[rancid] backup problems with new element type
Tim Eberhard
xmin0s at gmail.com
Wed May 1 20:11:50 UTC 2013
I think I figured it out. The user account had a .cloginrc file in the home
directory. I also found a .cloginrc file within the rancid directory. Looks
like it was using the .clogin file in the rancid directory. I hadn't known
about that and I had been making my changes to the .clogin in the home
directory of the user.
Interesting behavior I didn't see documented anywhere.
Thanks for your help!
-Tim
On Wed, May 1, 2013 at 12:13 PM, Hughes, Doug <
Douglas.Hughes at deshawresearch.com> wrote:
> Hrm.. that is odd. I’d turn on debugging with panlogin and see what it’s
> actually trying to send. It sure does seem like it’s either a bad password
> or a failure to match the password prompt in some way.****
>
> ** **
>
> ** **
>
> *From:* rancid-discuss-bounces at shrubbery.net [mailto:
> rancid-discuss-bounces at shrubbery.net] *On Behalf Of *Tim Eberhard
> *Sent:* Wednesday, May 01, 2013 12:25 PM
> *To:* rancid-discuss at shrubbery.net
> *Subject:* [rancid] backup problems with new element type****
>
> ** **
>
> Rancid folks,****
>
> ** **
>
> I've hit a wall and I was hoping you all might be able to provide some
> insight. ****
>
> ** **
>
> In an attempt to get some palo alto firewalls added to rancid for config
> backup I'm having issues with rancid properly logging in.****
>
> ** **
>
> From the logs I see this for all the firewalls:****
>
> #****
>
> firewall1 panlogin error: Error: Check your passwd for firewall1****
>
> firewall1: missed cmd(s): show config running,set cli pager off,set cli
> configuration-output-format set,set cli scripting-mode on,show system info
> ****
>
> firewall1: End of run not found****
>
> #****
>
> ** **
>
> If I run it via CLI (sudo su - ranciduser before running it..) it
> completes correctly. Both are using the exact same clogin file as this
> works for a lot of routers and other firewalls. It's just specifically the
> palo alto firewalls that are failing. Suggestions on what to check or how
> to debug this behavior? ****
>
> ** **
>
> ** **
>
> #****
>
> [ranciduser at tools ~]$ /usr/local/rancid/bin/panrancid -d firewall1****
>
> executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager
> off;set cli configuration-output-format set;show system info;show config
> running" firewall1****
>
> line: firewall1****
>
> line: spawn ssh -c 3des -x -l ranciduser firewall1****
>
> line: Password:****
>
> line: Last login: Wed May 1 12:12:57 2013 from tools.removed.com****
>
> line: ranciduser at fw1(passive)>****
>
> line: ranciduser at fw1(passive)>****
>
> line: ranciduser at fw1(passive)> set ranciduser at fw1(passive)> set cli
> ranciduser at fw1(passive)> set cli scripting-mode ranciduser at fw1(passive)>
> set cli scripting-mode on****
>
> PROMPT MATCH: ranciduser at fw1\(passive\)[#>]****
>
> HIT COMMAND:ranciduser at fw1(passive)> set ranciduser at fw1(passive)> set cli
> ranciduser at fw1(passive)> set cli scripting-mode ranciduser at fw1(passive)>
> set cli scripting-mode on****
>
> COMMAND is: set cli scripting-mode on|EatCommand****
>
> HIT COMMAND:ranciduser at fw1(passive)> set cli pager off****
>
> COMMAND is: set cli pager off|EatCommand****
>
> HIT COMMAND:ranciduser at fw1(passive)> set cli configuration-output-format
> set****
>
> COMMAND is: set cli configuration-output-format set|EatCommand****
>
> HIT COMMAND:ranciduser at fw1(passive)> show system info****
>
> COMMAND is: show system info|ShowInfo****
>
> In ShowInfo:: ranciduser at fw1(passive)> show system info****
>
> HIT COMMAND:ranciduser at fw1(passive)> show config running****
>
> COMMAND is: show config running|ShowConfig****
>
> In ShowConfig: ranciduser at fw1(passive)> show config running****
>
> line:****
>
> exiting****
>
> #****
>
> ** **
>
> ** **
>
> Thanks for your help!****
>
> -Tim****
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20130501/5711b462/attachment.html>
More information about the Rancid-discuss
mailing list