[rancid] Re: Not working rancid with Cisco without enable.
Per-Olof Olsson
peo at chalmers.se
Sat Jun 19 08:18:20 UTC 2010
john heasley skrev 2010-06-15 20:20:
> Tue, Jun 15, 2010 at 10:38:11AM +0400, Aleksey P:
>> Hello.
>>
>>>> ]# cat /usr/local/libexec/rancid/172.16.2.2.new
>>>>> !RANCID-CONTENT-TYPE: cisco
>>>>> !
>>>>> !
>>>>> !
>>>>> !
>>>>> and that is all that in this file.
>>>
>>>> and what is in the 172.16.2.2.raw file?
>>>
>>
>> Nothing, that's all - only one line " !RANCID-CONTENT-TYPE: cisco" and
>> that's all.
>
> thats 172.16.2.2.new, not 172.16.2.2.raw.
>
>>> it must have show version.
>> I am not sure i understand you right. In rancid file i must use 'show
>> version'?
>
> yes, it must include show version since its used in writeterm, at least
> for some platforms.
>>
>>> the rancid script shouldnt care about which prompt it shows, but in
>>> general, enable mode is required.
>> But in theory - can rancid work with Cisco device w/o 'enable'?
>
> some commands require higher privledges. if you eliminate those that
> do, then it'd work.
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
Sorry but it will not work to use rancid for unpriv level, and ">"-prompt.
After some try to grab all open information in unpriv mode from cisco
switches, there have to be some changes to fix a working script.
I add a new switch type/script where I replase all "return(-1)" abort on
"authorization failed" to "retrun(1)" continue on "authorization
failed". See included diff for rancid to rancid_noen
Add -noenabler to clogin command to not have to change in my running
.cloginrc settings
To run cisco rancid script in unpriv mode, there must be some code
update to find >-prompt and to match commands (cmds_regexp) with
>-prompt. Today rancid script only match for #-prompt.
Notice that "show running-config" in nopriv gives error text
"% Invalid input detected at '^' marker."
and you have to set "found_end" before exit "write terminal" parsing
else you will not get a clean run.
If I don't have access to "show running" there is left one
extra line "more system:running-config" in output.
Can't understand to remove that extra line from my rancid_noen just now.
If I run my rancid_noen vs. rancid using full priv there is no diffs in
outputs to switch files.
/Peo
----------------------------------------------------------
Per-Olof Olsson Email: peo at chalmers.se
Chalmers tekniska högskola IT-service
Hörsalsvägen 5 412 96 Göteborg
Tel: 031/772 6738 Fax: 031/772 8680
----------------------------------------------------------
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: rancid_noen-diff.txt
Url: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100619/c64778b7/attachment.txt
More information about the Rancid-discuss
mailing list