RANCID on Ciscos with autocmd

Ed Ravin eravin at panix.com
Tue Jun 7 18:33:04 UTC 2005


On Tue, Jun 07, 2005 at 06:25:10PM +0200, Erik Wenzel wrote:
> ...  But it is possible to fetch a
> "sh start" with a non 15 privilege. I have written a patch for that.
> With this patch your able to activate "CISCO_LOWER_PRIV" and receive
> "startup-config"s. Read rancid.conf(5) with the installed patch.

+if (!defined ($ENV{CISCO_LOWER_PRIV})) {
+       %commands=(
+               'show version'          => "ShowVersion",
+               'show redundancy secondary'     => "ShowRedundancy",
+               'show idprom backplane',        => "ShowIDprom",


The rancid code already keeps two copies of the config commands - with
your patch, it becomes four.  That makes an existing code maintenance
problem worse.

A much simpler way to do what you want is below.  Note that your
strategy doesn't necessarily catch all changes - someone could change
the running-config but neglect to save it to the startup config.

-------------------------

diff -u -r1.2 rancid
--- rancid      2005/06/04 05:53:45     1.2
+++ rancid      2005/06/07 18:22:50
@@ -1616,6 +1616,17 @@
        "show running-config",
        "write term"
 );
+
+    # If $CISCO_LOWER_PRIV is enabled, use 'show config' instead of
+    # 'write terminal', since that's all we'll be able to get when
+    # we don't have priv level 15.
+
+    if (defined($ENV{'CISCO_LOWER_PRIV'})) {
+         $commands[$#commands]= "show config"; # replace last element in array
+         delete $commands{'write term'};
+         $commands{'show config'}= "WriteTerm";
+    }
+
 $cisco_cmds=join(";", at commands);
 $cmds_regexp=join("|", at commands);




More information about the Rancid-discuss mailing list