[rancid] post-processing the diff listing before mailing?
Lee
ler762 at gmail.com
Wed Sep 22 17:04:16 UTC 2010
Anyone like the idea of processing the diff listing before mailing it out?
I'd rather have rancid collect the configs and not mess with them -
ie: rancid.conf has
FILTER_PWDS=NO
NOCOMMSTR=NO
ACLSORT=NO
but I don't want things like SNMP community strings or
encrypted/obfuscated passwords being mailed out.. So my idea is
post-processing the diff listing before emailing it out. Which would
also let me know which configs changed so I could check the new
configs & mail out a 'local config standards violations' email :)
The code is really ugly, but as a proof of concept..
"control_rancid" line 447
# This has been different for different machines...
# Diff the directory and then checkin.
trap 'rm -fr $TMP $TMP.diff $DIR/routers.single;' 1 2 15
cd $DIR
if [ $RCSSYS = "cvs" ] ; then
# --LR-- cvs -f diff -U 4 -ko | sed -e '/^RCS file: /d' -e '/^--- /d' \
# --LR-- 4 is not enough, 8 seems a bit much so try 6
cvs -f diff -U 6 -ko | sed -e '/^RCS file: /d' -e '/^--- /d' \
-e '/^+++ /d' -e 's/^\([-+ ]\)/\1 /' >$TMP.diff
else
svn diff | sed -e '/^+++ /d' -e 's/^\([-+ ]\)/\1 /' >$TMP.diff
fi
# --LR-- begin: check configs of changed devices
grep "^Index: " $TMP.diff |\
awk '/^Index: configs/{
if ( ! got1 ) {
printf("echo\necho\necho Config check results:\n~/bin/ckConfig.sh ")
got1=1
}
printf("%s ", $2)
}
END{ if (got1) printf("\necho == results end ==\n") }
' >$TMP.doit
/bin/sh $TMP.doit >> $TMP.diff
~/bin/sanitize.sh $TMP.diff >$TMP.doit
/bin/mv $TMP.doit $TMP.diff
# --LR-- end: check configs of changed devices
if [ $alt_mailrcpt -eq 1 ] ; then
subject="router config diffs - courtesy of $mailrcpt"
else
subject="router config diffs"
fi
Lee
More information about the Rancid-discuss
mailing list