From jeremys at rickyninja.net Sun Mar 1 17:06:14 2009 From: jeremys at rickyninja.net (jeremys at rickyninja.net) Date: Sun, 1 Mar 2009 10:06:14 -0700 Subject: [rancid] Re: Setting up a new command to run on Cisco devices In-Reply-To: References: Message-ID: <20090301170614.GB7251@pegasus.billn.net> Look in a perl program named 'rancid'. The %commands and @commands variables are what you're looking for. On 02/27/09, "Steve D. Ousley" said: > > Hi all > > > Stupid question, and I'm sure someone will tell me in no time at all, > but where is the option that lists commands to be run on given > devices? I'm trying to set up our cisco devices to run an additional > command: "sh vlan brief" but cannot for the life of me figure out > where the commands are stored. > > > Cheers. > > > Steve Ousley - SO620-RIPE > > Nuco Technologies Ltd > > [1]steve at host-it.co.uk > > [2]www.nucotechnologies.com > > Tel. 0870 165 1300 > > > Nuco Technologies Ltd is a company registered in England and Wales > with company number 04470751 > > References > > 1. mailto:steve at host-it.co.uk > 2. http://www.nucotechnologies.com/ > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From babydr at baby-dragons.com Mon Mar 2 17:36:01 2009 From: babydr at baby-dragons.com (Mr. James W. Laferriere) Date: Mon, 2 Mar 2009 08:36:01 -0900 (AKST) Subject: [rancid] Patch for hlogin that covers hp-routers as well . Message-ID: Hello John or whoever is the maintainer of hlogin , Would you please apply this patch to hlogin.in as without it the sessions will fail to continue when a "--MORE--" pager is shown . Tia , JimL ps: John just following your request to just add the necessary command rather than programatically determining which to use . diff -u /home/archive/rancid-2.3.2a9/bin/hlogin.in /usr/local/rancid/bin/hlogin --- /home/archive/rancid-2.3.2a9/bin/hlogin.in 2008-11-11 16:02:12.000000000 -0900 +++ /usr/local/rancid/bin/hlogin 2009-03-02 08:28:27.000000000 -0900 @@ -505,6 +505,7 @@ # Turn off the pager and escape regex meta characters in the $prompt send "no page\r" + send "terminal length 0\r" regsub -all {[)(]} $prompt {\\&} reprompt regsub -all {^(.{1,11}).*([#>])$} $reprompt {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt expect { -- +------------------------------------------------------------------+ | James W. Laferriere | System Techniques | Give me VMS | | Network&System Engineer | 2133 McCullam Ave | Give me Linux | | babydr at baby-dragons.com | Fairbanks, AK. 99701 | only on AXP | +------------------------------------------------------------------+ From heas at shrubbery.net Mon Mar 2 18:44:36 2009 From: heas at shrubbery.net (john heasley) Date: Mon, 2 Mar 2009 18:44:36 +0000 Subject: [rancid] Re: How do i downgrade from 2.3.2a9 to 2.3.2a8 In-Reply-To: References: <8423e7bb0902260830y39f67fc7m74d2625660217803@mail.gmail.com> <8423e7bb0902260854m26163a5ew8467d07f230f1ec4@mail.gmail.com> <8423e7bb0902260914y2628601fp4515b88b2cf113a1@mail.gmail.com> <20090226184011.GH495@shrubbery.net> <20090226184242.GI495@shrubbery.net> Message-ID: <20090302184436.GI26693@shrubbery.net> Fri, Feb 27, 2009 at 01:15:48PM -0500, Mina Eskander: > So it looks like the problem is with the regular expression matching, can anybody help me as to why and how to fix it? > Here is where it fails, it doesn't know it is in enable mode > > expect: does "> (enable) " (spawn_id exp6) match regular expression "> \\(enable\\)"? no \\(enable\\) the double \s are wrong, those should be single \s, escaping the ()s. I believe i broke it trying to deal with CSR's funky prompts. would you try the attached patch? -------------- next part -------------- Index: clogin.in =================================================================== RCS file: /home/rancid/.CVS/rancid/bin/clogin.in,v retrieving revision 1.130 diff -d -u -r1.130 clogin.in --- clogin.in 26 Feb 2009 19:31:24 -0000 1.130 +++ clogin.in 2 Mar 2009 18:43:12 -0000 @@ -572,7 +572,7 @@ -re "$u_prompt" { send -- "$enauser\r"; exp_continue} -re "$e_prompt" { send -- "$enapasswd\r"; exp_continue} "#" { set prompt "#" } - "(enable)" { set prompt "> (enable) " } + "(enable)" { set prompt "> \(enable\) " } -re "(denied|Sorry|Incorrect)" { # % Access denied - from local auth and poss. others send_user "\nError: Check your Enable passwd\n"; @@ -611,17 +611,15 @@ } else { send "terminal length 0\r" } - # escape any parens in the prompt, such as "(enable)" - regsub -all {[)(]} $prompt {\\&} reprompt # match cisco config mode prompts too, such as router(config-if)#, # but catalyst does not change in this fashion. - regsub -all {^(.{1,11}).*([#>])$} $reprompt {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt + regsub -all {^(.{1,11}).*([#>])$} $prompt {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } } } else { - regsub -all "\[)(]" $prompt {\\&} reprompt + set reprompt $prompt } # this is the only way i see to get rid of more prompts in o/p..grrrrr @@ -854,10 +852,6 @@ set platform "extreme" } -re "^.+$prompt" { set junk $expect_out(0,string); - regsub -all "\[\]\[]" $junk {\\&} prompt; - } - -re "^.+> \\\(enable\\\)" { - set junk $expect_out(0,string); regsub -all "\[\]\[\(\)]" $junk {\\&} prompt; } } -------------- next part -------------- #! @EXPECT_PATH@ -- ## ## $Id: clogin.in,v 1.130 2009/02/26 19:31:24 heas Exp $ ## ## @PACKAGE@ @VERSION@ ## Copyright (c) 1997-2008 by Terrapin Communications, Inc. ## All rights reserved. ## ## This code is derived from software contributed to and maintained by ## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan, ## Pete Whiting, Austin Schutz, and Andrew Fort. ## ## Redistribution and use in source and binary forms, with or without ## modification, are permitted provided that the following conditions ## are met: ## 1. Redistributions of source code must retain the above copyright ## notice, this list of conditions and the following disclaimer. ## 2. Redistributions in binary form must reproduce the above copyright ## notice, this list of conditions and the following disclaimer in the ## documentation and/or other materials provided with the distribution. ## 3. All advertising materials mentioning features or use of this software ## must display the following acknowledgement: ## This product includes software developed by Terrapin Communications, ## Inc. and its contributors for RANCID. ## 4. Neither the name of Terrapin Communications, Inc. nor the names of its ## contributors may be used to endorse or promote products derived from ## this software without specific prior written permission. ## 5. It is requested that non-binding fixes and modifications be contributed ## back to Terrapin Communications, Inc. ## ## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS ## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED ## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR ## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS ## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR ## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF ## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS ## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN ## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ## POSSIBILITY OF SUCH DAMAGE. # # The expect login scripts were based on Erik Sherk's gwtn, by permission. # # clogin - Cisco login # # Most options are intuitive for logging into a Cisco router. # The default is to enable (thus -noenable). Some folks have # setup tacacs to have a user login at priv-lvl = 15 (enabled) # so the -autoenable flag was added for this case (don't go through # the process of enabling and the prompt will be the "#" prompt. # The default username password is the same as the vty password. # # Usage line set usage "Usage: $argv0 \[-dV\] \[-autoenable\] \[-noenable\] \[-c command\] \ \[-Evar=x\] \[-e enable-password\] \[-f cloginrc-file\] \[-p user-password\] \ \[-s script-file\] \[-t timeout\] \[-u username\] \ \[-v vty-password\] \[-w enable-username\] \[-x command-file\] \ \[-y ssh_cypher_type\] router \[router...\]\n" # env(CLOGIN) may contain: # x == do not set xterm banner or name # Password file set password_file $env(HOME)/.cloginrc # Default is to login to the router set do_command 0 set do_script 0 # The default is to automatically enable set avenable 1 # The default is that you login non-enabled (tacacs can have you login already # enabled) set avautoenable 0 # The default is to look in the password file to find the passwords. This # tracks if we receive them on the command line. set do_passwd 1 set do_enapasswd 1 # set send_human {.4 .4 .7 .3 5} # Find the user in the ENV, or use the unix userid. if {[ info exists env(CISCO_USER) ]} { set default_user $env(CISCO_USER) } elseif {[ info exists env(USER) ]} { set default_user $env(USER) } elseif {[ info exists env(LOGNAME) ]} { set default_user $env(LOGNAME) } else { # This uses "id" which I think is portable. At least it has existed # (without options) on all machines/OSes I've been on recently - # unlike whoami or id -nu. if [ catch {exec id} reason ] { send_error "\nError: could not exec id: $reason\n" exit 1 } regexp {\(([^)]*)} "$reason" junk default_user } if {[ info exists env(CLOGINRC) ]} { set password_file $env(CLOGINRC) } # Sometimes routers take awhile to answer (the default is 10 sec) set timeout 45 # Process the command line for {set i 0} {$i < $argc} {incr i} { set arg [lindex $argv $i] switch -glob -- $arg { # Expect debug mode -d* { exp_internal 1 # Username } -u* - -U* { if {! [regexp .\[uU\](.+) $arg ignore user]} { incr i set username [ lindex $argv $i ] } # VTY Password } -p* - -P* { if {! [regexp .\[pP\](.+) $arg ignore userpasswd]} { incr i set userpasswd [ lindex $argv $i ] } set do_passwd 0 # VTY Password } -v* { if {! [regexp .\[vV\](.+) $arg ignore passwd]} { incr i set passwd [ lindex $argv $i ] } set do_passwd 0 # Version string } -V* { send_user "@PACKAGE@ @VERSION@\n" exit 0 # Enable Username } -w* - -W* { if {! [regexp .\[wW\](.+) $arg ignore enauser]} { incr i set enausername [ lindex $argv $i ] } # Environment variable to pass to -s scripts } -E* { if {[regexp .\[E\](.+)=(.+) $arg ignore varname varvalue]} { set E$varname $varvalue } else { send_user "\nError: invalid format for -E in $arg\n" exit 1 } # Enable Password } -e* { if {! [regexp .\[e\](.+) $arg ignore enapasswd]} { incr i set enapasswd [ lindex $argv $i ] } set do_enapasswd 0 # Command to run. } -c* - -C* { if {! [regexp .\[cC\](.+) $arg ignore command]} { incr i set command [ lindex $argv $i ] } set do_command 1 # Expect script to run. } -s* - -S* { if {! [regexp .\[sS\](.+) $arg ignore sfile]} { incr i set sfile [ lindex $argv $i ] } if { ! [ file readable $sfile ] } { send_user "\nError: Can't read $sfile\n" exit 1 } set do_script 1 # 'ssh -c' cypher type } -y* - -Y* { if {! [regexp .\[eE\](.+) $arg ignore cypher]} { incr i set cypher [ lindex $argv $i ] } # alternate cloginrc file } -f* - -F* { if {! [regexp .\[fF\](.+) $arg ignore password_file]} { incr i set password_file [ lindex $argv $i ] } # Timeout } -t* - -T* { if {! [regexp .\[tT\](.+) $arg ignore timeout]} { incr i set timeout [ lindex $argv $i ] } # Command file } -x* - -X { if {! [regexp .\[xX\](.+) $arg ignore cmd_file]} { incr i set cmd_file [ lindex $argv $i ] } if [ catch {set cmd_fd [open $cmd_file r]} reason ] { send_user "\nError: $reason\n" exit 1 } set cmd_text [read $cmd_fd] close $cmd_fd set command [join [split $cmd_text \n] \;] set do_command 1 # Do we enable? } -noenable { set avenable 0 # Does tacacs automatically enable us? } -autoenable { set avautoenable 1 set avenable 0 } -* { send_user "\nError: Unknown argument! $arg\n" send_user $usage exit 1 } default { break } } } # Process routers...no routers listed is an error. if { $i == $argc } { send_user "\nError: $usage" } # Only be quiet if we are running a script (it can log its output # on its own) if { $do_script } { log_user 0 } else { log_user 1 } # # Done configuration/variable setting. Now run with it... # # Sets Xterm title if interactive...if its an xterm and the user cares proc label { host } { global env # if CLOGIN has an 'x' in it, don't set the xterm name/banner if [info exists env(CLOGIN)] { if {[string first "x" $env(CLOGIN)] != -1} { return } } # take host from ENV(TERM) if [info exists env(TERM)] { if [ regexp \^(xterm|vs) $env(TERM) ignore ] { send_user "\033]1;[lindex [split $host "."] 0]\a" send_user "\033]2;$host\a" } } } # This is a helper function to make the password file easier to # maintain. Using this the password file has the form: # add password sl* pete cow # add password at* steve # add password * hanky-pie proc add {var args} { global int_$var ; lappend int_$var $args} proc include {args} { global env regsub -all "(^{|}$)" $args {} args if { [ regexp "^/" $args ignore ] == 0 } { set args $env(HOME)/$args } source_password_file $args } proc find {var router} { upvar int_$var list if { [info exists list] } { foreach line $list { if { [string match [lindex $line 0] $router ] } { return [lrange $line 1 end] } } } return {} } # Loads the password file. Note that as this file is tcl, and that # it is sourced, the user better know what to put in there, as it # could install more than just password info... I will assume however, # that a "bad guy" could just as easy put such code in the clogin # script, so I will leave .cloginrc as just an extention of that script proc source_password_file { password_file } { global env if { ! [file exists $password_file] } { send_user "\nError: password file ($password_file) does not exist\n" exit 1 } file stat $password_file fileinfo if { [expr ($fileinfo(mode) & 007)] != 0000 } { send_user "\nError: $password_file must not be world readable/writable\n" exit 1 } if [ catch {source $password_file} reason ] { send_user "\nError: $reason\n" exit 1 } } # Log into the router. # returns: 0 on success, 1 on failure, -1 if rsh was used successfully proc login { router user userpswd passwd enapasswd cmethod cyphertype } { global command spawn_id in_proc do_command do_script platform global prompt u_prompt p_prompt e_prompt sshcmd set in_proc 1 set uprompt_seen 0 # try each of the connection methods in $cmethod until one is successful set progs [llength $cmethod] foreach prog [lrange $cmethod 0 end] { incr progs -1 if [string match "telnet*" $prog] { regexp {telnet(:([^[:space:]]+))*} $prog methcmd suffix port if {"$port" == ""} { set retval [ catch {spawn telnet $router} reason ] } else { set retval [ catch {spawn telnet $router $port} reason ] } if { $retval } { send_user "\nError: telnet failed: $reason\n" return 1 } } elseif [string match "ssh*" $prog] { regexp {ssh(:([^[:space:]]+))*} $prog methcmd suffix port if {"$port" == ""} { set retval [ catch {spawn $sshcmd -c $cyphertype -x -l $user $router} reason ] } else { set retval [ catch {spawn $sshcmd -c $cyphertype -x -l $user -p $port $router} reason ] } if { $retval } { send_user "\nError: $sshcmd failed: $reason\n" return 1 } } elseif ![string compare $prog "rsh"] { if { ! $do_command } { if { [llength $cmethod] == 1 } { send_user "\nError: rsh is an invalid method for -x and " send_user "interactive logins\n" } if { $progs == 0 } { return 1 } continue; } set commands [split $command \;] set num_commands [llength $commands] set rshfail 0 for {set i 0} {$i < $num_commands && !$rshfail} { incr i} { log_user 0 set retval [ catch {spawn rsh $user@$router [lindex $commands $i] } reason ] if { $retval } { send_user "\nError: rsh failed: $reason\n" log_user 1; return 1 } send_user "$router# [lindex $commands $i]\n" # rcmd does not get a pager and no prompts, so we just have to # look for failures & lines. expect { "Connection refused" { catch {close}; catch {wait}; send_user "\nError: Connection\ Refused ($prog): $router\n" set rshfail 1 } -re "(Connection closed by|Connection to \[^\n\r]+ closed)" { catch {close}; catch {wait}; send_user "\nError: Connection\ closed ($prog): $router\n" set rshfail 1 } "Host is unreachable" { catch {close}; catch {wait}; send_user "\nError: Host Unreachable:\ $router\n" set rshfail 1 } "No address associated with" { catch {close}; catch {wait}; send_user "\nError: Unknown host\ $router\n" set rshfail 1 } -re "\b+" { exp_continue } -re "\[\n\r]+" { send_user -- "$expect_out(buffer)" exp_continue } timeout { catch {close}; catch {wait}; send_user "\nError: TIMEOUT reached\n" set rshfail 1 } eof { catch {close}; catch {wait}; } } log_user 1 } if { $rshfail } { if { !$progs } { return 1 } else { continue } } # fake the end of the session for rancid. send_user "$router# exit\n" # return rsh "success" return -1 } else { send_user "\nError: unknown connection method: $prog\n" return 1 } sleep 0.3 # This helps cleanup each expect clause. expect_after { timeout { send_user "\nError: TIMEOUT reached\n" catch {close}; catch {wait}; if { $in_proc} { return 1 } else { continue } } eof { send_user "\nError: EOF received\n" catch {close}; catch {wait}; if { $in_proc} { return 1 } else { continue } } } # Here we get a little tricky. There are several possibilities: # the router can ask for a username and passwd and then # talk to the TACACS server to authenticate you, or if the # TACACS server is not working, then it will use the enable # passwd. Or, the router might not have TACACS turned on, # then it will just send the passwd. # if telnet fails with connection refused, try ssh expect { -re "(Connection refused|Secure connection \[^\n\r]+ refused)" { catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection Refused ($prog): $router\n" return 1 } } -re "(Connection closed by|Connection to \[^\n\r]+ closed)" { catch {close}; catch {wait}; if !$progs { send_user "\nError: Connection closed ($prog): $router\n" return 1 } } eof { send_user "\nError: Couldn't login: $router\n"; wait; return 1 } -nocase "unknown host\r" { send_user "\nError: Unknown host $router\n"; catch {close}; catch {wait}; return 1 } "Host is unreachable" { send_user "\nError: Host Unreachable: $router\n"; catch {close}; catch {wait}; return 1 } "No address associated with name" { send_user "\nError: Unknown host $router\n"; catch {close}; catch {wait}; return 1 } -re "(Host key not found |The authenticity of host .* be established).*\(yes\/no\)\?" { send "yes\r" send_user "\nHost $router added to the list of known hosts.\n" exp_continue } -re "HOST IDENTIFICATION HAS CHANGED.* \(yes\/no\)\?" { send "no\r" send_user "\nError: The host key for $router has changed. Update the SSH known_hosts file accordingly.\n" catch {close}; catch {wait}; return 1 } -re "Offending key for .* \(yes\/no\)\?" { send "no\r" send_user "\nError: host key mismatch for $router. Update the SSH known_hosts file accordingly.\n" catch {close}; catch {wait}; return 1 } -re "(denied|Sorry)" { send_user "\nError: Check your passwd for $router\n" catch {close}; catch {wait}; return 1 } "Login failed" { send_user "\nError: Check your passwd for $router\n" catch {close}; catch {wait}; return 1 } -re "% (Bad passwords|Authentication failed)" { send_user "\nError: Check your passwd for $router\n" catch {close}; catch {wait}; return 1 } "Press any key to continue" { # send_user "Pressing the ANY key\n" send "\r" exp_continue } -re "Enter Selection: " { # Catalyst 1900s have some lame menu. Enter # K to reach a command-line. send "K\r" exp_continue } -re "Last login:" { exp_continue } -re "@\[^\r\n]+ $p_prompt" { # ssh pwd prompt sleep 1 send -- "$userpswd\r" exp_continue } -re "$u_prompt" { send -- "$user\r" set uprompt_seen 1 exp_continue } -re "$p_prompt" { sleep 1 if {$uprompt_seen == 1} { send -- "$userpswd\r" } else { send -- "$passwd\r" } exp_continue } -re "$prompt" { break; } "Login invalid" { send_user "\nError: Invalid login: $router\n"; catch {close}; catch {wait}; return 1 } } } set in_proc 0 return 0 } # Enable proc do_enable { enauser enapasswd } { global prompt in_proc global u_prompt e_prompt set in_proc 1 send "enable\r" expect { -re "$u_prompt" { send -- "$enauser\r"; exp_continue} -re "$e_prompt" { send -- "$enapasswd\r"; exp_continue} "#" { set prompt "#" } "(enable)" { set prompt "> \(enable\) " } -re "(denied|Sorry|Incorrect)" { # % Access denied - from local auth and poss. others send_user "\nError: Check your Enable passwd\n"; return 1 } "% Error in authentication" { send_user "\nError: Check your Enable passwd\n" return 1 } "% Bad passwords" { send_user "\nError: Check your Enable passwd\n" return 1 } } # We set the prompt variable (above) so script files don't need # to know what it is. set in_proc 0 return 0 } # Run commands given on the command line. proc run_commands { prompt command } { global in_proc platform set in_proc 1 # If the prompt is (enable), then we are on a switch and the # command is "set length 0"; otherwise its "terminal length 0". # skip if its an extreme (since the pager can not be disabled on a # per-vty basis). if { [ string compare "extreme" "$platform" ] } { if [ regexp -- ".*> .*enable" "$prompt" ] { send "set length 0\r" # This is ugly, but reduces code duplication, allowing the # subsequent expects to handle everything as normal. set command "set logging session disable;$command" } else { send "terminal length 0\r" } # match cisco config mode prompts too, such as router(config-if)#, # but catalyst does not change in this fashion. regsub -all {^(.{1,11}).*([#>])$} $prompt {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } } } else { set reprompt $prompt } # this is the only way i see to get rid of more prompts in o/p..grrrrr log_user 0 set commands [split $command \;] set num_commands [llength $commands] # the pager can not be turned off on the PIX, so we have to look # for the "More" prompt. the extreme is equally obnoxious, with a # global switch in the config. for {set i 0} {$i < $num_commands} { incr i} { send -- "[subst -nocommands [lindex $commands $i]]\r" expect { -re "\b+" { exp_continue } -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" } -re "^\[^\n\r]*$reprompt." { send_user -- "$expect_out(buffer)" exp_continue } -re "^--More--\[\r\n]+" { # specific match c1900 pager send " " exp_continue } -re "\[\n\r]+" { send_user -- "$expect_out(buffer)" exp_continue } -re "\[^\r\n]*Press to cont\[^\r\n]*" { send " " # bloody ^[[2K after " " expect { -re "^\[^\r\n]*\r" {} } exp_continue } -re "^ *--More--\[^\n\r]*" { send " " exp_continue } -re "^<-+ More -+>\[^\n\r]*" { send_user -- "$expect_out(buffer)" send " " exp_continue } } } log_user 1 if { [ string compare "extreme" "$platform" ] } { send -h "exit\r" } else { send -h "quit\r" } expect { -re "^\[^\n\r *]*$reprompt" { # the Cisco CE and Jnx ERX # return to non-enabled mode # on exit in enabled mode. send -h "exit\r" exp_continue; } "The system has unsaved changes" { # Force10 SFTOS send "n\r" exp_continue } "Would you like to save them now" { # Force10 send "n\r" exp_continue } -re "(Profile|Configuration) changes have occurred.*" { # Cisco CSS send "n\r" exp_continue } "Do you wish to save your configuration changes" { send "n\r" exp_continue } -re "\[\n\r]+" { exp_continue } timeout { catch {close}; catch {wait}; return 0 } eof { return 0 } } set in_proc 0 } # # For each router... (this is main loop) # source_password_file $password_file set in_proc 0 set exitval 0 foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. set platform "" send_user -- "$router\n" # Figure out the prompt. # autoenable is off by default. If we have it defined, it was done # on the command line. If it is not specifically set on the command # line, check the password file. if $avautoenable { set autoenable 1 set enable 0 set prompt "(#| \\(enable\\))" } else { set ae [find autoenable $router] if { "$ae" == "1" } { set autoenable 1 set enable 0 set prompt "(#| \\(enable\\))" } else { set autoenable 0 set enable $avenable set prompt ">" } } # look for noenable option in .cloginrc if { [find noenable $router] != "" } { set enable 0 } # Figure out passwords if { $do_passwd || $do_enapasswd } { set pswd [find password $router] if { [llength $pswd] == 0 } { send_user -- "\nError: no password for $router in $password_file.\n" continue } if { $enable && $do_enapasswd && $autoenable == 0 && [llength $pswd] < 2 } { send_user -- "\nError: no enable password for $router in $password_file.\n" continue } set passwd [join [lindex $pswd 0] ""] set enapasswd [join [lindex $pswd 1] ""] } else { set passwd $userpasswd set enapasswd $enapasswd } # Figure out username if {[info exists username]} { # command line username set ruser $username } else { set ruser [join [find user $router] ""] if { "$ruser" == "" } { set ruser $default_user } } # Figure out username's password (if different from the vty password) if {[info exists userpasswd]} { # command line username set userpswd $userpasswd } else { set userpswd [join [find userpassword $router] ""] if { "$userpswd" == "" } { set userpswd $passwd } } # Figure out enable username if {[info exists enausername]} { # command line enausername set enauser $enausername } else { set enauser [join [find enauser $router] ""] if { "$enauser" == "" } { set enauser $ruser } } # Figure out prompts set u_prompt [find userprompt $router] if { "$u_prompt" == "" } { set u_prompt "(Username|Login|login|user name|User):" } else { set u_prompt [join [lindex $u_prompt 0] ""] } set p_prompt [find passprompt $router] if { "$p_prompt" == "" } { set p_prompt "(\[Pp]assword|passwd):" } else { set p_prompt [join [lindex $p_prompt 0] ""] } set e_prompt [find enableprompt $router] if { "$e_prompt" == "" } { set e_prompt "\[Pp]assword:" } else { set e_prompt [join [lindex $e_prompt 0] ""] } # Figure out cypher type if {[info exists cypher]} { # command line cypher type set cyphertype $cypher } else { set cyphertype [find cyphertype $router] if { "$cyphertype" == "" } { set cyphertype "3des" } } # Figure out connection method set cmethod [find method $router] if { "$cmethod" == "" } { set cmethod {{telnet} {ssh}} } # Figure out the SSH executable name set sshcmd [find sshcmd $router] if { "$sshcmd" == "" } { set sshcmd {ssh} } # Login to the router if {[login $router $ruser $userpswd $passwd $enapasswd $cmethod $cyphertype]} { incr exitval # if login failed or rsh was unsuccessful, move on to the next device continue } if { $enable } { if {[do_enable $enauser $enapasswd]} { if { $do_command || $do_script } { incr exitval catch {close}; catch {wait}; continue } } } # we are logged in, now figure out the full prompt send "\r" expect { -re "\[\r\n]+" { exp_continue; } -re "^(.+\[:.])1 ($prompt)" { # stoopid extreme cmd-line numbers and # prompt based on state of config changes, # which may have an * at the beginning. set junk $expect_out(1,string) regsub -all "^\\\* " $expect_out(1,string) {} junk set prompt ".? ?$junk\[0-9]+ $expect_out(2,string)"; set platform "extreme" } -re "^.+$prompt" { set junk $expect_out(0,string); regsub -all "\[\]\[\(\)]" $junk {\\&} prompt; } } if { $do_command } { if {[run_commands $prompt $command]} { incr exitval continue } } elseif { $do_script } { # If the prompt is (enable), then we are on a switch and the # command is "set length 0"; otherwise its "terminal length 0". if [ regexp -- ".*> .*enable" "$prompt" ] { send "set length 0\r" expect -re $prompt {} send "set logging session disable\r" } else { send "terminal length 0\r" } expect -re $prompt {} source $sfile catch {close}; } else { label $router log_user 1 interact } # End of for each router catch {wait}; sleep 0.3 } exit $exitval From meskander at perimeterwatch.com Mon Mar 2 18:46:09 2009 From: meskander at perimeterwatch.com (Mina Eskander) Date: Mon, 2 Mar 2009 13:46:09 -0500 Subject: [rancid] Re: How do i downgrade from 2.3.2a9 to 2.3.2a8 In-Reply-To: <20090302184436.GI26693@shrubbery.net> References: <8423e7bb0902260830y39f67fc7m74d2625660217803@mail.gmail.com> <8423e7bb0902260854m26163a5ew8467d07f230f1ec4@mail.gmail.com> <8423e7bb0902260914y2628601fp4515b88b2cf113a1@mail.gmail.com> <20090226184011.GH495@shrubbery.net> <20090226184242.GI495@shrubbery.net> <20090302184436.GI26693@shrubbery.net> Message-ID: How do I do install the patch? Just replace those files? Mina Eskander Perimeterwatch Technologies Direct: +1 (347) 448-2845 Mobile: +1 (347) 510-4102 meskander at perimeterwatch.com Network Security | Disaster Recovery | Business Continuity | IT Projects | Application Development _____________________________________________________________________ New York: (347) 448-2845 - 34-12 36th Street - 2nd Floor - Astoria, NY 11106 -----Original Message----- From: john heasley [mailto:heas at shrubbery.net] Sent: Monday, March 02, 2009 1:45 PM To: Mina Eskander Cc: john heasley; Lance Vermilion; rancid-discuss at shrubbery.net Subject: Re: [rancid] Re: How do i downgrade from 2.3.2a9 to 2.3.2a8 Fri, Feb 27, 2009 at 01:15:48PM -0500, Mina Eskander: > So it looks like the problem is with the regular expression matching, can anybody help me as to why and how to fix it? > Here is where it fails, it doesn't know it is in enable mode > > expect: does "> (enable) " (spawn_id exp6) match regular > expression "> \\(enable\\)"? no \\(enable\\) the double \s are wrong, those should be single \s, escaping the ()s. I believe i broke it trying to deal with CSR's funky prompts. would you try the attached patch? From heas at shrubbery.net Mon Mar 2 22:59:10 2009 From: heas at shrubbery.net (john heasley) Date: Mon, 2 Mar 2009 22:59:10 +0000 Subject: [rancid] Re: Patch for hlogin that covers hp-routers as well . In-Reply-To: References: Message-ID: <20090302225910.GU26693@shrubbery.net> Mon, Mar 02, 2009 at 08:36:01AM -0900, Mr. James W. Laferriere: > Hello John or whoever is the maintainer of hlogin , > Would you please apply this patch to hlogin.in as without it the > sessions will fail to continue when a "--MORE--" pager is shown . What HP routers? Are they actually Foundry OEMs? > Tia , JimL > ps: John just following your request to just add the necessary command > rather than programatically determining which to use . > > > diff -u /home/archive/rancid-2.3.2a9/bin/hlogin.in /usr/local/rancid/bin/hlogin > --- /home/archive/rancid-2.3.2a9/bin/hlogin.in 2008-11-11 16:02:12.000000000 -0900 > +++ /usr/local/rancid/bin/hlogin 2009-03-02 08:28:27.000000000 -0900 > > @@ -505,6 +505,7 @@ > > # Turn off the pager and escape regex meta characters in the $prompt > send "no page\r" > + send "terminal length 0\r" > regsub -all {[)(]} $prompt {\\&} reprompt > regsub -all {^(.{1,11}).*([#>])$} $reprompt {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt > expect { > > -- > +------------------------------------------------------------------+ > | James W. Laferriere | System Techniques | Give me VMS | > | Network&System Engineer | 2133 McCullam Ave | Give me Linux | > | babydr at baby-dragons.com | Fairbanks, AK. 99701 | only on AXP | > +------------------------------------------------------------------+ > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From babydr at baby-dragons.com Tue Mar 3 01:45:19 2009 From: babydr at baby-dragons.com (Mr. James W. Laferriere) Date: Mon, 2 Mar 2009 16:45:19 -0900 (AKST) Subject: [rancid] Re: Patch for hlogin that covers hp-routers as well . In-Reply-To: <20090302225910.GU26693@shrubbery.net> References: <20090302225910.GU26693@shrubbery.net> Message-ID: On Mon, 2 Mar 2009, john heasley wrote: > Mon, Mar 02, 2009 at 08:36:01AM -0900, Mr. James W. Laferriere: >> Hello John or whoever is the maintainer of hlogin , >> Would you please apply this patch to hlogin.in as without it the >> sessions will fail to continue when a "--MORE--" pager is shown . > > What HP routers? Are they actually Foundry OEMs? > >> Tia , JimL >> ps: John just following your request to just add the necessary command >> rather than programatically determining which to use . Hth , JimL #sh ver ProCurve Secure Router 7102dl SROS Version: J06.06 Checksum: 715D204B, built on: Wed Feb 07 09:32:03 2007 Boot ROM version J06.06 Checksum: C50D, built on: Wed Feb 07 09:32:23 2007 Copyright (c) 2007-2005, Hewlett-Packard, Co. Platform: ProCurve Secure Router 7102dl Serial number US507TR005 Flash: 33554432 bytes DRAM: 134217727 bytes System uptime is 20 weeks, 1 days, 3 hours, 29 minutes, 52 seconds Current system image: "J06_06.biz" Current configuration-file: "startup-config" Configured system image path: Primary: "J06_06.biz" Backup: "J06_03.biz" Configured configuration-file path: Primary: "startup-config" ...snip... -- +------------------------------------------------------------------+ | James W. Laferriere | System Techniques | Give me VMS | | Network&System Engineer | 2133 McCullam Ave | Give me Linux | | babydr at baby-dragons.com | Fairbanks, AK. 99701 | only on AXP | +------------------------------------------------------------------+ From Atif.SIDDIQUI at HydroOne.com Tue Mar 3 14:59:31 2009 From: Atif.SIDDIQUI at HydroOne.com (Atif.SIDDIQUI at HydroOne.com) Date: Tue, 3 Mar 2009 09:59:31 -0500 Subject: [rancid] Foundry Login In-Reply-To: References: <20090302225910.GU26693@shrubbery.net> Message-ID: <41BBAE5132ABA54BB2BA8716254F03D601559D0C@1104MILPEV.corp.hydroone.com> I am having trouble with backing up Foundry devices. Here is what I have in the .cloginrc file: add user n08w ranciduser add password n08w password add enauser n08w ranciduser add password n08w password add method n08w ssh telnet In the logs it says flogin : TIMEOUT? Can anyone assist here. thanks From rancid at junk.indolore.net Tue Mar 3 16:14:34 2009 From: rancid at junk.indolore.net (Regis A. Despres) Date: Tue, 3 Mar 2009 17:14:34 +0100 Subject: [rancid] Procurve hlogin "show lldp expect" Message-ID: <20090303161434.GA53703@outland.indolore.net> Hi, I'm facing a strange behavior trying to get "show lldp info remote-device" from a procurve J4904A. telnet and ssh hlogin expect script both hangs after giving those infos. It appears to see an unwanted space just in front the hostname. I don't really have a clue if that is why that hangs. If someone have a idea ... =) i.e.: ################################################################################### shell> hlogin -c "sh lld info rem" IP [snip] LLDP Remote Devices Information LocalPort | ChassisId PortId PortDescr SysName --------- + ------------------------- ------ --------- ---------------------- hostname01# [hang] ################################################################################### here is the debug output: ################################################################################### [snip] expect: does " --------- + ------------------------- ------ --------- ----------------------\r\n\r " (spawn_id exp4) match regular expression "^[^\n\r *]*hostname0([^#>\r\n]+)?[#>](\([^)\r\n]+\))?"? no "^[^\n\r]*hostname0([^#>\r\n]+)?[#>](\([^)\r\n]+\))?."? no "[\n\r]+"? yes expect: set expect_out(0,string) "\r\n\r" expect: set expect_out(spawn_id) "exp4" expect: set expect_out(buffer) " --------- + ------------------------- ------ --------- ----------------------\r\n\r" --------- + ------------------------- ------ --------- ---------------------- expect: continuing expect expect: does " " (spawn_id exp4) match regular expression "^[^\n\r *]*hostname0([^#>\r\n]+)?[#>](\([^)\r\n]+\))?"? no "^[^\n\r]*hostname0([^#>\r\n]+)?[#>](\([^)\r\n]+\))?."? no "[\n\r]+"? no "[^\r\n]*Press to cont[^\r\n]*"? no "^<-+ More -+>[^\n\r]*"? no "^-+ MORE -+[^\n\r]*"? no "^-More-[^\n\r-]*"? no "^--More--[^\n\r-]*"? no "^---+More---+[^\n\r]*"? no "\u0008+"? no expect: does " 45 | 00 17 08 c7 25 80 48 48 BISWI55INL01 \r\n\r 46 | 00 16 35 21 56 80 47 47 BISWI58INLO1 \r\n\r hostname01# " (spawn_id exp4) match regular expression "^[^\n\r *]*hostname0([^#>\r\n]+)?[#>](\([^)\r\n]+\))?"? no "^[^\n\r]*hostname0([^#>\r\n]+)?[#>](\([^)\r\n]+\))?."? no "[\n\r]+"? yes expect: set expect_out(0,string) "\r\n\r" expect: set expect_out(spawn_id) "exp4" expect: set expect_out(buffer) " 45 | 00 17 08 c7 25 80 48 48 BISWI55INL01 \r\n\r" 45 | 00 17 08 c7 25 80 48 48 BISWI55INL01 expect: continuing expect expect: does " 46 | 00 16 35 21 56 80 47 47 BISWI58INLO1 \r\n\r hostname01# " (spawn_id exp4) match regular expression "^[^\n\r *]*hostname0([^#>\r\n]+)?[#>](\([^)\r\n]+\))?"? no "^[^\n\r]*hostname0([^#>\r\n]+)?[#>](\([^)\r\n]+\))?."? no "[\n\r]+"? yes expect: set expect_out(0,string) "\r\n\r" expect: set expect_out(spawn_id) "exp4" expect: set expect_out(buffer) " 46 | 00 16 35 21 56 80 47 47 BISWI58INLO1 \r\n\r" 46 | 00 16 35 21 56 80 47 47 BISWI58INLO1 expect: continuing expect expect: does " hostname01# " (spawn_id exp4) match regular expression "^[^\n\r "^[^\n\r]*hostname0([^#>\r\n]+)?[#>](\([^)\r\n]+\))?."? yes expect: set expect_out(0,string) " hostname01# " expect: set expect_out(1,string) "1" expect: set expect_out(spawn_id) "exp4" expect: set expect_out(buffer) " hostname01# " hostname01# expect: continuing expect expect: does "" (spawn_id exp4) match regular expression "^[^\n\r *]*hostname0 "^[^\n\r]*hostname0([^#>\r\n]+)?[#>](\([^)\r\n]+\))?."? no "[\n\r]+"? no "[^\r\n]*Press to cont[^\r\n]*"? no "^<-+ More -+>[^\n\r]*"? no "^-+ MORE -+[^\n\r]*"? no "^-More-[^\n\r-]*"? no "^--More--[^\n\r-]*"? no "^---+More---+[^\n\r]*"? no "\u0008+"? no expect: timed out Error: TIMEOUT reached write() failed to write anything - will sleep(1) and retry... [Killed] ################################################################################### From heas at shrubbery.net Tue Mar 3 19:30:35 2009 From: heas at shrubbery.net (john heasley) Date: Tue, 3 Mar 2009 19:30:35 +0000 Subject: [rancid] Re: Procurve hlogin "show lldp expect" In-Reply-To: <20090303161434.GA53703@outland.indolore.net> References: <20090303161434.GA53703@outland.indolore.net> Message-ID: <20090303193035.GL21217@shrubbery.net> Tue, Mar 03, 2009 at 05:14:34PM +0100, Regis A. Despres: > > Hi, > > I'm facing a strange behavior trying to get "show lldp info remote-device" from a procurve J4904A. > telnet and ssh hlogin expect script both hangs after giving those infos. > It appears to see an unwanted space just in front the hostname. I don't really have a clue if that is why that hangs. > If someone have a idea ... =) It really shouldn't be continuing there. Could you try the attached patch? -------------- next part -------------- Index: hlogin.in =================================================================== RCS file: /home/rancid/.CVS/rancid/bin/hlogin.in,v retrieving revision 1.58 diff -d -u -r1.58 hlogin.in --- hlogin.in 12 Nov 2008 00:59:04 -0000 1.58 +++ hlogin.in 3 Mar 2009 19:01:30 -0000 @@ -522,8 +522,7 @@ send -- "[subst -nocommands [lindex $commands $i]]\r" expect { -re "^\[^\n\r *]*$reprompt" { catch {send_user -- "$expect_out(buffer)"} } - -re "^\[^\n\r]*$reprompt." { catch {send_user -- "$expect_out(buffer)"} - exp_continue } + -re "^\[^\n\r]*$reprompt " { catch {send_user -- "$expect_out(buffer)"} } -re "\[\n\r]+" { catch {send_user -- "$expect_out(buffer)"} exp_continue } -re "\[^\r\n]*Press to cont\[^\r\n]*" { From meskander at perimeterwatch.com Tue Mar 3 20:53:02 2009 From: meskander at perimeterwatch.com (Mina Eskander) Date: Tue, 3 Mar 2009 15:53:02 -0500 Subject: [rancid] Re: How do i downgrade from 2.3.2a9 to 2.3.2a8 In-Reply-To: References: <8423e7bb0902260830y39f67fc7m74d2625660217803@mail.gmail.com> <8423e7bb0902260854m26163a5ew8467d07f230f1ec4@mail.gmail.com> <8423e7bb0902260914y2628601fp4515b88b2cf113a1@mail.gmail.com> <20090226184011.GH495@shrubbery.net> <20090226184242.GI495@shrubbery.net> <20090302184436.GI26693@shrubbery.net> Message-ID: I changed to the directory where clogin is located /usr/local/rancid/bin And ran the following command: patch -b -p0 < clogin.in.diff here is the output [root at pwsecLX bin]# patch -b -p0 < clogin.in.diff patching file clogin.in Reversed (or previously applied) patch detected! Assume -R? [n] Apply anyway? [n] y Hunk #1 FAILED at 572. Hunk #2 FAILED at 611. Hunk #3 FAILED at 852. 3 out of 3 hunks FAILED -- saving rejects to file clogin.in.rej Did I do something wrong? Mina Eskander Perimeterwatch Technologies Direct: +1 (347) 448-2845 Mobile: +1 (347) 510-4102 meskander at perimeterwatch.com Network Security | Disaster Recovery | Business Continuity | IT Projects | Application Development _____________________________________________________________________ New York: (347) 448-2845 - 34-12 36th Street - 2nd Floor - Astoria, NY 11106 -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Mina Eskander Sent: Monday, March 02, 2009 1:46 PM To: john heasley Cc: rancid-discuss at shrubbery.net Subject: [rancid] Re: How do i downgrade from 2.3.2a9 to 2.3.2a8 How do I do install the patch? Just replace those files? Mina Eskander Perimeterwatch Technologies Direct: +1 (347) 448-2845 Mobile: +1 (347) 510-4102 meskander at perimeterwatch.com Network Security | Disaster Recovery | Business Continuity | IT Projects | Application Development _____________________________________________________________________ New York: (347) 448-2845 - 34-12 36th Street - 2nd Floor - Astoria, NY 11106 -----Original Message----- From: john heasley [mailto:heas at shrubbery.net] Sent: Monday, March 02, 2009 1:45 PM To: Mina Eskander Cc: john heasley; Lance Vermilion; rancid-discuss at shrubbery.net Subject: Re: [rancid] Re: How do i downgrade from 2.3.2a9 to 2.3.2a8 Fri, Feb 27, 2009 at 01:15:48PM -0500, Mina Eskander: > So it looks like the problem is with the regular expression matching, can anybody help me as to why and how to fix it? > Here is where it fails, it doesn't know it is in enable mode > > expect: does "> (enable) " (spawn_id exp6) match regular > expression "> \\(enable\\)"? no \\(enable\\) the double \s are wrong, those should be single \s, escaping the ()s. I believe i broke it trying to deal with CSR's funky prompts. would you try the attached patch? _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From WModderman at asp4all.nl Wed Mar 4 13:05:14 2009 From: WModderman at asp4all.nl (Wijnand Modderman) Date: Wed, 4 Mar 2009 14:05:14 +0100 Subject: [rancid] cvs issues after migration Message-ID: <0DB8FB49DE49AF458171561378E35F931D62313D41@ASD2WIN170VM.office.ds.asp4all.local> Hello all, I am not particularly familiar with rancid, but after migrating rancid to a new machine (identical rancid and CVS version), errors keep showing up at the rancid logs. Running rancid produces this error in the logs (amongst other similair ones for other modules): Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs [diff aborted]: could not find desired version 1.23 in /export/rancid/cvs/ABC1/routers.down,v cvs commit: Examining . cvs [commit aborted]: could not find desired version 1.23 in /export/rancid/cvs/ABC1/routers.down,v ending: Wed Mar 4 13:10:38 CET 2009 When I take a look at the file stated by the CVS error output, it seems like 1.21 is the HEAD: # head /export/rancid/cvs/ABC1/routers.down,v head 1.21; access; symbols start:1.1.1.1 rancid:1.1.1; locks; strict; comment @# @; 1.21 date 2008.11.18.13.13.32; author rancid; state Exp; I tried to reproduce the error by doing a manual CVS checkout, change a file, and run the diff command as executed by rancid (cvs -f diff -U 4 -ko) which Works perfectly fine. How do I debug from here? Is my CVS corrupt, or does rancid somehow keep track of the version it has to diff against? Regards, Wijnand Linux Engineer General Caveat "The information provided in this e-mail is forwarded through the electronic medium Internet and may therefore be subject to unforeseen manipulation or distortion by third parties. It should therefore not be relied on. Before any action is taken or refrained from on basis of the above information, the content should be verified. Please note that e-mail traffic through the Internet does not guarantee confidentiality. Confidential information should therefore not be provided to ASP4all through Internet e-mail. ASP4all denies any responsibility for damages as a result of the use of e-mail messages." From Atif.SIDDIQUI at HydroOne.com Wed Mar 4 17:41:28 2009 From: Atif.SIDDIQUI at HydroOne.com (Atif.SIDDIQUI at HydroOne.com) Date: Wed, 4 Mar 2009 12:41:28 -0500 Subject: [rancid] Re: Foundry and SSH In-Reply-To: <49625191.7020106@illinois.edu> References: <49625191.7020106@illinois.edu> Message-ID: <41BBAE5132ABA54BB2BA8716254F03D60155A122@1104MILPEV.corp.hydroone.com> Hi Ryan, How have you defined Froundry login detail in .cloginrc? Mine does not work. Here is what I have in the .cloginrc file: add user n08w ranciduser add password n08w password add enauser n08w ranciduser add password n08w password add method n08w ssh telnet In the logs it says flogin : TIMEOUT? Can anyone assist here. Atif. -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ryan Harden Sent: Monday, January 05, 2009 1:30 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Foundry and SSH -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I have just set up rancid for the first time and I am having problems getting it to successfully pull configs from a Foundry device over SSH. This same device works properly over telnet but I get the following when switching to SSH. starting: Mon Jan 5 12:22:23 CST 2009 Trying to get all of the configs. x.x.x.x: missed cmd(s): show chassis,show module,show flash,write term x.x.x.x: End of run not found Running bin/flogin x.x.x.x works just fine and I'm able to run commands, but when run from the script it simply doesn't work. The device is an MLX running 3.9.00a code. Any ideas? Thanks. - -- Ryan M. Harden, BS, KC9IHX Office: 217-265-5192 CITES - Network Engineering Cell: 630-363-0365 2130 Digital Computer Lab Fax: 217-244-7089 1304 W. Springfield email: hardenrm at illinois.edu Urbana, IL 61801 University of Illinois at Urbana/Champaign University of Illinois - ICCN -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkliUY4ACgkQtuPckBBbXbp6wQCfRqz/Dt8ixlOOafxlzLDGRJz9 inUAoILRCXyMwzsT9N30U74V4nsH91Gn =zg8B -----END PGP SIGNATURE----- _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From rdespres at cynique.org Wed Mar 4 18:02:05 2009 From: rdespres at cynique.org (Regis A. Despres) Date: Wed, 4 Mar 2009 19:02:05 +0100 (CET) Subject: [rancid] Re: Procurve hlogin "show lldp expect" In-Reply-To: <20090303193035.GL21217@shrubbery.net> References: <20090303161434.GA53703@outland.indolore.net> <20090303193035.GL21217@shrubbery.net> Message-ID: <62009.88.191.40.42.1236189725.squirrel@indolore.net> ! Tue, Mar 03, 2009 at 05:14:34PM +0100, Regis A. Despres: !> !> Hi, !> !> I'm facing a strange behavior trying to get "show lldp info !> remote-device" from a procurve J4904A. !> telnet and ssh hlogin expect script both hangs after giving those infos. !> It appears to see an unwanted space just in front the hostname. I don't !> really have a clue if that is why that hangs. !> If someone have a idea ... =) ! ! It really shouldn't be continuing there. Could you try the attached ! patch? ! Great. Works like a charm ! Next step is ringing freebsd port maintener =) From mashcraft at omniture.com Wed Mar 4 18:11:57 2009 From: mashcraft at omniture.com (Mike Ashcraft) Date: Wed, 4 Mar 2009 11:11:57 -0700 Subject: [rancid] Re: cvs issues after migration In-Reply-To: <0DB8FB49DE49AF458171561378E35F931D62313D41@ASD2WIN170VM.office.ds.asp4all.local> References: <0DB8FB49DE49AF458171561378E35F931D62313D41@ASD2WIN170VM.office.ds.asp4all.local> Message-ID: <370BD08812250148A3EC9CFC41A6D601016DE037F8@EXCHANGE1.orm.omniture.com> The simple answer is that Rancid uses the CVS client to keep track of versions. The versions in your CVS repository do not match those in the rancid/var//configs/CVS directories. If everything was setup properly in the migration, this can be fixed by go into each rancid/var//configs directory and running 'cvs update' to bring those copies in line with the repository. See the rancid faq and/or the CVS documentation for further info. Mike -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Wijnand Modderman Sent: Wednesday, March 04, 2009 6:05 AM To: 'rancid-discuss at shrubbery.net' Subject: [rancid] cvs issues after migration Hello all, I am not particularly familiar with rancid, but after migrating rancid to a new machine (identical rancid and CVS version), errors keep showing up at the rancid logs. Running rancid produces this error in the logs (amongst other similair ones for other modules): Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs [diff aborted]: could not find desired version 1.23 in /export/rancid/cvs/ABC1/routers.down,v cvs commit: Examining . cvs [commit aborted]: could not find desired version 1.23 in /export/rancid/cvs/ABC1/routers.down,v ending: Wed Mar 4 13:10:38 CET 2009 When I take a look at the file stated by the CVS error output, it seems like 1.21 is the HEAD: # head /export/rancid/cvs/ABC1/routers.down,v head 1.21; access; symbols start:1.1.1.1 rancid:1.1.1; locks; strict; comment @# @; 1.21 date 2008.11.18.13.13.32; author rancid; state Exp; I tried to reproduce the error by doing a manual CVS checkout, change a file, and run the diff command as executed by rancid (cvs -f diff -U 4 -ko) which Works perfectly fine. How do I debug from here? Is my CVS corrupt, or does rancid somehow keep track of the version it has to diff against? Regards, Wijnand Linux Engineer General Caveat "The information provided in this e-mail is forwarded through the electronic medium Internet and may therefore be subject to unforeseen manipulation or distortion by third parties. It should therefore not be relied on. Before any action is taken or refrained from on basis of the above information, the content should be verified. Please note that e-mail traffic through the Internet does not guarantee confidentiality. Confidential information should therefore not be provided to ASP4all through Internet e-mail. ASP4all denies any responsibility for damages as a result of the use of e-mail messages." _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From dnewman at networktest.com Wed Mar 4 18:30:19 2009 From: dnewman at networktest.com (David Newman) Date: Wed, 04 Mar 2009 10:30:19 -0800 Subject: [rancid] Re: Procurve hlogin "show lldp expect" In-Reply-To: <62009.88.191.40.42.1236189725.squirrel@indolore.net> References: <20090303161434.GA53703@outland.indolore.net> <20090303193035.GL21217@shrubbery.net> <62009.88.191.40.42.1236189725.squirrel@indolore.net> Message-ID: <49AEC8BB.1030506@networktest.com> On 3/4/09 10:02 AM, Regis A. Despres wrote: > ! Tue, Mar 03, 2009 at 05:14:34PM +0100, Regis A. Despres: > !> > !> Hi, > !> > !> I'm facing a strange behavior trying to get "show lldp info > !> remote-device" from a procurve J4904A. > !> telnet and ssh hlogin expect script both hangs after giving those infos. > !> It appears to see an unwanted space just in front the hostname. I don't > !> really have a clue if that is why that hangs. > !> If someone have a idea ... =) > ! > ! It really shouldn't be continuing there. Could you try the attached > ! patch? > ! > > Great. Works like a charm ! > Next step is ringing freebsd port maintener =) Current rancid-devel port on FreeBSD is 2.3.2a7. It would be very good to bump this up to 2.3.2a9. thanks dn > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From heas at shrubbery.net Wed Mar 4 18:53:30 2009 From: heas at shrubbery.net (john heasley) Date: Wed, 4 Mar 2009 18:53:30 +0000 Subject: [rancid] Re: cvs issues after migration In-Reply-To: <370BD08812250148A3EC9CFC41A6D601016DE037F8@EXCHANGE1.orm.omniture.com> References: <0DB8FB49DE49AF458171561378E35F931D62313D41@ASD2WIN170VM.office.ds.asp4all.local> <370BD08812250148A3EC9CFC41A6D601016DE037F8@EXCHANGE1.orm.omniture.com> Message-ID: <20090304185330.GD26160@shrubbery.net> Wed, Mar 04, 2009 at 11:11:57AM -0700, Mike Ashcraft: > The simple answer is that Rancid uses the CVS client to keep track of versions. > > The versions in your CVS repository do not match those in the rancid/var//configs/CVS directories. If everything was setup properly in the migration, this can be fixed by go into each rancid/var//configs directory and running 'cvs update' to bring those copies in line with the repository. > > See the rancid faq and/or the CVS documentation for further info. Right; my guess would be that rancid ran while he copied the CVS repository. From regis.despres at cynique.org Wed Mar 4 19:00:52 2009 From: regis.despres at cynique.org (=?utf-8?Q? R=C3=A9gis_A._Despres ?=) Date: Wed, 4 Mar 2009 20:00:52 +0100 Subject: [rancid] Re: Procurve hlogin "show lldp expect" In-Reply-To: <49AEC8BB.1030506@networktest.com> References: <20090303161434.GA53703@outland.indolore.net> <20090303193035.GL21217@shrubbery.net> <62009.88.191.40.42.1236189725.squirrel@indolore.net> <49AEC8BB.1030506@networktest.com> Message-ID: <624BA8F5-EEAB-48F0-AED2-0314615C80E8@cynique.org> That's already the case =] Just portsnap and here you go =] --- R?gis A. Despres Le 4 mars 09 ? 19:30, David Newman a ?crit : > > On 3/4/09 10:02 AM, Regis A. Despres wrote: >> ! Tue, Mar 03, 2009 at 05:14:34PM +0100, Regis A. Despres: >> !> >> !> Hi, >> !> >> !> I'm facing a strange behavior trying to get "show lldp info >> !> remote-device" from a procurve J4904A. >> !> telnet and ssh hlogin expect script both hangs after giving >> those infos. >> !> It appears to see an unwanted space just in front the hostname. >> I don't >> !> really have a clue if that is why that hangs. >> !> If someone have a idea ... =) >> ! >> ! It really shouldn't be continuing there. Could you try the >> attached >> ! patch? >> ! >> >> Great. Works like a charm ! >> Next step is ringing freebsd port maintener =) > > Current rancid-devel port on FreeBSD is 2.3.2a7. It would be very good > to bump this up to 2.3.2a9. > > thanks > > dn > > >> >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >> > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From kaeves at cbmc.com Wed Mar 4 19:50:56 2009 From: kaeves at cbmc.com (Kevin Eves) Date: Wed, 4 Mar 2009 14:50:56 -0500 Subject: [rancid] Need help: rancid-run deleting all configs from CSV Message-ID: <2D479BB76D25A947BDAA7DA84487D2AA36426E@exchange.cbmc.net> Hello everyone. I'm probably the newest member of the list as I am just getting started with Rancid and I could use some assistance. I'm trying to get Rancid set up on a CentOS 5.2 server. This is now my second attempt as I blew away the first setup to try to start over when things got too messed up. I followed the instructions from http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch1_:_Ne twork_Backups_With_Rancid using the newest alpha version of Rancid: rancid-2.3.2a9.tar.gz . The only change was the directory location of /opt/rancid instead of /usr/local/rancid. I also set up cvsweb to make it easy to browse the configs. Rancid will query the routers successfully and dump the configs into /opt/rancid/var/networking/configs, but in the /opt/rancid/var/CVS/networking/configs there is nothing except ./Attic because rancid-run deletes them all after it puts them in. It works for router.db and will notify me of changes to that, but it doesn't work for any of the router config files. Furthermore, every time rancid-run runs, it also emails me this: The following routers have not been successfully contacted for more than 24 hours. -rw-r----- 1 rancid netadm 24234 Mar 4 01:06 192.168.1.1 -rw-r----- 1 rancid netadm 2744 Mar 4 01:06 192.168.1.254 ... and so on for all of them. I've looked through the FAQ, readme, man pages, and lots of web searches and I can't figure it out. Below I've put all the information that I think is necessary to solve the problem, but if there is anything else that is needed, just let me know and I'll add that later. If someone can help me figure out this strange behavior, I would be very grateful. If it turns out to be a bug, I'll submit a report. Thank you in advance. Kevin Eves router.db: 192.168.1.1:cisco:up 192.168.1.254:cisco:up Public.ip.1.removed:cisco:up Public.ip.2.removed:cisco:up Public.ip.3.removed:cisco:up Public.ip.4.removed:cisco:up Public.ip.5.removed:cisco:up Log example: starting: Wed Mar 4 14:01:01 EST 2009 cvs status: use `cvs add' to create an entry for 192.168.1.1 cvs add: Re-adding file `192.168.1.1' (in place of dead revision 1.2). cvs add: use 'cvs commit' to add this file permanently cvs added missing router 192.168.1.1 cvs status: use `cvs add' to create an entry for 192.168.1.254 cvs add: Re-adding file `192.168.1.254' (in place of dead revision 1.2). cvs add: use 'cvs commit' to add this file permanently cvs added missing router 192.168.1.254 cvs status: use `cvs add' to create an entry for Public.ip.1.removed cvs add: Re-adding file `Public.ip.1.removed' (in place of dead revision 1.2). cvs add: use 'cvs commit' to add this file permanently cvs added missing router Public.ip.1.removed cvs status: use `cvs add' to create an entry for Public.ip.2.removed cvs add: Re-adding file `Public.ip.2.removed' (in place of dead revision 1.2). cvs add: use 'cvs commit' to add this file permanently cvs added missing router Public.ip.2.removed cvs status: use `cvs add' to create an entry for Public.ip.3.removed cvs add: Re-adding file `Public.ip.3.removed' (in place of dead revision 1.2). cvs add: use 'cvs commit' to add this file permanently cvs added missing router Public.ip.3.removed cvs status: use `cvs add' to create an entry for Public.ip.4.removed cvs add: Re-adding file `Public.ip.4.removed' (in place of dead revision 1.2). cvs add: use 'cvs commit' to add this file permanently cvs added missing router Public.ip.4.removed cvs status: use `cvs add' to create an entry for Public.ip.5.removed cvs add: Re-adding file `Public.ip.5.removed' (in place of dead revision 1.2). cvs add: use 'cvs commit' to add this file permanently cvs added missing router Public.ip.5.removed cvs remove: removed `Public.ip.5.removed' Deleted Public.ip.5.removed cvs remove: removed `Public.ip.4.removed' Deleted Public.ip.4.removed cvs remove: removed `Public.ip.1.removed' Deleted Public.ip.1.removed cvs remove: removed `192.168.1.254' Deleted 192.168.1.254 cvs remove: removed `Public.ip.2.removed' Deleted Public.ip.2.removed cvs remove: removed `Public.ip.3.removed' Deleted Public.ip.3.removed cvs remove: removed `192.168.1.1' Deleted 192.168.1.1 Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs ending: Wed Mar 4 14:01:43 EST 2009 And then when I look in cvsweb at one of the configs in the Attic it says this, showing that it created the file and then deleted it seconds later: Keyword substitution: o Default branch: MAIN Revision 1.2 Wed Mar 4 18:52:34 2009 UTC (29 minutes, 34 seconds ago) by rancid Branches: MAIN CVS tags: HEAD FILE REMOVED Changes since revision 1.1: +0 -0 lines deleted router Revision 1.1: download - view: text, markup, annotated - select for diffs Wed Mar 4 18:52:27 2009 UTC (29 minutes, 41 seconds ago) by rancid Branches: MAIN new router -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20090304/7dca5e56/attachment.html From tzadikem at gmail.com Wed Mar 4 16:33:19 2009 From: tzadikem at gmail.com (Travis Zadikem) Date: Wed, 4 Mar 2009 09:33:19 -0700 Subject: [rancid] Rancid 2.3.1 shows diff versions even when nothing has changed....hmm Message-ID: <917148240903040833tdc0408ao52307f332ceb83ac@mail.gmail.com> I am running rancid 2.3.1 (new install) and if I do a rancid-run it works just fine, but if I run the same command a second time on it will show a version different on some of the switches even though no change has been done on the switch. For this to be truly effective I was wondering what the fix is. Here is a sample of what it shows. It looks the problem is some sort of wrapping issue. Any ideas? Thanks! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20090304/8bedab59/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: problems.jpg Type: image/jpeg Size: 52993 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20090304/8bedab59/attachment.jpg From heas at shrubbery.net Wed Mar 4 22:47:24 2009 From: heas at shrubbery.net (john heasley) Date: Wed, 4 Mar 2009 22:47:24 +0000 Subject: [rancid] Re: How do i downgrade from 2.3.2a9 to 2.3.2a8 In-Reply-To: References: <20090226184242.GI495@shrubbery.net> <20090302184436.GI26693@shrubbery.net> <20090303210040.GA20240@shrubbery.net> <20090303233702.GJ21453@shrubbery.net> Message-ID: <20090304224724.GD23669@shrubbery.net> Wed, Mar 04, 2009 at 08:46:58AM -0500, Mina Eskander: ... > > I didn't modify the other lines, and it seems like its working The complete patch is attached for anyone who needs it. -------------- next part -------------- Index: bin/clogin.in =================================================================== RCS file: /home/rancid/.CVS/rancid/bin/clogin.in,v retrieving revision 1.130 diff -d -u -r1.130 clogin.in --- bin/clogin.in 26 Feb 2009 19:31:24 -0000 1.130 +++ bin/clogin.in 4 Mar 2009 19:26:24 -0000 @@ -572,7 +572,7 @@ -re "$u_prompt" { send -- "$enauser\r"; exp_continue} -re "$e_prompt" { send -- "$enapasswd\r"; exp_continue} "#" { set prompt "#" } - "(enable)" { set prompt "> (enable) " } + "(enable)" { set prompt "> \\(enable\\) " } -re "(denied|Sorry|Incorrect)" { # % Access denied - from local auth and poss. others send_user "\nError: Check your Enable passwd\n"; @@ -611,17 +611,15 @@ } else { send "terminal length 0\r" } - # escape any parens in the prompt, such as "(enable)" - regsub -all {[)(]} $prompt {\\&} reprompt # match cisco config mode prompts too, such as router(config-if)#, # but catalyst does not change in this fashion. - regsub -all {^(.{1,11}).*([#>])$} $reprompt {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt + regsub -all {^(.{1,11}).*([#>])$} $prompt {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } } } else { - regsub -all "\[)(]" $prompt {\\&} reprompt + set reprompt $prompt } # this is the only way i see to get rid of more prompts in o/p..grrrrr @@ -851,13 +849,10 @@ set junk $expect_out(1,string) regsub -all "^\\\* " $expect_out(1,string) {} junk set prompt ".? ?$junk\[0-9]+ $expect_out(2,string)"; + regsub -all "\[\]\[\(\)]" $prompt {\\&} prompt; set platform "extreme" } -re "^.+$prompt" { set junk $expect_out(0,string); - regsub -all "\[\]\[]" $junk {\\&} prompt; - } - -re "^.+> \\\(enable\\\)" { - set junk $expect_out(0,string); regsub -all "\[\]\[\(\)]" $junk {\\&} prompt; } } From heas at shrubbery.net Wed Mar 4 22:57:12 2009 From: heas at shrubbery.net (john heasley) Date: Wed, 4 Mar 2009 22:57:12 +0000 Subject: [rancid] Re: Rancid 2.3.1 shows diff versions even when nothing has changed....hmm In-Reply-To: <917148240903040833tdc0408ao52307f332ceb83ac@mail.gmail.com> References: <917148240903040833tdc0408ao52307f332ceb83ac@mail.gmail.com> Message-ID: <20090304225712.GF23669@shrubbery.net> Wed, Mar 04, 2009 at 09:33:19AM -0700, Travis Zadikem: > I am running rancid 2.3.1 (new install) and if I do a rancid-run it works > just fine, but if I run the same command a second time on it will show a > version different on some of the switches even though no change has been > done on the switch. For this to be truly effective I was wondering what the > fix is. Here is a sample of what it shows. It looks the problem is some > sort of wrapping issue. Any ideas? Thanks! Please try the attached clogin patch. One or two folks said that a version of this fixes this problem for them. If folks would confirm that it doesn't break SAN/PIX/ASA, catalysts, Cisco Nexus, Redback and Juniper ERX...I'd feel far more comfortable with comitting it. From heas at shrubbery.net Wed Mar 4 23:08:01 2009 From: heas at shrubbery.net (john heasley) Date: Wed, 4 Mar 2009 23:08:01 +0000 Subject: [rancid] Re: Foundry and SSH In-Reply-To: <41BBAE5132ABA54BB2BA8716254F03D60155A122@1104MILPEV.corp.hydroone.com> References: <49625191.7020106@illinois.edu> <41BBAE5132ABA54BB2BA8716254F03D60155A122@1104MILPEV.corp.hydroone.com> Message-ID: <20090304230801.GI23669@shrubbery.net> Wed, Mar 04, 2009 at 12:41:28PM -0500, Atif.SIDDIQUI at HydroOne.com: > Hello, > > I have just set up rancid for the first time and I am having problems > getting it to successfully pull configs from a Foundry device over SSH. > This same device works properly over telnet but I get the following when > switching to SSH. > > starting: Mon Jan 5 12:22:23 CST 2009 > > > Trying to get all of the configs. > x.x.x.x: missed cmd(s): show chassis,show module,show flash,write term > x.x.x.x: End of run not found > > Running bin/flogin x.x.x.x works just fine and I'm able to run commands, > but when run from the script it simply doesn't work. The device is an > MLX running 3.9.00a code. > > Any ideas? Please try the patch below from Nick Buraglio; I do not understand why this patch fixes the problem, but I haven't asked for debug output either. so, please send (to me, not the list) the output of flogin -d 'show version;show chassis;show module;show flash;\ write term;show running-config' host > output http://www.shrubbery.net/pipermail/rancid-discuss/2009-February/003734.html From heas at shrubbery.net Wed Mar 4 23:22:57 2009 From: heas at shrubbery.net (john heasley) Date: Wed, 4 Mar 2009 23:22:57 +0000 Subject: [rancid] Re: Rancid 2.3.1 shows diff versions even when nothing has changed....hmm In-Reply-To: <20090304225712.GF23669@shrubbery.net> References: <917148240903040833tdc0408ao52307f332ceb83ac@mail.gmail.com> <20090304225712.GF23669@shrubbery.net> Message-ID: <20090304232257.GK23669@shrubbery.net> Wed, Mar 04, 2009 at 10:57:12PM +0000, john heasley: > Wed, Mar 04, 2009 at 09:33:19AM -0700, Travis Zadikem: > > I am running rancid 2.3.1 (new install) and if I do a rancid-run it works > > just fine, but if I run the same command a second time on it will show a > > version different on some of the switches even though no change has been > > done on the switch. For this to be truly effective I was wondering what the > > fix is. Here is a sample of what it shows. It looks the problem is some > > sort of wrapping issue. Any ideas? Thanks! > > Please try the attached clogin patch. One or two folks said that a version > of this fixes this problem for them. > > If folks would confirm that it doesn't break SAN/PIX/ASA, catalysts, Cisco > Nexus, Redback and Juniper ERX...I'd feel far more comfortable with comitting > it. Once again, this time with the attachment. -------------- next part -------------- ? ciscoips ? grancid.in ? ipslogin ? tlogin.in.badmerge Index: clogin.in =================================================================== RCS file: /home/rancid/.CVS/rancid/bin/clogin.in,v retrieving revision 1.131 diff -d -u -r1.131 clogin.in --- clogin.in 4 Mar 2009 22:46:11 -0000 1.131 +++ clogin.in 4 Mar 2009 23:22:49 -0000 @@ -868,9 +868,13 @@ if [ regexp -- ".*> .*enable" "$prompt" ] { send "set length 0\r" expect -re $prompt {} + send "set width 80\r" + expect -re $prompt {} send "set logging session disable\r" } else { send "terminal length 0\r" + expect -re $prompt {} + send "terminal width 80\r" } expect -re $prompt {} source $sfile From WModderman at asp4all.nl Thu Mar 5 11:53:05 2009 From: WModderman at asp4all.nl (Wijnand Modderman) Date: Thu, 5 Mar 2009 12:53:05 +0100 Subject: [rancid] Re: cvs issues after migration In-Reply-To: <20090304185330.GD26160@shrubbery.net> References: <0DB8FB49DE49AF458171561378E35F931D62313D41@ASD2WIN170VM.office.ds.asp4all.local> <370BD08812250148A3EC9CFC41A6D601016DE037F8@EXCHANGE1.orm.omniture.com> <20090304185330.GD26160@shrubbery.net> Message-ID: <0DB8FB49DE49AF458171561378E35F931D6585AF3C@ASD2WIN170VM.office.ds.asp4all.local> > > The versions in your CVS repository do not match those in the > rancid/var//configs/CVS directories. If everything was setup > properly in the migration, this can be fixed by go into each > rancid/var//configs directory and running 'cvs update' to bring > those copies in line with the repository. > > > > See the rancid faq and/or the CVS documentation for further info. > > Right; my guess would be that rancid ran while he copied the CVS > repository. Indeed, after running "cvs update" on all groups and manually resolving the merge conflicts rancid is running again. Thanks for the quick replies, appreciated! Regards, Wijnand Modderman Linux Engineer General Caveat "The information provided in this e-mail is forwarded through the electronic medium Internet and may therefore be subject to unforeseen manipulation or distortion by third parties. It should therefore not be relied on. Before any action is taken or refrained from on basis of the above information, the content should be verified. Please note that e-mail traffic through the Internet does not guarantee confidentiality. Confidential information should therefore not be provided to ASP4all through Internet e-mail. ASP4all denies any responsibility for damages as a result of the use of e-mail messages." From brett.simpson at sykes.com Fri Mar 6 14:23:21 2009 From: brett.simpson at sykes.com (Simpson, Brett) Date: Fri, 6 Mar 2009 09:23:21 -0500 Subject: [rancid] SSH process hangs using cron with Aruba devices Message-ID: I setup a custom expect based on the Cisco ones and can do a successful backup of the Aruba devices. The only real different if I added some extra filter to remove some unneeded lines. This works fine if I do it manually while SSH'ed into the Rancid server but if I run it through cron the ssh instances hang. I saw a number of posts on similar issues but haven't had much luck in fixing. Any ideas? Centos 5.2 i386 rancid-2.3.2a9 Thanks, Brett -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20090306/fde61212/attachment.html From heas at shrubbery.net Fri Mar 6 19:25:32 2009 From: heas at shrubbery.net (john heasley) Date: Fri, 6 Mar 2009 11:25:32 -0800 Subject: [rancid] Re: SSH process hangs using cron with Aruba devices In-Reply-To: References: Message-ID: <20090306192532.GO7789@shrubbery.net> Fri, Mar 06, 2009 at 09:23:21AM -0500, Simpson, Brett: > I setup a custom expect based on the Cisco ones and can do a successful > backup of the Aruba devices. The only real different if I added some > extra filter to remove some unneeded lines. This works fine if I do it > manually while SSH'ed into the Rancid server but if I run it through > cron the ssh instances hang. I saw a number of posts on similar issues > but haven't had much luck in fixing. Any ideas? TERM setting? didnt apply expect patch from rancid web site? other timing related issue in expect regexes? > > > Centos 5.2 i386 > > rancid-2.3.2a9 > > > > Thanks, > > Brett > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From brett.simpson at sykes.com Fri Mar 6 20:19:30 2009 From: brett.simpson at sykes.com (Brett Simpson) Date: Fri, 06 Mar 2009 15:19:30 -0500 Subject: [rancid] Re: SSH process hangs using cron with Aruba devices In-Reply-To: <20090306192532.GO7789@shrubbery.net> References: <20090306192532.GO7789@shrubbery.net> Message-ID: <1236370770.16554.6.camel@localhost.localdomain> On Fri, 2009-03-06 at 14:25 -0500, john heasley wrote: > Fri, Mar 06, 2009 at 09:23:21AM -0500, Simpson, Brett: > > I setup a custom expect based on the Cisco ones and can do a > successful > > backup of the Aruba devices. The only real different if I added some > > extra filter to remove some unneeded lines. This works fine if I do > it > > manually while SSH'ed into the Rancid server but if I run it through > > cron the ssh instances hang. I saw a number of posts on similar > issues > > but haven't had much luck in fixing. Any ideas? > > TERM setting? When I SSH in manually it's TERM=xterm. For cron I put env in a script and I can't see a TERM but I had tried doing TERM=xterm, TERM=vt100, TERM=linux from a bash script and then execute rancid-run group but it still hangs. > didnt apply expect patch from rancid web site? No I didn't but I'm using the expect-5.43.0-5.1 rpm. Should I compile the expect-5.40.1_hack2.tar.gz on the rancid website? > other timing related issue in expect regexes? Don't think so. When I run them manually they work fine every time and are quick. > > > > > > > Centos 5.2 i386 > > > > rancid-2.3.2a9 > > > > > > > > Thanks, > > > > Brett > > From stephenn at wightman.ca Wed Mar 11 19:32:16 2009 From: stephenn at wightman.ca (Stephen Novotny) Date: Wed, 11 Mar 2009 15:32:16 -0400 Subject: [rancid] Question about retaining multiple versions of Cisco configs Message-ID: Hello, We are currently on the verge of deploying RANCID as a production system. Is there a way to retain a number of last good configs in the ../rancid/var//configs directory? Currently it retains a single config which I assume is overwritten when a change is observed. We would like to retain the last 3 revisions. Regards Stephen From mashcraft at omniture.com Wed Mar 11 19:42:36 2009 From: mashcraft at omniture.com (Mike Ashcraft) Date: Wed, 11 Mar 2009 13:42:36 -0600 Subject: [rancid] Re: Question about retaining multiple versions of Cisco configs In-Reply-To: References: Message-ID: <370BD08812250148A3EC9CFC41A6D601016E17843E@EXCHANGE1.orm.omniture.com> Rancid stores configurations in CVS (or SVN if you configure it to do so). This facilitates accessing the configuration from any time period, including the last 3 revisions, up to the amount of disk space you are willing to allocate for storage. Read up on how to use CVS to checkout and compare any current or previous configuration for each device. -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Stephen Novotny Sent: Wednesday, March 11, 2009 1:32 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Question about retaining multiple versions of Cisco configs Hello, We are currently on the verge of deploying RANCID as a production system. Is there a way to retain a number of last good configs in the ../rancid/var//configs directory? Currently it retains a single config which I assume is overwritten when a change is observed. We would like to retain the last 3 revisions. Regards Stephen _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From Todd at equivoice.com Wed Mar 11 19:56:17 2009 From: Todd at equivoice.com (Todd Heide) Date: Wed, 11 Mar 2009 14:56:17 -0500 Subject: [rancid] Re: Question about retaining multiple versions of Cisco configs In-Reply-To: References: Message-ID: <082FEA82DC985B4F8A6B412D5AC4E22001687760@exchange.Equivoice.local> You can setup ViewVC to view the diffs via web interface. I use that and its great, instant access for anyone who has authorization to view it. They don't need to know how to use CVS or need to have a login for the Linux box. Thanks Todd -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Stephen Novotny Sent: Wednesday, March 11, 2009 2:32 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Question about retaining multiple versions of Cisco configs Hello, We are currently on the verge of deploying RANCID as a production system. Is there a way to retain a number of last good configs in the ../rancid/var//configs directory? Currently it retains a single config which I assume is overwritten when a change is observed. We would like to retain the last 3 revisions. Regards Stephen _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From infotek at gmail.com Thu Mar 12 14:03:02 2009 From: infotek at gmail.com (Jason Ellison) Date: Thu, 12 Mar 2009 09:03:02 -0500 Subject: [rancid] rancid sending same diffs every time cron runs Message-ID: Hi, I'm running rancid-2.3.2a9 (modded) with CVS backend. Quite often rancid sends me the same cvs diffs every time the cron job runs. To fix it I have to remotely login and run rancid-run via an interactive shell. Host operating system is Slackware. Anyone seen this before? Jason Ellison From rtw at zcorum.com Mon Mar 16 18:27:11 2009 From: rtw at zcorum.com (Rob Wynne) Date: Mon, 16 Mar 2009 14:27:11 -0400 Subject: [rancid] RANCID reporting strange things after OS upgrade Message-ID: <1237228031.21613.24.camel@zen> We just upgraded the server which contains our RANCID install from Debian Etch to Debian Lenny. After the upgrade, the following oddity began: Every hour, when rancid-run is run by cron, the following email is produced for each group: From: rancid at fileserv.america.net To: rancid-@fileserv.america.net Subject: changes in routers Date: Mon, 16 Mar 2009 14:21:35 -0400 (EDT) Routers changed to down: Sometimes it will also include a "Routers changed to up:" line, but in neither case will it ever have an actual diff. The log file for the group looks clean: starting: Mon Mar 16 14:21:35 EDT 2009 Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs ending: Mon Mar 16 14:21:45 EDT 2009 Any idea how to troubleshoot this? I'm baffled. Best, Rob Wynne Senior Systems Administrator ISP Alliance, Inc. From infotek at gmail.com Tue Mar 17 17:53:50 2009 From: infotek at gmail.com (Jason Ellison) Date: Tue, 17 Mar 2009 12:53:50 -0500 Subject: [rancid] Re: rancid sending same diffs every time cron runs In-Reply-To: <49BE4A17.3070509@ercbroadband.org> References: <49BE4A17.3070509@ercbroadband.org> Message-ID: On Mon, Mar 16, 2009 at 7:46 AM, Mark wrote: > Jason Ellison wrote: >> Hi, >> >> ? I'm running rancid-2.3.2a9 (modded) with CVS backend. ?Quite often >> rancid sends me the same cvs diffs every time the cron job runs. ?To >> fix it I have to remotely login and run rancid-run via an interactive >> shell. ?Host operating system is Slackware. >> >> ? Anyone seen this before? > > Sadly I see this all the time on 2 rancid boxes we have here. ?I've not > tried that as a fix, my fix was to just rebuild CVS and have it start > over. ?However, I will try your fix and see if works for me. > > As for a true fix, you got me. > > Mark Do people using svn see the same issue? getting emails of diffs though nothing has changed? -Jason Ellison From nzamoeba at hotmail.com Tue Mar 17 19:25:34 2009 From: nzamoeba at hotmail.com (David Willson) Date: Wed, 18 Mar 2009 08:25:34 +1300 Subject: [rancid] Installation problem with rancid-cvs Message-ID: I'm installing rancid on a new box running Fedora 10 and come across an issue when it comes time to run the rancid-cvs command. I've been following this guide: http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch1_:_Network_Backups_With_Rancid First time around when I ran the rancid-cvs command I got an error about how cvs was unknown. A quick 'yum install cvs' fixed that up, so I ran it again. This time however I got no output at all, no error messages or confirmation text, just a new line and new command prompt, it didn't appear to do anything. I also checked to see if any of the folders had been created, they haven't. Thinking it may have been an issue with cvs not being installed from the start, I did another recompile/reinstall, but got the same issue, when I ran rancid-cvs nothing appeared to happen at all. How would I go about diagnosing/fixing this? Anyone familiar with the issue? I'm installing the latest a9 version. _________________________________________________________________ Who's buying you chocolate this easter? Find someone to be sweet to you at Match.com http://a.ninemsn.com.au/b.aspx?URL=http%3A%2F%2Fdating%2Enz%2Emsn%2Ecom%2Fchannel%2Findex%2Easpx%3Ftrackingid%3D1048628&_t=773568480&_r=nzWINDOWSliveMAILemailTAGLINES&_m=EXT -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20090318/f3a7b099/attachment.html From nzamoeba at hotmail.com Tue Mar 17 21:44:28 2009 From: nzamoeba at hotmail.com (David Willson) Date: Wed, 18 Mar 2009 10:44:28 +1300 Subject: [rancid] Re: Installation problem with rancid-cvs In-Reply-To: <8D68760F464FFD40A01BF2FB374E4A280165524E280A@SRVEXC02.aas.its.nja.dk> References: <8D68760F464FFD40A01BF2FB374E4A280165524E280A@SRVEXC02.aas.its.nja.dk> Message-ID: Running make uninstall and starting again from the 'configure' part of the guide still results in the same problem, is there something I can do to make sure I'm properly uninstalling everything? From: arla at rn.dk To: nzamoeba at hotmail.com Date: Tue, 17 Mar 2009 21:32:57 +0100 Subject: SV: [rancid] Installation problem with rancid-cvs I had the exact same problem, I reinstalled everything and then it worked fine. I'm using CentOS5 but that should be more or less the same. /Arne Fra: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] P? vegne af David Willson Sendt: 17. marts 2009 20:26 Til: rancid-discuss at shrubbery.net Emne: [rancid] Installation problem with rancid-cvs I'm installing rancid on a new box running Fedora 10 and come across an issue when it comes time to run the rancid-cvs command. I've been following this guide: http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch1_:_Network_Backups_With_Rancid First time around when I ran the rancid-cvs command I got an error about how cvs was unknown. A quick 'yum install cvs' fixed that up, so I ran it again. This time however I got no output at all, no error messages or confirmation text, just a new line and new command prompt, it didn't appear to do anything. I also checked to see if any of the folders had been created, they haven't. Thinking it may have been an issue with cvs not being installed from the start, I did another recompile/reinstall, but got the same issue, when I ran rancid-cvs nothing appeared to happen at all. How would I go about diagnosing/fixing this? Anyone familiar with the issue? I'm installing the latest a9 version. Find someone to be sweet to you at Match.com Who's buying you chocolate this easter? _________________________________________________________________ Find a way to cure that travel bug with MSN NZ Travel http://travel.msn.co.nz/ -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20090318/052ccd36/attachment.html From heas at shrubbery.net Tue Mar 17 21:54:53 2009 From: heas at shrubbery.net (john heasley) Date: Tue, 17 Mar 2009 21:54:53 +0000 Subject: [rancid] Re: rancid sending same diffs every time cron runs In-Reply-To: References: <49BE4A17.3070509@ercbroadband.org> Message-ID: <20090317215453.GR16566@shrubbery.net> Tue, Mar 17, 2009 at 12:53:50PM -0500, Jason Ellison: > On Mon, Mar 16, 2009 at 7:46 AM, Mark wrote: > > Jason Ellison wrote: > >> Hi, > >> > >> ? I'm running rancid-2.3.2a9 (modded) with CVS backend. ?Quite often > >> rancid sends me the same cvs diffs every time the cron job runs. ?To > >> fix it I have to remotely login and run rancid-run via an interactive > >> shell. ?Host operating system is Slackware. > >> > >> ? Anyone seen this before? > > > > Sadly I see this all the time on 2 rancid boxes we have here. ?I've not > > tried that as a fix, my fix was to just rebuild CVS and have it start > > over. ?However, I will try your fix and see if works for me. > > > > As for a true fix, you got me. > > > > Mark > > > Do people using svn see the same issue? getting emails of diffs > though nothing has changed? have you tried running the diff manually to see if its simply not up-to-date? cd /var/rancid/; svn diff From nzamoeba at hotmail.com Tue Mar 17 22:08:41 2009 From: nzamoeba at hotmail.com (David Willson) Date: Wed, 18 Mar 2009 11:08:41 +1300 Subject: [rancid] Re: Installation problem with rancid-cvs In-Reply-To: <20090317215303.GQ16566@shrubbery.net> References: <8D68760F464FFD40A01BF2FB374E4A280165524E280A@SRVEXC02.aas.its.nja.dk> <20090317215303.GQ16566@shrubbery.net> Message-ID: BINGO! deleting the CVS and networking (group) folders from /usr/local/rancid/var/ allowed rancid-cvs to run as intended, thank you! > you probably have some turds left behind. remove the CVS dirs under > /var/rancid (or whereever it ended-up); move the group dirs aside; run > rancid-cvs. _________________________________________________________________ Looking for a place to manage all your online stuff? Explore the new Windows Live http://www.windowslive.com/Explore -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20090318/8d769ba4/attachment.html From heas at shrubbery.net Tue Mar 17 22:14:37 2009 From: heas at shrubbery.net (john heasley) Date: Tue, 17 Mar 2009 22:14:37 +0000 Subject: [rancid] Re: Installation problem with rancid-cvs In-Reply-To: References: <8D68760F464FFD40A01BF2FB374E4A280165524E280A@SRVEXC02.aas.its.nja.dk> <20090317215303.GQ16566@shrubbery.net> Message-ID: <20090317221437.GS16566@shrubbery.net> Wed, Mar 18, 2009 at 11:08:41AM +1300, David Willson: > > BINGO! deleting the CVS and networking (group) folders from /usr/local/rancid/var/ allowed rancid-cvs to run as intended, thank you! > > > > > > you probably have some turds left behind. remove the CVS dirs under > > /var/rancid (or whereever it ended-up); move the group dirs aside; run > > rancid-cvs. WARNING: this is only the solution because he's just begun. Do not do this with a previously functioning installation. From infotek at gmail.com Wed Mar 18 14:07:12 2009 From: infotek at gmail.com (Jason Ellison) Date: Wed, 18 Mar 2009 09:07:12 -0500 Subject: [rancid] Fwd: Re: rancid sending same diffs every time cron runs In-Reply-To: References: <49BE4A17.3070509@ercbroadband.org> Message-ID: My lack of knowledge of cvs was no help her. cvs status and cvs update was trying to tell me it could not update because the file had been locally modified. cvs status root at monitor:/usr/local/rancid/var/wd/configs# cvs status cvs status: Examining . =================================================================== File: ru-wd-rt01.hq.util.local Status: Up-to-date Working revision: 1.6 Wed Mar 18 12:48:10 2009 Repository revision: 1.6 /usr/local/rancid/var/CVS/wd/configs/ru-wd-rt01.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sp01.hq.util.local Status: Up-to-date Working revision: 1.3 Wed Mar 18 12:47:56 2009 Repository revision: 1.3 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sp01.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sp02.hq.util.local Status: Up-to-date Working revision: 1.4 Wed Mar 18 12:47:57 2009 Repository revision: 1.4 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sp02.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sp03.hq.util.local Status: Up-to-date Working revision: 1.6 Wed Mar 18 12:47:56 2009 Repository revision: 1.6 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sp03.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sp04.hq.util.local Status: Locally Modified Working revision: 1.7 Tue Mar 17 18:47:56 2009 Repository revision: 1.7 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sp04.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sp05.hq.util.local Status: Up-to-date Working revision: 1.4 Wed Mar 18 12:48:03 2009 Repository revision: 1.4 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sp05.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sw01.hq.util.local Status: Locally Modified Working revision: 1.6 Tue Mar 17 12:48:03 2009 Repository revision: 1.6 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sw01.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sw02.hq.util.local Status: Locally Modified Working revision: 1.10 Mon Mar 16 22:48:01 2009 Repository revision: 1.10 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sw02.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sw03.hq.util.local Status: Up-to-date Working revision: 1.4 Wed Mar 18 12:48:04 2009 Repository revision: 1.4 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sw03.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sw04.hq.util.local Status: Up-to-date Working revision: 1.5 Wed Mar 18 12:48:09 2009 Repository revision: 1.5 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sw04.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko Showed that the problem files had been "Locally Modified". cvs update was not committing the information into the repository. cvs update was trying to tell me the same thing but i did not relise it. root at monitor:/usr/local/rancid/var/wd/configs# cvs update cvs update: Updating . M ru-wd-sp04.hq.riviera.local M ru-wd-sw01.hq.riviera.local M ru-wd-sw02.hq.riviera.local The "M" means locally modified. I found some information at "http://www.twobarleycorns.net/cvs_guide/CVS.html" that instructed me to run: cvs ci file1 file2 file3 in the cvs man page I found this : " import output import keeps you informed of its progress by printing a line for each file, preceded by one character indicating the status of the file: C file The file already exists in the repository but has been locally modi- fied; you will have to merge the changes. " This opened a vi editor that seemed to be wanting me to annotate something. quiting this did what seemed to be a forced update root at monitor:/usr/local/rancid/var/wd/configs# cvs ci ru-wd-sp04.hq.util.local ru-wd-sw01.hq.util.local ru-wd-sw02.hq.util.local Log message unchanged or not specified a)bort, c)ontinue, e)dit, !)reuse this message unchanged for remaining dirs Action: (continue) c Checking in ru-wd-sp04.hq.util.local; /usr/local/rancid/var/CVS/wd/configs/ru-wd-sp04.hq.util.local,v <-- ru-wd-sp04.hq.util.local new revision: 1.8; previous revision: 1.7 done Checking in ru-wd-sw01.hq.util.local; /usr/local/rancid/var/CVS/wd/configs/ru-wd-sw01.hq.util.local,v <-- ru-wd-sw01.hq.util.local new revision: 1.7; previous revision: 1.6 done Checking in ru-wd-sw02.hq.util.local; /usr/local/rancid/var/CVS/wd/configs/ru-wd-sw02.hq.util.local,v <-- ru-wd-sw02.hq.util.local new revision: 1.11; previous revision: 1.10 done Now it looks fixed for now: root at monitor:/usr/local/rancid/var/wd/configs# cvs diff cvs diff: Diffing . root at monitor:/usr/local/rancid/var/wd/configs# cvs status cvs status: Examining . =================================================================== File: ru-wd-rt01.hq.util.local Status: Up-to-date Working revision: 1.6 Wed Mar 18 13:48:10 2009 Repository revision: 1.6 /usr/local/rancid/var/CVS/wd/configs/ru-wd-rt01.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sp01.hq.util.local Status: Up-to-date Working revision: 1.3 Wed Mar 18 13:47:56 2009 Repository revision: 1.3 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sp01.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sp02.hq.util.local Status: Up-to-date Working revision: 1.4 Wed Mar 18 13:47:56 2009 Repository revision: 1.4 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sp02.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sp03.hq.util.local Status: Up-to-date Working revision: 1.6 Wed Mar 18 13:47:56 2009 Repository revision: 1.6 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sp03.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sp04.hq.util.local Status: Up-to-date Working revision: 1.8 Wed Mar 18 13:47:57 2009 Repository revision: 1.8 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sp04.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sp05.hq.util.local Status: Up-to-date Working revision: 1.4 Wed Mar 18 13:48:02 2009 Repository revision: 1.4 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sp05.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sw01.hq.util.local Status: Up-to-date Working revision: 1.7 Wed Mar 18 13:48:04 2009 Repository revision: 1.7 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sw01.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sw02.hq.util.local Status: Up-to-date Working revision: 1.11 Wed Mar 18 13:48:04 2009 Repository revision: 1.11 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sw02.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sw03.hq.util.local Status: Up-to-date Working revision: 1.4 Wed Mar 18 13:48:04 2009 Repository revision: 1.4 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sw03.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko =================================================================== File: ru-wd-sw04.hq.util.local Status: Up-to-date Working revision: 1.5 Wed Mar 18 13:48:07 2009 Repository revision: 1.5 /usr/local/rancid/var/CVS/wd/configs/ru-wd-sw04.hq.util.local,v Sticky Tag: (none) Sticky Date: (none) Sticky Options: -ko 2009/3/18 Peter Serwe : > No. I run svn and do not have the issue. > > I have found though, that the most frequently asked question that > comes across the rancid-discuss list are typically related to the repo > being out of date. > > It happened to me early on with my installation, svn info, or the > appropriate similar cvs command has been good about pointing out the > cause of the issue. > > In my case, svn up (update) fixed it for me, and it's never come back. > > Peter > > On Tue, Mar 17, 2009 at 10:53 AM, Jason Ellison wrote: >> On Mon, Mar 16, 2009 at 7:46 AM, Mark wrote: >>> Jason Ellison wrote: >>>> Hi, >>>> >>>> I'm running rancid-2.3.2a9 (modded) with CVS backend. Quite often >>>> rancid sends me the same cvs diffs every time the cron job runs. To >>>> fix it I have to remotely login and run rancid-run via an interactive >>>> shell. Host operating system is Slackware. >>>> >>>> Anyone seen this before? >>> >>> Sadly I see this all the time on 2 rancid boxes we have here. I've not >>> tried that as a fix, my fix was to just rebuild CVS and have it start >>> over. However, I will try your fix and see if works for me. >>> >>> As for a true fix, you got me. >>> >>> Mark >> >> >> Do people using svn see the same issue? getting emails of diffs >> though nothing has changed? >> >> -Jason Ellison >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >> > > > > -- > ???? > From Todd at equivoice.com Wed Mar 25 19:46:59 2009 From: Todd at equivoice.com (Todd Heide) Date: Wed, 25 Mar 2009 14:46:59 -0500 Subject: [rancid] Too many DIFFs Message-ID: <082FEA82DC985B4F8A6B412D5AC4E22001688274@exchange.Equivoice.local> Two of my AS5350 gateways are doffing every run, and it is nothing more than the placement of two lines. paramspace english language en paramspace english index 1 paramspace english index 1 paramspace english language en Those two lines flip on every run, getting too many diffs now to be useful. What do I do to prevent this? Thanks Todd -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20090325/40a29f23/attachment.html From daniel.medina at gmail.com Thu Mar 26 00:56:41 2009 From: daniel.medina at gmail.com (Daniel Medina) Date: Wed, 25 Mar 2009 20:56:41 -0400 Subject: [rancid] Re: Too many DIFFs In-Reply-To: <082FEA82DC985B4F8A6B412D5AC4E22001688274@exchange.Equivoice.local> References: <082FEA82DC985B4F8A6B412D5AC4E22001688274@exchange.Equivoice.local> Message-ID: <20090326005641.GA77538@monkey.local> On Wed, Mar 25, 2009 at 02:46:59PM -0500, Todd Heide wrote: > Two of my AS5350 gateways are doffing every run, and it is nothing more > than the placement of two lines. > > paramspace english language en > paramspace english index 1 > > paramspace english index 1 > paramspace english language en > > Those two lines flip on every run, getting too many diffs now to be > useful. What do I do to prevent this? If the lines are not valuable to you for any reason, you could suppress them from appearing in your output. Changes would likely go into rancid, similar to what's there for 'ntp clock-period', etc. -- Daniel Medina From tex at off.org Thu Mar 26 17:05:54 2009 From: tex at off.org (Austin Schutz) Date: Thu, 26 Mar 2009 10:05:54 -0700 Subject: [rancid] Re: Too many DIFFs In-Reply-To: <082FEA82DC985B4F8A6B412D5AC4E22001688274@exchange.Equivoice.local> References: <082FEA82DC985B4F8A6B412D5AC4E22001688274@exchange.Equivoice.local> Message-ID: <20090326100554.74155baf@toskin.off.org> On Wed, 25 Mar 2009 14:46:59 -0500 "Todd Heide" wrote: > Two of my AS5350 gateways are doffing every run, and it is nothing > more than the placement of two lines. > > > > paramspace english language en > > paramspace english index 1 > > > > paramspace english index 1 > > paramspace english language en you can insert a line in the config parsing section of rancid, something like: /^paramspace/ && ProcessHistory('PARAMSPACE',"valsort","",$_) && next; Austin From bootc at bootc.net Tue Mar 31 10:08:17 2009 From: bootc at bootc.net (Chris Boot) Date: Tue, 31 Mar 2009 11:08:17 +0100 Subject: [rancid] Adding a new device type Message-ID: <49D1EB91.2000607@bootc.net> All, I've just discovered RANCID after an entry on the SANS ISC blog (http://isc.sans.org/diary.html?storyid=6100) - very nice tool. I've set it up for our HP ProCurve switches (a mixture of 2810s and 2610s) and after a small struggle it's working really nicely, so thanks. We also use several MikroTik routers around the company, so I wanted to be able to add these to rancid. These aren't supported yet, so I wanted to add support for them, but I haven't a clue where to start. Can anyone give me a bit of an introduction please? Suffice to say they're nothing like Ciscos or HPs with their own CLI accessible by SSH or Telnet so they would need a whole new set of scripts to poll. Any hints would be really appreciated. Cheers, Chris From mashcraft at omniture.com Tue Mar 31 15:36:57 2009 From: mashcraft at omniture.com (Mike Ashcraft) Date: Tue, 31 Mar 2009 09:36:57 -0600 Subject: [rancid] Re: Adding a new device type In-Reply-To: <49D1EB91.2000607@bootc.net> References: <49D1EB91.2000607@bootc.net> Message-ID: <370BD08812250148A3EC9CFC41A6D60101772FCEEC@EXCHANGE1.orm.omniture.com> Chris, The quick basics: 1 -- Create an expect script similar to clogin that can connect to the device and run commands. You may be able to start with one of the existing *login scripts found in the bin directory, if they partially work on your device, to speed up the process. If you can find one that already works, use it. This would need to telnet in and the MikroTik interface is fairly simple. clogin might work for you with only minimal changes to address the format of the prompt. 2 -- create a perl script similar to rancid that uses the login expect script from the previous step to obtain the configuration and parse/sort it as needed to clean up the output. For example on the MikroTik this may just run the 'export' command and discard the login output and CLI prompt. 3 -- Add your new device type to rancid-fe 4 -- Setup the new devices in router.db using your new device type Good luck, Mike -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Chris Boot Sent: Tuesday, March 31, 2009 4:08 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Adding a new device type All, I've just discovered RANCID after an entry on the SANS ISC blog (http://isc.sans.org/diary.html?storyid=6100) - very nice tool. I've set it up for our HP ProCurve switches (a mixture of 2810s and 2610s) and after a small struggle it's working really nicely, so thanks. We also use several MikroTik routers around the company, so I wanted to be able to add these to rancid. These aren't supported yet, so I wanted to add support for them, but I haven't a clue where to start. Can anyone give me a bit of an introduction please? Suffice to say they're nothing like Ciscos or HPs with their own CLI accessible by SSH or Telnet so they would need a whole new set of scripts to poll. Any hints would be really appreciated. Cheers, Chris _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From paul at paulbuts.nl Tue Mar 31 17:16:43 2009 From: paul at paulbuts.nl (Paul Buts) Date: Tue, 31 Mar 2009 19:16:43 +0200 Subject: [rancid] Who made changes? Message-ID: <546904b0903311016qc2cd291s4311ed6b38dc577b@mail.gmail.com> Hi all, I installed Rancid in combination with FreeBSD CVSWeb on a Debian server. Everything is working, great! There is only one thing I want to know: is it possible to show who made the changes in telnet? At this moment the webpage is telling me that the unix user (who runned Rancid) has made the changes. For example, I have more telnet accounts. One for Paul and one for Peter. If Paul made one change, and Peter made two changes, I want that the webpage is telling me exactly who made a change. Any hints or keywords would be really appreciated. Thanks! Cheers, Paul -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20090331/42bb3f9b/attachment.html From cgauthier at mapscu.com Tue Mar 31 18:06:59 2009 From: cgauthier at mapscu.com (Chris Gauthier) Date: Tue, 31 Mar 2009 11:06:59 -0700 Subject: [rancid] Re: Who made changes? In-Reply-To: <546904b0903311016qc2cd291s4311ed6b38dc577b@mail.gmail.com> References: <546904b0903311016qc2cd291s4311ed6b38dc577b@mail.gmail.com> Message-ID: <0A9A5A2BC1C0A94C981AF5FCF2D2F338138A1146@mshin01.mapscu.com> Paul, That would be a fantastic feature. However, it is not possible to capture that specific information in most cases. In my network, for example, I run rancid every 15 minutes to capture changes. All it does is capture what changed. There is no specific mechanism to see who made the changes. That capability varies by vendor, operating system, and hardware platform. In other words, my Cisco 3845 can give me that information, but only with certain IOS versions. My Cisco 2950 cannot give me that information at all. Juniper routers can roll back committed configuration changes and have very detailed logging, but may not be able to easily tell you who did it. A Cisco 6509 may or may not report who made changes, depending on IOS version. In short, too many variables. Chris Gauthier, CCNA Network Administrator MaPS Credit Union PO Box 12398 Salem, OR 97309-0398 http://www.mapscu.com V: 503.375.2445 F: 503.779.1083 From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Paul Buts Sent: Tuesday, March 31, 2009 10:17 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Who made changes? Hi all, I installed Rancid in combination with FreeBSD CVSWeb on a Debian server. Everything is working, great! There is only one thing I want to know: is it possible to show who made the changes in telnet? At this moment the webpage is telling me that the unix user (who runned Rancid) has made the changes. For example, I have more telnet accounts. One for Paul and one for Peter. If Paul made one change, and Peter made two changes, I want that the webpage is telling me exactly who made a change. Any hints or keywords would be really appreciated. Thanks! Cheers, Paul -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20090331/ab10c739/attachment.html From heas at shrubbery.net Tue Mar 31 18:13:15 2009 From: heas at shrubbery.net (john heasley) Date: Tue, 31 Mar 2009 18:13:15 +0000 Subject: [rancid] Re: Who made changes? In-Reply-To: <546904b0903311016qc2cd291s4311ed6b38dc577b@mail.gmail.com> References: <546904b0903311016qc2cd291s4311ed6b38dc577b@mail.gmail.com> Message-ID: <20090331181314.GC4376@shrubbery.net> Tue, Mar 31, 2009 at 07:16:43PM +0200, Paul Buts: > Hi all, > > I installed Rancid in combination with FreeBSD CVSWeb on a Debian server. > Everything is working, great! > > There is only one thing I want to know: is it possible to show who made the > changes in telnet? At this moment the webpage is telling me that the unix > user (who runned Rancid) has made the changes. For example, I have more > telnet accounts. One for Paul and one for Peter. If Paul made one change, > and Peter made two changes, I want that the webpage is telling me exactly > who made a change. correlated changes to AAA command accounting records, the only reliable way. From Todd at equivoice.com Tue Mar 31 19:26:12 2009 From: Todd at equivoice.com (Todd Heide) Date: Tue, 31 Mar 2009 14:26:12 -0500 Subject: [rancid] Re: Who made changes? In-Reply-To: <546904b0903311016qc2cd291s4311ed6b38dc577b@mail.gmail.com> References: <546904b0903311016qc2cd291s4311ed6b38dc577b@mail.gmail.com> Message-ID: <082FEA82DC985B4F8A6B412D5AC4E2200170665B@exchange.Equivoice.local> You would need a AAA server with authentication and accounting setup to capture who did what and when. Cisco makes the ACS which is very good at AAA, but also expensive, an alternative is a Unix based Tacacs program that also does accounting. There is one I have used in the past before implementing a full ACS, it is called tac_plus with Web_UI. You can find it here, http://www.networkforums.net/ It has a built in web front to administer the accounts and logs. It uses MySQL. With this you can search the logs to see who made changes that correlate to the Rancid changes. Thanks Todd From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Paul Buts Sent: Tuesday, March 31, 2009 12:17 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Who made changes? Hi all, I installed Rancid in combination with FreeBSD CVSWeb on a Debian server. Everything is working, great! There is only one thing I want to know: is it possible to show who made the changes in telnet? At this moment the webpage is telling me that the unix user (who runned Rancid) has made the changes. For example, I have more telnet accounts. One for Paul and one for Peter. If Paul made one change, and Peter made two changes, I want that the webpage is telling me exactly who made a change. Any hints or keywords would be really appreciated. Thanks! Cheers, Paul -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20090331/6e609b79/attachment.html From kkadow at gmail.com Tue Mar 31 18:07:47 2009 From: kkadow at gmail.com (K K) Date: Tue, 31 Mar 2009 13:07:47 -0500 Subject: [rancid] Re: Who made changes? In-Reply-To: <546904b0903311016qc2cd291s4311ed6b38dc577b@mail.gmail.com> References: <546904b0903311016qc2cd291s4311ed6b38dc577b@mail.gmail.com> Message-ID: 2009/3/31 Paul Buts : > There is only one thing I want to know: is it possible to show who made the > changes in telnet? At this moment the webpage is telling me that the unix > user (who runned Rancid) has made the changes. For example, I have more > telnet accounts. One for Paul and one for Peter. If Paul made one change, > and Peter made two changes, I want that the webpage is telling me exactly > who made a change. > > Any hints or keywords would be really appreciated. Thanks! If Paul makes one change at noon, then Peter logs in at 4PM and makes two more, and then Rancid finally runs at 6PM, you'll get one change email, showing the sum of all changes and (usually) showing that Peter was the last one to make a change. One workaround to this is to enable SNMP traps and/or syslog on each device, and tie you trapper/syslogger into your rancid server. I have mine configured such that syslog-ng writes all events related to Cisco configuration changes to a directory change-events, into files named for the source device and hour of the day. Then each hour a cron job executes, reads the list of these files, and runs Rancid against the specific devices found. At the end of the script, it deletes any file in change-events older than 20 hours. This still won't catch every change by every user. For that, at least on Cisco, you can enable per-command logging.