - specifically what the arguments do. They just mark the output off in section and classify chunks of output that goes together. Change values around and runt he code to observe what they do. It's hard to express briefly in English so I'm not gonna try ;-) On 18/09/2013 02:36, Jason Biel wrote: > Understood, but even when in a dev environment, what is the best way to > test changes to file for added commands? For example, I want to add new > commands to jrancid, but I am not 100% sure on the sub routine > configuration for parsing output. I suppose I can make the changes, use > rancid-run, and just keep tweaking until the output in the configs/ > directory is what I want > > I'm trying to mentally build out a process of adding commands for the > different devices we use without just shotgunning it. > > > On Tue, Sep 17, 2013 at 9:34 AM, Alan McKinnon > wrote: > > On 17/09/2013 13:00, Jason Biel wrote: > > While I understand the basics of adding additional commands to RANCID, > > what is the ideal way to be testing new commands as I am debugging > > them? Are most people running a dev RANCID install for testing? > > Most definitely :-) > > In any kind of real-life scenario, your rancid data in configs/ > naturally evolves into a very critical data source. Almost nothing else > out there is capable of documenting real life systems to the extent > rancid can. This is great for your ego, but also means you can't fiddle > with it so much. > > I keep 2 dev installs for different purposes and follow the classic > dev/test/debug/deploy strategy. > > There's a second reason why this is a good idea - it is very common for > sysadmins to maintain their own little patchset to customize rancid > behaviour (mostly to account for quirks between device models) and then > repatch new releases if your tweaks didn't make it into the codebase. A > dev setup makes this process so much easier. > > > -- > -- > Alan McKinnon > alan.mckinnon at gmail.com > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > > > -- > Jason > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- Alan McKinnon alan.mckinnon at gmail.com From jason at biel-tech.com Wed Sep 18 09:56:51 2013 From: jason at biel-tech.com (Jason Biel) Date: Wed, 18 Sep 2013 04:56:51 -0500 Subject: [rancid] Adding more commands during Rancid / Development In-Reply-To: <5239444F.5030708@gmail.com> References: <52386867.3020902@gmail.com> <5239444F.5030708@gmail.com> Message-ID: ---- It's an iterative process where you tweak your subs and regular expressions until you get the output you want. Running rancid-run repeatedly puts strain on your routers though, so use a short cut: jrancid -d gives the jlogin command to use use that and save the output to a file use the file as input to jrancid -f Now you can run it as many times as you like without hitting the network ---- That's what I was looking for, I glossed over that when reading around. Appreciate the time and insight Alan. On Wed, Sep 18, 2013 at 1:12 AM, Alan McKinnon wrote: > It's an iterative process where you tweak your subs and regular > expressions until you get the output you want. > > Running rancid-run repeatedly puts strain on your routers though, so use > a short cut: > > jrancid -d gives the jlogin command to use > use that and save the output to a file > use the file as input to jrancid -f > > Now you can run it as many times as you like without hitting the network > > As for writing subs, > > add the command to @commandtable with the literal command as a key and a > suitably named sub as the value. The subs all follow this pattern: > > # This routine parses "show chassis environment" > sub ShowChassisEnvironment { > print STDERR " In ShowChassisEnvironment: $_" if ($debug); > s/^[a-z]+@//; > ProcessHistory("","","","# $_"); > while () { > tr/\015//d; > last if (/^$prompt/); > <= regex magic goes here > } > return(0); > } > > > For me the hard part was figuring out how ProcessHistory() works - > specifically what the arguments do. They just mark the output off in > section and classify chunks of output that goes together. Change values > around and runt he code to observe what they do. It's hard to express > briefly in English so I'm not gonna try ;-) > > > > On 18/09/2013 02:36, Jason Biel wrote: > > Understood, but even when in a dev environment, what is the best way to > > test changes to file for added commands? For example, I want to add new > > commands to jrancid, but I am not 100% sure on the sub routine > > configuration for parsing output. I suppose I can make the changes, use > > rancid-run, and just keep tweaking until the output in the configs/ > > directory is what I want > > > > I'm trying to mentally build out a process of adding commands for the > > different devices we use without just shotgunning it. > > > > > > On Tue, Sep 17, 2013 at 9:34 AM, Alan McKinnon > > wrote: > > > > On 17/09/2013 13:00, Jason Biel wrote: > > > While I understand the basics of adding additional commands to > RANCID, > > > what is the ideal way to be testing new commands as I am debugging > > > them? Are most people running a dev RANCID install for testing? > > > > Most definitely :-) > > > > In any kind of real-life scenario, your rancid data in configs/ > > naturally evolves into a very critical data source. Almost nothing > else > > out there is capable of documenting real life systems to the extent > > rancid can. This is great for your ego, but also means you can't > fiddle > > with it so much. > > > > I keep 2 dev installs for different purposes and follow the classic > > dev/test/debug/deploy strategy. > > > > There's a second reason why this is a good idea - it is very common > for > > sysadmins to maintain their own little patchset to customize rancid > > behaviour (mostly to account for quirks between device models) and > then > > repatch new releases if your tweaks didn't make it into the > codebase. A > > dev setup makes this process so much easier. > > > > > > -- > > -- > > Alan McKinnon > > alan.mckinnon at gmail.com > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > > > > > > > > -- > > Jason > > > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- Jason -------------- next part -------------- An HTML attachment was scrubbed... URL: From kams19 at gmail.com Mon Sep 23 13:52:06 2013 From: kams19 at gmail.com (Kishore Rajani) Date: Mon, 23 Sep 2013 06:52:06 -0700 (PDT) Subject: [rancid] Palo Alto Networks In-Reply-To: References: Message-ID: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: > > Nate Beck jivesoftware.com> writes: > > > > > > > Has anyone on the list worked with Palo Alto Network firewalls and > Rancid? I > was wondering if anyone has created a *login for them. > > Thanks------------------- > > Nathan BeckSr. IT Engineer > > Jive Software > > 503.972.9024 > > Hi Nate, > > Did you find a *login script for PAN? > > Thanks, > > Guillaume Dupuis > > _______________________________________________ > Rancid-discuss mailing list > Rancid-... at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From Douglas.Hughes at DEShawResearch.com Tue Sep 24 16:25:44 2013 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Tue, 24 Sep 2013 16:25:44 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> Message-ID: Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From mat.macaulay at gmail.com Tue Sep 24 14:22:32 2013 From: mat.macaulay at gmail.com (Matthew MacAulay) Date: Tue, 24 Sep 2013 15:22:32 +0100 Subject: [rancid] Vyatta config processing. Message-ID: Hello list, I am new to Rancid and have found it to be excellent when working with Cisco devices. I have also managed to get it looking after NXOS, Alteon, Foundry and F5 without too many problems. Most answers I found here J I have one device left on my mission list. A vyatta router, there are a couple of scripts / modules out there and I have tried to make them work but I am stuck and need some help. This one seems most promising as it followed the normal rancid module structure. https://gist.github.com/Dunkirk/4032499 The default commandtable command did not work for me, the prompt logs in fine and run?s the ?show configuration? commands, but it needs an ?any key? pressing to display all of the config.. I have tried and failed to make this work, I think I need to change my prompt to be a large number or lines or something? Either way, it would seem that there is a better command that should be used, so I changed my commandtable @commandtable = ( {'cli-shell-api showConfig --show-active-only' => 'WriteTerm'}, ); All I get back checked into CVS are the interfaces (top bit of the config), I am thinking that the sub WriteTerm is detecting the End of the config early but spotting this beyond my perl skills. If I run the command below I get the full config. /usr/lib/rancid/bin/clogin -f /var/lib/rancid/.cloginrc -c "cli-shell-api showConfig --show-active-only" vyattaR1 Below is the first bit of the config, it stops after the loopback interface, can anyone tell me why and what I need to do to fix it? Thanks inadvanced. Mat. SNIP. } ethernet eth1 { address 1.1.1.2/24 duplex auto hw-id 00:50:56:e0:00:18 smp_affinity auto speed auto vrrp { vrrp-group 20 { advertise-interval 1 preempt true priority 101 sync-group ALPHA virtual-address 1.1.1.1/24 } } } loopback lo { } } <--------- Rancid stops processing the config here.. protocols { bgp 12345 { neighbor 1.1.1.11 { allowas-in { } SNIP -------------- next part -------------- An HTML attachment was scrubbed... URL: From rmilton at mvsusa.com Tue Sep 24 20:57:32 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Tue, 24 Sep 2013 20:57:32 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> Message-ID: <96853803542d475aa415c8c905ffb1f1@BN1PR01MB119.prod.exchangelabs.com> I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn?t be read. That is what I?ve found with my HP switches?but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. Regards, Ryan Milton From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Tuesday, September 24, 2013 12:26 PM To: Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From Douglas.Hughes at DEShawResearch.com Tue Sep 24 21:01:39 2013 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Tue, 24 Sep 2013 21:01:39 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: <96853803542d475aa415c8c905ffb1f1@BN1PR01MB119.prod.exchangelabs.com> References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> <96853803542d475aa415c8c905ffb1f1@BN1PR01MB119.prod.exchangelabs.com> Message-ID: Sure they can. I do it for 3 of them right now. Attached. Set your ?switch type? to paloalto. Works with names or IP addresses. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Tuesday, September 24, 2013 4:58 PM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn?t be read. That is what I?ve found with my HP switches?but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. Regards, Ryan Milton From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Tuesday, September 24, 2013 12:26 PM To: Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: panlogin Type: application/octet-stream Size: 17825 bytes Desc: panlogin URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: panrancid Type: application/octet-stream Size: 8508 bytes Desc: panrancid URL: From Douglas.Hughes at DEShawResearch.com Wed Sep 25 00:40:42 2013 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Wed, 25 Sep 2013 00:40:42 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> <96853803542d475aa415c8c905ffb1f1@BN1PR01MB119.prod.exchangelabs.com> Message-ID: I just sent you the latest versions. I'm the original creator. I can't say if the other version is older, but if they are different, use the ones I sent. (and make sure they are first in the path) So you are saying when you run panrancid it doesn't create the config file for you? From: Kishore Rajani [mailto:kams19 at gmail.com] Sent: Tuesday, September 24, 2013 5:44 PM To: Hughes, Doug Cc: Ryan Milton; rancid-discuss at googlegroups.com; guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Hi All, Thanks for your inputs.. much appreciated. I think i had downloaded these files from some other website, not sure if you have modified it, Doug.. In my setup, I am able to login into the device using panlogin.. however the device config are not backed up. Everything works smooth for Cisco devices. I have updated the routers.db and other files for PAN devices, but no luck yet. Unfortunately, I am unable to reach my remote site server at the moment, else would have pasted the log file. Regards, Kishore On 24 September 2013 22:01, Hughes, Doug > wrote: Sure they can. I do it for 3 of them right now. Attached. Set your 'switch type' to paloalto. Works with names or IP addresses. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Tuesday, September 24, 2013 4:58 PM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn't be read. That is what I've found with my HP switches-but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. Regards, Ryan Milton From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Tuesday, September 24, 2013 12:26 PM To: Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From eravin at panix.com Wed Sep 25 04:21:51 2013 From: eravin at panix.com (Ed Ravin) Date: Wed, 25 Sep 2013 00:21:51 -0400 Subject: [rancid] Vyatta config processing. In-Reply-To: References: Message-ID: <20130925042151.GF943@panix.com> I wrote a RANCID module for Vyattas running Mendocino a few years ago. It used non-interaactive SSH (required public/private key pair) and ran each command through this template: "unset _OFR_CONFIGURE; exec vbash --noediting --noprofile -c 'source /etc/bash_completion; _vyatta_op_run '" That convinced the Vyatta to give me the Vyatta CLI without also thinking that an interactive terminal existed. I have no idea whether this still works in current versions, as I stopped working with Vyattas after that. I also used a different command list: commandtable=( {'show version' => "ShowVersion"}, {'show hardware dmi' => "ShowHard"}, {'show hardware pci' => "ShowHard"}, {'show hardware cpu' => "ShowCPU"}, {'show system usb' => "ShowUSB"}, {'show system routing-daemons' => "ShowRoutingDaemons"}, {'show configuration commands' => "ShowConfig"}, ); Note the use of "show configuration commands" - this gives you the Vyatta config in command-line rather than config-file form, so it's much easier to make sense of the diffs. I'll send you the tarball separately. I never published it on this list because I don't know of anyone else who has it working in their environment. It's possible that my code strayed too far from both RANCID's paradigm and current Vyatta practice, but maybe you'll be able to use something from it. -- Ed On Tue, Sep 24, 2013 at 03:22:32PM +0100, Matthew MacAulay wrote: ... > > A vyatta router, there are a couple of scripts / modules out there and > I have tried to make them work but I am stuck and need some help. > > This one seems most promising as it followed the normal rancid module > structure. > > [1]https://gist.github.com/Dunkirk/4032499 > > The default commandtable command did not work for me, the prompt logs > in fine and runs the show configuration commands, but it needs an any > key pressing to display all of the config.. I have tried and failed to > make this work, I think I need to change my prompt to be a large number > or lines or something? [...] From Sean.Browne at boeingdefence.co.uk Wed Sep 25 12:52:08 2013 From: Sean.Browne at boeingdefence.co.uk (Browne, Sean) Date: Wed, 25 Sep 2013 13:52:08 +0100 Subject: [rancid] Release Authorised CVS Problem Message-ID: Hi all, I copied some files and broke our rancid system because CVS obviously doesn't like people messing with its files (that's understandable). So after lots of trying to fix the problem, I am resorting to asking you for help. Where do I start? rancid-cvs returns nothing (It produced output back in the day I set this up). My logs say the following after a rancid-run. Trying to get all of the configs. All routers sucessfully completed. cvs diff: in directory .: cvs [diff aborted]: there is no version here; run 'cvs checkout' first cvs commit: in directory .: cvs [commit aborted]: there is no version here; run 'cvs checkout' first ending: Wed Sep 25 13:42:54 BST 2013 (I have tried running 'cvs checkout' (and cvs add, and cvs remove and cvs update amongst others). Any assistance gratefully received.. Thanks, Sean. This communication is intended only for the individual or entity to which it is addressed and may contain proprietary or confidential information. If you have received this communication in error, please notify us immediately by telephone and destroy this original communication without reading, copying or distributing any copies of it. ----------------------------------------------------------------------------------------- Boeing Defence UK Limited is registered in England and Wales (registered number 01290439). Registered office 25 Victoria Street, London SW1H 0EX Phone: +44-20-7930-5000 -------------- next part -------------- An HTML attachment was scrubbed... URL: From Douglas.Hughes at DEShawResearch.com Wed Sep 25 12:58:47 2013 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Wed, 25 Sep 2013 12:58:47 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: <9661881404cb420fb6e7f37799895e77@BN1PR01MB119.prod.exchangelabs.com> References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> <96853803542d475aa415c8c905ffb1f1@BN1PR01MB119.prod.exchangelabs.com> <9661881404cb420fb6e7f37799895e77@BN1PR01MB119.prod.exchangelabs.com> Message-ID: First off, in the .cloginrc define the login type as ssh You can use wildcards that match the hostname, so if you name your devices something like paloalto1, paloalto2, etc. it would be something like this to define ssh as the mechanism, admin as the user and FooBar as the password add method paloalto* ssh add user paloalto* admin add password paloalto* FooBar then in the router.db file that defines all of the switches/routers for that subdomain (assuming you have subdomains, otherwise your main router.db) paloalto1:paloalto:up paloalto2:paloalto:up From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Wednesday, September 25, 2013 8:53 AM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Wow! This is great. I am still quite a noob at Rancid. When you say ?switch type,? what do you mean by that? That is not in these files, is it? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Tuesday, September 24, 2013 5:02 PM To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Sure they can. I do it for 3 of them right now. Attached. Set your ?switch type? to paloalto. Works with names or IP addresses. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Tuesday, September 24, 2013 4:58 PM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn?t be read. That is what I?ve found with my HP switches?but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. Regards, Ryan Milton From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Tuesday, September 24, 2013 12:26 PM To: Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: From rwest at zyedge.com Wed Sep 25 13:03:17 2013 From: rwest at zyedge.com (Ryan West) Date: Wed, 25 Sep 2013 13:03:17 +0000 Subject: [rancid] Release Authorised CVS Problem In-Reply-To: References: Message-ID: <97D4DD62-FA62-470B-9339-082C80E8AC68@zyedge.com> Where did you copy the files from. Sounds like you missed the hidden directories. Probably want to copy them or you'll lose all change information. Sent from handheld. On Sep 25, 2013, at 8:52 AM, "Browne, Sean" > wrote: Hi all, I copied some files and broke our rancid system because CVS obviously doesn?t like people messing with its files (that?s understandable). So after lots of trying to fix the problem, I am resorting to asking you for help. Where do I start? rancid-cvs returns nothing (It produced output back in the day I set this up). My logs say the following after a rancid-run. Trying to get all of the configs. All routers sucessfully completed. cvs diff: in directory .: cvs [diff aborted]: there is no version here; run 'cvs checkout' first cvs commit: in directory .: cvs [commit aborted]: there is no version here; run 'cvs checkout' first ending: Wed Sep 25 13:42:54 BST 2013 (I have tried running ?cvs checkout? (and cvs add, and cvs remove and cvs update amongst others). Any assistance gratefully received.. Thanks, Sean. This communication is intended only for the individual or entity to which it is addressed and may contain proprietary or confidential information. If you have received this communication in error, please notify us immediately by telephone and destroy this original communication without reading, copying or distributing any copies of it. ----------------------------------------------------------------------------------------- Boeing Defence UK Limited is registered in England and Wales (registered number 01290439). Registered office 25 Victoria Street, London SW1H 0EX Phone: +44-20-7930-5000 _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From rmilton at mvsusa.com Wed Sep 25 12:52:35 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Wed, 25 Sep 2013 12:52:35 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> <96853803542d475aa415c8c905ffb1f1@BN1PR01MB119.prod.exchangelabs.com> Message-ID: <9661881404cb420fb6e7f37799895e77@BN1PR01MB119.prod.exchangelabs.com> Wow! This is great. I am still quite a noob at Rancid. When you say ?switch type,? what do you mean by that? That is not in these files, is it? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Tuesday, September 24, 2013 5:02 PM To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Sure they can. I do it for 3 of them right now. Attached. Set your ?switch type? to paloalto. Works with names or IP addresses. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Tuesday, September 24, 2013 4:58 PM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn?t be read. That is what I?ve found with my HP switches?but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. Regards, Ryan Milton From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Tuesday, September 24, 2013 12:26 PM To: Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: From rwest at zyedge.com Wed Sep 25 13:09:14 2013 From: rwest at zyedge.com (Ryan West) Date: Wed, 25 Sep 2013 13:09:14 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: <9661881404cb420fb6e7f37799895e77@BN1PR01MB119.prod.exchangelabs.com> References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> <96853803542d475aa415c8c905ffb1f1@BN1PR01MB119.prod.exchangelabs.com> , <9661881404cb420fb6e7f37799895e77@BN1PR01MB119.prod.exchangelabs.com> Message-ID: Check bin/rancid-fe Sent from handheld. On Sep 25, 2013, at 9:08 AM, "Ryan Milton" > wrote: Wow! This is great. I am still quite a noob at Rancid. When you say ?switch type,? what do you mean by that? That is not in these files, is it? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Tuesday, September 24, 2013 5:02 PM To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Sure they can. I do it for 3 of them right now. Attached. Set your ?switch type? to paloalto. Works with names or IP addresses. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Tuesday, September 24, 2013 4:58 PM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn?t be read. That is what I?ve found with my HP switches?but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. Regards, Ryan Milton From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Tuesday, September 24, 2013 12:26 PM To: Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: From tosimpson at forchtgroup.com Wed Sep 25 13:09:57 2013 From: tosimpson at forchtgroup.com (Tom Simpson) Date: Wed, 25 Sep 2013 13:09:57 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: <9661881404cb420fb6e7f37799895e77@BN1PR01MB119.prod.exchangelabs.com> Message-ID: An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: From rmilton at mvsusa.com Wed Sep 25 13:17:39 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Wed, 25 Sep 2013 13:17:39 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> <96853803542d475aa415c8c905ffb1f1@BN1PR01MB119.prod.exchangelabs.com> <9661881404cb420fb6e7f37799895e77@BN1PR01MB119.prod.exchangelabs.com> Message-ID: <5a3c8b8493314156a80029e68d8db52d@BN1PR01MB119.prod.exchangelabs.com> Got it! Thanks. I will report back with the results. Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Wednesday, September 25, 2013 8:59 AM To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks First off, in the .cloginrc define the login type as ssh You can use wildcards that match the hostname, so if you name your devices something like paloalto1, paloalto2, etc. it would be something like this to define ssh as the mechanism, admin as the user and FooBar as the password add method paloalto* ssh add user paloalto* admin add password paloalto* FooBar then in the router.db file that defines all of the switches/routers for that subdomain (assuming you have subdomains, otherwise your main router.db) paloalto1:paloalto:up paloalto2:paloalto:up From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Wednesday, September 25, 2013 8:53 AM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Wow! This is great. I am still quite a noob at Rancid. When you say ?switch type,? what do you mean by that? That is not in these files, is it? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Tuesday, September 24, 2013 5:02 PM To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Sure they can. I do it for 3 of them right now. Attached. Set your ?switch type? to paloalto. Works with names or IP addresses. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Tuesday, September 24, 2013 4:58 PM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn?t be read. That is what I?ve found with my HP switches?but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. Regards, Ryan Milton From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Tuesday, September 24, 2013 12:26 PM To: Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 2724 bytes Desc: image002.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 2724 bytes Desc: image003.jpg URL: From Sean.Browne at boeingdefence.co.uk Wed Sep 25 14:26:56 2013 From: Sean.Browne at boeingdefence.co.uk (Browne, Sean) Date: Wed, 25 Sep 2013 15:26:56 +0100 Subject: [rancid] Release Authorised CVS Problem In-Reply-To: <97D4DD62-FA62-470B-9339-082C80E8AC68@zyedge.com> References: <97D4DD62-FA62-470B-9339-082C80E8AC68@zyedge.com> Message-ID: Hi Ryan, I copied backup configs from our primary server. This is the backup. I have since removed all the files as I wanted to start again. There are no configs on this server anymore. I just need to 'reset' the CVS, I don't mind if history is lost - just want it to work going forward. Thanks! Sean Browne From: Ryan West [mailto:rwest at zyedge.com] Sent: 25 September 2013 14:03 To: Browne, Sean Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Release Authorised CVS Problem Where did you copy the files from. Sounds like you missed the hidden directories. Probably want to copy them or you'll lose all change information. Sent from handheld. On Sep 25, 2013, at 8:52 AM, "Browne, Sean" > wrote: Hi all, I copied some files and broke our rancid system because CVS obviously doesn't like people messing with its files (that's understandable). So after lots of trying to fix the problem, I am resorting to asking you for help. Where do I start? rancid-cvs returns nothing (It produced output back in the day I set this up). My logs say the following after a rancid-run. Trying to get all of the configs. All routers sucessfully completed. cvs diff: in directory .: cvs [diff aborted]: there is no version here; run 'cvs checkout' first cvs commit: in directory .: cvs [commit aborted]: there is no version here; run 'cvs checkout' first ending: Wed Sep 25 13:42:54 BST 2013 (I have tried running 'cvs checkout' (and cvs add, and cvs remove and cvs update amongst others). Any assistance gratefully received.. Thanks, Sean. This communication is intended only for the individual or entity to which it is addressed and may contain proprietary or confidential information. If you have received this communication in error, please notify us immediately by telephone and destroy this original communication without reading, copying or distributing any copies of it. ----------------------------------------------------------------------------------------- Boeing Defence UK Limited is registered in England and Wales (registered number 01290439). Registered office 25 Victoria Street, London SW1H 0EX Phone: +44-20-7930-5000 _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss This communication is intended only for the individual or entity to which it is addressed and may contain proprietary or confidential information. If you have received this communication in error, please notify us immediately by telephone and destroy this original communication without reading, copying or distributing any copies of it. ----------------------------------------------------------------------------------------- Boeing Defence UK Limited is registered in England and Wales (registered number 01290439). Registered office 25 Victoria Street, London SW1H 0EX Phone: +44-20-7930-5000 -------------- next part -------------- An HTML attachment was scrubbed... URL: From rwest at zyedge.com Wed Sep 25 14:46:01 2013 From: rwest at zyedge.com (Ryan West) Date: Wed, 25 Sep 2013 14:46:01 +0000 Subject: [rancid] Release Authorised CVS Problem In-Reply-To: References: <97D4DD62-FA62-470B-9339-082C80E8AC68@zyedge.com> Message-ID: <8903D0A8F70EA74FBE57CA9B846B42C0A81FE254@ZY-MBX2.zyedge.local> I think you can go to var/ and then run cvs checkout. -ryan From: Browne, Sean [mailto:Sean.Browne at boeingdefence.co.uk] Sent: Wednesday, September 25, 2013 10:27 AM To: Ryan West Cc: rancid-discuss at shrubbery.net Subject: RE: [rancid] Release Authorised CVS Problem Hi Ryan, I copied backup configs from our primary server. This is the backup. I have since removed all the files as I wanted to start again. There are no configs on this server anymore. I just need to ?reset? the CVS, I don?t mind if history is lost ? just want it to work going forward. Thanks! Sean Browne From: Ryan West [mailto:rwest at zyedge.com] Sent: 25 September 2013 14:03 To: Browne, Sean Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Release Authorised CVS Problem Where did you copy the files from. Sounds like you missed the hidden directories. Probably want to copy them or you'll lose all change information. Sent from handheld. On Sep 25, 2013, at 8:52 AM, "Browne, Sean" > wrote: Hi all, I copied some files and broke our rancid system because CVS obviously doesn?t like people messing with its files (that?s understandable). So after lots of trying to fix the problem, I am resorting to asking you for help. Where do I start? rancid-cvs returns nothing (It produced output back in the day I set this up). My logs say the following after a rancid-run. Trying to get all of the configs. All routers sucessfully completed. cvs diff: in directory .: cvs [diff aborted]: there is no version here; run 'cvs checkout' first cvs commit: in directory .: cvs [commit aborted]: there is no version here; run 'cvs checkout' first ending: Wed Sep 25 13:42:54 BST 2013 (I have tried running ?cvs checkout? (and cvs add, and cvs remove and cvs update amongst others). Any assistance gratefully received.. Thanks, Sean. This communication is intended only for the individual or entity to which it is addressed and may contain proprietary or confidential information. If you have received this communication in error, please notify us immediately by telephone and destroy this original communication without reading, copying or distributing any copies of it. ----------------------------------------------------------------------------------------- Boeing Defence UK Limited is registered in England and Wales (registered number 01290439). Registered office 25 Victoria Street, London SW1H 0EX Phone: +44-20-7930-5000 _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss This communication is intended only for the individual or entity to which it is addressed and may contain proprietary or confidential information. If you have received this communication in error, please notify us immediately by telephone and destroy this original communication without reading, copying or distributing any copies of it. ----------------------------------------------------------------------------------------- Boeing Defence UK Limited is registered in England and Wales (registered number 01290439). Registered office 25 Victoria Street, London SW1H 0EX Phone: +44-20-7930-5000 -------------- next part -------------- An HTML attachment was scrubbed... URL: From xmin0s at gmail.com Tue Sep 24 17:39:40 2013 From: xmin0s at gmail.com (Tim Eberhard) Date: Tue, 24 Sep 2013 10:39:40 -0700 Subject: [rancid] Palo Alto Networks In-Reply-To: References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> Message-ID: I used panlogin and panrancid, although if I recall correctly I had to modify it slightly to work. I did those and aruba's at the same time so I can't recall which one was the pita. -Tim Eberhard On Tue, Sep 24, 2013 at 9:25 AM, Hughes, Doug < Douglas.Hughes at deshawresearch.com> wrote: > Yes, I have working panlogin and panrancid and have contributed them > upstream. Have you not been able to get them to work?**** > > ** ** > > ** ** > > *From:* rancid-discuss-bounces at shrubbery.net [mailto: > rancid-discuss-bounces at shrubbery.net] *On Behalf Of *Kishore Rajani > *Sent:* Monday, September 23, 2013 9:52 AM > *To:* rancid-discuss at googlegroups.com > *Cc:* guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Palo Alto Networks**** > > ** ** > > HI, > > did you manage to get the RANCID running with PAN? > > Regards, > Kishore > > On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote:**** > > Nate Beck jivesoftware.com> writes:**** > > > > > > > Has anyone on the list worked with Palo Alto Network firewalls and > Rancid? I > was wondering if anyone has created a *login for them. > > Thanks------------------- > > Nathan BeckSr. IT Engineer > > Jive Software > > 503.972.9024**** > > Hi Nate,**** > > Did you find a *login script for PAN?**** > > Thanks,**** > > Guillaume Dupuis**** > > _______________________________________________ > Rancid-discuss mailing list > Rancid-... at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss**** > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: From gfleming at srk.com Wed Sep 25 22:41:16 2013 From: gfleming at srk.com (Fleming, Graham) Date: Wed, 25 Sep 2013 22:41:16 +0000 Subject: [rancid] Extreme Networks - Disable CLI Paging Message-ID: Paul, thank you so so so much! I?ve been trying to figure this one out for awhile. This worked perfectly. From kams19 at gmail.com Wed Sep 25 05:48:31 2013 From: kams19 at gmail.com (Kishore Rajani) Date: Wed, 25 Sep 2013 06:48:31 +0100 Subject: [rancid] Palo Alto Networks In-Reply-To: References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> <96853803542d475aa415c8c905ffb1f1@BN1PR01MB119.prod.exchangelabs.com> Message-ID: I will use them as soon as the remote site becomes available.. and will also let you know how did it go. Appreciate your help. Regards, Kishore On 25 September 2013 01:40, Hughes, Doug wrote: > I just sent you the latest versions. I?m the original creator. I can?t > say if the other version is older, but if they are different, use the ones > I sent. (and make sure they are first in the path)**** > > ** ** > > So you are saying when you run panrancid it doesn?t create the config file > for you?**** > > ** ** > > *From:* Kishore Rajani [mailto:kams19 at gmail.com] > *Sent:* Tuesday, September 24, 2013 5:44 PM > *To:* Hughes, Doug > *Cc:* Ryan Milton; rancid-discuss at googlegroups.com; > guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > > *Subject:* Re: [rancid] Palo Alto Networks**** > > ** ** > > Hi All,**** > > ** ** > > Thanks for your inputs.. much appreciated.**** > > ** ** > > I think i had downloaded these files from some other website, not sure if > you have modified it, Doug..**** > > ** ** > > In my setup, I am able to login into the device using panlogin.. however > the device config are not backed up. Everything works smooth for Cisco > devices.**** > > I have updated the routers.db and other files for PAN devices, but no luck > yet.**** > > ** ** > > Unfortunately, I am unable to reach my remote site server at the moment, > else would have pasted the log file.**** > > ** ** > > Regards,**** > > Kishore**** > > ** ** > > ** ** > > On 24 September 2013 22:01, Hughes, Doug < > Douglas.Hughes at deshawresearch.com> wrote:**** > > Sure they can. I do it for 3 of them right now.**** > > **** > > Attached. Set your ?switch type? to paloalto. Works with names or IP > addresses.**** > > **** > > *From:* Ryan Milton [mailto:rmilton at mvsusa.com] > *Sent:* Tuesday, September 24, 2013 4:58 PM > *To:* Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com > *Cc:* guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > *Subject:* RE: [rancid] Palo Alto Networks**** > > **** > > I would certainly be interested in adding PAN devices to Rancid. I thought > that they couldn?t be read. That is what I?ve found with my HP switches?but > that is another matter. Any ideas on getting PAN devices read by Rancid > would be useful.**** > > **** > > Regards,**** > > Ryan Milton**** > > **** > > *From:* rancid-discuss-bounces at shrubbery.net [ > mailto:rancid-discuss-bounces at shrubbery.net] > *On Behalf Of *Hughes, Doug > *Sent:* Tuesday, September 24, 2013 12:26 PM > *To:* Kishore Rajani; rancid-discuss at googlegroups.com > *Cc:* guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Palo Alto Networks**** > > **** > > Yes, I have working panlogin and panrancid and have contributed them > upstream. Have you not been able to get them to work?**** > > **** > > **** > > *From:* rancid-discuss-bounces at shrubbery.net [ > mailto:rancid-discuss-bounces at shrubbery.net] > *On Behalf Of *Kishore Rajani > *Sent:* Monday, September 23, 2013 9:52 AM > *To:* rancid-discuss at googlegroups.com > *Cc:* guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Palo Alto Networks**** > > **** > > HI, > > did you manage to get the RANCID running with PAN? > > Regards, > Kishore > > On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote:**** > > Nate Beck jivesoftware.com> writes:**** > > > > > > > Has anyone on the list worked with Palo Alto Network firewalls and > Rancid? I > was wondering if anyone has created a *login for them. > > Thanks------------------- > > Nathan BeckSr. IT Engineer > > Jive Software > > 503.972.9024**** > > Hi Nate,**** > > Did you find a *login script for PAN?**** > > Thanks,**** > > Guillaume Dupuis**** > > _______________________________________________ > Rancid-discuss mailing list > Rancid-... at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss**** > > ** ** > -------------- next part -------------- An HTML attachment was scrubbed... URL: From kams19 at gmail.com Tue Sep 24 21:44:27 2013 From: kams19 at gmail.com (Kishore Rajani) Date: Tue, 24 Sep 2013 22:44:27 +0100 Subject: [rancid] Palo Alto Networks In-Reply-To: References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> <96853803542d475aa415c8c905ffb1f1@BN1PR01MB119.prod.exchangelabs.com> Message-ID: Hi All, Thanks for your inputs.. much appreciated. I think i had downloaded these files from some other website, not sure if you have modified it, Doug.. In my setup, I am able to login into the device using panlogin.. however the device config are not backed up. Everything works smooth for Cisco devices. I have updated the routers.db and other files for PAN devices, but no luck yet. Unfortunately, I am unable to reach my remote site server at the moment, else would have pasted the log file. Regards, Kishore On 24 September 2013 22:01, Hughes, Doug wrote: > Sure they can. I do it for 3 of them right now.**** > > ** ** > > Attached. Set your ?switch type? to paloalto. Works with names or IP > addresses.**** > > ** ** > > *From:* Ryan Milton [mailto:rmilton at mvsusa.com] > *Sent:* Tuesday, September 24, 2013 4:58 PM > *To:* Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com > *Cc:* guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > *Subject:* RE: [rancid] Palo Alto Networks**** > > ** ** > > I would certainly be interested in adding PAN devices to Rancid. I thought > that they couldn?t be read. That is what I?ve found with my HP switches?but > that is another matter. Any ideas on getting PAN devices read by Rancid > would be useful.**** > > ** ** > > Regards,**** > > Ryan Milton**** > > ** ** > > *From:* rancid-discuss-bounces at shrubbery.net [ > mailto:rancid-discuss-bounces at shrubbery.net] > *On Behalf Of *Hughes, Doug > *Sent:* Tuesday, September 24, 2013 12:26 PM > *To:* Kishore Rajani; rancid-discuss at googlegroups.com > *Cc:* guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Palo Alto Networks**** > > ** ** > > Yes, I have working panlogin and panrancid and have contributed them > upstream. Have you not been able to get them to work?**** > > ** ** > > ** ** > > *From:* rancid-discuss-bounces at shrubbery.net [ > mailto:rancid-discuss-bounces at shrubbery.net] > *On Behalf Of *Kishore Rajani > *Sent:* Monday, September 23, 2013 9:52 AM > *To:* rancid-discuss at googlegroups.com > *Cc:* guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Palo Alto Networks**** > > ** ** > > HI, > > did you manage to get the RANCID running with PAN? > > Regards, > Kishore > > On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote:**** > > Nate Beck jivesoftware.com> writes:**** > > > > > > > Has anyone on the list worked with Palo Alto Network firewalls and > Rancid? I > was wondering if anyone has created a *login for them. > > Thanks------------------- > > Nathan BeckSr. IT Engineer > > Jive Software > > 503.972.9024**** > > Hi Nate,**** > > Did you find a *login script for PAN?**** > > Thanks,**** > > Guillaume Dupuis**** > > _______________________________________________ > Rancid-discuss mailing list > Rancid-... at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss**** > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jeff at ocjtech.us Thu Sep 26 20:55:09 2013 From: jeff at ocjtech.us (Jeffrey Ollie) Date: Thu, 26 Sep 2013 15:55:09 -0500 Subject: [rancid] Rancid 3.0 License Change Message-ID: I was just looking at some of the changes in Rancid 3.0 alpha and I saw that this clause was added to the license: +## 6. Parties packaging or redistributing RANCID MAY NOT distribute altered +## versions of the etc/rancid.types.base file nor alter how this file is +## handled. The purpose of this condition is to help keep our support +## costs down. This change makes Rancid non-Free and could be problematic for distributions that package Rancid. I know that in particular it will be a problem for Fedora. -- Jeff Ollie -------------- next part -------------- An HTML attachment was scrubbed... URL: From rmilton at mvsusa.com Fri Sep 27 15:08:24 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Fri, 27 Sep 2013 15:08:24 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> <96853803542d475aa415c8c905ffb1f1@BN1PR01MB119.prod.exchangelabs.com> Message-ID: Hi Doug, So I am testing your scripts. I got one error: Trying to get all of the configs. defined(%hash) is deprecated at /usr/lib/rancid/bin/panrancid line 53. (Maybe you should just omit the defined()?) Paloaltofw1: missed cmd(s): show config running, set?.. Is there a fix for this? I figure the code is just out of date? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Tuesday, September 24, 2013 5:02 PM To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Sure they can. I do it for 3 of them right now. Attached. Set your ?switch type? to paloalto. Works with names or IP addresses. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Tuesday, September 24, 2013 4:58 PM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn?t be read. That is what I?ve found with my HP switches?but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. Regards, Ryan Milton From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Tuesday, September 24, 2013 12:26 PM To: Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 2724 bytes Desc: image002.jpg URL: From Douglas.Hughes at DEShawResearch.com Fri Sep 27 15:14:55 2013 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Fri, 27 Sep 2013 15:14:55 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> <96853803542d475aa415c8c905ffb1f1@BN1PR01MB119.prod.exchangelabs.com> Message-ID: What version of Perl are you using? That looks like a Perl error. Also, I don?t have a define(%hash) at line 53 in the one I sent you. What does ?sum /usr/lib/rancid/bin/panrancid? say? It should say 14180 9 From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 27, 2013 11:08 AM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Hi Doug, So I am testing your scripts. I got one error: Trying to get all of the configs. defined(%hash) is deprecated at /usr/lib/rancid/bin/panrancid line 53. (Maybe you should just omit the defined()?) Paloaltofw1: missed cmd(s): show config running, set?.. Is there a fix for this? I figure the code is just out of date? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Tuesday, September 24, 2013 5:02 PM To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Sure they can. I do it for 3 of them right now. Attached. Set your ?switch type? to paloalto. Works with names or IP addresses. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Tuesday, September 24, 2013 4:58 PM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn?t be read. That is what I?ve found with my HP switches?but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. Regards, Ryan Milton From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Tuesday, September 24, 2013 12:26 PM To: Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: From jethro.binks at strath.ac.uk Fri Sep 27 16:19:22 2013 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Fri, 27 Sep 2013 17:19:22 +0100 (BST) Subject: [rancid] Palo Alto Networks In-Reply-To: References: Message-ID: And for the HP models you sent me privately, you would need to set the type to "hp" in the same file, so it would have: devicename:hp:up or similar. Jethro. On Wed, 25 Sep 2013, Tom Simpson wrote: > After the switch name or IP you should have a :paloalto:up in the config > file as well. > > Just like all of your CatOS devices would have a :cisco:up ?after all of > them?. > > > > --? > Thanks, > > Tom Simpson > LAN/WAN Engineer > Forcht Group of Kentucky > 859.259.9700 x538 > > "We all knew there was just one way to improve our odds for survival: > train, train, train. Sometimes, if your training is properly intense it > will kill you. More often -- much, much more often -- it will save your > life."??- Richard Marcinko, former US Navy SEAL Team Commander > > From: Ryan Milton > Date: Wednesday, September 25, 2013 8:52 AM > To: "Hughes, Doug" , Kishore Rajani > , "rancid-discuss at googlegroups.com" > > Cc: "guillaume.dupuis at novidys.com" , > "rancid-discuss at shrubbery.net" > Subject: Re: [rancid] Palo Alto Networks > > Wow! This is great. I am still quite a noob at Rancid. When you say ?switch > type,? what do you mean by that? That is not in these files, is it? > > ? > > Regards, > > Ryan Milton > > MVS Network Manager > > o: 201-447-1505 x124 > > c: 862-249-5230 > > www.mvsusa.com > > MVS final logo GOOD very small > > ? > > From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] > Sent: Tuesday, September 24, 2013 5:02 PM > To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com > Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > Subject: RE: [rancid] Palo Alto Networks > > ? > > Sure they can. I do it for 3 of them right now. > > ? > > Attached. Set your ?switch type? to paloalto. Works with names or IP > addresses. > > ? > > From: Ryan Milton [mailto:rmilton at mvsusa.com] > Sent: Tuesday, September 24, 2013 4:58 PM > To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com > Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > Subject: RE: [rancid] Palo Alto Networks > > ? > > I would certainly be interested in adding PAN devices to Rancid. I thought > that they couldn?t be read. That is what I?ve found with my HP switches?but > that is another matter. Any ideas on getting PAN devices read by Rancid > would be useful. > > ? > > Regards, > > Ryan Milton > > ? > > From:rancid-discuss-bounces at shrubbery.net > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug > Sent: Tuesday, September 24, 2013 12:26 PM > To: Kishore Rajani; rancid-discuss at googlegroups.com > Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Palo Alto Networks > > ? > > Yes, I have working panlogin and panrancid and have contributed them > upstream. Have you not been able to get them to work? > > ? > > ? > > From:rancid-discuss-bounces at shrubbery.net > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani > Sent: Monday, September 23, 2013 9:52 AM > To: rancid-discuss at googlegroups.com > Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Palo Alto Networks > > ? > > HI, > > did you manage to get the RANCID running with PAN? > > Regards, > Kishore > > On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: > > Nate Beck jivesoftware.com> writes: > > > > > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? > ?I > was wondering if anyone has created a *login for them. > > Thanks------------------- > > Nathan BeckSr. IT Engineer > > Jive Software > > 503.972.9024 > > Hi Nate, > > Did you find a *login script for PAN? > > Thanks, > > Guillaume Dupuis > > _______________________________________________ > Rancid-discuss mailing list > Rancid-... at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > ____________________________________________________________________________ > > CONFIDENTIALITY NOTICE: > This message contains confidential information and is intended only for the > individual named. If you are not the named addressee you should not > disseminate, distribute or copy this e-mail. Please notify the sender > immediately by e-mail if you have received this e-mail by mistake and delete > this e-mail from your system. E-mail transmission cannot be guaranteed to be > secure or error-free as information could be intercepted, corrupted, lost, > destroyed, arrive late or incomplete, or contain viruses. The sender > therefore does not accept liability for any errors or omissions in the > contents of this message, which arise as a result of e-mail transmission. If > verification is required please request a hard-copy version. > > Forcht Group IT, 2400 South Main Street, Corbin, Ky. > > . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. From rmilton at mvsusa.com Fri Sep 27 17:22:32 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Fri, 27 Sep 2013 17:22:32 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> <96853803542d475aa415c8c905ffb1f1@BN1PR01MB119.prod.exchangelabs.com> Message-ID: <7a8cda89f08e442b9fd35f0dbf61d98c@BN1PR01MB119.prod.exchangelabs.com> So, the Perl version is perl 5, version 14, subversion 2 (v5.14.2) built for x86_64-linux-gnu-thread-multi And rancid at ObserviumNYC:~$ sum /usr/lib/rancid/bin/panrancid 14180 9 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Friday, September 27, 2013 11:15 AM To: Ryan Milton; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks What version of Perl are you using? That looks like a Perl error. Also, I don?t have a define(%hash) at line 53 in the one I sent you. What does ?sum /usr/lib/rancid/bin/panrancid? say? It should say 14180 9 From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 27, 2013 11:08 AM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Hi Doug, So I am testing your scripts. I got one error: Trying to get all of the configs. defined(%hash) is deprecated at /usr/lib/rancid/bin/panrancid line 53. (Maybe you should just omit the defined()?) Paloaltofw1: missed cmd(s): show config running, set?.. Is there a fix for this? I figure the code is just out of date? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Tuesday, September 24, 2013 5:02 PM To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Sure they can. I do it for 3 of them right now. Attached. Set your ?switch type? to paloalto. Works with names or IP addresses. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Tuesday, September 24, 2013 4:58 PM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn?t be read. That is what I?ve found with my HP switches?but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. Regards, Ryan Milton From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Tuesday, September 24, 2013 12:26 PM To: Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.jpg Type: image/jpeg Size: 2724 bytes Desc: image002.jpg URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.jpg Type: image/jpeg Size: 2724 bytes Desc: image003.jpg URL: From heas at shrubbery.net Fri Sep 27 17:26:26 2013 From: heas at shrubbery.net (heasley) Date: Fri, 27 Sep 2013 17:26:26 +0000 Subject: [rancid] Rancid 3.0 License Change In-Reply-To: References: Message-ID: <20130927172626.GB31713@shrubbery.net> Thu, Sep 26, 2013 at 03:55:09PM -0500, Jeffrey Ollie: > I was just looking at some of the changes in Rancid 3.0 alpha and I saw > that this clause was added to the license: > > +## 6. Parties packaging or redistributing RANCID MAY NOT distribute altered > +## versions of the etc/rancid.types.base file nor alter how this file is > +## handled. The purpose of this condition is to help keep our support > +## costs down. > > This change makes Rancid non-Free and could be problematic for > distributions that package Rancid. I know that in particular it will be a > problem for Fedora. It is still free; you still pay nothing to us, no one is bound by this clause from modifying it for their own use, and it does not prevent parties from creating packages. Furthermore, I'd consider expanding that clause to the entire contents of the lib directory for the same goal. The clause does not prevent anyone from distributing a modified version of etc/rancid.types.conf and wouldnt prevent the addition of other libraries to the lib directory; providing a path around the clause, but still maintaining the goal. I think the goal is clear. I spend too much time providing support and recognize that a few on the rancid-discuss list help significantly; the time of neither is free. I foresee modifications described to be a potential rathole that I wish to avoid. That said, I'm open to suggestions to achieve that goal in a different manner. From rmilton at mvsusa.com Fri Sep 27 17:30:17 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Fri, 27 Sep 2013 17:30:17 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: References: Message-ID: Yes, what I have for the HP devices, is IPAddress:hp:up The problem is that even though I have it like that, I keep getting a "clogin error: Error: Couldn't login" When I test with the script (below) it works: rancid at ObserviumNYC:~$ /usr/lib/rancid/bin/hlogin -f /var/lib/rancid/.cloginrc hpswitch5 spawn hpuifilter -- ssh -c 3des -x -l rancid 94.229.14.250 *** truncated*** rancid at 94.229.14.250's password: Press any key to continuesw-1.ams5# sw-1.ams5# show conf Startup configuration: ; J9088A Configuration Edi***trunc*** Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com > -----Original Message----- > From: Jethro R Binks [mailto:jethro.binks at strath.ac.uk] > Sent: Friday, September 27, 2013 12:19 PM > To: Ryan Milton > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Palo Alto Networks > > And for the HP models you sent me privately, you would need to set the > type to "hp" in the same file, so it would have: > > devicename:hp:up > > or similar. > > Jethro. > > > > On Wed, 25 Sep 2013, Tom Simpson wrote: > > > After the switch name or IP you should have a :paloalto:up in the > > config file as well. > > > > Just like all of your CatOS devices would have a :cisco:up ?after all > > of them?. > > > > > > > > -- > > Thanks, > > > > Tom Simpson > > LAN/WAN Engineer > > Forcht Group of Kentucky > > 859.259.9700 x538 > > > > "We all knew there was just one way to improve our odds for survival: > > train, train, train. Sometimes, if your training is properly intense > > it will kill you. More often -- much, much more often -- it will save > > your life."??- Richard Marcinko, former US Navy SEAL Team Commander > > > > From: Ryan Milton > > Date: Wednesday, September 25, 2013 8:52 AM > > To: "Hughes, Doug" , Kishore > Rajani > > , "rancid-discuss at googlegroups.com" > > > > Cc: "guillaume.dupuis at novidys.com" , > > "rancid-discuss at shrubbery.net" > > Subject: Re: [rancid] Palo Alto Networks > > > > Wow! This is great. I am still quite a noob at Rancid. When you say > > ?switch type,? what do you mean by that? That is not in these files, is it? > > > > > > > > Regards, > > > > Ryan Milton > > > > MVS Network Manager > > > > o: 201-447-1505 x124 > > > > c: 862-249-5230 > > > > www.mvsusa.com > > > > MVS final logo GOOD very small > > > > > > > > From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] > > Sent: Tuesday, September 24, 2013 5:02 PM > > To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com > > Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > > Subject: RE: [rancid] Palo Alto Networks > > > > > > > > Sure they can. I do it for 3 of them right now. > > > > > > > > Attached. Set your ?switch type? to paloalto. Works with names or IP > > addresses. > > > > > > > > From: Ryan Milton [mailto:rmilton at mvsusa.com] > > Sent: Tuesday, September 24, 2013 4:58 PM > > To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com > > Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > > Subject: RE: [rancid] Palo Alto Networks > > > > > > > > I would certainly be interested in adding PAN devices to Rancid. I > > thought that they couldn?t be read. That is what I?ve found with my HP > > switches?but that is another matter. Any ideas on getting PAN devices > > read by Rancid would be useful. > > > > > > > > Regards, > > > > Ryan Milton > > > > > > > > From:rancid-discuss-bounces at shrubbery.net > > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, > > Doug > > Sent: Tuesday, September 24, 2013 12:26 PM > > To: Kishore Rajani; rancid-discuss at googlegroups.com > > Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > > Subject: Re: [rancid] Palo Alto Networks > > > > > > > > Yes, I have working panlogin and panrancid and have contributed them > > upstream. Have you not been able to get them to work? > > > > > > > > > > > > From:rancid-discuss-bounces at shrubbery.net > > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore > > Rajani > > Sent: Monday, September 23, 2013 9:52 AM > > To: rancid-discuss at googlegroups.com > > Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > > Subject: Re: [rancid] Palo Alto Networks > > > > > > > > HI, > > > > did you manage to get the RANCID running with PAN? > > > > Regards, > > Kishore > > > > On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: > > > > Nate Beck jivesoftware.com> writes: > > > > > > > > > > > Has anyone on the list worked with Palo Alto Network firewalls and > Rancid? > > ?I > > was wondering if anyone has created a *login for them. > > > Thanks------------------- > > > Nathan BeckSr. IT Engineer > > > Jive Software > > > 503.972.9024 > > > > Hi Nate, > > > > Did you find a *login script for PAN? > > > > Thanks, > > > > Guillaume Dupuis > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-... at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > > > > > > __________________________________________________________ > ____________ > > ______ > > > > CONFIDENTIALITY NOTICE: > > This message contains confidential information and is intended only > > for the individual named. If you are not the named addressee you > > should not disseminate, distribute or copy this e-mail. Please notify > > the sender immediately by e-mail if you have received this e-mail by > > mistake and delete this e-mail from your system. E-mail transmission > > cannot be guaranteed to be secure or error-free as information could > > be intercepted, corrupted, lost, destroyed, arrive late or incomplete, > > or contain viruses. The sender therefore does not accept liability for > > any errors or omissions in the contents of this message, which arise > > as a result of e-mail transmission. If verification is required please request a > hard-copy version. > > > > Forcht Group IT, 2400 South Main Street, Corbin, Ky. > > > > > > . . . . . . . . . . . . . . . . . . . . . . . . . > Jethro R Binks, Network Manager, > Information Services Directorate, University Of Strathclyde, Glasgow, UK > > The University of Strathclyde is a charitable body, registered in Scotland, > number SC015263. From jeff at ocjtech.us Fri Sep 27 17:48:39 2013 From: jeff at ocjtech.us (Jeffrey Ollie) Date: Fri, 27 Sep 2013 12:48:39 -0500 Subject: [rancid] Rancid 3.0 License Change In-Reply-To: <20130927172626.GB31713@shrubbery.net> References: <20130927172626.GB31713@shrubbery.net> Message-ID: On Fri, Sep 27, 2013 at 12:26 PM, heasley wrote: > > Thu, Sep 26, 2013 at 03:55:09PM -0500, Jeffrey Ollie: > > I was just looking at some of the changes in Rancid 3.0 alpha and I saw > > that this clause was added to the license: > > > > +## 6. Parties packaging or redistributing RANCID MAY NOT distribute altered > > +## versions of the etc/rancid.types.base file nor alter how this file is > > +## handled. The purpose of this condition is to help keep our support > > +## costs down. > > > > This change makes Rancid non-Free and could be problematic for > > distributions that package Rancid. I know that in particular it will be a > > problem for Fedora. > > It is still free; you still pay nothing to us, no one is bound by this clause > from modifying it for their own use, and it does not prevent parties from > creating packages. Yes, it's still "free as in beer" but not "free as in speech". > I think the goal is clear. I spend too much time providing support and > recognize that a few on the rancid-discuss list help significantly; the time > of neither is free. I foresee modifications described to be a potential > rathole that I wish to avoid. Yes, I saw the comments in the source and understand your goal and can sympathize. I just wanted you to be aware of the repercussions. Personally, I think that having Rancid available in distributions would make support easier because everything would get installed in the right place and all the dependencies would get installed as well. -- Jeff Ollie From Douglas.Hughes at DEShawResearch.com Fri Sep 27 19:57:58 2013 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Fri, 27 Sep 2013 19:57:58 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: <7a8cda89f08e442b9fd35f0dbf61d98c@BN1PR01MB119.prod.exchangelabs.com> References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> <96853803542d475aa415c8c905ffb1f1@BN1PR01MB119.prod.exchangelabs.com> <7a8cda89f08e442b9fd35f0dbf61d98c@BN1PR01MB119.prod.exchangelabs.com> Message-ID: I have perl 5.8.8. I?m not sure why that would make a significant difference, though. There are many used of defined in the perl code.. So why would it pick that one? (semi-rhetorical) It appears to be complaining about the first use of defined. Do other rancid files work ok? ProcessHistory is just lifted from another one, originally.. Does the crancid or hprancid work ok? Do you have access to an older Perl for testing? Does it work if you run panrancid directly on the command line from the bin directory? From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 27, 2013 1:23 PM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks So, the Perl version is perl 5, version 14, subversion 2 (v5.14.2) built for x86_64-linux-gnu-thread-multi And rancid at ObserviumNYC:~$ sum /usr/lib/rancid/bin/panrancid 14180 9 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Friday, September 27, 2013 11:15 AM To: Ryan Milton; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks What version of Perl are you using? That looks like a Perl error. Also, I don?t have a define(%hash) at line 53 in the one I sent you. What does ?sum /usr/lib/rancid/bin/panrancid? say? It should say 14180 9 From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 27, 2013 11:08 AM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Hi Doug, So I am testing your scripts. I got one error: Trying to get all of the configs. defined(%hash) is deprecated at /usr/lib/rancid/bin/panrancid line 53. (Maybe you should just omit the defined()?) Paloaltofw1: missed cmd(s): show config running, set?.. Is there a fix for this? I figure the code is just out of date? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Tuesday, September 24, 2013 5:02 PM To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Sure they can. I do it for 3 of them right now. Attached. Set your ?switch type? to paloalto. Works with names or IP addresses. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Tuesday, September 24, 2013 4:58 PM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn?t be read. That is what I?ve found with my HP switches?but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. Regards, Ryan Milton From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Tuesday, September 24, 2013 12:26 PM To: Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: From alan.mckinnon at gmail.com Fri Sep 27 20:04:29 2013 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Fri, 27 Sep 2013 22:04:29 +0200 Subject: [rancid] Rancid 3.0 License Change In-Reply-To: <20130927172626.GB31713@shrubbery.net> References: <20130927172626.GB31713@shrubbery.net> Message-ID: <5245E4CD.2030308@gmail.com> On 27/09/2013 19:26, heasley wrote: > Thu, Sep 26, 2013 at 03:55:09PM -0500, Jeffrey Ollie: >> I was just looking at some of the changes in Rancid 3.0 alpha and I saw >> that this clause was added to the license: >> >> +## 6. Parties packaging or redistributing RANCID MAY NOT distribute altered >> +## versions of the etc/rancid.types.base file nor alter how this file is >> +## handled. The purpose of this condition is to help keep our support >> +## costs down. >> >> This change makes Rancid non-Free and could be problematic for >> distributions that package Rancid. I know that in particular it will be a >> problem for Fedora. > > It is still free; you still pay nothing to us, no one is bound by this clause > from modifying it for their own use, and it does not prevent parties from > creating packages. > > Furthermore, I'd consider expanding that clause to the entire contents of the > lib directory for the same goal. The clause does not prevent anyone from > distributing a modified version of etc/rancid.types.conf and wouldnt prevent > the addition of other libraries to the lib directory; providing a path around > the clause, but still maintaining the goal. > > I think the goal is clear. I spend too much time providing support and > recognize that a few on the rancid-discuss list help significantly; the time > of neither is free. I foresee modifications described to be a potential > rathole that I wish to avoid. > > That said, I'm open to suggestions to achieve that goal in a different > manner. You're not obliged to support anything you don't want to, and I feel you are well within your rights (and the bounds of common decency) to say upfront you will answer questions iff rancid.types.base is untouched from as-shipped. Distro packagers know and understand this. When they change stuff, they assume the burden of supporting their changes for their users, and if you treat those changes as WONTFIX from your pov, then that's just how it is. The problem with the clause as it stands is not the intent, it's that the wording goes against the grain, is just a little bit unpalatable and is in any event un-policeable. Rancid is essentially under a BSD license. I would suggest you stick to that license for everything, and clearly define in the FAQ what you personally are willing to do. The usual best solution to packaging problems is to write the build system well in such a way the packager finds no real benefit in fiddling around with it, and so doesn't. This lets all of us get what we want as much as possible. -- Alan McKinnon alan.mckinnon at gmail.com From heas at shrubbery.net Fri Sep 27 20:54:10 2013 From: heas at shrubbery.net (heasley) Date: Fri, 27 Sep 2013 20:54:10 +0000 Subject: [rancid] Extreme Networks - Disable CLI Paging In-Reply-To: References: Message-ID: <20130927205410.GO31713@shrubbery.net> Wed, Sep 25, 2013 at 10:41:16PM +0000, Fleming, Graham: > Paul, thank you so so so much! I?ve been trying to figure this one out for awhile. This worked perfectly. which patch? Paul's or the one that I provided? From gfleming at srk.com Fri Sep 27 21:02:42 2013 From: gfleming at srk.com (Fleming, Graham) Date: Fri, 27 Sep 2013 21:02:42 +0000 Subject: [rancid] Extreme Networks - Disable CLI Paging In-Reply-To: <20130927205410.GO31713@shrubbery.net> Message-ID: I just tried Paul's and it worked. Didn't try yours. On 9/27/2013, 1:54 PM, "heasley" wrote: >Wed, Sep 25, 2013 at 10:41:16PM +0000, Fleming, Graham: >> Paul, thank you so so so much! I?ve been trying to figure this one out >>for awhile. This worked perfectly. > >which patch? Paul's or the one that I provided? > From prt at prt.org Fri Sep 27 21:38:25 2013 From: prt at prt.org (Paul Thornton) Date: Fri, 27 Sep 2013 22:38:25 +0100 Subject: [rancid] Extreme Networks - Disable CLI Paging In-Reply-To: References: Message-ID: <5245FAD1.6080802@prt.org> On 27/09/2013 22:02, Fleming, Graham wrote: > I just tried Paul's and it worked. Didn't try yours. The patch that we used to make this work was found here: > http://www.gossamer-threads.com/lists/engine?do=post_attachment;postatt_id=212;list=rancid I can't find the original randid-discuss message that pointed to this attachment though, which is annoying. I have another rancid installation I need to get going in the next few days. I can try the other patch on this and report back. Paul. -- Paul Thornton From tlimoncelli at stackexchange.com Fri Sep 27 18:08:16 2013 From: tlimoncelli at stackexchange.com (Tom Limoncelli) Date: Fri, 27 Sep 2013 14:08:16 -0400 Subject: [rancid] Rancid 3.0 License Change In-Reply-To: <20130927172626.GB31713@shrubbery.net> References: <20130927172626.GB31713@shrubbery.net> Message-ID: Reducing customer support costs low is an important goal. I think the problem is that going about it via license strictions brings problems for certain Linux distros that have rules about what can and can not be in the licenses of software they package. That said, there should be other ways to get the same goal: Some suggestions: 1. Calculate a hash or checksum of the file and print a warning if it is different. If it was an error the repackagers would also update the checksum. If it is an innocent, "Default rancid.types.base is in use: TRUE" (or FALSE) message they'll be less likely to want to remove it. 2. If the file has changed, the startup banner should list the version number with an "X" appended. When people list the version number (typically part of any service engagement) you'll immediately know if the file was non-standard. 3. Make it significantly easier to NOT change the file. For example, add a "conf.d" directory for people to add configs that are read after the main file. People can insert individual files for individual models. 4. Shame the people that do change it. Set up a web page called "The Naughty RANCID Distro list" which lists vendors that are known to have shipped a modified file. Include a link to instructions that explain how not to change the file. Those are just a few thoughts. Hope that helps, Tom -- Email: tal at whatexit.org Work: tlimoncelli at StackOverflow.com Skype: YesThatTom Blog: http://EverythingSysadmin.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From paul at gear.dyndns.org Sat Sep 28 01:52:09 2013 From: paul at gear.dyndns.org (Paul Gear) Date: Sat, 28 Sep 2013 11:52:09 +1000 Subject: [rancid] Rancid 3.0 License Change In-Reply-To: References: <20130927172626.GB31713@shrubbery.net> Message-ID: On 09/28/2013 04:08 AM, Tom Limoncelli wrote: > Reducing customer support costs low is an important goal. I think the > problem is that going about it via license strictions brings problems > for certain Linux distros that have rules about what can and can not be > in the licenses of software they package. > > That said, there should be other ways to get the same goal: > > Some suggestions: > > 1. Calculate a hash or checksum of the file and print a warning if it > is different. If it was an error the repackagers would also update the > checksum. If it is an innocent, "Default rancid.types.base is in use: > TRUE" (or FALSE) message they'll be less likely to want to remove it. > > 2. If the file has changed, the startup banner should list the version > number with an "X" appended. When people list the version number > (typically part of any service engagement) you'll immediately know if > the file was non-standard. > > 3. Make it significantly easier to NOT change the file. For example, > add a "conf.d" directory for people to add configs that are read after > the main file. People can insert individual files for individual models. > > 4. Shame the people that do change it. Set up a web page called "The > Naughty RANCID Distro list" which lists vendors that are known to have > shipped a modified file. Include a link to instructions that explain > how not to change the file. > > Those are just a few thoughts. Great suggestions from Tom. I think these are much better ways to handle the issue than in the license. Paul From rmilton at mvsusa.com Sat Sep 28 17:48:54 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Sat, 28 Sep 2013 17:48:54 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> <96853803542d475aa415c8c905ffb1f1@BN1PR01MB119.prod.exchangelabs.com> <7a8cda89f08e442b9fd35f0dbf61d98c@BN1PR01MB119.prod.exchangelabs.com>, Message-ID: <3d4d893728ac40149839c19ce2273a0f@BN1PR01MB119.prod.exchangelabs.com> You ask a few questions. Most of my scripts seem to work, like jrancid, nrancid. Hrancid (for hp?) doesn't seem to work as I get "failed to login" errors. Does it work if you run panrancid directly on the command line from the bin directory? -->not sure I know how to do this. Ryan Milton MVS Network Manager O: 201-447-1505 x124 C: 862-249-5230 ________________________________ From: Hughes, Doug Sent: Friday, September 27, 2013 3:57:58 PM To: Ryan Milton; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I have perl 5.8.8. I?m not sure why that would make a significant difference, though. There are many used of defined in the perl code.. So why would it pick that one? (semi-rhetorical) It appears to be complaining about the first use of defined. Do other rancid files work ok? ProcessHistory is just lifted from another one, originally.. Does the crancid or hprancid work ok? Do you have access to an older Perl for testing? Does it work if you run panrancid directly on the command line from the bin directory? From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 27, 2013 1:23 PM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks So, the Perl version is perl 5, version 14, subversion 2 (v5.14.2) built for x86_64-linux-gnu-thread-multi And rancid at ObserviumNYC:~$ sum /usr/lib/rancid/bin/panrancid 14180 9 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Friday, September 27, 2013 11:15 AM To: Ryan Milton; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks What version of Perl are you using? That looks like a Perl error. Also, I don?t have a define(%hash) at line 53 in the one I sent you. What does ?sum /usr/lib/rancid/bin/panrancid? say? It should say 14180 9 From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 27, 2013 11:08 AM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Hi Doug, So I am testing your scripts. I got one error: Trying to get all of the configs. defined(%hash) is deprecated at /usr/lib/rancid/bin/panrancid line 53. (Maybe you should just omit the defined()?) Paloaltofw1: missed cmd(s): show config running, set?.. Is there a fix for this? I figure the code is just out of date? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Tuesday, September 24, 2013 5:02 PM To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Sure they can. I do it for 3 of them right now. Attached. Set your ?switch type? to paloalto. Works with names or IP addresses. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Tuesday, September 24, 2013 4:58 PM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn?t be read. That is what I?ve found with my HP switches?but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. Regards, Ryan Milton From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Tuesday, September 24, 2013 12:26 PM To: Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: From Douglas.Hughes at DEShawResearch.com Sat Sep 28 17:52:55 2013 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Sat, 28 Sep 2013 17:52:55 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: <3d4d893728ac40149839c19ce2273a0f@BN1PR01MB119.prod.exchangelabs.com> References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> <96853803542d475aa415c8c905ffb1f1@BN1PR01MB119.prod.exchangelabs.com> <7a8cda89f08e442b9fd35f0dbf61d98c@BN1PR01MB119.prod.exchangelabs.com>, <3d4d893728ac40149839c19ce2273a0f@BN1PR01MB119.prod.exchangelabs.com> Message-ID: 1) Become the rancid user 2) make sure that panrancid and panlogin are in your path 3) "panrancid " After you run it, if it works, you should see a file .new in the current directory. If it fails, paste the results of this: "panrancid -d " From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Saturday, September 28, 2013 1:49 PM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks You ask a few questions. Most of my scripts seem to work, like jrancid, nrancid. Hrancid (for hp?) doesn't seem to work as I get "failed to login" errors. Does it work if you run panrancid directly on the command line from the bin directory? -->not sure I know how to do this. Ryan Milton MVS Network Manager O: 201-447-1505 x124 C: 862-249-5230 ________________________________ From: Hughes, Doug > Sent: Friday, September 27, 2013 3:57:58 PM To: Ryan Milton; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I have perl 5.8.8. I'm not sure why that would make a significant difference, though. There are many used of defined in the perl code.. So why would it pick that one? (semi-rhetorical) It appears to be complaining about the first use of defined. Do other rancid files work ok? ProcessHistory is just lifted from another one, originally.. Does the crancid or hprancid work ok? Do you have access to an older Perl for testing? Does it work if you run panrancid directly on the command line from the bin directory? From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 27, 2013 1:23 PM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks So, the Perl version is perl 5, version 14, subversion 2 (v5.14.2) built for x86_64-linux-gnu-thread-multi And rancid at ObserviumNYC:~$ sum /usr/lib/rancid/bin/panrancid 14180 9 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Friday, September 27, 2013 11:15 AM To: Ryan Milton; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks What version of Perl are you using? That looks like a Perl error. Also, I don't have a define(%hash) at line 53 in the one I sent you. What does 'sum /usr/lib/rancid/bin/panrancid' say? It should say 14180 9 From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 27, 2013 11:08 AM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Hi Doug, So I am testing your scripts. I got one error: Trying to get all of the configs. defined(%hash) is deprecated at /usr/lib/rancid/bin/panrancid line 53. (Maybe you should just omit the defined()?) Paloaltofw1: missed cmd(s): show config running, set..... Is there a fix for this? I figure the code is just out of date? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Tuesday, September 24, 2013 5:02 PM To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Sure they can. I do it for 3 of them right now. Attached. Set your 'switch type' to paloalto. Works with names or IP addresses. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Tuesday, September 24, 2013 4:58 PM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn't be read. That is what I've found with my HP switches-but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. Regards, Ryan Milton From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Tuesday, September 24, 2013 12:26 PM To: Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: From kams19 at gmail.com Sat Sep 28 17:56:56 2013 From: kams19 at gmail.com (Kishore Rajani) Date: Sat, 28 Sep 2013 18:56:56 +0100 Subject: [rancid] Palo Alto Networks In-Reply-To: <3d4d893728ac40149839c19ce2273a0f@BN1PR01MB119.prod.exchangelabs.com> References: <5b25d874-8e64-4249-96f1-51a2f3885b26@googlegroups.com> <96853803542d475aa415c8c905ffb1f1@BN1PR01MB119.prod.exchangelabs.com> <7a8cda89f08e442b9fd35f0dbf61d98c@BN1PR01MB119.prod.exchangelabs.com> <3d4d893728ac40149839c19ce2273a0f@BN1PR01MB119.prod.exchangelabs.com> Message-ID: Think you have to do bin/panlogin device-name Regards, Kishore On 28 Sep 2013 18:49, "Ryan Milton" wrote: > You ask a few questions. Most of my scripts seem to work, like jrancid, > nrancid. Hrancid (for hp?) doesn't seem to work as I get "failed to login" > errors. > > Does it work if you run panrancid directly on the command line from the > bin directory? > > -->not sure I know how to do this. > > Ryan Milton > MVS Network Manager > O: 201-447-1505 x124 > C: 862-249-5230 > ------------------------------ > *From:* Hughes, Doug > *Sent:* Friday, September 27, 2013 3:57:58 PM > *To:* Ryan Milton; Kishore Rajani > *Cc:* guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > *Subject:* RE: [rancid] Palo Alto Networks > > > I have perl 5.8.8. I?m not sure why that would make a significant > difference, though. > > > > There are many used of defined in the perl code.. So why would it pick > that one? (semi-rhetorical) > > > > It appears to be complaining about the first use of defined. Do other > rancid files work ok? ProcessHistory is just lifted from another one, > originally.. Does the crancid or hprancid work ok? > > > > Do you have access to an older Perl for testing? > > > > Does it work if you run panrancid directly on the command line from the > bin directory? > > > > > > *From:* Ryan Milton [mailto:rmilton at mvsusa.com] > *Sent:* Friday, September 27, 2013 1:23 PM > *To:* Hughes, Doug; Kishore Rajani > *Cc:* guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > *Subject:* RE: [rancid] Palo Alto Networks > > > > So, the Perl version is perl 5, version 14, subversion 2 (v5.14.2) built > for x86_64-linux-gnu-thread-multi > > > > And > > > > rancid at ObserviumNYC:~$ sum /usr/lib/rancid/bin/panrancid > > 14180 9 > > > > Regards, > > Ryan Milton > > MVS Network Manager > > o: 201-447-1505 x124 > > c: 862-249-5230 > > www.mvsusa.com > > [image: MVS final logo GOOD very small] > > > > *From:* Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] > > *Sent:* Friday, September 27, 2013 11:15 AM > *To:* Ryan Milton; Kishore Rajani > *Cc:* guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > *Subject:* RE: [rancid] Palo Alto Networks > > > > What version of Perl are you using? That looks like a Perl error. Also, I > don?t have a define(%hash) at line 53 in the one I sent you. > > > > What does ?sum /usr/lib/rancid/bin/panrancid? say? > > It should say > > 14180 9 > > > > > > *From:* Ryan Milton [mailto:rmilton at mvsusa.com ] > *Sent:* Friday, September 27, 2013 11:08 AM > *To:* Hughes, Doug; Kishore Rajani > *Cc:* guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > *Subject:* RE: [rancid] Palo Alto Networks > > > > Hi Doug, > > > > So I am testing your scripts. I got one error: > > Trying to get all of the configs. > > defined(%hash) is deprecated at /usr/lib/rancid/bin/panrancid line 53. > > (Maybe you should just omit the defined()?) > > Paloaltofw1: missed cmd(s): show config running, set?.. > > > > Is there a fix for this? I figure the code is just out of date? > > > > Regards, > > Ryan Milton > > MVS Network Manager > > o: 201-447-1505 x124 > > c: 862-249-5230 > > www.mvsusa.com > > [image: MVS final logo GOOD very small] > > > > *From:* Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] > > *Sent:* Tuesday, September 24, 2013 5:02 PM > *To:* Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com > *Cc:* guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > *Subject:* RE: [rancid] Palo Alto Networks > > > > Sure they can. I do it for 3 of them right now. > > > > Attached. Set your ?switch type? to paloalto. Works with names or IP > addresses. > > > > *From:* Ryan Milton [mailto:rmilton at mvsusa.com ] > *Sent:* Tuesday, September 24, 2013 4:58 PM > *To:* Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com > *Cc:* guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > *Subject:* RE: [rancid] Palo Alto Networks > > > > I would certainly be interested in adding PAN devices to Rancid. I thought > that they couldn?t be read. That is what I?ve found with my HP switches?but > that is another matter. Any ideas on getting PAN devices read by Rancid > would be useful. > > > > Regards, > > Ryan Milton > > > > *From:* rancid-discuss-bounces at shrubbery.net [ > mailto:rancid-discuss-bounces at shrubbery.net] > *On Behalf Of *Hughes, Doug > *Sent:* Tuesday, September 24, 2013 12:26 PM > *To:* Kishore Rajani; rancid-discuss at googlegroups.com > *Cc:* guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Palo Alto Networks > > > > Yes, I have working panlogin and panrancid and have contributed them > upstream. Have you not been able to get them to work? > > > > > > *From:* rancid-discuss-bounces at shrubbery.net [ > mailto:rancid-discuss-bounces at shrubbery.net] > *On Behalf Of *Kishore Rajani > *Sent:* Monday, September 23, 2013 9:52 AM > *To:* rancid-discuss at googlegroups.com > *Cc:* guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Palo Alto Networks > > > > HI, > > did you manage to get the RANCID running with PAN? > > Regards, > Kishore > > On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: > > Nate Beck jivesoftware.com> writes: > > > > > > > Has anyone on the list worked with Palo Alto Network firewalls and > Rancid? I > was wondering if anyone has created a *login for them. > > Thanks------------------- > > Nathan BeckSr. IT Engineer > > Jive Software > > 503.972.9024 > > Hi Nate, > > Did you find a *login script for PAN? > > Thanks, > > Guillaume Dupuis > > _______________________________________________ > Rancid-discuss mailing list > Rancid-... at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: not available URL: From rmilton at mvsusa.com Sat Sep 28 22:17:21 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Sat, 28 Sep 2013 22:17:21 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: Message-ID: When I go to the executables directory, /usr/lib/rancid/bin/ and panrancid , or jrancid , etc, I get the same thing: "panrancid: command not found", or "jrancid: command not found." so if I run the panlogin, jlogin, etc, I get into the device, but that?s it. As I wrote that above message, I just did a "rancid-run" and DID get a revision to my Palo Alto test device. So I guess that is good. I don't really know if that will work here forward, but does that mean that it is working? Sorry to sound like the noob that I am. Ryan From: , Doug > Date: Saturday, September 28, 2013 1:52 PM To: Ryan Milton >, Kishore Rajani > Cc: "guillaume.dupuis at novidys.com" >, "rancid-discuss at shrubbery.net" > Subject: RE: [rancid] Palo Alto Networks 1) Become the rancid user 2) make sure that panrancid and panlogin are in your path 3) ?panrancid ? After you run it, if it works, you should see a file .new in the current directory. If it fails, paste the results of this: ?panrancid ?d ? From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Saturday, September 28, 2013 1:49 PM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks You ask a few questions. Most of my scripts seem to work, like jrancid, nrancid. Hrancid (for hp?) doesn't seem to work as I get "failed to login" errors. Does it work if you run panrancid directly on the command line from the bin directory? -->not sure I know how to do this. Ryan Milton MVS Network Manager O: 201-447-1505 x124 C: 862-249-5230 ________________________________ From: Hughes, Doug > Sent: Friday, September 27, 2013 3:57:58 PM To: Ryan Milton; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I have perl 5.8.8. I?m not sure why that would make a significant difference, though. There are many used of defined in the perl code.. So why would it pick that one? (semi-rhetorical) It appears to be complaining about the first use of defined. Do other rancid files work ok? ProcessHistory is just lifted from another one, originally.. Does the crancid or hprancid work ok? Do you have access to an older Perl for testing? Does it work if you run panrancid directly on the command line from the bin directory? From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 27, 2013 1:23 PM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks So, the Perl version is perl 5, version 14, subversion 2 (v5.14.2) built for x86_64-linux-gnu-thread-multi And rancid at ObserviumNYC:~$ sum /usr/lib/rancid/bin/panrancid 14180 9 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Friday, September 27, 2013 11:15 AM To: Ryan Milton; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks What version of Perl are you using? That looks like a Perl error. Also, I don?t have a define(%hash) at line 53 in the one I sent you. What does ?sum /usr/lib/rancid/bin/panrancid? say? It should say 14180 9 From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 27, 2013 11:08 AM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Hi Doug, So I am testing your scripts. I got one error: Trying to get all of the configs. defined(%hash) is deprecated at /usr/lib/rancid/bin/panrancid line 53. (Maybe you should just omit the defined()?) Paloaltofw1: missed cmd(s): show config running, set?.. Is there a fix for this? I figure the code is just out of date? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Tuesday, September 24, 2013 5:02 PM To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Sure they can. I do it for 3 of them right now. Attached. Set your ?switch type? to paloalto. Works with names or IP addresses. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Tuesday, September 24, 2013 4:58 PM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn?t be read. That is what I?ve found with my HP switches?but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. Regards, Ryan Milton From:rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Tuesday, September 24, 2013 12:26 PM To: Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From:rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: From r.engehausen at gmail.com Sat Sep 28 22:26:51 2013 From: r.engehausen at gmail.com (Roy) Date: Sat, 28 Sep 2013 15:26:51 -0700 Subject: [rancid] Palo Alto Networks In-Reply-To: References: Message-ID: <524757AB.9070300@gmail.com> An HTML attachment was scrubbed... URL: From Douglas.Hughes at DEShawResearch.com Sat Sep 28 22:29:55 2013 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Sat, 28 Sep 2013 22:29:55 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: References: Message-ID: Yeah, that means it is working. It looks like you have a path problem. Make sure that your rancid user account has /usr/lib/rancid/bin first in path. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Saturday, September 28, 2013 6:17 PM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks When I go to the executables directory, /usr/lib/rancid/bin/ and panrancid , or jrancid , etc, I get the same thing: "panrancid: command not found", or "jrancid: command not found." so if I run the panlogin, jlogin, etc, I get into the device, but that's it. As I wrote that above message, I just did a "rancid-run" and DID get a revision to my Palo Alto test device. So I guess that is good. I don't really know if that will work here forward, but does that mean that it is working? Sorry to sound like the noob that I am. Ryan From: , Doug > Date: Saturday, September 28, 2013 1:52 PM To: Ryan Milton >, Kishore Rajani > Cc: "guillaume.dupuis at novidys.com" >, "rancid-discuss at shrubbery.net" > Subject: RE: [rancid] Palo Alto Networks 1) Become the rancid user 2) make sure that panrancid and panlogin are in your path 3) "panrancid " After you run it, if it works, you should see a file .new in the current directory. If it fails, paste the results of this: "panrancid -d " From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Saturday, September 28, 2013 1:49 PM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks You ask a few questions. Most of my scripts seem to work, like jrancid, nrancid. Hrancid (for hp?) doesn't seem to work as I get "failed to login" errors. Does it work if you run panrancid directly on the command line from the bin directory? -->not sure I know how to do this. Ryan Milton MVS Network Manager O: 201-447-1505 x124 C: 862-249-5230 ________________________________ From: Hughes, Doug > Sent: Friday, September 27, 2013 3:57:58 PM To: Ryan Milton; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I have perl 5.8.8. I'm not sure why that would make a significant difference, though. There are many used of defined in the perl code.. So why would it pick that one? (semi-rhetorical) It appears to be complaining about the first use of defined. Do other rancid files work ok? ProcessHistory is just lifted from another one, originally.. Does the crancid or hprancid work ok? Do you have access to an older Perl for testing? Does it work if you run panrancid directly on the command line from the bin directory? From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 27, 2013 1:23 PM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks So, the Perl version is perl 5, version 14, subversion 2 (v5.14.2) built for x86_64-linux-gnu-thread-multi And rancid at ObserviumNYC:~$ sum /usr/lib/rancid/bin/panrancid 14180 9 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Friday, September 27, 2013 11:15 AM To: Ryan Milton; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks What version of Perl are you using? That looks like a Perl error. Also, I don't have a define(%hash) at line 53 in the one I sent you. What does 'sum /usr/lib/rancid/bin/panrancid' say? It should say 14180 9 From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 27, 2013 11:08 AM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Hi Doug, So I am testing your scripts. I got one error: Trying to get all of the configs. defined(%hash) is deprecated at /usr/lib/rancid/bin/panrancid line 53. (Maybe you should just omit the defined()?) Paloaltofw1: missed cmd(s): show config running, set..... Is there a fix for this? I figure the code is just out of date? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Tuesday, September 24, 2013 5:02 PM To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Sure they can. I do it for 3 of them right now. Attached. Set your 'switch type' to paloalto. Works with names or IP addresses. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Tuesday, September 24, 2013 4:58 PM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn't be read. That is what I've found with my HP switches-but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. Regards, Ryan Milton From:rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Tuesday, September 24, 2013 12:26 PM To: Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From:rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: From rmilton at mvsusa.com Sat Sep 28 22:30:22 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Sat, 28 Sep 2013 22:30:22 +0000 Subject: [rancid] Explain email error Message-ID: I have had quite a time getting my HP Procurve switches to work with rancid. Long story short, this test works: /usr/lib/rancid/bin/hlogin -f /var/lib/rancid/.cloginrc I get into the devices from the cli. When I just let rancid contact the devices on its own, then I get this email, which makes me think there is a permissions error (?): The following routers have not been successfully contacted for more than 24 hours. -rw-r----- 1 rancid rancid 0 Sep 27 10:09 94.229.14.250 On the other hand, when I look in my logs, the message is simply that rancid couldn't login. (?!?!) clogin error: Error: Couldn't login : missed cmd(s): show stack,show module,show flash,show version,show system-information,write term,show system information This is the eternal issue! Everytime I think I've got it: boom! Failure Ryan -------------- next part -------------- An HTML attachment was scrubbed... URL: From rmilton at mvsusa.com Sat Sep 28 22:52:08 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Sat, 28 Sep 2013 22:52:08 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: Message-ID: Ok, I "sort of" get your meaning. So, then I find this: lrwxrwxrwx 1 root root 28 Mar 5 2012 rancid-run -> ../lib/rancid/bin/rancid-run But How do I edit to "make sure that ?account has /usr/lib/rancid/bin "first" in path." ? I looked at /etc/rancid/rancid.conf, and in there, the only path info that I found possibly suspect is this, but I have no idea here. I'm grasping at straws. TMPDIR=/tmp; export TMPDIR # Be careful changing this, it affects CVSROOT below. BASEDIR=/var/lib/rancid; export BASEDIR PATH=/usr/lib/rancid/bin:/usr/bin:/usr/sbin:/bin:/usr/local/bin:/usr/bin; export PATH # Location of the CVS/SVN repository. Be careful changing this. From: , Doug > Date: Saturday, September 28, 2013 6:29 PM To: Ryan Milton >, Kishore Rajani > Cc: "guillaume.dupuis at novidys.com" >, "rancid-discuss at shrubbery.net" > Subject: RE: [rancid] Palo Alto Networks Yeah, that means it is working. It looks like you have a path problem. Make sure that your rancid user account has /usr/lib/rancid/bin first in path. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Saturday, September 28, 2013 6:17 PM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks When I go to the executables directory, /usr/lib/rancid/bin/ and panrancid , or jrancid , etc, I get the same thing: "panrancid: command not found", or "jrancid: command not found." so if I run the panlogin, jlogin, etc, I get into the device, but that?s it. As I wrote that above message, I just did a "rancid-run" and DID get a revision to my Palo Alto test device. So I guess that is good. I don't really know if that will work here forward, but does that mean that it is working? Sorry to sound like the noob that I am. Ryan From: , Doug > Date: Saturday, September 28, 2013 1:52 PM To: Ryan Milton >, Kishore Rajani > Cc: "guillaume.dupuis at novidys.com" >, "rancid-discuss at shrubbery.net" > Subject: RE: [rancid] Palo Alto Networks 1) Become the rancid user 2) make sure that panrancid and panlogin are in your path 3) ?panrancid ? After you run it, if it works, you should see a file .new in the current directory. If it fails, paste the results of this: ?panrancid ?d ? From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Saturday, September 28, 2013 1:49 PM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks You ask a few questions. Most of my scripts seem to work, like jrancid, nrancid. Hrancid (for hp?) doesn't seem to work as I get "failed to login" errors. Does it work if you run panrancid directly on the command line from the bin directory? -->not sure I know how to do this. Ryan Milton MVS Network Manager O: 201-447-1505 x124 C: 862-249-5230 ________________________________ From: Hughes, Doug > Sent: Friday, September 27, 2013 3:57:58 PM To: Ryan Milton; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I have perl 5.8.8. I?m not sure why that would make a significant difference, though. There are many used of defined in the perl code.. So why would it pick that one? (semi-rhetorical) It appears to be complaining about the first use of defined. Do other rancid files work ok? ProcessHistory is just lifted from another one, originally.. Does the crancid or hprancid work ok? Do you have access to an older Perl for testing? Does it work if you run panrancid directly on the command line from the bin directory? From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 27, 2013 1:23 PM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks So, the Perl version is perl 5, version 14, subversion 2 (v5.14.2) built for x86_64-linux-gnu-thread-multi And rancid at ObserviumNYC:~$ sum /usr/lib/rancid/bin/panrancid 14180 9 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Friday, September 27, 2013 11:15 AM To: Ryan Milton; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks What version of Perl are you using? That looks like a Perl error. Also, I don?t have a define(%hash) at line 53 in the one I sent you. What does ?sum /usr/lib/rancid/bin/panrancid? say? It should say 14180 9 From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 27, 2013 11:08 AM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Hi Doug, So I am testing your scripts. I got one error: Trying to get all of the configs. defined(%hash) is deprecated at /usr/lib/rancid/bin/panrancid line 53. (Maybe you should just omit the defined()?) Paloaltofw1: missed cmd(s): show config running, set?.. Is there a fix for this? I figure the code is just out of date? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Tuesday, September 24, 2013 5:02 PM To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Sure they can. I do it for 3 of them right now. Attached. Set your ?switch type? to paloalto. Works with names or IP addresses. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Tuesday, September 24, 2013 4:58 PM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn?t be read. That is what I?ve found with my HP switches?but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. Regards, Ryan Milton From:rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Tuesday, September 24, 2013 12:26 PM To: Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From:rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: From alan.mckinnon at gmail.com Sat Sep 28 22:57:53 2013 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Sun, 29 Sep 2013 00:57:53 +0200 Subject: [rancid] Explain email error In-Reply-To: References: Message-ID: <52475EF1.6040903@gmail.com> On 29/09/2013 00:30, Ryan Milton wrote: > I have had quite a time getting my HP Procurve switches to work with > rancid. Long story short, this test works: > > /usr/lib/rancid/bin/hlogin -f /var/lib/rancid/.cloginrc > > > I get into the devices from the cli. > > When I just let rancid contact the devices on its own, then I get this > email, which makes me think there is a permissions error (?): > > The following routers have not been successfully contacted for > more than 24 hours. > -rw-r----- 1 rancid rancid 0 Sep 27 10:09 94.229.14.250 > > On the other hand, when I look in my logs, the message is simply that > rancid couldn't login. > > (?!?!) clogin error: Error: Couldn't login > : missed cmd(s): show stack,show module,show flash,show > version,show system-information,write term,show system information > > This is the eternal issue! Everytime I think I've got it: boom! Failure You are running hlogin. rancid-run is launching clogin. That is incorrect and is a data error. Please provide the exact line in router.db for that device (make sure you check all your groups, you may have it defined in two places); your complete rancid.conf; and whether /var/lib/rancid/ truly is rancid's home directory per /etc/passwd -- Alan McKinnon alan.mckinnon at gmail.com From r.engehausen at gmail.com Sat Sep 28 23:16:29 2013 From: r.engehausen at gmail.com (Roy) Date: Sat, 28 Sep 2013 16:16:29 -0700 Subject: [rancid] Palo Alto Networks In-Reply-To: References: Message-ID: <5247634D.7020007@gmail.com> An HTML attachment was scrubbed... URL: From Douglas.Hughes at DEShawResearch.com Sat Sep 28 23:23:20 2013 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Sat, 28 Sep 2013 23:23:20 +0000 Subject: [rancid] Palo Alto Networks In-Reply-To: References: Message-ID: If the rancid user is using the /bin/bash, /bin/sh, or /bin/ksh shell add this to ~rancid/.bash_profile PATH=/usr/lib/rancid/bin:$PATH export PATH If the rancid user is using /bin/tcsh or /bin/csh or something like that add this to .cshrc set path=(/usr/lib/rancid/bin $path) then start a fresh login shell as rancid user (ssh, login, whatever) and try the commands again. They should work. grep rancid /etc/passwd to get the shell. It should be at the end of the line. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Saturday, September 28, 2013 6:52 PM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Ok, I "sort of" get your meaning. So, then I find this: lrwxrwxrwx 1 root root 28 Mar 5 2012 rancid-run -> ../lib/rancid/bin/rancid-run But How do I edit to "make sure that ...account has /usr/lib/rancid/bin "first" in path." ? I looked at /etc/rancid/rancid.conf, and in there, the only path info that I found possibly suspect is this, but I have no idea here. I'm grasping at straws. TMPDIR=/tmp; export TMPDIR # Be careful changing this, it affects CVSROOT below. BASEDIR=/var/lib/rancid; export BASEDIR PATH=/usr/lib/rancid/bin:/usr/bin:/usr/sbin:/bin:/usr/local/bin:/usr/bin; export PATH # Location of the CVS/SVN repository. Be careful changing this. From: , Doug > Date: Saturday, September 28, 2013 6:29 PM To: Ryan Milton >, Kishore Rajani > Cc: "guillaume.dupuis at novidys.com" >, "rancid-discuss at shrubbery.net" > Subject: RE: [rancid] Palo Alto Networks Yeah, that means it is working. It looks like you have a path problem. Make sure that your rancid user account has /usr/lib/rancid/bin first in path. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Saturday, September 28, 2013 6:17 PM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks When I go to the executables directory, /usr/lib/rancid/bin/ and panrancid , or jrancid , etc, I get the same thing: "panrancid: command not found", or "jrancid: command not found." so if I run the panlogin, jlogin, etc, I get into the device, but that's it. As I wrote that above message, I just did a "rancid-run" and DID get a revision to my Palo Alto test device. So I guess that is good. I don't really know if that will work here forward, but does that mean that it is working? Sorry to sound like the noob that I am. Ryan From: , Doug > Date: Saturday, September 28, 2013 1:52 PM To: Ryan Milton >, Kishore Rajani > Cc: "guillaume.dupuis at novidys.com" >, "rancid-discuss at shrubbery.net" > Subject: RE: [rancid] Palo Alto Networks 1) Become the rancid user 2) make sure that panrancid and panlogin are in your path 3) "panrancid " After you run it, if it works, you should see a file .new in the current directory. If it fails, paste the results of this: "panrancid -d " From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Saturday, September 28, 2013 1:49 PM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks You ask a few questions. Most of my scripts seem to work, like jrancid, nrancid. Hrancid (for hp?) doesn't seem to work as I get "failed to login" errors. Does it work if you run panrancid directly on the command line from the bin directory? -->not sure I know how to do this. Ryan Milton MVS Network Manager O: 201-447-1505 x124 C: 862-249-5230 ________________________________ From: Hughes, Doug > Sent: Friday, September 27, 2013 3:57:58 PM To: Ryan Milton; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I have perl 5.8.8. I'm not sure why that would make a significant difference, though. There are many used of defined in the perl code.. So why would it pick that one? (semi-rhetorical) It appears to be complaining about the first use of defined. Do other rancid files work ok? ProcessHistory is just lifted from another one, originally.. Does the crancid or hprancid work ok? Do you have access to an older Perl for testing? Does it work if you run panrancid directly on the command line from the bin directory? From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 27, 2013 1:23 PM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks So, the Perl version is perl 5, version 14, subversion 2 (v5.14.2) built for x86_64-linux-gnu-thread-multi And rancid at ObserviumNYC:~$ sum /usr/lib/rancid/bin/panrancid 14180 9 Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Friday, September 27, 2013 11:15 AM To: Ryan Milton; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks What version of Perl are you using? That looks like a Perl error. Also, I don't have a define(%hash) at line 53 in the one I sent you. What does 'sum /usr/lib/rancid/bin/panrancid' say? It should say 14180 9 From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Friday, September 27, 2013 11:08 AM To: Hughes, Doug; Kishore Rajani Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Hi Doug, So I am testing your scripts. I got one error: Trying to get all of the configs. defined(%hash) is deprecated at /usr/lib/rancid/bin/panrancid line 53. (Maybe you should just omit the defined()?) Paloaltofw1: missed cmd(s): show config running, set..... Is there a fix for this? I figure the code is just out of date? Regards, Ryan Milton MVS Network Manager o: 201-447-1505 x124 c: 862-249-5230 www.mvsusa.com [MVS final logo GOOD very small] From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] Sent: Tuesday, September 24, 2013 5:02 PM To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks Sure they can. I do it for 3 of them right now. Attached. Set your 'switch type' to paloalto. Works with names or IP addresses. From: Ryan Milton [mailto:rmilton at mvsusa.com] Sent: Tuesday, September 24, 2013 4:58 PM To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Palo Alto Networks I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn't be read. That is what I've found with my HP switches-but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. Regards, Ryan Milton From:rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug Sent: Tuesday, September 24, 2013 12:26 PM To: Kishore Rajani; rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? From:rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani Sent: Monday, September 23, 2013 9:52 AM To: rancid-discuss at googlegroups.com Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Palo Alto Networks HI, did you manage to get the RANCID running with PAN? Regards, Kishore On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: Nate Beck jivesoftware.com> writes: > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I was wondering if anyone has created a *login for them. > Thanks------------------- > Nathan BeckSr. IT Engineer > Jive Software > 503.972.9024 Hi Nate, Did you find a *login script for PAN? Thanks, Guillaume Dupuis _______________________________________________ Rancid-discuss mailing list Rancid-... at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2724 bytes Desc: image001.jpg URL: From jethro.binks at strath.ac.uk Sat Sep 28 23:29:01 2013 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Sun, 29 Sep 2013 00:29:01 +0100 (BST) Subject: [rancid] Palo Alto Networks In-Reply-To: References: Message-ID: On Sat, 28 Sep 2013, Ryan Milton wrote: > When I go to the executables directory, /usr/lib/rancid/bin/ and > panrancid , or jrancid , etc, I get the same thing: > "panrancid: command not found", or "jrancid: command not found." so if I > run the panlogin, jlogin, etc, I get into the device, but that?s it. What are the first lines of the files "panracid" and "jrancid" ? It should be the path to your perl interpreter, for example: #! /usr/bin/perl5 > o: 201-447-1505 x124 > c: 862-249-5230 > www.mvsusa.com > [MVS final logo GOOD very small] > > From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] > Sent: Friday, September 27, 2013 11:15 AM > To: Ryan Milton; Kishore Rajani > Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > Subject: RE: [rancid] Palo Alto Networks > > What version of Perl are you using? That looks like a Perl error. Also, I don?t have a define(%hash) at line 53 in the one I sent you. > > What does ?sum /usr/lib/rancid/bin/panrancid? say? > It should say > 14180 9 > > > From: Ryan Milton [mailto:rmilton at mvsusa.com] > Sent: Friday, September 27, 2013 11:08 AM > To: Hughes, Doug; Kishore Rajani > Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > Subject: RE: [rancid] Palo Alto Networks > > Hi Doug, > > So I am testing your scripts. I got one error: > Trying to get all of the configs. > defined(%hash) is deprecated at /usr/lib/rancid/bin/panrancid line 53. > (Maybe you should just omit the defined()?) > Paloaltofw1: missed cmd(s): show config running, set?.. > > Is there a fix for this? I figure the code is just out of date? > > Regards, > Ryan Milton > MVS Network Manager > o: 201-447-1505 x124 > c: 862-249-5230 > www.mvsusa.com > [MVS final logo GOOD very small] > > From: Hughes, Doug [mailto:Douglas.Hughes at DEShawResearch.com] > Sent: Tuesday, September 24, 2013 5:02 PM > To: Ryan Milton; Kishore Rajani; rancid-discuss at googlegroups.com > Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > Subject: RE: [rancid] Palo Alto Networks > > Sure they can. I do it for 3 of them right now. > > Attached. Set your ?switch type? to paloalto. Works with names or IP addresses. > > From: Ryan Milton [mailto:rmilton at mvsusa.com] > Sent: Tuesday, September 24, 2013 4:58 PM > To: Hughes, Doug; Kishore Rajani; rancid-discuss at googlegroups.com > Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > Subject: RE: [rancid] Palo Alto Networks > > I would certainly be interested in adding PAN devices to Rancid. I thought that they couldn?t be read. That is what I?ve found with my HP switches?but that is another matter. Any ideas on getting PAN devices read by Rancid would be useful. > > Regards, > Ryan Milton > > From:rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Hughes, Doug > Sent: Tuesday, September 24, 2013 12:26 PM > To: Kishore Rajani; rancid-discuss at googlegroups.com > Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Palo Alto Networks > > Yes, I have working panlogin and panrancid and have contributed them upstream. Have you not been able to get them to work? > > > From:rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Kishore Rajani > Sent: Monday, September 23, 2013 9:52 AM > To: rancid-discuss at googlegroups.com > Cc: guillaume.dupuis at novidys.com; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Palo Alto Networks > > HI, > > did you manage to get the RANCID running with PAN? > > Regards, > Kishore > > On Thursday, 29 March 2012 13:53:33 UTC+1, Guillaume Dupuis wrote: > Nate Beck jivesoftware.com> writes: > > > > > > > Has anyone on the list worked with Palo Alto Network firewalls and Rancid? I > was wondering if anyone has created a *login for them. > > Thanks------------------- > > Nathan BeckSr. IT Engineer > > Jive Software > > 503.972.9024 > > Hi Nate, > > Did you find a *login script for PAN? > > Thanks, > > Guillaume Dupuis > > _______________________________________________ > Rancid-discuss mailing list > Rancid-... at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. From rmilton at mvsusa.com Sun Sep 29 00:05:19 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Sun, 29 Sep 2013 00:05:19 +0000 Subject: [rancid] Explain email error In-Reply-To: <52475EF1.6040903@gmail.com> Message-ID: Thanks, >From the bottom, looking in /etc/passwd: rancid:x:1001:1001:Rancid,,,:/home/rancid:/bin/bash (I take that as incorrect!) >From /var/lib/rancid/Network/router.db : hpswitch.ams:hp:up -I only have it here (used locate router.db, only one line came back) My rancid.conf rancid 2.3.6 # This file sets up the environment used for rancid. see rancid.conf(5) # # This will be site specific # TERM=network;export TERM # # Create files w/o world read/write/exec permissions, but read/exec permissions # for group. umask 027 # # Under BASEDIR (i.e.: --localstatedir), there will be a "logs" directory for # the logs from rancid and a directory for each group of routers defined in # LIST_OF_GROUPS (below). In addition to these, there will be a "CVS" # directory which is the cvs (or Subversion) repository. # # Use a full path (no sym-links) for BASEDIR. # TMPDIR=/tmp; export TMPDIR # Be careful changing this, it affects CVSROOT below. BASEDIR=/var/lib/rancid; export BASEDIR PATH=/usr/lib/rancid/bin:/usr/bin:/usr/sbin:/bin:/usr/local/bin:/usr/bin; export PATH # Location of the CVS/SVN repository. Be careful changing this. CVSROOT=$BASEDIR/CVS; export CVSROOT # Location of log files produced by rancid-run(1). LOGDIR=$BASEDIR/logs; export LOGDIR # # Select which RCS system to use, "cvs" (default) or "svn". Do not change # this after CVSROOT has been created with rancid-cvs. Changing between these # requires manual conversions. RCSSYS=cvs; export RCSSYS # # if ACLSORT is NO, access-lists will NOT be sorted. #ACLSORT=YES; export ACLSORT # # if NOPIPE is set, temp files will be used instead of a cmd pipe during # collection from the router(s). #NOPIPE=YES; export NOPIPE # # FILTER_PWDS determines which passwords are filtered from configs by the # value set (NO | YES | ALL). see rancid.conf(5). #FILTER_PWDS=YES; export FILTER_PWDS # # if NOCOMMSTR is set, snmp community strings will be stripped from the configs #NOCOMMSTR=YES; export NOCOMMSTR # # How many times failed collections are retried (for each run) before # giving up. Minimum: 1 #MAX_ROUNDS=4; export MAX_ROUNDS # # How many hours should pass before complaining about routers that # can not be reached. The value should be greater than the number # of hours between your rancid-run cron job. Default: 24 #OLDTIME=4; export OLDTIME # # How many hours should pass before complaining that a group's collection # (the age of it's lock file) is hung. #LOCKTIME=4; export LOCKTIME # # The number of devices to collect simultaneously. PAR_COUNT=15; export PAR_COUNT # # list of rancid groups #LIST_OF_GROUPS="sl joebobisp" # more groups... #LIST_OF_GROUPS="$LIST_OF_GROUPS noc billybobisp" LIST_OF_GROUPS="MVSNetwork" # For each group, define a list of people to receive the diffs. # in sendmail's /etc/aliases. # rancid-group: joe,moe at foo # rancid-admin-group: hostmaster # be sure to read ../README regarding aliases. # If your MTA configuration is broken or you want mail to be forwarded to a # domain not the same as the local one, define that domain here. "@" must be # included, as this is simply appended to the usual recipients. It is NOT # appended to recipients specified in rancid-run's -m option. #MAILDOMAIN="@example.com"; export MAILDOMAIN # # By default, rancid mail is marked with precedence "bulk". This may be # changed by setting the MAILHEADERS variable; for example no header by setting # it to "" or adding X- style headers. Individual headers must be separated # by a \n. #MAILHEADERS="Precedence: bulk"; export MAILHEADERS On 9/28/13 6:57 PM, "Alan McKinnon" wrote: >On 29/09/2013 00:30, Ryan Milton wrote: >> I have had quite a time getting my HP Procurve switches to work with >> rancid. Long story short, this test works: >> >> /usr/lib/rancid/bin/hlogin -f /var/lib/rancid/.cloginrc >> >> >> I get into the devices from the cli. >> >> When I just let rancid contact the devices on its own, then I get this >> email, which makes me think there is a permissions error (?): >> >> The following routers have not been successfully contacted for >> more than 24 hours. >> -rw-r----- 1 rancid rancid 0 Sep 27 10:09 94.229.14.250 >> >> On the other hand, when I look in my logs, the message is simply that >> rancid couldn't login. >> >> (?!?!) clogin error: Error: Couldn't login >> : missed cmd(s): show stack,show module,show flash,show >> version,show system-information,write term,show system information >> >> This is the eternal issue! Everytime I think I've got it: boom! Failure > >You are running hlogin. rancid-run is launching clogin. > >That is incorrect and is a data error. Please provide the exact line in >router.db for that device (make sure you check all your groups, you may >have it defined in two places); your complete rancid.conf; and whether >/var/lib/rancid/ truly is rancid's home directory per /etc/passwd > > > >-- >Alan McKinnon >alan.mckinnon at gmail.com > >_______________________________________________ >Rancid-discuss mailing list >Rancid-discuss at shrubbery.net >http://www.shrubbery.net/mailman/listinfo/rancid-discuss From Douglas.Hughes at DEShawResearch.com Sun Sep 29 00:11:55 2013 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Sun, 29 Sep 2013 00:11:55 +0000 Subject: [rancid] Explain email error In-Reply-To: References: <52475EF1.6040903@gmail.com> Message-ID: Path looks good. So, if you become the rancid user (su to root, then su - rancid), you should be able to run panrancid or hprancid or crancid or whatever from any directory, anywhere. -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton Sent: Saturday, September 28, 2013 8:05 PM To: Alan McKinnon; rancid-discuss at shrubbery.net Subject: Re: [rancid] Explain email error Thanks, >From the bottom, looking in /etc/passwd: rancid:x:1001:1001:Rancid,,,:/home/rancid:/bin/bash (I take that as incorrect!) >From /var/lib/rancid/Network/router.db : hpswitch.ams:hp:up -I only have it here (used locate router.db, only one line came back) My rancid.conf rancid 2.3.6 # This file sets up the environment used for rancid. see rancid.conf(5) # # This will be site specific # TERM=network;export TERM # # Create files w/o world read/write/exec permissions, but read/exec permissions # for group. umask 027 # # Under BASEDIR (i.e.: --localstatedir), there will be a "logs" directory for # the logs from rancid and a directory for each group of routers defined in # LIST_OF_GROUPS (below). In addition to these, there will be a "CVS" # directory which is the cvs (or Subversion) repository. # # Use a full path (no sym-links) for BASEDIR. # TMPDIR=/tmp; export TMPDIR # Be careful changing this, it affects CVSROOT below. BASEDIR=/var/lib/rancid; export BASEDIR PATH=/usr/lib/rancid/bin:/usr/bin:/usr/sbin:/bin:/usr/local/bin:/usr/bin; export PATH # Location of the CVS/SVN repository. Be careful changing this. CVSROOT=$BASEDIR/CVS; export CVSROOT # Location of log files produced by rancid-run(1). LOGDIR=$BASEDIR/logs; export LOGDIR # # Select which RCS system to use, "cvs" (default) or "svn". Do not change # this after CVSROOT has been created with rancid-cvs. Changing between these # requires manual conversions. RCSSYS=cvs; export RCSSYS # # if ACLSORT is NO, access-lists will NOT be sorted. #ACLSORT=YES; export ACLSORT # # if NOPIPE is set, temp files will be used instead of a cmd pipe during # collection from the router(s). #NOPIPE=YES; export NOPIPE # # FILTER_PWDS determines which passwords are filtered from configs by the # value set (NO | YES | ALL). see rancid.conf(5). #FILTER_PWDS=YES; export FILTER_PWDS # # if NOCOMMSTR is set, snmp community strings will be stripped from the configs #NOCOMMSTR=YES; export NOCOMMSTR # # How many times failed collections are retried (for each run) before # giving up. Minimum: 1 #MAX_ROUNDS=4; export MAX_ROUNDS # # How many hours should pass before complaining about routers that # can not be reached. The value should be greater than the number # of hours between your rancid-run cron job. Default: 24 #OLDTIME=4; export OLDTIME # # How many hours should pass before complaining that a group's collection # (the age of it's lock file) is hung. #LOCKTIME=4; export LOCKTIME # # The number of devices to collect simultaneously. PAR_COUNT=15; export PAR_COUNT # # list of rancid groups #LIST_OF_GROUPS="sl joebobisp" # more groups... #LIST_OF_GROUPS="$LIST_OF_GROUPS noc billybobisp" LIST_OF_GROUPS="MVSNetwork" # For each group, define a list of people to receive the diffs. # in sendmail's /etc/aliases. # rancid-group: joe,moe at foo # rancid-admin-group: hostmaster # be sure to read ../README regarding aliases. # If your MTA configuration is broken or you want mail to be forwarded to a # domain not the same as the local one, define that domain here. "@" must be # included, as this is simply appended to the usual recipients. It is NOT # appended to recipients specified in rancid-run's -m option. #MAILDOMAIN="@example.com"; export MAILDOMAIN # # By default, rancid mail is marked with precedence "bulk". This may be # changed by setting the MAILHEADERS variable; for example no header by setting # it to "" or adding X- style headers. Individual headers must be separated # by a \n. #MAILHEADERS="Precedence: bulk"; export MAILHEADERS On 9/28/13 6:57 PM, "Alan McKinnon" wrote: >On 29/09/2013 00:30, Ryan Milton wrote: >> I have had quite a time getting my HP Procurve switches to work with >> rancid. Long story short, this test works: >> >> /usr/lib/rancid/bin/hlogin -f /var/lib/rancid/.cloginrc >> >> >> I get into the devices from the cli. >> >> When I just let rancid contact the devices on its own, then I get this >> email, which makes me think there is a permissions error (?): >> >> The following routers have not been successfully contacted for >> more than 24 hours. >> -rw-r----- 1 rancid rancid 0 Sep 27 10:09 94.229.14.250 >> >> On the other hand, when I look in my logs, the message is simply that >> rancid couldn't login. >> >> (?!?!) clogin error: Error: Couldn't login >> : missed cmd(s): show stack,show module,show flash,show >> version,show system-information,write term,show system information >> >> This is the eternal issue! Everytime I think I've got it: boom! Failure > >You are running hlogin. rancid-run is launching clogin. > >That is incorrect and is a data error. Please provide the exact line in >router.db for that device (make sure you check all your groups, you may >have it defined in two places); your complete rancid.conf; and whether >/var/lib/rancid/ truly is rancid's home directory per /etc/passwd > > > >-- >Alan McKinnon >alan.mckinnon at gmail.com > >_______________________________________________ >Rancid-discuss mailing list >Rancid-discuss at shrubbery.net >http://www.shrubbery.net/mailman/listinfo/rancid-discuss _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss From alan.mckinnon at gmail.com Sun Sep 29 00:33:55 2013 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Sun, 29 Sep 2013 02:33:55 +0200 Subject: [rancid] Explain email error In-Reply-To: References: <52475EF1.6040903@gmail.com> Message-ID: <52477573.8090603@gmail.com> On 29/09/2013 02:11, Hughes, Doug wrote: > Path looks good. So, if you become the rancid user (su to root, then su - rancid), you should be able to run panrancid or hprancid or crancid or whatever from any directory, anywhere. No, he will still need to set PATH in rancid's shell. rancid.conf is only sourced by rancid-run so settings there do not apply to the shell. Other postings by Ryan indicate that this is in fact what he's running into. > > > -----Original Message----- > From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton > Sent: Saturday, September 28, 2013 8:05 PM > To: Alan McKinnon; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Explain email error > > Thanks, > > From the bottom, looking in /etc/passwd: > rancid:x:1001:1001:Rancid,,,:/home/rancid:/bin/bash (I take that as > incorrect!) > > From /var/lib/rancid/Network/router.db : hpswitch.ams:hp:up > -I only have it here (used locate router.db, only one line came back) > > My rancid.conf > > rancid 2.3.6 > # This file sets up the environment used for rancid. see rancid.conf(5) > # > # This will be site specific > # > TERM=network;export TERM > # > # Create files w/o world read/write/exec permissions, but read/exec > permissions > # for group. > umask 027 > # > # Under BASEDIR (i.e.: --localstatedir), there will be a "logs" directory > for > # the logs from rancid and a directory for each group of routers defined in > # LIST_OF_GROUPS (below). In addition to these, there will be a "CVS" > # directory which is the cvs (or Subversion) repository. > # > # Use a full path (no sym-links) for BASEDIR. > # > TMPDIR=/tmp; export TMPDIR > # Be careful changing this, it affects CVSROOT below. > BASEDIR=/var/lib/rancid; export BASEDIR > PATH=/usr/lib/rancid/bin:/usr/bin:/usr/sbin:/bin:/usr/local/bin:/usr/bin; > export PATH > # Location of the CVS/SVN repository. Be careful changing this. > CVSROOT=$BASEDIR/CVS; export CVSROOT > # Location of log files produced by rancid-run(1). > LOGDIR=$BASEDIR/logs; export LOGDIR > # > # Select which RCS system to use, "cvs" (default) or "svn". Do not change > # this after CVSROOT has been created with rancid-cvs. Changing between > these > # requires manual conversions. > RCSSYS=cvs; export RCSSYS > # > # if ACLSORT is NO, access-lists will NOT be sorted. > #ACLSORT=YES; export ACLSORT > # > # if NOPIPE is set, temp files will be used instead of a cmd pipe during > # collection from the router(s). > #NOPIPE=YES; export NOPIPE > # > # FILTER_PWDS determines which passwords are filtered from configs by the > # value set (NO | YES | ALL). see rancid.conf(5). > #FILTER_PWDS=YES; export FILTER_PWDS > # > # if NOCOMMSTR is set, snmp community strings will be stripped from the > configs > #NOCOMMSTR=YES; export NOCOMMSTR > # > # How many times failed collections are retried (for each run) before > # giving up. Minimum: 1 > #MAX_ROUNDS=4; export MAX_ROUNDS > # > # How many hours should pass before complaining about routers that > # can not be reached. The value should be greater than the number > # of hours between your rancid-run cron job. Default: 24 > #OLDTIME=4; export OLDTIME > # > # How many hours should pass before complaining that a group's collection > # (the age of it's lock file) is hung. > #LOCKTIME=4; export LOCKTIME > # > # The number of devices to collect simultaneously. > PAR_COUNT=15; export PAR_COUNT > # > # list of rancid groups > #LIST_OF_GROUPS="sl joebobisp" > # more groups... > #LIST_OF_GROUPS="$LIST_OF_GROUPS noc billybobisp" > LIST_OF_GROUPS="MVSNetwork" > # For each group, define a list of people to receive the diffs. > # in sendmail's /etc/aliases. > # rancid-group: joe,moe at foo > # rancid-admin-group: hostmaster > # be sure to read ../README regarding aliases. > # If your MTA configuration is broken or you want mail to be forwarded to a > # domain not the same as the local one, define that domain here. "@" must > be > # included, as this is simply appended to the usual recipients. It is NOT > # appended to recipients specified in rancid-run's -m option. > #MAILDOMAIN="@example.com"; export MAILDOMAIN > # > # By default, rancid mail is marked with precedence "bulk". This may be > # changed by setting the MAILHEADERS variable; for example no header by > setting > # it to "" or adding X- style headers. Individual headers must be > separated > # by a \n. > #MAILHEADERS="Precedence: bulk"; export MAILHEADERS > > > > > > On 9/28/13 6:57 PM, "Alan McKinnon" wrote: > >> On 29/09/2013 00:30, Ryan Milton wrote: >>> I have had quite a time getting my HP Procurve switches to work with >>> rancid. Long story short, this test works: >>> >>> /usr/lib/rancid/bin/hlogin -f /var/lib/rancid/.cloginrc >>> >>> >>> I get into the devices from the cli. >>> >>> When I just let rancid contact the devices on its own, then I get this >>> email, which makes me think there is a permissions error (?): >>> >>> The following routers have not been successfully contacted for >>> more than 24 hours. >>> -rw-r----- 1 rancid rancid 0 Sep 27 10:09 94.229.14.250 >>> >>> On the other hand, when I look in my logs, the message is simply that >>> rancid couldn't login. >>> >>> (?!?!) clogin error: Error: Couldn't login >>> : missed cmd(s): show stack,show module,show flash,show >>> version,show system-information,write term,show system information >>> >>> This is the eternal issue! Everytime I think I've got it: boom! Failure >> >> You are running hlogin. rancid-run is launching clogin. >> >> That is incorrect and is a data error. Please provide the exact line in >> router.db for that device (make sure you check all your groups, you may >> have it defined in two places); your complete rancid.conf; and whether >> /var/lib/rancid/ truly is rancid's home directory per /etc/passwd >> >> >> >> -- >> Alan McKinnon >> alan.mckinnon at gmail.com >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- Alan McKinnon alan.mckinnon at gmail.com From Douglas.Hughes at DEShawResearch.com Sun Sep 29 01:29:52 2013 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Sun, 29 Sep 2013 01:29:52 +0000 Subject: [rancid] Explain email error In-Reply-To: <52477573.8090603@gmail.com> References: <52475EF1.6040903@gmail.com> <52477573.8090603@gmail.com> Message-ID: Right you are! I didn't look closely enough. Ryan, that PATH line need to go into a file ~rancid/.bash_profile Ryan, you can do this: echo "PATH=/usr/lib/rancid/bin:$PATH" >> ~rancid/.bash_profile (but I do recommend a good introductory Unix or Linux book like those by Mark Sobell, O'Reilly, or other.) -----Original Message----- From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] Sent: Saturday, September 28, 2013 8:34 PM To: Hughes, Doug; Ryan Milton; rancid-discuss at shrubbery.net Subject: Re: [rancid] Explain email error On 29/09/2013 02:11, Hughes, Doug wrote: > Path looks good. So, if you become the rancid user (su to root, then su - rancid), you should be able to run panrancid or hprancid or crancid or whatever from any directory, anywhere. No, he will still need to set PATH in rancid's shell. rancid.conf is only sourced by rancid-run so settings there do not apply to the shell. Other postings by Ryan indicate that this is in fact what he's running into. > > > -----Original Message----- > From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton > Sent: Saturday, September 28, 2013 8:05 PM > To: Alan McKinnon; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Explain email error > > Thanks, > > From the bottom, looking in /etc/passwd: > rancid:x:1001:1001:Rancid,,,:/home/rancid:/bin/bash (I take that as > incorrect!) > > From /var/lib/rancid/Network/router.db : hpswitch.ams:hp:up > -I only have it here (used locate router.db, only one line came back) > > My rancid.conf > > rancid 2.3.6 > # This file sets up the environment used for rancid. see rancid.conf(5) > # > # This will be site specific > # > TERM=network;export TERM > # > # Create files w/o world read/write/exec permissions, but read/exec > permissions > # for group. > umask 027 > # > # Under BASEDIR (i.e.: --localstatedir), there will be a "logs" directory > for > # the logs from rancid and a directory for each group of routers defined in > # LIST_OF_GROUPS (below). In addition to these, there will be a "CVS" > # directory which is the cvs (or Subversion) repository. > # > # Use a full path (no sym-links) for BASEDIR. > # > TMPDIR=/tmp; export TMPDIR > # Be careful changing this, it affects CVSROOT below. > BASEDIR=/var/lib/rancid; export BASEDIR > PATH=/usr/lib/rancid/bin:/usr/bin:/usr/sbin:/bin:/usr/local/bin:/usr/bin; > export PATH > # Location of the CVS/SVN repository. Be careful changing this. > CVSROOT=$BASEDIR/CVS; export CVSROOT > # Location of log files produced by rancid-run(1). > LOGDIR=$BASEDIR/logs; export LOGDIR > # > # Select which RCS system to use, "cvs" (default) or "svn". Do not change > # this after CVSROOT has been created with rancid-cvs. Changing between > these > # requires manual conversions. > RCSSYS=cvs; export RCSSYS > # > # if ACLSORT is NO, access-lists will NOT be sorted. > #ACLSORT=YES; export ACLSORT > # > # if NOPIPE is set, temp files will be used instead of a cmd pipe during > # collection from the router(s). > #NOPIPE=YES; export NOPIPE > # > # FILTER_PWDS determines which passwords are filtered from configs by the > # value set (NO | YES | ALL). see rancid.conf(5). > #FILTER_PWDS=YES; export FILTER_PWDS > # > # if NOCOMMSTR is set, snmp community strings will be stripped from the > configs > #NOCOMMSTR=YES; export NOCOMMSTR > # > # How many times failed collections are retried (for each run) before > # giving up. Minimum: 1 > #MAX_ROUNDS=4; export MAX_ROUNDS > # > # How many hours should pass before complaining about routers that > # can not be reached. The value should be greater than the number > # of hours between your rancid-run cron job. Default: 24 > #OLDTIME=4; export OLDTIME > # > # How many hours should pass before complaining that a group's collection > # (the age of it's lock file) is hung. > #LOCKTIME=4; export LOCKTIME > # > # The number of devices to collect simultaneously. > PAR_COUNT=15; export PAR_COUNT > # > # list of rancid groups > #LIST_OF_GROUPS="sl joebobisp" > # more groups... > #LIST_OF_GROUPS="$LIST_OF_GROUPS noc billybobisp" > LIST_OF_GROUPS="MVSNetwork" > # For each group, define a list of people to receive the diffs. > # in sendmail's /etc/aliases. > # rancid-group: joe,moe at foo > # rancid-admin-group: hostmaster > # be sure to read ../README regarding aliases. > # If your MTA configuration is broken or you want mail to be forwarded to a > # domain not the same as the local one, define that domain here. "@" must > be > # included, as this is simply appended to the usual recipients. It is NOT > # appended to recipients specified in rancid-run's -m option. > #MAILDOMAIN="@example.com"; export MAILDOMAIN > # > # By default, rancid mail is marked with precedence "bulk". This may be > # changed by setting the MAILHEADERS variable; for example no header by > setting > # it to "" or adding X- style headers. Individual headers must be > separated > # by a \n. > #MAILHEADERS="Precedence: bulk"; export MAILHEADERS > > > > > > On 9/28/13 6:57 PM, "Alan McKinnon" wrote: > >> On 29/09/2013 00:30, Ryan Milton wrote: >>> I have had quite a time getting my HP Procurve switches to work with >>> rancid. Long story short, this test works: >>> >>> /usr/lib/rancid/bin/hlogin -f /var/lib/rancid/.cloginrc >>> >>> >>> I get into the devices from the cli. >>> >>> When I just let rancid contact the devices on its own, then I get this >>> email, which makes me think there is a permissions error (?): >>> >>> The following routers have not been successfully contacted for >>> more than 24 hours. >>> -rw-r----- 1 rancid rancid 0 Sep 27 10:09 94.229.14.250 >>> >>> On the other hand, when I look in my logs, the message is simply that >>> rancid couldn't login. >>> >>> (?!?!) clogin error: Error: Couldn't login >>> : missed cmd(s): show stack,show module,show flash,show >>> version,show system-information,write term,show system information >>> >>> This is the eternal issue! Everytime I think I've got it: boom! Failure >> >> You are running hlogin. rancid-run is launching clogin. >> >> That is incorrect and is a data error. Please provide the exact line in >> router.db for that device (make sure you check all your groups, you may >> have it defined in two places); your complete rancid.conf; and whether >> /var/lib/rancid/ truly is rancid's home directory per /etc/passwd >> >> >> >> -- >> Alan McKinnon >> alan.mckinnon at gmail.com >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- Alan McKinnon alan.mckinnon at gmail.com From rmilton at mvsusa.com Sun Sep 29 02:27:16 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Sun, 29 Sep 2013 02:27:16 +0000 Subject: [rancid] Explain email error In-Reply-To: Message-ID: I will be answering a couple of things here: I don't have a .bash_profile only a .profile which I changed: # set PATH so it includes user's private bin if it exists if [ -d "$HOME/bin" ] ; then PATH="$HOME/bin:$PATH" To # set PATH so it includes user's private bin if it exists if [ -d "$HOME/bin" ] ; then PATH=/usr/lib/rancid/bin:$PATH Which doesn't seem to change what happens. To Alan, the name is fake, because all our equipment has public IP addresses! In fact I named everything: IPADDRESS:hp:up or some variation, but all are IP Addresses, no names. Alan, Locate .cloginrc yields: /home/rancid/.cloginrc /home/ryan/.cloginrc /var/lib/rancid/.cloginrc But they can't seem to be removed (?) They show up in the search, but when I try to remove: "No such file". Rancid-fe, I only added the paloalto line: root at ObserviumNYC:/usr/lib/rancid/bin# sudo vi rancid-fe 'hp' => 'hrancid', 'juniper' => 'jrancid', 'mrtd' => 'mrancid', 'mrv' => 'mrvrancid', 'netopia' => 'trancid', 'netscaler' => 'nsrancid', 'netscreen' => 'nrancid', 'procket' => 'prancid', 'paloalto' => 'panrancid', 'redback' => 'rrancid', 'riverstone' => 'rivrancid', 'smc' => 'srancid', 'tnt' => 'tntrancid', 'zebra' => 'zrancid' ); I followed the install instructions from: https://help.ubuntu.com/community/RANCID#Introduction http://www.binaryroyale.com/index.php/category/umbungo/ OK ALAN! I'M IN. With all the headache that this has caused, I'm not going to stop now. I have been interested in a clean install, but I wouldn't know where to begin. Easiest thing is to use the rancid user, R at nc1d pass. @94.229.11.72 I can do it now---but it is late, or at a scheduled time. Ryan I appreciate sticking with me on this, I WILL read those books! On 9/28/13 9:29 PM, "Hughes, Doug" wrote: >Right you are! I didn't look closely enough. Ryan, that PATH line need to >go into a file ~rancid/.bash_profile > > >Ryan, you can do this: > > echo "PATH=/usr/lib/rancid/bin:$PATH" >> ~rancid/.bash_profile > >(but I do recommend a good introductory Unix or Linux book like those by >Mark Sobell, O'Reilly, or other.) > > >-----Original Message----- >From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] >Sent: Saturday, September 28, 2013 8:34 PM >To: Hughes, Doug; Ryan Milton; rancid-discuss at shrubbery.net >Subject: Re: [rancid] Explain email error > >On 29/09/2013 02:11, Hughes, Doug wrote: >> Path looks good. So, if you become the rancid user (su to root, then su >>- rancid), you should be able to run panrancid or hprancid or crancid or >>whatever from any directory, anywhere. > > >No, he will still need to set PATH in rancid's shell. > >rancid.conf is only sourced by rancid-run so settings there do not apply >to the shell. Other postings by Ryan indicate that this is in fact what >he's running into. > > > > >> >> >> -----Original Message----- >> From: rancid-discuss-bounces at shrubbery.net >>[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton >> Sent: Saturday, September 28, 2013 8:05 PM >> To: Alan McKinnon; rancid-discuss at shrubbery.net >> Subject: Re: [rancid] Explain email error >> >> Thanks, >> >> From the bottom, looking in /etc/passwd: >> rancid:x:1001:1001:Rancid,,,:/home/rancid:/bin/bash (I take that as >> incorrect!) >> >> From /var/lib/rancid/Network/router.db : hpswitch.ams:hp:up >> -I only have it here (used locate router.db, only one line came back) >> >> My rancid.conf >> >> rancid 2.3.6 >> # This file sets up the environment used for rancid. see rancid.conf(5) >> # >> # This will be site specific >> # >> TERM=network;export TERM >> # >> # Create files w/o world read/write/exec permissions, but read/exec >> permissions >> # for group. >> umask 027 >> # >> # Under BASEDIR (i.e.: --localstatedir), there will be a "logs" >>directory >> for >> # the logs from rancid and a directory for each group of routers >>defined in >> # LIST_OF_GROUPS (below). In addition to these, there will be a "CVS" >> # directory which is the cvs (or Subversion) repository. >> # >> # Use a full path (no sym-links) for BASEDIR. >> # >> TMPDIR=/tmp; export TMPDIR >> # Be careful changing this, it affects CVSROOT below. >> BASEDIR=/var/lib/rancid; export BASEDIR >> >>PATH=/usr/lib/rancid/bin:/usr/bin:/usr/sbin:/bin:/usr/local/bin:/usr/bin; >> export PATH >> # Location of the CVS/SVN repository. Be careful changing this. >> CVSROOT=$BASEDIR/CVS; export CVSROOT >> # Location of log files produced by rancid-run(1). >> LOGDIR=$BASEDIR/logs; export LOGDIR >> # >> # Select which RCS system to use, "cvs" (default) or "svn". Do not >>change >> # this after CVSROOT has been created with rancid-cvs. Changing between >> these >> # requires manual conversions. >> RCSSYS=cvs; export RCSSYS >> # >> # if ACLSORT is NO, access-lists will NOT be sorted. >> #ACLSORT=YES; export ACLSORT >> # >> # if NOPIPE is set, temp files will be used instead of a cmd pipe during >> # collection from the router(s). >> #NOPIPE=YES; export NOPIPE >> # >> # FILTER_PWDS determines which passwords are filtered from configs by >>the >> # value set (NO | YES | ALL). see rancid.conf(5). >> #FILTER_PWDS=YES; export FILTER_PWDS >> # >> # if NOCOMMSTR is set, snmp community strings will be stripped from the >> configs >> #NOCOMMSTR=YES; export NOCOMMSTR >> # >> # How many times failed collections are retried (for each run) before >> # giving up. Minimum: 1 >> #MAX_ROUNDS=4; export MAX_ROUNDS >> # >> # How many hours should pass before complaining about routers that >> # can not be reached. The value should be greater than the number >> # of hours between your rancid-run cron job. Default: 24 >> #OLDTIME=4; export OLDTIME >> # >> # How many hours should pass before complaining that a group's >>collection >> # (the age of it's lock file) is hung. >> #LOCKTIME=4; export LOCKTIME >> # >> # The number of devices to collect simultaneously. >> PAR_COUNT=15; export PAR_COUNT >> # >> # list of rancid groups >> #LIST_OF_GROUPS="sl joebobisp" >> # more groups... >> #LIST_OF_GROUPS="$LIST_OF_GROUPS noc billybobisp" >> LIST_OF_GROUPS="MVSNetwork" >> # For each group, define a list of people to receive the diffs. >> # in sendmail's /etc/aliases. >> # rancid-group: joe,moe at foo >> # rancid-admin-group: hostmaster >> # be sure to read ../README regarding aliases. >> # If your MTA configuration is broken or you want mail to be forwarded >>to a >> # domain not the same as the local one, define that domain here. "@" >>must >> be >> # included, as this is simply appended to the usual recipients. It is >>NOT >> # appended to recipients specified in rancid-run's -m option. >> #MAILDOMAIN="@example.com"; export MAILDOMAIN >> # >> # By default, rancid mail is marked with precedence "bulk". This may be >> # changed by setting the MAILHEADERS variable; for example no header by >> setting >> # it to "" or adding X- style headers. Individual headers must be >> separated >> # by a \n. >> #MAILHEADERS="Precedence: bulk"; export MAILHEADERS >> >> >> >> >> >> On 9/28/13 6:57 PM, "Alan McKinnon" wrote: >> >>> On 29/09/2013 00:30, Ryan Milton wrote: >>>> I have had quite a time getting my HP Procurve switches to work with >>>> rancid. Long story short, this test works: >>>> >>>> /usr/lib/rancid/bin/hlogin -f /var/lib/rancid/.cloginrc >>>> >>>> >>>> I get into the devices from the cli. >>>> >>>> When I just let rancid contact the devices on its own, then I get this >>>> email, which makes me think there is a permissions error (?): >>>> >>>> The following routers have not been successfully contacted for >>>> more than 24 hours. >>>> -rw-r----- 1 rancid rancid 0 Sep 27 10:09 94.229.14.250 >>>> >>>> On the other hand, when I look in my logs, the message is simply that >>>> rancid couldn't login. >>>> >>>> (?!?!) clogin error: Error: Couldn't login >>>> : missed cmd(s): show stack,show module,show flash,show >>>> version,show system-information,write term,show system information >>>> >>>> This is the eternal issue! Everytime I think I've got it: boom! >>>>Failure >>> >>> You are running hlogin. rancid-run is launching clogin. >>> >>> That is incorrect and is a data error. Please provide the exact line in >>> router.db for that device (make sure you check all your groups, you may >>> have it defined in two places); your complete rancid.conf; and whether >>> /var/lib/rancid/ truly is rancid's home directory per /etc/passwd >>> >>> >>> >>> -- >>> Alan McKinnon >>> alan.mckinnon at gmail.com >>> >>> _______________________________________________ >>> Rancid-discuss mailing list >>> Rancid-discuss at shrubbery.net >>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> > > >-- >Alan McKinnon >alan.mckinnon at gmail.com > From rmilton at mvsusa.com Sun Sep 29 03:47:18 2013 From: rmilton at mvsusa.com (Ryan Milton) Date: Sun, 29 Sep 2013 03:47:18 +0000 Subject: [rancid] Explain email error In-Reply-To: References: , Message-ID: <9ded1554f56b42629cd6de8bf8a4b3dd@BLUPR01MB113.prod.exchangelabs.com> Alan, Just Let me know the timing and I'll give you access. That login won't work anyway. Thank you, Ryan Milton MVS Network Manager O: 201-447-1505 x124 C: 862-249-5230 ________________________________________ From: rancid-discuss-bounces at shrubbery.net on behalf of Ryan Milton Sent: Saturday, September 28, 2013 10:27:16 PM To: Hughes, Doug; Alan McKinnon; rancid-discuss at shrubbery.net Subject: Re: [rancid] Explain email error I will be answering a couple of things here: I don't have a .bash_profile only a .profile which I changed: # set PATH so it includes user's private bin if it exists if [ -d "$HOME/bin" ] ; then PATH="$HOME/bin:$PATH" To # set PATH so it includes user's private bin if it exists if [ -d "$HOME/bin" ] ; then PATH=/usr/lib/rancid/bin:$PATH Which doesn't seem to change what happens. To Alan, the name is fake, because all our equipment has public IP addresses! In fact I named everything: IPADDRESS:hp:up or some variation, but all are IP Addresses, no names. Alan, Locate .cloginrc yields: /home/rancid/.cloginrc /home/ryan/.cloginrc /var/lib/rancid/.cloginrc But they can't seem to be removed (?) They show up in the search, but when I try to remove: "No such file". Rancid-fe, I only added the paloalto line: root at ObserviumNYC:/usr/lib/rancid/bin# sudo vi rancid-fe 'hp' => 'hrancid', 'juniper' => 'jrancid', 'mrtd' => 'mrancid', 'mrv' => 'mrvrancid', 'netopia' => 'trancid', 'netscaler' => 'nsrancid', 'netscreen' => 'nrancid', 'procket' => 'prancid', 'paloalto' => 'panrancid', 'redback' => 'rrancid', 'riverstone' => 'rivrancid', 'smc' => 'srancid', 'tnt' => 'tntrancid', 'zebra' => 'zrancid' ); I followed the install instructions from: https://help.ubuntu.com/community/RANCID#Introduction http://www.binaryroyale.com/index.php/category/umbungo/ OK ALAN! I'M IN. With all the headache that this has caused, I'm not going to stop now. I have been interested in a clean install, but I wouldn't know where to begin. Easiest thing is to use the rancid user, R at nc1d pass. @94.229.11.72 I can do it now---but it is late, or at a scheduled time. Ryan I appreciate sticking with me on this, I WILL read those books! On 9/28/13 9:29 PM, "Hughes, Doug" wrote: >Right you are! I didn't look closely enough. Ryan, that PATH line need to >go into a file ~rancid/.bash_profile > > >Ryan, you can do this: > > echo "PATH=/usr/lib/rancid/bin:$PATH" >> ~rancid/.bash_profile > >(but I do recommend a good introductory Unix or Linux book like those by >Mark Sobell, O'Reilly, or other.) > > >-----Original Message----- >From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] >Sent: Saturday, September 28, 2013 8:34 PM >To: Hughes, Doug; Ryan Milton; rancid-discuss at shrubbery.net >Subject: Re: [rancid] Explain email error > >On 29/09/2013 02:11, Hughes, Doug wrote: >> Path looks good. So, if you become the rancid user (su to root, then su >>- rancid), you should be able to run panrancid or hprancid or crancid or >>whatever from any directory, anywhere. > > >No, he will still need to set PATH in rancid's shell. > >rancid.conf is only sourced by rancid-run so settings there do not apply >to the shell. Other postings by Ryan indicate that this is in fact what >he's running into. > > > > >> >> >> -----Original Message----- >> From: rancid-discuss-bounces at shrubbery.net >>[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Milton >> Sent: Saturday, September 28, 2013 8:05 PM >> To: Alan McKinnon; rancid-discuss at shrubbery.net >> Subject: Re: [rancid] Explain email error >> >> Thanks, >> >> From the bottom, looking in /etc/passwd: >> rancid:x:1001:1001:Rancid,,,:/home/rancid:/bin/bash (I take that as >> incorrect!) >> >> From /var/lib/rancid/Network/router.db : hpswitch.ams:hp:up >> -I only have it here (used locate router.db, only one line came back) >> >> My rancid.conf >> >> rancid 2.3.6 >> # This file sets up the environment used for rancid. see rancid.conf(5) >> # >> # This will be site specific >> # >> TERM=network;export TERM >> # >> # Create files w/o world read/write/exec permissions, but read/exec >> permissions >> # for group. >> umask 027 >> # >> # Under BASEDIR (i.e.: --localstatedir), there will be a "logs" >>directory >> for >> # the logs from rancid and a directory for each group of routers >>defined in >> # LIST_OF_GROUPS (below). In addition to these, there will be a "CVS" >> # directory which is the cvs (or Subversion) repository. >> # >> # Use a full path (no sym-links) for BASEDIR. >> # >> TMPDIR=/tmp; export TMPDIR >> # Be careful changing this, it affects CVSROOT below. >> BASEDIR=/var/lib/rancid; export BASEDIR >> >>PATH=/usr/lib/rancid/bin:/usr/bin:/usr/sbin:/bin:/usr/local/bin:/usr/bin; >> export PATH >> # Location of the CVS/SVN repository. Be careful changing this. >> CVSROOT=$BASEDIR/CVS; export CVSROOT >> # Location of log files produced by rancid-run(1). >> LOGDIR=$BASEDIR/logs; export LOGDIR >> # >> # Select which RCS system to use, "cvs" (default) or "svn". Do not >>change >> # this after CVSROOT has been created with rancid-cvs. Changing between >> these >> # requires manual conversions. >> RCSSYS=cvs; export RCSSYS >> # >> # if ACLSORT is NO, access-lists will NOT be sorted. >> #ACLSORT=YES; export ACLSORT >> # >> # if NOPIPE is set, temp files will be used instead of a cmd pipe during >> # collection from the router(s). >> #NOPIPE=YES; export NOPIPE >> # >> # FILTER_PWDS determines which passwords are filtered from configs by >>the >> # value set (NO | YES | ALL). see rancid.conf(5). >> #FILTER_PWDS=YES; export FILTER_PWDS >> # >> # if NOCOMMSTR is set, snmp community strings will be stripped from the >> configs >> #NOCOMMSTR=YES; export NOCOMMSTR >> # >> # How many times failed collections are retried (for each run) before >> # giving up. Minimum: 1 >> #MAX_ROUNDS=4; export MAX_ROUNDS >> # >> # How many hours should pass before complaining about routers that >> # can not be reached. The value should be greater than the number >> # of hours between your rancid-run cron job. Default: 24 >> #OLDTIME=4; export OLDTIME >> # >> # How many hours should pass before complaining that a group's >>collection >> # (the age of it's lock file) is hung. >> #LOCKTIME=4; export LOCKTIME >> # >> # The number of devices to collect simultaneously. >> PAR_COUNT=15; export PAR_COUNT >> # >> # list of rancid groups >> #LIST_OF_GROUPS="sl joebobisp" >> # more groups... >> #LIST_OF_GROUPS="$LIST_OF_GROUPS noc billybobisp" >> LIST_OF_GROUPS="MVSNetwork" >> # For each group, define a list of people to receive the diffs. >> # in sendmail's /etc/aliases. >> # rancid-group: joe,moe at foo >> # rancid-admin-group: hostmaster >> # be sure to read ../README regarding aliases. >> # If your MTA configuration is broken or you want mail to be forwarded >>to a >> # domain not the same as the local one, define that domain here. "@" >>must >> be >> # included, as this is simply appended to the usual recipients. It is >>NOT >> # appended to recipients specified in rancid-run's -m option. >> #MAILDOMAIN="@example.com"; export MAILDOMAIN >> # >> # By default, rancid mail is marked with precedence "bulk". This may be >> # changed by setting the MAILHEADERS variable; for example no header by >> setting >> # it to "" or adding X- style headers. Individual headers must be >> separated >> # by a \n. >> #MAILHEADERS="Precedence: bulk"; export MAILHEADERS >> >> >> >> >> >> On 9/28/13 6:57 PM, "Alan McKinnon" wrote: >> >>> On 29/09/2013 00:30, Ryan Milton wrote: >>>> I have had quite a time getting my HP Procurve switches to work with >>>> rancid. Long story short, this test works: >>>> >>>> /usr/lib/rancid/bin/hlogin -f /var/lib/rancid/.cloginrc >>>> >>>> >>>> I get into the devices from the cli. >>>> >>>> When I just let rancid contact the devices on its own, then I get this >>>> email, which makes me think there is a permissions error (?): >>>> >>>> The following routers have not been successfully contacted for >>>> more than 24 hours. >>>> -rw-r----- 1 rancid rancid 0 Sep 27 10:09 94.229.14.250 >>>> >>>> On the other hand, when I look in my logs, the message is simply that >>>> rancid couldn't login. >>>> >>>> (?!?!) clogin error: Error: Couldn't login >>>> : missed cmd(s): show stack,show module,show flash,show >>>> version,show system-information,write term,show system information >>>> >>>> This is the eternal issue! Everytime I think I've got it: boom! >>>>Failure >>> >>> You are running hlogin. rancid-run is launching clogin. >>> >>> That is incorrect and is a data error. Please provide the exact line in >>> router.db for that device (make sure you check all your groups, you may >>> have it defined in two places); your complete rancid.conf; and whether >>> /var/lib/rancid/ truly is rancid's home directory per /etc/passwd >>> >>> >>> >>> -- >>> Alan McKinnon >>> alan.mckinnon at gmail.com >>> >>> _______________________________________________ >>> Rancid-discuss mailing list >>> Rancid-discuss at shrubbery.net >>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> > > >-- >Alan McKinnon >alan.mckinnon at gmail.com > _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss