[rancid] Re: extreme issues
andy
andy at shady.org
Wed Apr 19 16:02:04 UTC 2006
Follow up to list:
----- Forwarded message from andy <andy at shady.org> -----
Date: Tue, 18 Apr 2006 20:52:32 +0100
From: andy <andy at shady.org>
To: john heasley <heas at shrubbery.net>
Subject: Re: extreme issues
Do you have enough info to look into this issue?
I can provide more if needed, Ive looked into it fairly closely now and I have to admit, without going right through
the code, I would not be able to solve the issue.
I did some testing today however, and it seems the issue exists with a "user" account and no tacacs.
I could only get clogin to work with the "admin" user using both versions 7.4 and the new 7.5.
cheers
On Sun, Apr 16, 2006 at 03:33:48PM +0000, john heasley wrote:
> can you show me the prompt/clogin without tacacs?
>
> Fri, Apr 14, 2006 at 07:04:16PM +0100, andy:
> > Hi,
> >
> > Ive been using rancid for quite some time now, and we decided to roll out tac_plus for auth on our extremes.
> > Basically, rancid then stopped working.
> >
> > Ive been using tac_plus for junipers for a while quite successfully. All good.
> > So, basically, I have a user called "look" that i use for rancid.
> >
> > This is the tac_plus conf for the look group:
> >
> > group = tier1
> > {
> > ## extreme tacacs configuration
> > default service = deny
> > cmd = show {
> > permit configuration
> > permit version
> > permit memory
> > permit switch
> > permit slot
> > permit diag
> > deny .*
> > }
> > cmd = disable {
> > permit clipaging
> > deny .*
> > }
> >
> > ## cli service for junipers
> > service = junos-exec
> > {
> > priv_lvl = 15
> > local-user-name = tier1
> > allow-commands = ""
> > allow-configuration = ""
> > deny-commands = "monitor|request|file"
> > deny-configuration = ""
> > }
> > }
> >
> > I was running the ports version of rancd when stuff broke but ive now downloaded the latest version.
> > It still appears fairly broken though with our new config. I know that the prompt changed when we moved from using an
> > admin user to a non-admin user.
> >
> > Is there a fix for the errors below.
> >
> > cheers
> >
> > this is the output when i try to run clogin
> >
> > carp:~$ ./clogin -c "show version;show version" tallaght-switch.internal.nw
> > tallaght-switch.internal.nw
> > spawn ssh -c 3des -x -l andy tallaght-switch.internal.nw
> > andy at tallaght-switch.internal.nw's password:
> >
> > ExtremeWare
> > Copyright (C) 1996-2003 Extreme Networks. All rights reserved.
> > ===============================================================
> >
> > Press the <tab> key at any time for completions.
> > Tallaght Summit 48si::1 > can't read "expect_out(2,string)": no such element in array
> > while executing
> > "set prompt ".? ?$junk\[0-9]+ $expect_out(2,string)""
> > invoked from within
> > "expect -nobrace -re {[
> > ]+} { exp_continue; } -re {^(.+:)1 >} { # stoopid extreme cmd-line numbers and
> > # prompt based on state of config changes..."
> > invoked from within
> > "expect {
> > -re "\[\r\n]+" { exp_continue; }
> > -re "^(.+:)1 $prompt" { # stoopid extreme cmd-line numbers and
> > # prompt based on state of config ch..."
> > ("foreach" body line 125)
> > invoked from within
> > "foreach router [lrange $argv $i end] {
> > set router [string tolower $router]
> > send_user "$router\n"
> >
> > # Figure out the prompt.
> > # autoenabl..."
> > (file "./clogin" line 686)
> > carp:~$ ./clogin -autoenable -c "show version;show version" tallaght-switch.internal.nw
> > tallaght-switch.internal.nw
> > spawn ssh -c 3des -x -l andy tallaght-switch.internal.nw
> > andy at tallaght-switch.internal.nw's password:
> >
> > ExtremeWare
> > Copyright (C) 1996-2003 Extreme Networks. All rights reserved.
> > ===============================================================
> >
> > Press the <tab> key at any time for completions.
> > Tallaght Summit 48si::1 >
> > ^C^C^Ccarp:~$ ./clogin -noenable -c "show version;show version" tallaght-switch.internal.nw
> > tallaght-switch.internal.nw
> > spawn ssh -c 3des -x -l andy tallaght-switch.internal.nw
> > andy at tallaght-switch.internal.nw's password:
> >
> > ExtremeWare
> > Copyright (C) 1996-2003 Extreme Networks. All rights reserved.
> > ===============================================================
> >
> > Press the <tab> key at any time for completions.
> > Tallaght Summit 48si::1 > can't read "expect_out(2,string)": no such element in array
> > while executing
> > "set prompt ".? ?$junk\[0-9]+ $expect_out(2,string)""
> > invoked from within
> > "expect -nobrace -re {[
> > ]+} { exp_continue; } -re {^(.+:)1 >} { # stoopid extreme cmd-line numbers and
> > # prompt based on state of config changes..."
> > invoked from within
> > "expect {
> > -re "\[\r\n]+" { exp_continue; }
> > -re "^(.+:)1 $prompt" { # stoopid extreme cmd-line numbers and
> > # prompt based on state of config ch..."
> > ("foreach" body line 125)
> > invoked from within
> > "foreach router [lrange $argv $i end] {
> > set router [string tolower $router]
> > send_user "$router\n"
> >
> > # Figure out the prompt.
> > # autoenabl..."
> > (file "./clogin" line 686)
> >
> >
> > --
> > andy andy at shady.org
> > -----------------------------------------------
> > Never argue with an idiot. They drag you down
> > to their level, then beat you with experience.
> > -----------------------------------------------
>
--
andy andy at shady.org
-----------------------------------------------
Never argue with an idiot. They drag you down
to their level, then beat you with experience.
-----------------------------------------------
----- End forwarded message -----
--
andy andy at shady.org
-----------------------------------------------
Never argue with an idiot. They drag you down
to their level, then beat you with experience.
-----------------------------------------------
More information about the Rancid-discuss
mailing list