[rancid] post-processing the diff listing before mailing?

Lee ler762 at gmail.com
Wed Sep 22 17:04:16 UTC 2010


Anyone like the idea of processing the diff listing before mailing it out?

I'd rather have rancid collect the configs and not mess with them -
ie: rancid.conf has
  FILTER_PWDS=NO
  NOCOMMSTR=NO
  ACLSORT=NO
but I don't want things like SNMP community strings or
encrypted/obfuscated passwords being mailed out..  So my idea is
post-processing the diff listing before emailing it out.  Which would
also let me know which configs changed so I could check the new
configs & mail out a 'local config standards violations' email :)

The code is really ugly, but as a proof of concept..

"control_rancid" line 447
# This has been different for different machines...
# Diff the directory and then checkin.
trap 'rm -fr $TMP $TMP.diff $DIR/routers.single;' 1 2 15
cd $DIR
if [ $RCSSYS = "cvs" ] ; then
    # --LR-- cvs -f diff -U 4 -ko | sed -e '/^RCS file: /d' -e '/^--- /d' \
    # --LR-- 4 is not enough, 8 seems a bit much so try 6
    cvs -f diff -U 6 -ko | sed -e '/^RCS file: /d' -e '/^--- /d' \
        -e '/^+++ /d' -e 's/^\([-+ ]\)/\1 /' >$TMP.diff
else
    svn diff | sed -e '/^+++ /d' -e 's/^\([-+ ]\)/\1 /' >$TMP.diff
fi

# --LR-- begin: check configs of changed devices
grep "^Index: " $TMP.diff |\
awk '/^Index: configs/{
  if ( ! got1 ) {
     printf("echo\necho\necho Config check results:\n~/bin/ckConfig.sh ")
     got1=1
  }
  printf("%s ", $2)
  }
  END{ if (got1) printf("\necho == results end ==\n") }
' >$TMP.doit
/bin/sh $TMP.doit >> $TMP.diff
~/bin/sanitize.sh $TMP.diff >$TMP.doit
/bin/mv $TMP.doit $TMP.diff
# --LR-- end:   check configs of changed devices

if [ $alt_mailrcpt -eq 1 ] ; then
    subject="router config diffs - courtesy of $mailrcpt"
else
    subject="router config diffs"
fi


Lee


More information about the Rancid-discuss mailing list