[rancid] Re: Small patch for francid (to better permit minimally privileged rancid user)
john heasley
heas at shrubbery.net
Thu Jan 24 22:26:51 UTC 2008
Thu, Jan 24, 2008 at 09:58:56PM +0000, Jethro R Binks:
> On Thu, 24 Jan 2008, john heasley wrote:
>
> > > In the meantime, here is a small patch against francid 1.42 which is
> > > equivalent to some code in the Cisco rancid to run either of "show
> > > running-config" or "write term", whichever works - currently francid only
> > > tries to run the latter, but by default a priv level 5 ("read only") user
> > > can run little more than "show" commands. I could use the "privilege"
> > > command to re-assign "write term" to priv level 5, but since "show
> > > running-config" already works anyway, and there is a precedent in (cisco)
> > > rancid, why bother?
> >
> > old versions of the foundry code did not support 'show running', iirc.
> > The same for cisco.
>
> Must be very old! I've had BigIrons and others since around 2002 and I've
> always used "show run".
maybe I have memory rot....or maybe it just doesn't matter anymore. anyone?
They're such an administrative PITA that we've stopped using them.
> But anyway, there you go.
>
> Jethro.
>
>
> . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
> Jethro R Binks
> Computing Officer, IT Services
> University Of Strathclyde, Glasgow, UK
More information about the Rancid-discuss
mailing list