From heas at shrubbery.net Sun Mar 1 09:29:33 2015 From: heas at shrubbery.net (heasley) Date: Sun, 1 Mar 2015 09:29:33 +0000 Subject: [rancid] Cisco troubles In-Reply-To: References: Message-ID: <20150301092933.GA19787@shrubbery.net> Sat, Feb 28, 2015 at 12:02:01PM -0500, Ryan Milton: > I have two Cisco 3750s... one is behaving on the updates. > > This second keeps sending back odd messages: > > > Index: configs/192.168.80.1 > =================================================================== > - -- configs/192.168.80.1 (revision 66) > @@ -40,7 +40,6 @@ > !Flash: 32514048 bytes total (9830400 bytes free) > ! > !Flash: nvram: Translating "l"...domain server (255.255.255.255) > - !Flash: sec-disk2: Translating "l"...domain server (255.255.255.255) > ! > !NAME: "Cat37xx Stacking", DESCR: "Catalyst 37xx Switch Stack" > !NAME: "1", DESCR: "WS-C3750G-48TS" > > Is this just a "no ip domain-lookup" issue, or something else? does 'dir nvram: /all' produce that message? I can not imagine why it might. or why it would be sending dns requests to that address. maybe try running the commands that rancid does (rancid -t cisco -C) to see where that error appears in the output. From heas at shrubbery.net Sun Mar 1 09:32:04 2015 From: heas at shrubbery.net (heasley) Date: Sun, 1 Mar 2015 09:32:04 +0000 Subject: [rancid] Cisco ASA 5585 mufti context In-Reply-To: <54F1FC07.5000304@uvm.edu> References: <54F1FC07.5000304@uvm.edu> Message-ID: <20150301093204.GB19787@shrubbery.net> Sat, Feb 28, 2015 at 12:33:59PM -0500, Michael T. Voity: > I have 3 of my 7 contexts that are barking about these changes every > couple hours, even thought the changes haven't been made - > > 2300 email: > > Index: configs/active-dir-asa > =================================================================== > retrieving revision 1.220 > diff -U 4 -r1.220 active-dir-asa > @@ -829,6 +829,7 @@ > privilege cmd level 2 mode exec command show > privilege show level 2 mode exec command nameif > privilege show level 2 mode exec command object-group > privilege show level 2 mode exec command access-list > + privilege show level 2 mode configure command access-list > privilege cmd level 2 mode configure command enable > : end is it always the same line? always just one line in the entire config? From mvoity at uvm.edu Sun Mar 1 14:33:22 2015 From: mvoity at uvm.edu (Michael T. Voity) Date: Sun, 1 Mar 2015 09:33:22 -0500 Subject: [rancid] Cisco ASA 5585 mufti context In-Reply-To: <20150301093204.GB19787@shrubbery.net> References: <54F1FC07.5000304@uvm.edu> <20150301093204.GB19787@shrubbery.net> Message-ID: It's always the same line. I have other firewalls too that don't do this. Just these 3... Mike > On Mar 1, 2015, at 04:32, heasley wrote: > > Sat, Feb 28, 2015 at 12:33:59PM -0500, Michael T. Voity: >> I have 3 of my 7 contexts that are barking about these changes every >> couple hours, even thought the changes haven't been made - >> >> 2300 email: >> >> Index: configs/active-dir-asa >> =================================================================== >> retrieving revision 1.220 >> diff -U 4 -r1.220 active-dir-asa >> @@ -829,6 +829,7 @@ >> privilege cmd level 2 mode exec command show >> privilege show level 2 mode exec command nameif >> privilege show level 2 mode exec command object-group >> privilege show level 2 mode exec command access-list >> + privilege show level 2 mode configure command access-list >> privilege cmd level 2 mode configure command enable >> : end > > is it always the same line? always just one line in the entire config? From heas at shrubbery.net Sun Mar 1 16:18:41 2015 From: heas at shrubbery.net (heasley) Date: Sun, 1 Mar 2015 16:18:41 +0000 Subject: [rancid] Error with 10 character prompts In-Reply-To: <20150301161745.A65C39204A@sea.shrubbery.net> <7E15AA31-38B2-42FA-8BA2-518A7F08B5B7@pofp.com> Message-ID: <20150301161841.GB27025@shrubbery.net> Sat, Feb 28, 2015 at 12:18:17AM +0000, Michael Newton: > I?ve come across a bit of an odd problem in clogin, I believe it shows up > with prompts that are ten characters long, and the tenth character would > need escaping if it were put in a regex. > > I modified clogin to show me what it was building for a prompt and this is > what I saw: > > (ThisLong) # > reprompt is $ThisLong\([^#>\r\n]+)?[#>](\([^)\r\n]+$)? > > (ThisIsLonger) # > reprompt is $ThisIsLon([^#>\r\n]+)?[#>](\([^)\r\n]+$)? > > Notice on the shorter prompt, the parenthesis in the regex ends up being > escaped, I suspect because the prompt is being escaped and then trimmed. > The problem code is right near the top of run_commands(). indeed. This should fix it: Index: clogin.in =================================================================== --- clogin.in (revision 3045) +++ clogin.in (working copy) @@ -636,7 +636,9 @@ if { [string compare "extreme" "$platform"] } { # match cisco config mode prompts too, such as router(config-if)#, # but catalyst does not change in this fashion. - regsub -all {^(.{1,11}).*([#>])$} $prompt {\1([^#>\r\n]+)?[#>](\$[^)\\r\\n]+\$)?} reprompt + regsub -lineanchor -- {^(.{1,11}).*([#>])$} $prompt {\1} junk + regsub -all -- {[\\]$} $junk {} reprompt + append reprompt {([^#>\r\n]+)?[#>](\$[^)\\r\\n]+\$)?} } else { set reprompt $prompt } From ryanmilton74 at gmail.com Mon Mar 2 22:13:51 2015 From: ryanmilton74 at gmail.com (Ryan Milton) Date: Mon, 2 Mar 2015 17:13:51 -0500 Subject: [rancid] Cisco troubles In-Reply-To: <20150301092933.GA19787@shrubbery.net> References: <20150301092933.GA19787@shrubbery.net> Message-ID: No, -TX#dir nvram: Directory of nvram:/ 504 -rw- 11160 startup-config 505 ---- 1937 private-config 1 ---- 35 persistent-data 2 -rw- 585 IOS-Self-Sig#3838.cer 3 -rw- 0 ifIndex-table 4 -rw- 586 IOS-Self-Sig#3839.cer 5 -rw- 586 IOS-Self-Sig#383A.cer Ryan Douglass Milton On Sun, Mar 1, 2015 at 4:29 AM, heasley wrote: > Sat, Feb 28, 2015 at 12:02:01PM -0500, Ryan Milton: > > I have two Cisco 3750s... one is behaving on the updates. > > > > This second keeps sending back odd messages: > > > > > > Index: configs/192.168.80.1 > > =================================================================== > > - -- configs/192.168.80.1 (revision 66) > > @@ -40,7 +40,6 @@ > > !Flash: 32514048 bytes total (9830400 bytes free) > > ! > > !Flash: nvram: Translating "l"...domain server (255.255.255.255) > > - !Flash: sec-disk2: Translating "l"...domain server (255.255.255.255) > > ! > > !NAME: "Cat37xx Stacking", DESCR: "Catalyst 37xx Switch Stack" > > !NAME: "1", DESCR: "WS-C3750G-48TS" > > > > Is this just a "no ip domain-lookup" issue, or something else? > > does 'dir nvram: /all' produce that message? I can not imagine why it > might. or why it would be sending dns requests to that address. maybe > try running the commands that rancid does (rancid -t cisco -C) to see > where that error appears in the output. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From aaron at heyaaron.com Mon Mar 2 22:35:05 2015 From: aaron at heyaaron.com (Aaron C. de Bruyn) Date: Mon, 2 Mar 2015 14:35:05 -0800 Subject: [rancid] hlogin works, clogin fails: Why is clogin running? Message-ID: I have a handful of Procurve switches that need to be backed up. My router.db looks like this: usancddswt01;hp;up usancssswt01;hp;up uscmdprswt01;hp;up useugofswt01;hp;up usggzsdswt01;hp;up ushqzofswt01;hp;up uslog00swt01;hp;up usloginswt01;hp;up uslogofswt01;hp;up ...etc...snip... I can run: hlogin -c "show run" usancddswt01 ...and it connects, logs in, executes 'show run', and logs off...perfect. When I run rancid-run however, it seems to be running clogin instead of hlogin. Am I correct in thinking that hlogin should be running because router.db lists the switch type as 'hp'? Am I missing something? Thanks, -A From davee at ceu.ox.ac.uk Tue Mar 3 09:34:11 2015 From: davee at ceu.ox.ac.uk (Dave Ewart) Date: Tue, 3 Mar 2015 09:34:11 +0000 Subject: [rancid] hlogin works, clogin fails: Why is clogin running? In-Reply-To: References: Message-ID: <20150303093411.GY6696@pandora.ceu.ox.ac.uk> On Monday, 02.03.2015 at 14:35 -0800, Aaron C. de Bruyn wrote: > I have a handful of Procurve switches that need to be backed up. > > My router.db looks like this: > > usancddswt01;hp;up > usancssswt01;hp;up > uscmdprswt01;hp;up > useugofswt01;hp;up > usggzsdswt01;hp;up > ushqzofswt01;hp;up > uslog00swt01;hp;up > usloginswt01;hp;up > uslogofswt01;hp;up > ...etc...snip... > > I can run: > hlogin -c "show run" usancddswt01 > > ...and it connects, logs in, executes 'show run', and logs off...perfect. > > When I run rancid-run however, it seems to be running clogin instead of hlogin. > > Am I correct in thinking that hlogin should be running because > router.db lists the switch type as 'hp'? > > Am I missing something? The separator characters in router.db should be ':' not ';' ... ? Dave. -- Dave Ewart davee at ceu.ox.ac.uk Computing Manager, Cancer Epidemiology Unit University of Oxford N 51.7516, W 1.2152 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1530 bytes Desc: Digital signature URL: From tony at lavanauts.org Tue Mar 3 09:55:28 2015 From: tony at lavanauts.org (Antonio Querubin) Date: Mon, 02 Mar 2015 23:55:28 -1000 Subject: [rancid] hlogin works, clogin fails: Why is clogin running? In-Reply-To: <20150303093411.GY6696@pandora.ceu.ox.ac.uk> References: <20150303093411.GY6696@pandora.ceu.ox.ac.uk> Message-ID: <54F58510.2070200@lavanauts.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/02/2015 11:34 PM, Dave Ewart wrote: > On Monday, 02.03.2015 at 14:35 -0800, Aaron C. de Bruyn wrote: >> My router.db looks like this: >> >> usancddswt01;hp;up usancssswt01;hp;up uscmdprswt01;hp;up >> useugofswt01;hp;up usggzsdswt01;hp;up ushqzofswt01;hp;up >> uslog00swt01;hp;up usloginswt01;hp;up uslogofswt01;hp;up >> ...etc...snip... > The separator characters in router.db should be ':' not ';' ... ? That changed as of version 3.0 to ; to accomodate IPv6 addresses. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlT1hQ8ACgkQ9FT8fgmZXuwpWwCfXaRF4CquJQeaVEUHQZvNPx1t ENkAn3JW5Feo8LMLhTMtWF3OhYZyj4Bx =YtDY -----END PGP SIGNATURE----- From davee at ceu.ox.ac.uk Tue Mar 3 10:01:42 2015 From: davee at ceu.ox.ac.uk (Dave Ewart) Date: Tue, 3 Mar 2015 10:01:42 +0000 Subject: [rancid] hlogin works, clogin fails: Why is clogin running? In-Reply-To: <54F58510.2070200@lavanauts.org> References: <20150303093411.GY6696@pandora.ceu.ox.ac.uk> <54F58510.2070200@lavanauts.org> Message-ID: <20150303100142.GA6696@pandora.ceu.ox.ac.uk> On Monday, 02.03.2015 at 23:55 -1000, Antonio Querubin wrote: > On 03/02/2015 11:34 PM, Dave Ewart wrote: > > > > [...] > > > > The separator characters in router.db should be ':' not ';' ... ? > > That changed as of version 3.0 to ; to accomodate IPv6 addresses. Ah, well I've not got to that version yet: at least my comment wasn't entirely wasted, because *I've* learned something even if I wasn't helpful ;-) Dave. -- Dave Ewart davee at ceu.ox.ac.uk Computing Manager, Cancer Epidemiology Unit University of Oxford N 51.7516, W 1.2152 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1530 bytes Desc: Digital signature URL: From malmgren at skyfire.com Wed Mar 4 04:33:07 2015 From: malmgren at skyfire.com (Matt Almgren) Date: Tue, 3 Mar 2015 20:33:07 -0800 Subject: [rancid] How to ignore certain output? Message-ID: <361FC21836C35F4DA4C9D78CC732446102537D76846E@EXVMBX015-4.exch015.msoutlookonline.net> I've seen this question pass through this list a couple times, but I wasn't paying attention. I have this output from our f5 that rancid sees and is checking in the changes. The monitor state up and down is usually alternating (QA environment), so I'd like to ignore that line: Index: configs/sca-qa-lb001 =================================================================== - -- configs/sca-qa-lb001 (revision 7756) @@ -398,13 +398,13 @@ # } # 10.102.72.122:4241 { # node type pool member t - # monitor state down + # monitor state up # enable # inband inst disable # } # 10.102.72.122:4243 { # node type pool member t - # monitor state down + # monitor state up # enable # inband inst disable # } Index: configs/sca-qa-lb002 =================================================================== How and where do I configure rancid to ignore the lines that have "monitor state" in them? Thanks, Matt This message is being sent by Skyfire Labs, Inc. It is intended exclusively for the individuals and entities to which it is addressed. This communication, including any attachments, may contain information that is proprietary, privileged, confidential, or otherwise subject to restrictions on disclosure pursuant to applicable law. If you are not the named addressee, you are not authorized to read, print, retain copy or disseminate this message or any part of it. If you have received this message in error, please notify the sender immediately by email and delete all copies of this message. This message is protected by applicable legal privileges and is confidential. From malmgren at skyfire.com Wed Mar 4 05:16:46 2015 From: malmgren at skyfire.com (Matt Almgren) Date: Tue, 3 Mar 2015 21:16:46 -0800 Subject: [rancid] How to ignore certain output? In-Reply-To: <361FC21836C35F4DA4C9D78CC732446102537D76846E@EXVMBX015-4.exch015.msoutlookonline.net> References: <361FC21836C35F4DA4C9D78CC732446102537D76846E@EXVMBX015-4.exch015.msoutlookonline.net> Message-ID: <361FC21836C35F4DA4C9D78CC732446102537D768470@EXVMBX015-4.exch015.msoutlookonline.net> I should add, that I did modify f5rancid a while back based on a suggestion from this list, but that doesn't seem to be working: sub WriteTermTMSH { my($lines) = 0; print STDERR " In WriteTerm: $_" if ($debug); while () { tr/\015//d; next if (/^\s*$/); s/state down$/state up/i; # Ignore monitor down state, save the config as up. # end of config - hopefully. f5 does not have a reliable end-of-config # tag. if (/^$prompt/) { $found_end++; last; } return(-1) if (/command authorization failed/i); $lines++; if (/(bind-pw|encrypted-password|user-password-encrypted|passphrase) / && $filter_pwds >= 1) { ProcessHistory("ENABLE","","","# $1 \n"); next; } # catch anything that wasnt matched above. ProcessHistory("","","","$_"); } if ($lines < 3) { printf(STDERR "ERROR: $host configuration appears truncated.\n"); $found_end = 0; return(-1); } return(0); } ________________________________________ From: Rancid-discuss [rancid-discuss-bounces at shrubbery.net] On Behalf Of Matt Almgren [malmgren at skyfire.com] Sent: Tuesday, March 03, 2015 8:33 PM To: rancid-discuss at shrubbery.net Subject: [rancid] How to ignore certain output? I've seen this question pass through this list a couple times, but I wasn't paying attention. I have this output from our f5 that rancid sees and is checking in the changes. The monitor state up and down is usually alternating (QA environment), so I'd like to ignore that line: Index: configs/sca-qa-lb001 =================================================================== - -- configs/sca-qa-lb001 (revision 7756) @@ -398,13 +398,13 @@ # } # 10.102.72.122:4241 { # node type pool member t - # monitor state down + # monitor state up # enable # inband inst disable # } # 10.102.72.122:4243 { # node type pool member t - # monitor state down + # monitor state up # enable # inband inst disable # } Index: configs/sca-qa-lb002 =================================================================== How and where do I configure rancid to ignore the lines that have "monitor state" in them? Thanks, Matt This message is being sent by Skyfire Labs, Inc. It is intended exclusively for the individuals and entities to which it is addressed. This communication, including any attachments, may contain information that is proprietary, privileged, confidential, or otherwise subject to restrictions on disclosure pursuant to applicable law. If you are not the named addressee, you are not authorized to read, print, retain copy or disseminate this message or any part of it. If you have received this message in error, please notify the sender immediately by email and delete all copies of this message. This message is protected by applicable legal privileges and is confidential. _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss This message is being sent by Skyfire Labs, Inc. It is intended exclusively for the individuals and entities to which it is addressed. This communication, including any attachments, may contain information that is proprietary, privileged, confidential, or otherwise subject to restrictions on disclosure pursuant to applicable law. If you are not the named addressee, you are not authorized to read, print, retain copy or disseminate this message or any part of it. If you have received this message in error, please notify the sender immediately by email and delete all copies of this message. This message is protected by applicable legal privileges and is confidential. From heas at shrubbery.net Wed Mar 4 09:42:43 2015 From: heas at shrubbery.net (heasley) Date: Wed, 4 Mar 2015 09:42:43 +0000 Subject: [rancid] How to ignore certain output? In-Reply-To: <20150304094112.69C6CDDEC@sea.shrubbery.net> <361FC21836C35F4DA4C9D78CC732446102537D768470@EXVMBX015-4.exch015.msoutlookonline.net> Message-ID: <20150304094243.GA25098@shrubbery.net> Adjust for your script, but this should do it. Index: bin/f5rancid.in =================================================================== --- bin/f5rancid.in (revision 3038) +++ bin/f5rancid.in (working copy) @@ -502,6 +502,9 @@ /^ip nat (\S+) source static (\S+)/ && ProcessHistory("IP NAT $1","ipsort","$2","$_") && next; + # monitor state + /^\s+monitor state (\S+)/ && next; + # catch anything that wasnt matched above. ProcessHistory("","","","$_"); } From alan.mckinnon at gmail.com Wed Mar 4 13:52:12 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 4 Mar 2015 15:52:12 +0200 Subject: [rancid] How to ignore certain output? In-Reply-To: <361FC21836C35F4DA4C9D78CC732446102537D76846E@EXVMBX015-4.exch015.msoutlookonline.net> References: <361FC21836C35F4DA4C9D78CC732446102537D76846E@EXVMBX015-4.exch015.msoutlookonline.net> Message-ID: <20150304155212.08c3b8a3@hobbit> On Tue, 3 Mar 2015 20:33:07 -0800 Matt Almgren wrote: > I've seen this question pass through this list a couple times, but I > wasn't paying attention. > > I have this output from our f5 that rancid sees and is checking in > the changes. The monitor state up and down is usually alternating > (QA environment), so I'd like to ignore that line: > > Index: configs/sca-qa-lb001 > =================================================================== > - -- configs/sca-qa-lb001 (revision 7756) > @@ -398,13 +398,13 @@ > # } > # 10.102.72.122:4241 { > # node type pool member t > - # monitor state down > + # monitor state up > # enable > # inband inst disable > # } > # 10.102.72.122:4243 { > # node type pool member t > - # monitor state down > + # monitor state up > # enable > # inband inst disable > # } > Index: configs/sca-qa-lb002 > =================================================================== > > How and where do I configure rancid to ignore the lines that have > "monitor state" in them? heasley gave the exact patch you need lower donw in the thread, but I'll explain the general process, you need some basic understanding of perl. This is for 2.3, I haven't gotten around to using 3.x yet, I beleive the latest version is quite similar in this respect: You have to edit the script that does the actual parsing of the output from the device, and tell it there what to ignore. In the case of Cisco IOS devices, that script is "rancid", for your F5's it will be "f5rancid". In any event, look in rancid_fe to find which script is called for which device type in router.db Inside that script, you will usually find an array "@command_table" [1], this maps commands run on the device to subroutines in the script that deal with that command. Now edit that subroutine to throw away the lines you are not interested in. Taking heasley's example: /^\s+monitor state (\S+)/ && next; which means "if this line matches the regex, then skip it and go onto the next one". If you need something slightly more complex (eg the stuff you want to ignore is the first line plus a bunch more), then you must write slightly more complex perl. But it's all very easy and obvious and the code has hundreds of examples you can follow. [1] not all parser scripts do it this way, the author is free to wite their code any way they feel like. "rancid" is the original and first, so most new parsers follow the same template. If you are using a parser that doesn't, then you must read the code and figure it out. -- alan dot mckinnon at gmail dot com From malmgren at skyfire.com Wed Mar 4 15:44:12 2015 From: malmgren at skyfire.com (Matt Almgren) Date: Wed, 4 Mar 2015 07:44:12 -0800 Subject: [rancid] How to ignore certain output? In-Reply-To: <20150304155212.08c3b8a3@hobbit> References: <361FC21836C35F4DA4C9D78CC732446102537D76846E@EXVMBX015-4.exch015.msoutlookonline.net>, <20150304155212.08c3b8a3@hobbit> Message-ID: <361FC21836C35F4DA4C9D78CC732446102537D768471@EXVMBX015-4.exch015.msoutlookonline.net> Thanks Alan and Heasley! -- Matt ________________________________________ From: Rancid-discuss [rancid-discuss-bounces at shrubbery.net] On Behalf Of Alan McKinnon [alan.mckinnon at gmail.com] Sent: Wednesday, March 04, 2015 5:52 AM To: rancid-discuss at shrubbery.net Subject: Re: [rancid] How to ignore certain output? On Tue, 3 Mar 2015 20:33:07 -0800 Matt Almgren wrote: > I've seen this question pass through this list a couple times, but I > wasn't paying attention. > > I have this output from our f5 that rancid sees and is checking in > the changes. The monitor state up and down is usually alternating > (QA environment), so I'd like to ignore that line: > > Index: configs/sca-qa-lb001 > =================================================================== > - -- configs/sca-qa-lb001 (revision 7756) > @@ -398,13 +398,13 @@ > # } > # 10.102.72.122:4241 { > # node type pool member t > - # monitor state down > + # monitor state up > # enable > # inband inst disable > # } > # 10.102.72.122:4243 { > # node type pool member t > - # monitor state down > + # monitor state up > # enable > # inband inst disable > # } > Index: configs/sca-qa-lb002 > =================================================================== > > How and where do I configure rancid to ignore the lines that have > "monitor state" in them? heasley gave the exact patch you need lower donw in the thread, but I'll explain the general process, you need some basic understanding of perl. This is for 2.3, I haven't gotten around to using 3.x yet, I beleive the latest version is quite similar in this respect: You have to edit the script that does the actual parsing of the output from the device, and tell it there what to ignore. In the case of Cisco IOS devices, that script is "rancid", for your F5's it will be "f5rancid". In any event, look in rancid_fe to find which script is called for which device type in router.db Inside that script, you will usually find an array "@command_table" [1], this maps commands run on the device to subroutines in the script that deal with that command. Now edit that subroutine to throw away the lines you are not interested in. Taking heasley's example: /^\s+monitor state (\S+)/ && next; which means "if this line matches the regex, then skip it and go onto the next one". If you need something slightly more complex (eg the stuff you want to ignore is the first line plus a bunch more), then you must write slightly more complex perl. But it's all very easy and obvious and the code has hundreds of examples you can follow. [1] not all parser scripts do it this way, the author is free to wite their code any way they feel like. "rancid" is the original and first, so most new parsers follow the same template. If you are using a parser that doesn't, then you must read the code and figure it out. -- alan dot mckinnon at gmail dot com _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss This message is being sent by Skyfire Labs, Inc. It is intended exclusively for the individuals and entities to which it is addressed. This communication, including any attachments, may contain information that is proprietary, privileged, confidential, or otherwise subject to restrictions on disclosure pursuant to applicable law. If you are not the named addressee, you are not authorized to read, print, retain copy or disseminate this message or any part of it. If you have received this message in error, please notify the sender immediately by email and delete all copies of this message. This message is protected by applicable legal privileges and is confidential. From John.Livingston at Emulex.Com Wed Mar 4 17:52:43 2015 From: John.Livingston at Emulex.Com (John Livingston) Date: Wed, 4 Mar 2015 17:52:43 +0000 Subject: [rancid] Issue with nx-os after switch upgrades Message-ID: <6946EE17AE19494A97197FE4C50A7BE1687A5E53@CMEXMB1.ad.emulex.com> I have a set of MDS switches that yesterday were upgraded from SAN-OS 3.3 to NX-OS 5.2 and now the nxrancid script is failing with an "end of run not found" error message as shown below: ibmbc1-fc2: missed cmd(s): show running-config ibmbc1-fc2: missed cmd(s): show running-config ibmbc1-fc2: End of run not found ibmbc1-fc2: End of run not found ibmbc1-fc2: clean: 0, end: 0 !PROC_LOGS: ^ Any recommendations or advise on how to fix this? I have another 10 or so switches to go this weekend and don't want to lose backups on these. Currently running version 2.3.8 of rancid and using the stock nxrancid script. Thanks, John From alan.mckinnon at gmail.com Wed Mar 4 19:52:53 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 4 Mar 2015 21:52:53 +0200 Subject: [rancid] Issue with nx-os after switch upgrades In-Reply-To: <6946EE17AE19494A97197FE4C50A7BE1687A5E53@CMEXMB1.ad.emulex.com> References: <6946EE17AE19494A97197FE4C50A7BE1687A5E53@CMEXMB1.ad.emulex.com> Message-ID: <20150304215253.1e84eb71@hobbit> On Wed, 4 Mar 2015 17:52:43 +0000 John Livingston wrote: > I have a set of MDS switches that yesterday were upgraded from SAN-OS > 3.3 to NX-OS 5.2 and now the nxrancid script is failing with an "end > of run not found" error message as shown below: > > ibmbc1-fc2: missed cmd(s): show running-config > ibmbc1-fc2: missed cmd(s): show running-config > ibmbc1-fc2: End of run not found > ibmbc1-fc2: End of run not found > ibmbc1-fc2: clean: 0, end: 0 > !PROC_LOGS: ^ > > Any recommendations or advise on how to fix this? I have another 10 > or so switches to go this weekend and don't want to lose backups on > these. Currently running version 2.3.8 of rancid and using the stock > nxrancid script. John, There's no generic catch-all process or fix for this situation, and the printed output is essentialy useless. All it says is "something went wrong" but we already know that. Essentially, nxrancid can't make complete sense of the output and it's not finding where various parts (individual commands or perhaps everything) begin and end. We need more information: nxrancid -d where is the name in router.db - this will at least show what commands, if any, are being recognised. Then we will need to dig deeper and find out why. Then, one of the first things printed with -d is the full clogin command used by nxrancid. Run that, deleting out all the commands except show running-config and see what's going on. In my experience, I've found things like this: - Incorrect end-of-line characters at the end of a command output - No blank line adter the end of a command output when the parser expects one - Prompt redefined to something nxrancid can't parse - Odd characters in the login banner (including the notorious " and >) Alan -- alan.mckinnon at gmail.com From John.Livingston at Emulex.Com Wed Mar 4 22:08:38 2015 From: John.Livingston at Emulex.Com (John Livingston) Date: Wed, 4 Mar 2015 22:08:38 +0000 Subject: [rancid] Issue with nx-os after switch upgrades In-Reply-To: <20150304215253.1e84eb71@hobbit> References: <6946EE17AE19494A97197FE4C50A7BE1687A5E53@CMEXMB1.ad.emulex.com> <20150304215253.1e84eb71@hobbit> Message-ID: <6946EE17AE19494A97197FE4C50A7BE1687A635C@CMEXMB1.ad.emulex.com> Thanks guys! Here is the full output of the nxrancid -d script: [user at host1 ~]$ cd bin [user at host1 ~]$ nxrancid -d rv-ibmbc1-fc2 executing clogin -t 90 -c"term no monitor-force;show version;show version build-info all;show license;show license usage;show license host-id;show system redundancy status;show environment clock;show environment fan;show environment fex all fan;show environment temperature;show environment power;show boot;dir bootflash:;dir debug:;dir logflash:;dir slot0:;dir usb1:;dir usb2:;dir volatile:;show module;show module xbar;show inventory;show vtp status;show vlan;show debug;show cores vdc-all;show processes log vdc-all;show running-config" rv-ibmbc1-fc2 PROMPT MATCH: rv-ibmbc1-fc2# HIT COMMAND:rv-ibmbc1-fc2# term no monitor-force In RunCommand: rv-ibmbc1-fc2# term no monitor-force HIT COMMAND:rv-ibmbc1-fc2# show version In ShowVersion: rv-ibmbc1-fc2# show version TYPE = NXOS HIT COMMAND:rv-ibmbc1-fc2# show version build-info all In ShowVersionBuild: rv-ibmbc1-fc2# show version build-info all HIT COMMAND:rv-ibmbc1-fc2# show license In ShowLicense: rv-ibmbc1-fc2# show license HIT COMMAND:rv-ibmbc1-fc2# show license usage In ShowLicense: rv-ibmbc1-fc2# show license usage HIT COMMAND:rv-ibmbc1-fc2# show license host-id In ShowLicense: rv-ibmbc1-fc2# show license host-id HIT COMMAND:rv-ibmbc1-fc2# show system redundancy status In ShowRedundancy: rv-ibmbc1-fc2# show system redundancy status HIT COMMAND:rv-ibmbc1-fc2# show environment clock In ShowEnv: rv-ibmbc1-fc2# show environment clock HIT COMMAND:rv-ibmbc1-fc2# show environment fan In ShowEnv: rv-ibmbc1-fc2# show environment fan HIT COMMAND:rv-ibmbc1-fc2# show environment fex all fan In ShowEnv: rv-ibmbc1-fc2# show environment fex all fan HIT COMMAND:rv-ibmbc1-fc2# show environment temperature In ShowEnvTemp: rv-ibmbc1-fc2# show environment temperature HIT COMMAND:rv-ibmbc1-fc2# show environment power In ShowEnvPower: rv-ibmbc1-fc2# show environment power HIT COMMAND:rv-ibmbc1-fc2# show boot In ShowBoot: rv-ibmbc1-fc2# show boot HIT COMMAND:rv-ibmbc1-fc2# dir bootflash: In DirSlotN: rv-ibmbc1-fc2# dir bootflash: HIT COMMAND:rv-ibmbc1-fc2# dir debug: In DirSlotN: rv-ibmbc1-fc2# dir debug: HIT COMMAND:rv-ibmbc1-fc2# dir logflash: In DirSlotN: rv-ibmbc1-fc2# dir logflash: HIT COMMAND:rv-ibmbc1-fc2# dir slot0: In DirSlotN: rv-ibmbc1-fc2# dir slot0: HIT COMMAND:rv-ibmbc1-fc2# dir usb1: In DirSlotN: rv-ibmbc1-fc2# dir usb1: HIT COMMAND:rv-ibmbc1-fc2# dir usb2: In DirSlotN: rv-ibmbc1-fc2# dir usb2: HIT COMMAND:rv-ibmbc1-fc2# dir volatile: In DirSlotN: rv-ibmbc1-fc2# dir volatile: HIT COMMAND:rv-ibmbc1-fc2# show module In ShowModule: rv-ibmbc1-fc2# show module HIT COMMAND:rv-ibmbc1-fc2# show module xbar In ShowModule: rv-ibmbc1-fc2# show module xbar HIT COMMAND:rv-ibmbc1-fc2# show inventory In ShowInventory: rv-ibmbc1-fc2# show inventory HIT COMMAND:rv-ibmbc1-fc2# show vtp status In ShowVTP: rv-ibmbc1-fc2# show vtp status HIT COMMAND:rv-ibmbc1-fc2# show vlan In ShowVLAN: rv-ibmbc1-fc2# show vlan HIT COMMAND:rv-ibmbc1-fc2# show debug In ShowDebug: rv-ibmbc1-fc2# show debug HIT COMMAND:rv-ibmbc1-fc2# show cores vdc-all In ShowCores: rv-ibmbc1-fc2# show cores vdc-all HIT COMMAND:rv-ibmbc1-fc2# show processes log vdc-all In ShowProcLog: rv-ibmbc1-fc2# show processes log vdc-all rv-ibmbc1-fc2: show processes log vdc-all failed: -1 rv-ibmbc1-fc2: missed cmd(s): show running-config rv-ibmbc1-fc2: missed cmd(s): show running-config rv-ibmbc1-fc2: End of run not found rv-ibmbc1-fc2: End of run not found rv-ibmbc1-fc2: clean: 0, end: 0 !PROC_LOGS: ^ [user at host1 ~]$ And here's the output of clogin with just the "show running-config" command: [user at host1 ~]$clogin -t 90 -c:"show running-config" rv-ibmbc1-fc2 rv-ibmbc1-fc2 spawn ssh -c 3des -x -l user rv-ibmbc1-fc2 MDS Switch Password: Cisco Nexus Operating System (NX-OS) Software TAC support: http://www.cisco.com/tac Copyright (c) 2002-2014, Cisco Systems, Inc. All rights reserved. The copyrights to certain works contained in this software are owned by other third parties and used and distributed under license. Certain components of this software are licensed under the GNU General Public License (GPL) version 2.0 or the GNU Lesser General Public License (LGPL) Version 2.1. A copy of each such license is available at http://www.opensource.org/licenses/gpl-2.0.php and http://www.opensource.org/licenses/lgpl-2.1.php rv-ibmbc1-fc2# rv-ibmbc1-fc2# terminal length 0 rv-ibmbc1-fc2# terminal width 132 rv-ibmbc1-fc2# terminal-length 0 ^ % Invalid command at '^' marker. rv-ibmbc1-fc2# :show running-config ^ % Invalid command at '^' marker. rv-ibmbc1-fc2#exit Connection to rv-ibmbc1-fc2 closed. [user at host1 ~]$ Any help you can provide is much appreciated. Thanks, John From dan.w.anderson at gmail.com Wed Mar 4 22:38:39 2015 From: dan.w.anderson at gmail.com (Dan Anderson) Date: Wed, 4 Mar 2015 17:38:39 -0500 Subject: [rancid] Issue with nx-os after switch upgrades In-Reply-To: References: <6946EE17AE19494A97197FE4C50A7BE1687A5E53@CMEXMB1.ad.emulex.com> <20150304215253.1e84eb71@hobbit> <6946EE17AE19494A97197FE4C50A7BE1687A635C@CMEXMB1.ad.emulex.com> Message-ID: Sorry. Should have included the diff: --- nxrancid.orig 2014-09-24 10:02:46.017969251 -0400 +++ nxrancid 2014-09-24 10:03:06.039305060 -0400 @@ -660,7 +660,7 @@ next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /Line has invalid autocommand /; return(1) if /(Invalid input detected|Type help or )/; - return(-1) if (/\% Invalid command at /); + return(1) if (/\% Invalid command at /); return(-1) if (/\% Permission denied/); return(-1) if (/command authorization failed/i); On Wed, Mar 4, 2015 at 5:37 PM, Dan Anderson wrote: > I had a similar problem with nxrancid. I ended up modifying the script in > the ShowVersion sub to return(1) for Invalid input detected rather than -1. > > The issue is that some of the commands will only show up with certain > hardware ("show vdc all" doesn't work on anything other than a Nexus > 7000/7700) or unless certain features have been enabled ("show fex" only > works when "feature fex" has been enabled). It's a hack, but I thought that > it was the easiest solution without creating a command list for every > variable of hardware/configuration. > > On Wed, Mar 4, 2015 at 5:08 PM, John Livingston < > John.Livingston at emulex.com> wrote: > >> Thanks guys! Here is the full output of the nxrancid -d script: >> >> >> [user at host1 ~]$ cd bin >> [user at host1 ~]$ nxrancid -d rv-ibmbc1-fc2 >> executing clogin -t 90 -c"term no monitor-force;show version;show version >> build-info all;show license;show license usage;show license host-id;show >> system redundancy status;show environment clock;show environment fan;show >> environment fex all fan;show environment temperature;show environment >> power;show boot;dir bootflash:;dir debug:;dir logflash:;dir slot0:;dir >> usb1:;dir usb2:;dir volatile:;show module;show module xbar;show >> inventory;show vtp status;show vlan;show debug;show cores vdc-all;show >> processes log vdc-all;show running-config" rv-ibmbc1-fc2 >> PROMPT MATCH: rv-ibmbc1-fc2# >> HIT COMMAND:rv-ibmbc1-fc2# term no monitor-force >> In RunCommand: rv-ibmbc1-fc2# term no monitor-force >> HIT COMMAND:rv-ibmbc1-fc2# show version >> In ShowVersion: rv-ibmbc1-fc2# show version >> TYPE = NXOS >> HIT COMMAND:rv-ibmbc1-fc2# show version build-info all >> In ShowVersionBuild: rv-ibmbc1-fc2# show version build-info all >> HIT COMMAND:rv-ibmbc1-fc2# show license >> In ShowLicense: rv-ibmbc1-fc2# show license >> HIT COMMAND:rv-ibmbc1-fc2# show license usage >> In ShowLicense: rv-ibmbc1-fc2# show license usage >> HIT COMMAND:rv-ibmbc1-fc2# show license host-id >> In ShowLicense: rv-ibmbc1-fc2# show license host-id >> HIT COMMAND:rv-ibmbc1-fc2# show system redundancy status >> In ShowRedundancy: rv-ibmbc1-fc2# show system redundancy status >> HIT COMMAND:rv-ibmbc1-fc2# show environment clock >> In ShowEnv: rv-ibmbc1-fc2# show environment clock >> HIT COMMAND:rv-ibmbc1-fc2# show environment fan >> In ShowEnv: rv-ibmbc1-fc2# show environment fan >> HIT COMMAND:rv-ibmbc1-fc2# show environment fex all fan >> In ShowEnv: rv-ibmbc1-fc2# show environment fex all fan >> HIT COMMAND:rv-ibmbc1-fc2# show environment temperature >> In ShowEnvTemp: rv-ibmbc1-fc2# show environment temperature >> HIT COMMAND:rv-ibmbc1-fc2# show environment power >> In ShowEnvPower: rv-ibmbc1-fc2# show environment power >> HIT COMMAND:rv-ibmbc1-fc2# show boot >> In ShowBoot: rv-ibmbc1-fc2# show boot >> HIT COMMAND:rv-ibmbc1-fc2# dir bootflash: >> In DirSlotN: rv-ibmbc1-fc2# dir bootflash: >> HIT COMMAND:rv-ibmbc1-fc2# dir debug: >> In DirSlotN: rv-ibmbc1-fc2# dir debug: >> HIT COMMAND:rv-ibmbc1-fc2# dir logflash: >> In DirSlotN: rv-ibmbc1-fc2# dir logflash: >> HIT COMMAND:rv-ibmbc1-fc2# dir slot0: >> In DirSlotN: rv-ibmbc1-fc2# dir slot0: >> HIT COMMAND:rv-ibmbc1-fc2# dir usb1: >> In DirSlotN: rv-ibmbc1-fc2# dir usb1: >> HIT COMMAND:rv-ibmbc1-fc2# dir usb2: >> In DirSlotN: rv-ibmbc1-fc2# dir usb2: >> HIT COMMAND:rv-ibmbc1-fc2# dir volatile: >> In DirSlotN: rv-ibmbc1-fc2# dir volatile: >> HIT COMMAND:rv-ibmbc1-fc2# show module >> In ShowModule: rv-ibmbc1-fc2# show module >> HIT COMMAND:rv-ibmbc1-fc2# show module xbar >> In ShowModule: rv-ibmbc1-fc2# show module xbar >> HIT COMMAND:rv-ibmbc1-fc2# show inventory >> In ShowInventory: rv-ibmbc1-fc2# show inventory >> HIT COMMAND:rv-ibmbc1-fc2# show vtp status >> In ShowVTP: rv-ibmbc1-fc2# show vtp status >> HIT COMMAND:rv-ibmbc1-fc2# show vlan >> In ShowVLAN: rv-ibmbc1-fc2# show vlan >> HIT COMMAND:rv-ibmbc1-fc2# show debug >> In ShowDebug: rv-ibmbc1-fc2# show debug >> HIT COMMAND:rv-ibmbc1-fc2# show cores vdc-all >> In ShowCores: rv-ibmbc1-fc2# show cores vdc-all >> HIT COMMAND:rv-ibmbc1-fc2# show processes log vdc-all >> In ShowProcLog: rv-ibmbc1-fc2# show processes log vdc-all >> rv-ibmbc1-fc2: show processes log vdc-all failed: -1 >> rv-ibmbc1-fc2: missed cmd(s): show running-config >> rv-ibmbc1-fc2: missed cmd(s): show running-config >> rv-ibmbc1-fc2: End of run not found >> rv-ibmbc1-fc2: End of run not found >> rv-ibmbc1-fc2: clean: 0, end: 0 >> !PROC_LOGS: ^ >> [user at host1 ~]$ >> >> >> And here's the output of clogin with just the "show running-config" >> command: >> >> >> >> [user at host1 ~]$clogin -t 90 -c:"show running-config" rv-ibmbc1-fc2 >> rv-ibmbc1-fc2 >> spawn ssh -c 3des -x -l user rv-ibmbc1-fc2 >> MDS Switch >> Password: >> Cisco Nexus Operating System (NX-OS) Software >> TAC support: http://www.cisco.com/tac >> Copyright (c) 2002-2014, Cisco Systems, Inc. All rights reserved. >> The copyrights to certain works contained in this software are >> owned by other third parties and used and distributed under >> license. Certain components of this software are licensed under >> the GNU General Public License (GPL) version 2.0 or the GNU >> Lesser General Public License (LGPL) Version 2.1. A copy of each >> such license is available at >> http://www.opensource.org/licenses/gpl-2.0.php and >> http://www.opensource.org/licenses/lgpl-2.1.php >> rv-ibmbc1-fc2# >> rv-ibmbc1-fc2# terminal length 0 >> rv-ibmbc1-fc2# terminal width 132 >> rv-ibmbc1-fc2# terminal-length 0 >> ^ >> % Invalid command at '^' marker. >> rv-ibmbc1-fc2# :show running-config >> ^ >> % Invalid command at '^' marker. >> rv-ibmbc1-fc2#exit >> Connection to rv-ibmbc1-fc2 closed. >> [user at host1 ~]$ >> >> Any help you can provide is much appreciated. >> >> Thanks, >> John >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> > > > > -- > Dan > -- Dan -------------- next part -------------- An HTML attachment was scrubbed... URL: From dan.w.anderson at gmail.com Wed Mar 4 22:37:59 2015 From: dan.w.anderson at gmail.com (Dan Anderson) Date: Wed, 4 Mar 2015 17:37:59 -0500 Subject: [rancid] Issue with nx-os after switch upgrades In-Reply-To: <6946EE17AE19494A97197FE4C50A7BE1687A635C@CMEXMB1.ad.emulex.com> References: <6946EE17AE19494A97197FE4C50A7BE1687A5E53@CMEXMB1.ad.emulex.com> <20150304215253.1e84eb71@hobbit> <6946EE17AE19494A97197FE4C50A7BE1687A635C@CMEXMB1.ad.emulex.com> Message-ID: I had a similar problem with nxrancid. I ended up modifying the script in the ShowVersion sub to return(1) for Invalid input detected rather than -1. The issue is that some of the commands will only show up with certain hardware ("show vdc all" doesn't work on anything other than a Nexus 7000/7700) or unless certain features have been enabled ("show fex" only works when "feature fex" has been enabled). It's a hack, but I thought that it was the easiest solution without creating a command list for every variable of hardware/configuration. On Wed, Mar 4, 2015 at 5:08 PM, John Livingston wrote: > Thanks guys! Here is the full output of the nxrancid -d script: > > > [user at host1 ~]$ cd bin > [user at host1 ~]$ nxrancid -d rv-ibmbc1-fc2 > executing clogin -t 90 -c"term no monitor-force;show version;show version > build-info all;show license;show license usage;show license host-id;show > system redundancy status;show environment clock;show environment fan;show > environment fex all fan;show environment temperature;show environment > power;show boot;dir bootflash:;dir debug:;dir logflash:;dir slot0:;dir > usb1:;dir usb2:;dir volatile:;show module;show module xbar;show > inventory;show vtp status;show vlan;show debug;show cores vdc-all;show > processes log vdc-all;show running-config" rv-ibmbc1-fc2 > PROMPT MATCH: rv-ibmbc1-fc2# > HIT COMMAND:rv-ibmbc1-fc2# term no monitor-force > In RunCommand: rv-ibmbc1-fc2# term no monitor-force > HIT COMMAND:rv-ibmbc1-fc2# show version > In ShowVersion: rv-ibmbc1-fc2# show version > TYPE = NXOS > HIT COMMAND:rv-ibmbc1-fc2# show version build-info all > In ShowVersionBuild: rv-ibmbc1-fc2# show version build-info all > HIT COMMAND:rv-ibmbc1-fc2# show license > In ShowLicense: rv-ibmbc1-fc2# show license > HIT COMMAND:rv-ibmbc1-fc2# show license usage > In ShowLicense: rv-ibmbc1-fc2# show license usage > HIT COMMAND:rv-ibmbc1-fc2# show license host-id > In ShowLicense: rv-ibmbc1-fc2# show license host-id > HIT COMMAND:rv-ibmbc1-fc2# show system redundancy status > In ShowRedundancy: rv-ibmbc1-fc2# show system redundancy status > HIT COMMAND:rv-ibmbc1-fc2# show environment clock > In ShowEnv: rv-ibmbc1-fc2# show environment clock > HIT COMMAND:rv-ibmbc1-fc2# show environment fan > In ShowEnv: rv-ibmbc1-fc2# show environment fan > HIT COMMAND:rv-ibmbc1-fc2# show environment fex all fan > In ShowEnv: rv-ibmbc1-fc2# show environment fex all fan > HIT COMMAND:rv-ibmbc1-fc2# show environment temperature > In ShowEnvTemp: rv-ibmbc1-fc2# show environment temperature > HIT COMMAND:rv-ibmbc1-fc2# show environment power > In ShowEnvPower: rv-ibmbc1-fc2# show environment power > HIT COMMAND:rv-ibmbc1-fc2# show boot > In ShowBoot: rv-ibmbc1-fc2# show boot > HIT COMMAND:rv-ibmbc1-fc2# dir bootflash: > In DirSlotN: rv-ibmbc1-fc2# dir bootflash: > HIT COMMAND:rv-ibmbc1-fc2# dir debug: > In DirSlotN: rv-ibmbc1-fc2# dir debug: > HIT COMMAND:rv-ibmbc1-fc2# dir logflash: > In DirSlotN: rv-ibmbc1-fc2# dir logflash: > HIT COMMAND:rv-ibmbc1-fc2# dir slot0: > In DirSlotN: rv-ibmbc1-fc2# dir slot0: > HIT COMMAND:rv-ibmbc1-fc2# dir usb1: > In DirSlotN: rv-ibmbc1-fc2# dir usb1: > HIT COMMAND:rv-ibmbc1-fc2# dir usb2: > In DirSlotN: rv-ibmbc1-fc2# dir usb2: > HIT COMMAND:rv-ibmbc1-fc2# dir volatile: > In DirSlotN: rv-ibmbc1-fc2# dir volatile: > HIT COMMAND:rv-ibmbc1-fc2# show module > In ShowModule: rv-ibmbc1-fc2# show module > HIT COMMAND:rv-ibmbc1-fc2# show module xbar > In ShowModule: rv-ibmbc1-fc2# show module xbar > HIT COMMAND:rv-ibmbc1-fc2# show inventory > In ShowInventory: rv-ibmbc1-fc2# show inventory > HIT COMMAND:rv-ibmbc1-fc2# show vtp status > In ShowVTP: rv-ibmbc1-fc2# show vtp status > HIT COMMAND:rv-ibmbc1-fc2# show vlan > In ShowVLAN: rv-ibmbc1-fc2# show vlan > HIT COMMAND:rv-ibmbc1-fc2# show debug > In ShowDebug: rv-ibmbc1-fc2# show debug > HIT COMMAND:rv-ibmbc1-fc2# show cores vdc-all > In ShowCores: rv-ibmbc1-fc2# show cores vdc-all > HIT COMMAND:rv-ibmbc1-fc2# show processes log vdc-all > In ShowProcLog: rv-ibmbc1-fc2# show processes log vdc-all > rv-ibmbc1-fc2: show processes log vdc-all failed: -1 > rv-ibmbc1-fc2: missed cmd(s): show running-config > rv-ibmbc1-fc2: missed cmd(s): show running-config > rv-ibmbc1-fc2: End of run not found > rv-ibmbc1-fc2: End of run not found > rv-ibmbc1-fc2: clean: 0, end: 0 > !PROC_LOGS: ^ > [user at host1 ~]$ > > > And here's the output of clogin with just the "show running-config" > command: > > > > [user at host1 ~]$clogin -t 90 -c:"show running-config" rv-ibmbc1-fc2 > rv-ibmbc1-fc2 > spawn ssh -c 3des -x -l user rv-ibmbc1-fc2 > MDS Switch > Password: > Cisco Nexus Operating System (NX-OS) Software > TAC support: http://www.cisco.com/tac > Copyright (c) 2002-2014, Cisco Systems, Inc. All rights reserved. > The copyrights to certain works contained in this software are > owned by other third parties and used and distributed under > license. Certain components of this software are licensed under > the GNU General Public License (GPL) version 2.0 or the GNU > Lesser General Public License (LGPL) Version 2.1. A copy of each > such license is available at > http://www.opensource.org/licenses/gpl-2.0.php and > http://www.opensource.org/licenses/lgpl-2.1.php > rv-ibmbc1-fc2# > rv-ibmbc1-fc2# terminal length 0 > rv-ibmbc1-fc2# terminal width 132 > rv-ibmbc1-fc2# terminal-length 0 > ^ > % Invalid command at '^' marker. > rv-ibmbc1-fc2# :show running-config > ^ > % Invalid command at '^' marker. > rv-ibmbc1-fc2#exit > Connection to rv-ibmbc1-fc2 closed. > [user at host1 ~]$ > > Any help you can provide is much appreciated. > > Thanks, > John > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- Dan -------------- next part -------------- An HTML attachment was scrubbed... URL: From John.Livingston at Emulex.Com Wed Mar 4 23:21:00 2015 From: John.Livingston at Emulex.Com (John Livingston) Date: Wed, 4 Mar 2015 23:21:00 +0000 Subject: [rancid] Issue with nx-os after switch upgrades In-Reply-To: References: <6946EE17AE19494A97197FE4C50A7BE1687A5E53@CMEXMB1.ad.emulex.com> <20150304215253.1e84eb71@hobbit> <6946EE17AE19494A97197FE4C50A7BE1687A635C@CMEXMB1.ad.emulex.com> Message-ID: <9c99f268-6de7-4833-b451-120624b3b524@CMEXHTCAS2.ad.emulex.com> That fixed, but only after I also commented out several of the ?show vdc? commands in the command-table which didn?t apply to either our Nexus 5K?s or our MDS switches. Just in case we might have VDC?s in the future, I ended up doing this on a copy of the current nxrancid script named nx56-mds-rancid and then added that as a type called cisco-nx56-mds in the rancid-fe file. Thanks, everything seems to be working now! John From: Dan Anderson [mailto:dan.w.anderson at gmail.com] Sent: Wednesday, March 04, 2015 2:39 PM To: John Livingston Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Issue with nx-os after switch upgrades Sorry. Should have included the diff: --- nxrancid.orig 2014-09-24 10:02:46.017969251 -0400 +++ nxrancid 2014-09-24 10:03:06.039305060 -0400 @@ -660,7 +660,7 @@ next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /Line has invalid autocommand /; return(1) if /(Invalid input detected|Type help or )/; - return(-1) if (/\% Invalid command at /); + return(1) if (/\% Invalid command at /); return(-1) if (/\% Permission denied/); return(-1) if (/command authorization failed/i); On Wed, Mar 4, 2015 at 5:37 PM, Dan Anderson > wrote: I had a similar problem with nxrancid. I ended up modifying the script in the ShowVersion sub to return(1) for Invalid input detected rather than -1. The issue is that some of the commands will only show up with certain hardware ("show vdc all" doesn't work on anything other than a Nexus 7000/7700) or unless certain features have been enabled ("show fex" only works when "feature fex" has been enabled). It's a hack, but I thought that it was the easiest solution without creating a command list for every variable of hardware/configuration. On Wed, Mar 4, 2015 at 5:08 PM, John Livingston > wrote: Thanks guys! Here is the full output of the nxrancid -d script: [user at host1 ~]$ cd bin [user at host1 ~]$ nxrancid -d rv-ibmbc1-fc2 executing clogin -t 90 -c"term no monitor-force;show version;show version build-info all;show license;show license usage;show license host-id;show system redundancy status;show environment clock;show environment fan;show environment fex all fan;show environment temperature;show environment power;show boot;dir bootflash:;dir debug:;dir logflash:;dir slot0:;dir usb1:;dir usb2:;dir volatile:;show module;show module xbar;show inventory;show vtp status;show vlan;show debug;show cores vdc-all;show processes log vdc-all;show running-config" rv-ibmbc1-fc2 PROMPT MATCH: rv-ibmbc1-fc2# HIT COMMAND:rv-ibmbc1-fc2# term no monitor-force In RunCommand: rv-ibmbc1-fc2# term no monitor-force HIT COMMAND:rv-ibmbc1-fc2# show version In ShowVersion: rv-ibmbc1-fc2# show version TYPE = NXOS HIT COMMAND:rv-ibmbc1-fc2# show version build-info all In ShowVersionBuild: rv-ibmbc1-fc2# show version build-info all HIT COMMAND:rv-ibmbc1-fc2# show license In ShowLicense: rv-ibmbc1-fc2# show license HIT COMMAND:rv-ibmbc1-fc2# show license usage In ShowLicense: rv-ibmbc1-fc2# show license usage HIT COMMAND:rv-ibmbc1-fc2# show license host-id In ShowLicense: rv-ibmbc1-fc2# show license host-id HIT COMMAND:rv-ibmbc1-fc2# show system redundancy status In ShowRedundancy: rv-ibmbc1-fc2# show system redundancy status HIT COMMAND:rv-ibmbc1-fc2# show environment clock In ShowEnv: rv-ibmbc1-fc2# show environment clock HIT COMMAND:rv-ibmbc1-fc2# show environment fan In ShowEnv: rv-ibmbc1-fc2# show environment fan HIT COMMAND:rv-ibmbc1-fc2# show environment fex all fan In ShowEnv: rv-ibmbc1-fc2# show environment fex all fan HIT COMMAND:rv-ibmbc1-fc2# show environment temperature In ShowEnvTemp: rv-ibmbc1-fc2# show environment temperature HIT COMMAND:rv-ibmbc1-fc2# show environment power In ShowEnvPower: rv-ibmbc1-fc2# show environment power HIT COMMAND:rv-ibmbc1-fc2# show boot In ShowBoot: rv-ibmbc1-fc2# show boot HIT COMMAND:rv-ibmbc1-fc2# dir bootflash: In DirSlotN: rv-ibmbc1-fc2# dir bootflash: HIT COMMAND:rv-ibmbc1-fc2# dir debug: In DirSlotN: rv-ibmbc1-fc2# dir debug: HIT COMMAND:rv-ibmbc1-fc2# dir logflash: In DirSlotN: rv-ibmbc1-fc2# dir logflash: HIT COMMAND:rv-ibmbc1-fc2# dir slot0: In DirSlotN: rv-ibmbc1-fc2# dir slot0: HIT COMMAND:rv-ibmbc1-fc2# dir usb1: In DirSlotN: rv-ibmbc1-fc2# dir usb1: HIT COMMAND:rv-ibmbc1-fc2# dir usb2: In DirSlotN: rv-ibmbc1-fc2# dir usb2: HIT COMMAND:rv-ibmbc1-fc2# dir volatile: In DirSlotN: rv-ibmbc1-fc2# dir volatile: HIT COMMAND:rv-ibmbc1-fc2# show module In ShowModule: rv-ibmbc1-fc2# show module HIT COMMAND:rv-ibmbc1-fc2# show module xbar In ShowModule: rv-ibmbc1-fc2# show module xbar HIT COMMAND:rv-ibmbc1-fc2# show inventory In ShowInventory: rv-ibmbc1-fc2# show inventory HIT COMMAND:rv-ibmbc1-fc2# show vtp status In ShowVTP: rv-ibmbc1-fc2# show vtp status HIT COMMAND:rv-ibmbc1-fc2# show vlan In ShowVLAN: rv-ibmbc1-fc2# show vlan HIT COMMAND:rv-ibmbc1-fc2# show debug In ShowDebug: rv-ibmbc1-fc2# show debug HIT COMMAND:rv-ibmbc1-fc2# show cores vdc-all In ShowCores: rv-ibmbc1-fc2# show cores vdc-all HIT COMMAND:rv-ibmbc1-fc2# show processes log vdc-all In ShowProcLog: rv-ibmbc1-fc2# show processes log vdc-all rv-ibmbc1-fc2: show processes log vdc-all failed: -1 rv-ibmbc1-fc2: missed cmd(s): show running-config rv-ibmbc1-fc2: missed cmd(s): show running-config rv-ibmbc1-fc2: End of run not found rv-ibmbc1-fc2: End of run not found rv-ibmbc1-fc2: clean: 0, end: 0 !PROC_LOGS: ^ [user at host1 ~]$ And here's the output of clogin with just the "show running-config" command: [user at host1 ~]$clogin -t 90 -c:"show running-config" rv-ibmbc1-fc2 rv-ibmbc1-fc2 spawn ssh -c 3des -x -l user rv-ibmbc1-fc2 MDS Switch Password: Cisco Nexus Operating System (NX-OS) Software TAC support: http://www.cisco.com/tac Copyright (c) 2002-2014, Cisco Systems, Inc. All rights reserved. The copyrights to certain works contained in this software are owned by other third parties and used and distributed under license. Certain components of this software are licensed under the GNU General Public License (GPL) version 2.0 or the GNU Lesser General Public License (LGPL) Version 2.1. A copy of each such license is available at http://www.opensource.org/licenses/gpl-2.0.php and http://www.opensource.org/licenses/lgpl-2.1.php rv-ibmbc1-fc2# rv-ibmbc1-fc2# terminal length 0 rv-ibmbc1-fc2# terminal width 132 rv-ibmbc1-fc2# terminal-length 0 ^ % Invalid command at '^' marker. rv-ibmbc1-fc2# :show running-config ^ % Invalid command at '^' marker. rv-ibmbc1-fc2#exit Connection to rv-ibmbc1-fc2 closed. [user at host1 ~]$ Any help you can provide is much appreciated. Thanks, John _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -- Dan -- Dan -------------- next part -------------- An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Wed Mar 4 23:43:25 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Thu, 5 Mar 2015 01:43:25 +0200 Subject: [rancid] Issue with nx-os after switch upgrades In-Reply-To: References: <6946EE17AE19494A97197FE4C50A7BE1687A5E53@CMEXMB1.ad.emulex.com> <20150304215253.1e84eb71@hobbit> <6946EE17AE19494A97197FE4C50A7BE1687A635C@CMEXMB1.ad.emulex.com> Message-ID: <20150305014325.283ab660@hobbit> On Wed, 4 Mar 2015 17:38:39 -0500 Dan Anderson wrote: > Sorry. Should have included the diff: > > --- nxrancid.orig 2014-09-24 10:02:46.017969251 -0400 > +++ nxrancid 2014-09-24 10:03:06.039305060 -0400 > @@ -660,7 +660,7 @@ > next if (/^(\s*|\s*$cmd\s*)$/); > return(1) if /Line has invalid autocommand /; > return(1) if /(Invalid input detected|Type help or )/; > - return(-1) if (/\% Invalid command at /); > + return(1) if (/\% Invalid command at /); > return(-1) if (/\% Permission denied/); > return(-1) if (/command authorization failed/i); +1 to this I recall now doing this for the Nexuses I had back in the day. Solved many problems just like for John. I never could understand why Invalid Command would be a fatal error - if the device can't do it, the script should just move past it and deal with the output it *can* handle. Alan -- alan.mckinnon at gmail.com From dan.w.anderson at gmail.com Wed Mar 4 21:17:29 2015 From: dan.w.anderson at gmail.com (Dan Anderson) Date: Wed, 4 Mar 2015 16:17:29 -0500 Subject: [rancid] Issue with nx-os after switch upgrades In-Reply-To: <6946EE17AE19494A97197FE4C50A7BE1687A5E53@CMEXMB1.ad.emulex.com> References: <6946EE17AE19494A97197FE4C50A7BE1687A5E53@CMEXMB1.ad.emulex.com> Message-ID: What happens when you run nxrancid -d ? On Wed, Mar 4, 2015 at 12:52 PM, John Livingston wrote: > I have a set of MDS switches that yesterday were upgraded from SAN-OS 3.3 > to NX-OS 5.2 and now the nxrancid script is failing with an "end of run not > found" error message as shown below: > > ibmbc1-fc2: missed cmd(s): show running-config > ibmbc1-fc2: missed cmd(s): show running-config > ibmbc1-fc2: End of run not found > ibmbc1-fc2: End of run not found > ibmbc1-fc2: clean: 0, end: 0 > !PROC_LOGS: ^ > > Any recommendations or advise on how to fix this? I have another 10 or so > switches to go this weekend and don't want to lose backups on these. > Currently running version 2.3.8 of rancid and using the stock nxrancid > script. > > Thanks, > John > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- Dan -------------- next part -------------- An HTML attachment was scrubbed... URL: From jethro.binks at strath.ac.uk Thu Mar 5 09:42:28 2015 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Thu, 5 Mar 2015 09:42:28 +0000 (GMT) Subject: [rancid] Issue with nx-os after switch upgrades In-Reply-To: <20150305014325.283ab660@hobbit> References: <6946EE17AE19494A97197FE4C50A7BE1687A5E53@CMEXMB1.ad.emulex.com> <20150304215253.1e84eb71@hobbit> <6946EE17AE19494A97197FE4C50A7BE1687A635C@CMEXMB1.ad.emulex.com> <20150305014325.283ab660@hobbit> Message-ID: Now you mention it, I have done likewise for the comware stuff. In fact I actually abstracted into subroutines to minimise repetition. Now my command processing subs all look something like this near the start: while (<$INPUT>) { tr/\015//d; last if(/^\s*$prompt/); chomp; $_ = filter_lines($_); return(1) if command_not_valid($_); return(-1) if command_not_auth($_); next if skip_pattern($_); and then I have: # Some commands are not supported on some models or versions # of code. # Remove the associated error messages, and rancid will ensure that # these are not treated as "missed" commands sub command_not_valid { my ($l) = (@_); if ( $l =~ /% Too many parameters found at '\^' position/ || /% Unrecognized command found at '\^' position/ || /% Incomplete command found at '\^' position./ || /(% )?Wrong parameter found at '\^' position/ || /% Wrong device .+/ ) { return(1); } else { return(0); } } # Some commands are not authorized under the current # user's permissions sub command_not_auth { my ($l) = (@_); if ( $l =~ /Permission denied\./ ) { return(1); } else { return(0); } } # Some output lines are always skipped sub skip_pattern { my ($l) = (@_); if ( $l =~ /^\s+\^$/ ) { return(1); } else { return(0); } } On Wed, 4 Mar 2015, Alan McKinnon wrote: > On Wed, 4 Mar 2015 17:38:39 -0500 > Dan Anderson wrote: > > > Sorry. Should have included the diff: > > > > --- nxrancid.orig 2014-09-24 10:02:46.017969251 -0400 > > +++ nxrancid 2014-09-24 10:03:06.039305060 -0400 > > @@ -660,7 +660,7 @@ > > next if (/^(\s*|\s*$cmd\s*)$/); > > return(1) if /Line has invalid autocommand /; > > return(1) if /(Invalid input detected|Type help or )/; > > - return(-1) if (/\% Invalid command at /); > > + return(1) if (/\% Invalid command at /); > > return(-1) if (/\% Permission denied/); > > return(-1) if (/command authorization failed/i); > > > +1 to this > > I recall now doing this for the Nexuses I had back in the day. Solved > many problems just like for John. > > I never could understand why Invalid Command would be a fatal error - > if the device can't do it, the script should just move past it and deal > with the output it *can* handle. > > Alan > > -- > alan.mckinnon at gmail.com > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. From heas at shrubbery.net Thu Mar 5 10:15:31 2015 From: heas at shrubbery.net (heasley) Date: Thu, 5 Mar 2015 10:15:31 +0000 Subject: [rancid] Issue with nx-os after switch upgrades In-Reply-To: <20150305014325.283ab660@hobbit> References: <6946EE17AE19494A97197FE4C50A7BE1687A5E53@CMEXMB1.ad.emulex.com> <20150304215253.1e84eb71@hobbit> <6946EE17AE19494A97197FE4C50A7BE1687A635C@CMEXMB1.ad.emulex.com> <20150305014325.283ab660@hobbit> Message-ID: <20150305101530.GB97551@shrubbery.net> Thu, Mar 05, 2015 at 01:43:25AM +0200, Alan McKinnon: > I never could understand why Invalid Command would be a fatal error - > if the device can't do it, the script should just move past it and deal > with the output it *can* handle. because sometimes the command *should* exist. its has caught o/s bugs in the past. if it may exist, then we return 1 when it is missing. From heas at shrubbery.net Thu Mar 5 10:31:25 2015 From: heas at shrubbery.net (heasley) Date: Thu, 5 Mar 2015 10:31:25 +0000 Subject: [rancid] How to ignore certain output? In-Reply-To: <20150304155212.08c3b8a3@hobbit> References: <361FC21836C35F4DA4C9D78CC732446102537D76846E@EXVMBX015-4.exch015.msoutlookonline.net> <20150304155212.08c3b8a3@hobbit> Message-ID: <20150305103125.GD97551@shrubbery.net> Wed, Mar 04, 2015 at 03:52:12PM +0200, Alan McKinnon: > heasley gave the exact patch you need lower donw in the thread, but > I'll explain the general process, you need some basic understanding of > perl. This is for 2.3, I haven't gotten around to using 3.x yet, I > beleive the latest version is quite similar in this respect: I encourage upgrading to 3.x, and i'll consider 3.2 production after I attend to 3 outstanding issues/requests. 3.x makes it easier to make localizations such as this and still be easy to make future upgrades. you would copy the definition for a device type to a new name, create a new module to handle your localization, and configure your new device type to use it. eg rancid.types.conf: crisco;script;rancid -t crisco crisco;login;clogin crisco;module;ios crisco;module;ios_local crisco;inloop;ios::inloop crisco;command;ios::ShowVersion;show version # skipit crisco;command;ios::ShowRedundancy;show redundancy secondary crisco;command;ios_local::ShowIDprom;show idprom backplane crisco;command;ios::ShowInstallActive;show install active .... i believe the type configs could be more featureful and i've left some comment about that in the manpage, but its handy for this need. From grungelizard9 at hotmail.com Thu Mar 5 14:53:35 2015 From: grungelizard9 at hotmail.com (Daniel Shields) Date: Thu, 5 Mar 2015 09:53:35 -0500 Subject: [rancid] Cisco 2504 Message-ID: Hello all, I'm trying to integrate 2 Cisco 2504s running 7.6.120.0 with RANCID in order to complete backups. I have seen on the forums that this has been done successfully, but have been unable to find a copy of a script. If anyone has integrated with this platform, would you be able to provide a copy of the script that you are using? Thanks! -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu Mar 5 16:54:24 2015 From: heas at shrubbery.net (heasley) Date: Thu, 5 Mar 2015 16:54:24 +0000 Subject: [rancid] Cisco 2504 In-Reply-To: References: Message-ID: <20150305165424.GB8391@shrubbery.net> Thu, Mar 05, 2015 at 09:53:35AM -0500, Daniel Shields: > Hello all, > I'm trying to integrate 2 Cisco 2504s running 7.6.120.0 with RANCID in order to complete backups. I have seen on the forums that this has been done successfully, but have been unable to find a copy of a script. If anyone has integrated with this platform, would you be able to provide a copy of the script that you are using? Thanks! 7.6? jezus! get newer code. iirc, ios didnt start looking like todays ios until ~9.x. the last usable 2500 code was k4p-l.120-21.S1, afaik. look here perhaps http://torrents-ru.com/showthread.php?t=14448 From antonio.quesada at usan.com Thu Mar 5 17:04:03 2015 From: antonio.quesada at usan.com (Antonio Quesada) Date: Thu, 5 Mar 2015 17:04:03 +0000 Subject: [rancid] Cisco 2504 In-Reply-To: <20150305165424.GB8391@shrubbery.net> References: <20150305165424.GB8391@shrubbery.net> Message-ID: <24DA785F724DBB40B9655CFA49DE782872E52429@NOR2K8EXCH1.usanad.com> Daniel meant WLCs, not routers. -----Original Message----- From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of heasley Sent: Thursday, March 05, 2015 11:54 To: Daniel Shields Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Cisco 2504 Thu, Mar 05, 2015 at 09:53:35AM -0500, Daniel Shields: > Hello all, > I'm trying to integrate 2 Cisco 2504s running 7.6.120.0 with RANCID in order to complete backups. I have seen on the forums that this has been done successfully, but have been unable to find a copy of a script. If anyone has integrated with this platform, would you be able to provide a copy of the script that you are using? Thanks! 7.6? jezus! get newer code. iirc, ios didnt start looking like todays ios until ~9.x. the last usable 2500 code was k4p-l.120-21.S1, afaik. look here perhaps http://torrents-ru.com/showthread.php?t=14448 _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss This communication, and any attachments, is intended solely for the use of the individual or entity to which it is addressed and contains information that is proprietary, privileged and confidential. If you are not the intended recipient or the person responsible for delivering this communication to the intended recipient, you are prohibited from retaining, using, disseminating, forwarding, printing or copying this communication. If you have received this communication in error, please immediately notify the sender via return e-mail or telephone and delete the original message. From John.Livingston at Emulex.Com Thu Mar 5 17:04:33 2015 From: John.Livingston at Emulex.Com (John Livingston) Date: Thu, 5 Mar 2015 17:04:33 +0000 Subject: [rancid] Cisco 2504 In-Reply-To: <20150305165424.GB8391@shrubbery.net> References: <20150305165424.GB8391@shrubbery.net> Message-ID: <6946EE17AE19494A97197FE4C50A7BE1687A7798@CMEXMB1.ad.emulex.com> I think he's probably referring to the Wireless LAN Controller and not the router. WLC: http://www.cisco.com/c/en/us/support/wireless/2504-wireless-controller/model.html -----Original Message----- From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of heasley Sent: Thursday, March 05, 2015 8:54 AM To: Daniel Shields Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Cisco 2504 Thu, Mar 05, 2015 at 09:53:35AM -0500, Daniel Shields: > Hello all, > I'm trying to integrate 2 Cisco 2504s running 7.6.120.0 with RANCID in order to complete backups. I have seen on the forums that this has been done successfully, but have been unable to find a copy of a script. If anyone has integrated with this platform, would you be able to provide a copy of the script that you are using? Thanks! 7.6? jezus! get newer code. iirc, ios didnt start looking like todays ios until ~9.x. the last usable 2500 code was k4p-l.120-21.S1, afaik. look here perhaps http://torrents-ru.com/showthread.php?t=14448 _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss From heas at shrubbery.net Thu Mar 5 17:21:25 2015 From: heas at shrubbery.net (heasley) Date: Thu, 5 Mar 2015 17:21:25 +0000 Subject: [rancid] Cisco 2504 In-Reply-To: <24DA785F724DBB40B9655CFA49DE782872E52429@NOR2K8EXCH1.usanad.com> References: <20150305165424.GB8391@shrubbery.net> <24DA785F724DBB40B9655CFA49DE782872E52429@NOR2K8EXCH1.usanad.com> Message-ID: <20150305172125.GE8391@shrubbery.net> Thu, Mar 05, 2015 at 05:04:03PM +0000, Antonio Quesada: > Daniel meant WLCs, not routers. ah. I dont know this platform; we put effort into the WLC code for rancid 3.2. try it and report. Another user just offered access to a 7.4 box for testing, but i havent done that yet; i'm not in the office. > Thu, Mar 05, 2015 at 09:53:35AM -0500, Daniel Shields: > > Hello all, > > I'm trying to integrate 2 Cisco 2504s running 7.6.120.0 with RANCID in order to complete backups. I have seen on the forums that this has been done successfully, but have been unable to find a copy of a script. If anyone has integrated with this platform, would you be able to provide a copy of the script that you are using? Thanks! > From grungelizard9 at hotmail.com Thu Mar 5 17:28:32 2015 From: grungelizard9 at hotmail.com (Daniel Shields) Date: Thu, 5 Mar 2015 12:28:32 -0500 Subject: [rancid] Cisco 2504 In-Reply-To: <20150305172125.GE8391@shrubbery.net> References: , <20150305165424.GB8391@shrubbery.net>, <24DA785F724DBB40B9655CFA49DE782872E52429@NOR2K8EXCH1.usanad.com>, <20150305172125.GE8391@shrubbery.net> Message-ID: Apologies for the confusion. These are the WLCs. Thanks Antonio. Heas, I'm running RANCID 3.1 right now. 3.2 has support for the WLC's? Thanks! > Date: Thu, 5 Mar 2015 17:21:25 +0000 > From: heas at shrubbery.net > To: antonio.quesada at usan.com > CC: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Cisco 2504 > > Thu, Mar 05, 2015 at 05:04:03PM +0000, Antonio Quesada: > > Daniel meant WLCs, not routers. > > ah. I dont know this platform; we put effort into the WLC code for rancid 3.2. > try it and report. Another user just offered access to a 7.4 box for testing, > but i havent done that yet; i'm not in the office. > > > Thu, Mar 05, 2015 at 09:53:35AM -0500, Daniel Shields: > > > Hello all, > > > I'm trying to integrate 2 Cisco 2504s running 7.6.120.0 with RANCID in order to complete backups. I have seen on the forums that this has been done successfully, but have been unable to find a copy of a script. If anyone has integrated with this platform, would you be able to provide a copy of the script that you are using? Thanks! > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu Mar 5 17:33:35 2015 From: heas at shrubbery.net (heasley) Date: Thu, 5 Mar 2015 17:33:35 +0000 Subject: [rancid] Cisco 2504 In-Reply-To: References: <20150305165424.GB8391@shrubbery.net> <24DA785F724DBB40B9655CFA49DE782872E52429@NOR2K8EXCH1.usanad.com> <20150305172125.GE8391@shrubbery.net> Message-ID: <20150305173334.GG8391@shrubbery.net> Thu, Mar 05, 2015 at 12:28:32PM -0500, Daniel Shields: > Apologies for the confusion. These are the WLCs. Thanks Antonio. > Heas, I'm running RANCID 3.1 right now. 3.2 has support for the WLC's? Thanks! Yes, I imported one of the versions floating (sorry dont recall which exactly) and with Daniel Schmidt's help cleaned it up a bit to make it more reliable. 3.2 is still alpha, but i think the issues will be unnoticed. From grungelizard9 at hotmail.com Thu Mar 5 17:40:59 2015 From: grungelizard9 at hotmail.com (Daniel Shields) Date: Thu, 5 Mar 2015 12:40:59 -0500 Subject: [rancid] Cisco 2504 In-Reply-To: <20150305173334.GG8391@shrubbery.net> References: , <20150305165424.GB8391@shrubbery.net>, <24DA785F724DBB40B9655CFA49DE782872E52429@NOR2K8EXCH1.usanad.com>, <20150305172125.GE8391@shrubbery.net>, , <20150305173334.GG8391@shrubbery.net> Message-ID: Thanks Heasley. Would I be able to bring the device types into version 3.1? This is a production box at work, so I need to be sure it's stable. Sould be able to test 3.2 on another box though. Thanks! > Date: Thu, 5 Mar 2015 17:33:35 +0000 > From: heas at shrubbery.net > To: grungelizard9 at hotmail.com > CC: heas at shrubbery.net; antonio.quesada at usan.com; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Cisco 2504 > > Thu, Mar 05, 2015 at 12:28:32PM -0500, Daniel Shields: > > Apologies for the confusion. These are the WLCs. Thanks Antonio. > > Heas, I'm running RANCID 3.1 right now. 3.2 has support for the WLC's? Thanks! > > Yes, I imported one of the versions floating (sorry dont recall which exactly) > and with Daniel Schmidt's help cleaned it up a bit to make it more reliable. > > 3.2 is still alpha, but i think the issues will be unnoticed. -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu Mar 5 17:49:12 2015 From: heas at shrubbery.net (heasley) Date: Thu, 5 Mar 2015 17:49:12 +0000 Subject: [rancid] Cisco 2504 In-Reply-To: References: <20150305165424.GB8391@shrubbery.net> <24DA785F724DBB40B9655CFA49DE782872E52429@NOR2K8EXCH1.usanad.com> <20150305172125.GE8391@shrubbery.net> <20150305173334.GG8391@shrubbery.net> Message-ID: <20150305174912.GI8391@shrubbery.net> Thu, Mar 05, 2015 at 12:40:59PM -0500, Daniel Shields: > Thanks Heasley. Would I be able to bring the device types into version 3.1? This is a production box at work, so I need to be sure it's stable. Sould be able to test 3.2 on another box though. Thanks! I think that will work just fine. > > Date: Thu, 5 Mar 2015 17:33:35 +0000 > > From: heas at shrubbery.net > > To: grungelizard9 at hotmail.com > > CC: heas at shrubbery.net; antonio.quesada at usan.com; rancid-discuss at shrubbery.net > > Subject: Re: [rancid] Cisco 2504 > > > > Thu, Mar 05, 2015 at 12:28:32PM -0500, Daniel Shields: > > > Apologies for the confusion. These are the WLCs. Thanks Antonio. > > > Heas, I'm running RANCID 3.1 right now. 3.2 has support for the WLC's? Thanks! > > > > Yes, I imported one of the versions floating (sorry dont recall which exactly) > > and with Daniel Schmidt's help cleaned it up a bit to make it more reliable. > > > > 3.2 is still alpha, but i think the issues will be unnoticed. > From grungelizard9 at hotmail.com Thu Mar 5 17:51:30 2015 From: grungelizard9 at hotmail.com (Daniel Shields) Date: Thu, 5 Mar 2015 12:51:30 -0500 Subject: [rancid] Cisco 2504 In-Reply-To: <20150305174912.GI8391@shrubbery.net> References: , <20150305165424.GB8391@shrubbery.net>, <24DA785F724DBB40B9655CFA49DE782872E52429@NOR2K8EXCH1.usanad.com>, <20150305172125.GE8391@shrubbery.net>, , <20150305173334.GG8391@shrubbery.net>, , <20150305174912.GI8391@shrubbery.net> Message-ID: Awesome. Thanks for your help Heasley, very much appreciated. I'll post back with how it goes. > Date: Thu, 5 Mar 2015 17:49:12 +0000 > From: heas at shrubbery.net > To: grungelizard9 at hotmail.com > CC: heas at shrubbery.net; antonio.quesada at usan.com; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Cisco 2504 > > Thu, Mar 05, 2015 at 12:40:59PM -0500, Daniel Shields: > > Thanks Heasley. Would I be able to bring the device types into version 3.1? This is a production box at work, so I need to be sure it's stable. Sould be able to test 3.2 on another box though. Thanks! > > I think that will work just fine. > > > > Date: Thu, 5 Mar 2015 17:33:35 +0000 > > > From: heas at shrubbery.net > > > To: grungelizard9 at hotmail.com > > > CC: heas at shrubbery.net; antonio.quesada at usan.com; rancid-discuss at shrubbery.net > > > Subject: Re: [rancid] Cisco 2504 > > > > > > Thu, Mar 05, 2015 at 12:28:32PM -0500, Daniel Shields: > > > > Apologies for the confusion. These are the WLCs. Thanks Antonio. > > > > Heas, I'm running RANCID 3.1 right now. 3.2 has support for the WLC's? Thanks! > > > > > > Yes, I imported one of the versions floating (sorry dont recall which exactly) > > > and with Daniel Schmidt's help cleaned it up a bit to make it more reliable. > > > > > > 3.2 is still alpha, but i think the issues will be unnoticed. > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From aaron at heyaaron.com Tue Mar 3 00:14:04 2015 From: aaron at heyaaron.com (Aaron de Bruyn) Date: Mon, 2 Mar 2015 16:14:04 -0800 (PST) Subject: [rancid] hlogin works, clogin fails: why is clogin running? Message-ID: <5d3f22dc-8e2a-4bd9-bcb4-35e7b2d1a9fc@googlegroups.com> I have a handful of Procurve switches that need to be backed up. My router.db looks like this: usancddswt01;hp;up usancssswt01;hp;up uscmdprswt01;hp;up useugofswt01;hp;up usggzsdswt01;hp;up ushqzofswt01;hp;up uslog00swt01;hp;up usloginswt01;hp;up uslogofswt01;hp;up ...etc...snip... I can run: /usr/local/libexec/rancid/hlogin -c "show run" usancddswt01 ...and it connects, logs in, executes 'show run', and logs off...perfect. When I run rancid-run however, it seems to be running clogin instead of hlogin. Am I correct in thinking that hlogin should be running because router.db lists the switch type as 'hp'? Am I missing something? Thanks, -A -------------- next part -------------- An HTML attachment was scrubbed... URL: From grungelizard9 at hotmail.com Thu Mar 5 23:25:55 2015 From: grungelizard9 at hotmail.com (Daniel Shields) Date: Thu, 5 Mar 2015 18:25:55 -0500 Subject: [rancid] Cisco 2504 In-Reply-To: <20150305174912.GI8391@shrubbery.net> References: , <20150305165424.GB8391@shrubbery.net>, <24DA785F724DBB40B9655CFA49DE782872E52429@NOR2K8EXCH1.usanad.com>, <20150305172125.GE8391@shrubbery.net>, , <20150305173334.GG8391@shrubbery.net>, , <20150305174912.GI8391@shrubbery.net> Message-ID: Thanks Heasley! I went ahead and updated the work server to 3.1.99 and the 2504s are integrated. Not seeing any issues here. > Date: Thu, 5 Mar 2015 17:49:12 +0000 > From: heas at shrubbery.net > To: grungelizard9 at hotmail.com > CC: heas at shrubbery.net; antonio.quesada at usan.com; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Cisco 2504 > > Thu, Mar 05, 2015 at 12:40:59PM -0500, Daniel Shields: > > Thanks Heasley. Would I be able to bring the device types into version 3.1? This is a production box at work, so I need to be sure it's stable. Sould be able to test 3.2 on another box though. Thanks! > > I think that will work just fine. > > > > Date: Thu, 5 Mar 2015 17:33:35 +0000 > > > From: heas at shrubbery.net > > > To: grungelizard9 at hotmail.com > > > CC: heas at shrubbery.net; antonio.quesada at usan.com; rancid-discuss at shrubbery.net > > > Subject: Re: [rancid] Cisco 2504 > > > > > > Thu, Mar 05, 2015 at 12:28:32PM -0500, Daniel Shields: > > > > Apologies for the confusion. These are the WLCs. Thanks Antonio. > > > > Heas, I'm running RANCID 3.1 right now. 3.2 has support for the WLC's? Thanks! > > > > > > Yes, I imported one of the versions floating (sorry dont recall which exactly) > > > and with Daniel Schmidt's help cleaned it up a bit to make it more reliable. > > > > > > 3.2 is still alpha, but i think the issues will be unnoticed. > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From grungelizard9 at hotmail.com Fri Mar 6 15:28:12 2015 From: grungelizard9 at hotmail.com (Daniel Shields) Date: Fri, 6 Mar 2015 10:28:12 -0500 Subject: [rancid] Adding Modules to RANCID 3.1.99 Message-ID: Hello All, I am in the process of adding the Aruba module to RANCID 3.1.99 and modifying one for Aerohive and just wanted to verify, I have read in the forums that the step needed for 3.1.0 are: Place in /usr/local/rancid/bin save as whatever name Add module to /usr/local/rancid/etc/rancid.types.conf, i.e. ciscowlc;login;ciscowlc5 ---> add command line options here as well Update /usr/local/rancid/var/networking/router.db --> wlchost;ciscowlc;up (cisco being an example, will update the names) I just wanted to verify that the same still holds true for 3.1.99. Thanks! -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Sat Mar 7 18:09:25 2015 From: heas at shrubbery.net (heasley) Date: Sat, 7 Mar 2015 18:09:25 +0000 Subject: [rancid] Adding Modules to RANCID 3.1.99 In-Reply-To: References: Message-ID: <20150307180925.GC77180@shrubbery.net> Fri, Mar 06, 2015 at 10:28:12AM -0500, Daniel Shields: > Hello All, > I am in the process of adding the Aruba module to RANCID 3.1.99 and modifying one for Aerohive and just wanted to verify, I have read in the forums that the step needed for 3.1.0 are: > Place in /usr/local/rancid/bin save as whatever name > Add module to /usr/local/rancid/etc/rancid.types.conf, i.e. ciscowlc;login;ciscowlc5 ---> add command line options here as well > Update /usr/local/rancid/var/networking/router.db --> wlchost;ciscowlc;up > (cisco being an example, will update the names) > I just wanted to verify that the same still holds true for 3.1.99. yes, no changes in this regard. From grungelizard9 at hotmail.com Sun Mar 8 10:07:55 2015 From: grungelizard9 at hotmail.com (Daniel Shields) Date: Sun, 8 Mar 2015 06:07:55 -0400 Subject: [rancid] Adding Modules to RANCID 3.1.99 In-Reply-To: <20150307180925.GC77180@shrubbery.net> References: , <20150307180925.GC77180@shrubbery.net> Message-ID: Thanks Heasley. Aruba's working great. Had to save in */lib/rancid/aerohive.pm as it's a module. Will work on Aerohive module and post back. > Date: Sat, 7 Mar 2015 18:09:25 +0000 > From: heas at shrubbery.net > To: grungelizard9 at hotmail.com > CC: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Adding Modules to RANCID 3.1.99 > > Fri, Mar 06, 2015 at 10:28:12AM -0500, Daniel Shields: > > Hello All, > > I am in the process of adding the Aruba module to RANCID 3.1.99 and modifying one for Aerohive and just wanted to verify, I have read in the forums that the step needed for 3.1.0 are: > > Place in /usr/local/rancid/bin save as whatever name > > Add module to /usr/local/rancid/etc/rancid.types.conf, i.e. ciscowlc;login;ciscowlc5 ---> add command line options here as well > > Update /usr/local/rancid/var/networking/router.db --> wlchost;ciscowlc;up > > (cisco being an example, will update the names) > > I just wanted to verify that the same still holds true for 3.1.99. > > yes, no changes in this regard. -------------- next part -------------- An HTML attachment was scrubbed... URL: From beroe1986 at gmail.com Mon Mar 9 01:28:51 2015 From: beroe1986 at gmail.com (Anton Kolev) Date: Sun, 8 Mar 2015 21:28:51 -0400 Subject: [rancid] RANCID + Mikrotik - request to add to Message-ID: Please add me Rancid mailing list -- ~Anton -------------- next part -------------- An HTML attachment was scrubbed... URL: From gmourani at gmail.com Tue Mar 10 15:05:26 2015 From: gmourani at gmail.com (Gerhard Mourani) Date: Tue, 10 Mar 2015 11:05:26 -0400 Subject: [rancid] !Switch Fabric Module Message-ID: <602285EF-5A31-4C4E-8B62-EF8B51CB67C9@gmail.com> Hello, On Rancid version 3.1, Im still receiving lot of diff related to Switch Fabric Module time for Brocade switches. To fix this noisy problem, I?ve removed the line break space to make it work as follow (line 124 of the foundry.pm file in my case). @@ -124,10 +124,9 @@ last if (/^$prompt/); next if (/^(The system |Crash time)/); - next if (/^(System|(Active|Standby) Management|LP Slot \d+|Switch Fabric - Module \d+) (uptime|Up Time) is/); + next if (/^(System|(Active|Standby) Management|LP Slot \d+|Switch Fabric Module \d+) (uptime|Up Time) is/); # remove uptime on newer switches Gerhard, From gmourani at gmail.com Tue Mar 10 15:10:29 2015 From: gmourani at gmail.com (Gerhard Mourani) Date: Tue, 10 Mar 2015 11:10:29 -0400 Subject: [rancid] STACKID and Brocade Message-ID: Hello, On Rancid version 3.1, I?m still receiving lot of diff related to the following: ! 800 MHz ARM processor ARMv5TE, 400 MHz bus ! 65536 KB flash memory ! 512 MB DRAM - ! STACKID 1 system uptime is 46 days 16 hours 20 minutes 22 seconds + ! STACKID 1 system uptime is 47 days 4 hours 20 minutes 20 seconds ! The system : started=warm start reloaded=by "reload" ! ! System Monitoring (Sysmon) is: enabled ! Sysmon timer = 3 minutes On the foundry.pm file, there is a code line related to this to make it hide but seem to me that it doesn?t work! # remove uptime on newer switches s/(STACKID \d+)\s+system uptime is.*$/$1/; Gerhard, From jethro.binks at strath.ac.uk Tue Mar 10 16:00:31 2015 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Tue, 10 Mar 2015 16:00:31 +0000 (GMT) Subject: [rancid] STACKID and Brocade In-Reply-To: References: Message-ID: Odd, it works OK for me, I get: !MGMT: 800 MHz Power PC processor 8544E (version 0021/0022) 400 MHz bus !MGMT:65536 KB flash memory !MGMT: 256 MB DRAM !STACKID 1 !STACKID 2 !My stack unit ID = 1, bootup role = active You aren't getting the MGMT: prefix either. Are you sure these are correctly declared as type foundry in router.db? Jethro. On Tue, 10 Mar 2015, Gerhard Mourani wrote: > Hello, > > On Rancid version 3.1, I?m still receiving lot of diff related to the following: > > ! 800 MHz ARM processor ARMv5TE, 400 MHz bus > ! 65536 KB flash memory > ! 512 MB DRAM > - ! STACKID 1 system uptime is 46 days 16 hours 20 minutes 22 seconds > + ! STACKID 1 system uptime is 47 days 4 hours 20 minutes 20 seconds > ! The system : started=warm start reloaded=by "reload" > ! > ! System Monitoring (Sysmon) is: enabled > ! Sysmon timer = 3 minutes > > On the foundry.pm file, there is a code line related to this to make it hide but seem to me that it doesn?t work! > > # remove uptime on newer switches > s/(STACKID \d+)\s+system uptime is.*$/$1/; > > Gerhard, > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. From gmourani at gmail.com Tue Mar 10 17:09:59 2015 From: gmourani at gmail.com (Gerhard Mourani) Date: Tue, 10 Mar 2015 13:09:59 -0400 Subject: [rancid] STACKID and Brocade In-Reply-To: References: Message-ID: <3570ADA6-B8C8-42EA-8C80-367103771BBF@gmail.com> Yes, it?s declared correctly into router.db Here the last email I?ve received about the problem. As we can see, time changed and because of that, I receive a new diff! Index: configs/192.168.2.223 =================================================================== retrieving revision 1.393 diff -U 4 -r1.393 192.168.2.223 @@ -19,9 +19,9 @@ ! ========================================================================== ! 800 MHz ARM processor ARMv5TE, 400 MHz bus ! 65536 KB flash memory ! 512 MB DRAM - ! STACKID 1 system uptime is 47 days 4 hours 20 minutes 20 seconds + ! STACKID 1 system uptime is 47 days 16 hours 20 minutes 21 seconds ! The system : started=warm start reloaded=by "reload" ! ! System Monitoring (Sysmon) is: enabled ! Sysmon timer = 3 minutes Gerhard, > On Mar 10, 2015, at 12:00 PM, Jethro R Binks wrote: > > Odd, it works OK for me, I get: > > !MGMT: 800 MHz Power PC processor 8544E (version 0021/0022) 400 MHz bus > !MGMT:65536 KB flash memory > !MGMT: 256 MB DRAM > !STACKID 1 > !STACKID 2 > !My stack unit ID = 1, bootup role = active > > You aren't getting the MGMT: prefix either. Are you sure these are > correctly declared as type foundry in router.db? > > Jethro. > > > On Tue, 10 Mar 2015, Gerhard Mourani wrote: > >> Hello, >> >> On Rancid version 3.1, I?m still receiving lot of diff related to the following: >> >> ! 800 MHz ARM processor ARMv5TE, 400 MHz bus >> ! 65536 KB flash memory >> ! 512 MB DRAM >> - ! STACKID 1 system uptime is 46 days 16 hours 20 minutes 22 seconds >> + ! STACKID 1 system uptime is 47 days 4 hours 20 minutes 20 seconds >> ! The system : started=warm start reloaded=by "reload" >> ! >> ! System Monitoring (Sysmon) is: enabled >> ! Sysmon timer = 3 minutes >> >> On the foundry.pm file, there is a code line related to this to make it hide but seem to me that it doesn?t work! >> >> # remove uptime on newer switches >> s/(STACKID \d+)\s+system uptime is.*$/$1/; >> >> Gerhard, >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > . . . . . . . . . . . . . . . . . . . . . . . . . > Jethro R Binks, Network Manager, > Information Services Directorate, University Of Strathclyde, Glasgow, UK > > The University of Strathclyde is a charitable body, registered in > Scotland, number SC015263._______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From jwbensley at gmail.com Tue Mar 10 17:19:44 2015 From: jwbensley at gmail.com (James Bensley) Date: Tue, 10 Mar 2015 17:19:44 +0000 Subject: [rancid] STACKID and Brocade In-Reply-To: References: Message-ID: On 10 March 2015 at 15:10, Gerhard Mourani wrote: > Hello, > > On Rancid version 3.1, I?m still receiving lot of diff related to the following: > > ! 800 MHz ARM processor ARMv5TE, 400 MHz bus > ! 65536 KB flash memory > ! 512 MB DRAM > - ! STACKID 1 system uptime is 46 days 16 hours 20 minutes 22 seconds > + ! STACKID 1 system uptime is 47 days 4 hours 20 minutes 20 seconds > ! The system : started=warm start reloaded=by "reload" > ! > ! System Monitoring (Sysmon) is: enabled > ! Sysmon timer = 3 minutes > > On the foundry.pm file, there is a code line related to this to make it hide but seem to me that it doesn?t work! > > # remove uptime on newer switches > s/(STACKID \d+)\s+system uptime is.*$/$1/; > > Gerhard, I wrote a small patch a while ago which a few people have taken and modified to their needs. Its filters out some of the "non" changes from the update emails like you have above... http://null.53bits.co.uk/index.php?page=rancid-filter From namelessjoe at hotmail.com Wed Mar 11 14:07:58 2015 From: namelessjoe at hotmail.com (Tanner Lyle) Date: Wed, 11 Mar 2015 14:07:58 +0000 Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs Message-ID: I have installed rancid 3.1 and have it working on a Ubuntu install. It works and collects diffs and shows them in the repository and i have the cvs web working, but i cannot get it to e-mail me the diffs and am getting an error in the var/logs only when there are diffs. it errors on the control_rancid portion of it i can send mail through postfix with both the sendmail and mail command. I installed postfix after sendmail fail as i thought it was my problem. Below is the log of both and the control_rancid, and yes i am a newbie rancid log when there are no changes rancid at lyle ~/var/logs $ tail -f networking.20150311.080400 starting: Wed Mar 11 08:04:00 CDT 2015 Trying to get all of the configs.All routers sucessfully completed. cvs diff: Diffing .cvs diff: Diffing configscvs commit: Examining .cvs commit: Examining configs ending: Wed Mar 11 08:05:14 CDT 2015 rancid log when there are changes rancid at lyle ~/var/logs $ tail -f networking.20150311.083546 starting: Wed Mar 11 08:35:46 CDT 2015 Trying to get all of the configs.All routers sucessfully completed. cvs diff: Diffing .cvs diff: Diffing configscvs commit: Examining .cvs commit: Examining configs/usr/local/rancid/var/CVS/networking/configs/foundryswitch,v <-- configs/foundryswitchnew revision: 1.11; previous revision: 1.10/usr/local/rancid/bin/control_rancid: 483: /usr/local/rancid/bin/control_rancid: no: not found ending: Wed Mar 11 08:37:07 CDT 2015 control_rancid line 483 is the ) | no -t $MAILOPTS # Mail out the diffs (if there are any).if [ -s $TMP.diff ] ; then MAXSZ=${MAILSPLIT:=0} if [ $MAXSZ -ne 0 ] ; then BLOCKSIZE=1024; export BLOCKSIZE tmpk=`perl -e "my(@S) = stat(\"$TMP.diff\"); print int(\\$S[7] / 1024);"` unset BLOCKSIZE if [ $tmpk -lt $MAXSZ ] ; then MAXSZ=0 fi fi if [ $MAXSZ -eq 0 ] ; then ( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff ) | no -t $MAILOPTS else CDIR=`pwd` SDIR=${TMPDIR:=/tmp}/rancid.$GROUP.$$.mail error=`mkdir $SDIR` if [ $? -ne 0 ] ; then echo "Could not create $SDIR directory" >&2 echo $error >&2 else cd $SDIR split -b${MAXSZ}k $TMP.diff nfiles=`ls | wc -l | sed -e 's/^ *//' |cut -d' ' -f1` n=0 dt=`perl -e 'print time();'` for file in `ls`; do n=`expr $n + 1` MSGID="<$dt.RANCID$GROUP$$${nfiles}${n}@`hostname`>" ( echo "To: $mailrcpt" echo "Subject: $n of ${nfiles}: $subject" echo "Message-Id: $MSGID" if [ $n -gt 1 ] ; then echo "References: $LASTIDS" fi echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $file ) | no -t $MAILOPTS LASTIDS="$LASTIDS $MSGID" if [ $n -lt $nfiles ]; then # this just tries to make the msgs order right in MUAs sleep 1 fi done cd $CDIR rm -rf $SDIR fi fifi -------------- next part -------------- An HTML attachment was scrubbed... URL: From namelessjoe at hotmail.com Wed Mar 11 14:20:02 2015 From: namelessjoe at hotmail.com (Tanner -) Date: Wed, 11 Mar 2015 14:20:02 +0000 Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs In-Reply-To: References: Message-ID: From: namelessjoe at hotmail.com To: rancid-discuss at shrubbery.net Date: Wed, 11 Mar 2015 14:07:58 +0000 Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs I have installed rancid 3.1 and have it working on a Ubuntu install. It works and collects diffs and shows them in the repository and i have the cvs web working, but i cannot get it to e-mail me the diffs and am getting an error in the var/logs only when there are diffs. it errors on the control_rancid portion of it i can send mail through postfix with both the sendmail and mail command. I installed postfix after sendmail fail as i thought it was my problem. Below is the log of both and the control_rancid, and yes i am a newbie rancid log when there are no changes rancid at lyle ~/var/logs $ tail -f networking.20150311.080400 starting: Wed Mar 11 08:04:00 CDT 2015 Trying to get all of the configs.All routers sucessfully completed. cvs diff: Diffing .cvs diff: Diffing configscvs commit: Examining .cvs commit: Examining configs ending: Wed Mar 11 08:05:14 CDT 2015 rancid log when there are changes rancid at lyle ~/var/logs $ tail -f networking.20150311.083546 starting: Wed Mar 11 08:35:46 CDT 2015 Trying to get all of the configs.All routers sucessfully completed. cvs diff: Diffing .cvs diff: Diffing configscvs commit: Examining .cvs commit: Examining configs/usr/local/rancid/var/CVS/networking/configs/foundryswitch,v <-- configs/foundryswitchnew revision: 1.11; previous revision: 1.10/usr/local/rancid/bin/control_rancid: 483: /usr/local/rancid/bin/control_rancid: no: not found ending: Wed Mar 11 08:37:07 CDT 2015 control_rancid line 483 is the ) | no -t $MAILOPTS # Mail out the diffs (if there are any).if [ -s $TMP.diff ] ; then MAXSZ=${MAILSPLIT:=0} if [ $MAXSZ -ne 0 ] ; then BLOCKSIZE=1024; export BLOCKSIZE tmpk=`perl -e "my(@S) = stat(\"$TMP.diff\"); print int(\\$S[7] / 1024);"` unset BLOCKSIZE if [ $tmpk -lt $MAXSZ ] ; then MAXSZ=0 fi fi if [ $MAXSZ -eq 0 ] ; then ( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff ) | no -t $MAILOPTS else CDIR=`pwd` SDIR=${TMPDIR:=/tmp}/rancid.$GROUP.$$.mail error=`mkdir $SDIR` if [ $? -ne 0 ] ; then echo "Could not create $SDIR directory" >&2 echo $error >&2 else cd $SDIR split -b${MAXSZ}k $TMP.diff nfiles=`ls | wc -l | sed -e 's/^ *//' |cut -d' ' -f1` n=0 dt=`perl -e 'print time();'` for file in `ls`; do n=`expr $n + 1` MSGID="<$dt.RANCID$GROUP$$${nfiles}${n}@`hostname`>" ( echo "To: $mailrcpt" echo "Subject: $n of ${nfiles}: $subject" echo "Message-Id: $MSGID" if [ $n -gt 1 ] ; then echo "References: $LASTIDS" fi echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $file ) | no -t $MAILOPTS LASTIDS="$LASTIDS $MSGID" if [ $n -lt $nfiles ]; then # this just tries to make the msgs order right in MUAs sleep 1 fi done cd $CDIR rm -rf $SDIR fi fifi _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: control_rancid Type: application/octet-stream Size: 13951 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: rancid-log-changes Type: application/octet-stream Size: 540 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: rancid-log-nochange Type: application/octet-stream Size: 540 bytes Desc: not available URL: From lee.e.rian at census.gov Wed Mar 11 14:58:12 2015 From: lee.e.rian at census.gov (Lee Rian (CENSUS/TCO FED)) Date: Wed, 11 Mar 2015 14:58:12 +0000 Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs In-Reply-To: References: Message-ID: <1426085890917.60562@census.gov> I had the same problem after building rancid on a machine that didn't have sendmail installed. Install sendmail and edit control_rancid to change all the no -t $MAILOPTS to sendmail -t $MAILOPTS Regards, Lee ________________________________ From: Rancid-discuss on behalf of Tanner Lyle Sent: Wednesday, March 11, 2015 10:07 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs I have installed rancid 3.1 and have it working on a Ubuntu install. It works and collects diffs and shows them in the repository and i have the cvs web working, but i cannot get it to e-mail me the diffs and am getting an error in the var/logs only when there are diffs. it errors on the control_rancid portion of it i can send mail through postfix with both the sendmail and mail command. I installed postfix after sendmail fail as i thought it was my problem. Below is the log of both and the control_rancid, and yes i am a newbie rancid log when there are no changes rancid at lyle ~/var/logs $ tail -f networking.20150311.080400 starting: Wed Mar 11 08:04:00 CDT 2015 Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs ending: Wed Mar 11 08:05:14 CDT 2015 rancid log when there are changes rancid at lyle ~/var/logs $ tail -f networking.20150311.083546 starting: Wed Mar 11 08:35:46 CDT 2015 Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs /usr/local/rancid/var/CVS/networking/configs/foundryswitch,v <-- configs/foundryswitch new revision: 1.11; previous revision: 1.10 /usr/local/rancid/bin/control_rancid: 483: /usr/local/rancid/bin/control_rancid: no: not found ending: Wed Mar 11 08:37:07 CDT 2015 control_rancid line 483 is the ) | no -t $MAILOPTS # Mail out the diffs (if there are any). if [ -s $TMP.diff ] ; then MAXSZ=${MAILSPLIT:=0} if [ $MAXSZ -ne 0 ] ; then BLOCKSIZE=1024; export BLOCKSIZE tmpk=`perl -e "my(@S) = stat(\"$TMP.diff\"); print int(\\$S[7] / 1024);"` unset BLOCKSIZE if [ $tmpk -lt $MAXSZ ] ; then MAXSZ=0 fi fi if [ $MAXSZ -eq 0 ] ; then ( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff ) | no -t $MAILOPTS else CDIR=`pwd` SDIR=${TMPDIR:=/tmp}/rancid.$GROUP.$$.mail error=`mkdir $SDIR` if [ $? -ne 0 ] ; then echo "Could not create $SDIR directory" >&2 echo $error >&2 else cd $SDIR split -b${MAXSZ}k $TMP.diff nfiles=`ls | wc -l | sed -e 's/^ *//' |cut -d' ' -f1` n=0 dt=`perl -e 'print time();'` for file in `ls`; do n=`expr $n + 1` MSGID="<$dt.RANCID$GROUP$$${nfiles}${n}@`hostname`>" ( echo "To: $mailrcpt" echo "Subject: $n of ${nfiles}: $subject" echo "Message-Id: $MSGID" if [ $n -gt 1 ] ; then echo "References: $LASTIDS" fi echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $file ) | no -t $MAILOPTS LASTIDS="$LASTIDS $MSGID" if [ $n -lt $nfiles ]; then # this just tries to make the msgs order right in MUAs sleep 1 fi done cd $CDIR rm -rf $SDIR fi fi fi -------------- next part -------------- An HTML attachment was scrubbed... URL: From gmourani at gmail.com Wed Mar 11 15:05:59 2015 From: gmourani at gmail.com (Gerhard Mourani) Date: Wed, 11 Mar 2015 11:05:59 -0400 Subject: [rancid] STACKID and Brocade In-Reply-To: References:

Message-ID: <235427C8-6268-4BCB-B1FF-517191026081@gmail.com> Seem good to not being spammed by email with those diff but will still make them being pushed to CVS, so I?ll have lot of rev version for nothing. Will try with latest 3.1.99 version of Rancid as suggested previously to see if this new one will fix it. Gerhard, > On Mar 10, 2015, at 1:19 PM, James Bensley wrote: > > On 10 March 2015 at 15:10, Gerhard Mourani wrote: >> Hello, >> >> On Rancid version 3.1, I?m still receiving lot of diff related to the following: >> >> ! 800 MHz ARM processor ARMv5TE, 400 MHz bus >> ! 65536 KB flash memory >> ! 512 MB DRAM >> - ! STACKID 1 system uptime is 46 days 16 hours 20 minutes 22 seconds >> + ! STACKID 1 system uptime is 47 days 4 hours 20 minutes 20 seconds >> ! The system : started=warm start reloaded=by "reload" >> ! >> ! System Monitoring (Sysmon) is: enabled >> ! Sysmon timer = 3 minutes >> >> On the foundry.pm file, there is a code line related to this to make it hide but seem to me that it doesn?t work! >> >> # remove uptime on newer switches >> s/(STACKID \d+)\s+system uptime is.*$/$1/; >> >> Gerhard, > > > I wrote a small patch a while ago which a few people have taken and > modified to their needs. > > Its filters out some of the "non" changes from the update emails like > you have above... > > http://null.53bits.co.uk/index.php?page=rancid-filter > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From grungelizard9 at hotmail.com Wed Mar 11 15:29:18 2015 From: grungelizard9 at hotmail.com (Daniel Shields) Date: Wed, 11 Mar 2015 11:29:18 -0400 Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs In-Reply-To: <1426085890917.60562@census.gov> References: , <1426085890917.60562@census.gov> Message-ID: I have a similar issue running 3.1.99, but using postfix. I get the error "/home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found". I had the same issue before upgrading (was running 3.1). " ) | -t $MAILOPTS" is the line of the control_rancid where it hangs. Any help is greatly appreciated. if [ $MAXSZ -eq 0 ] ; then ( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff ) | -t $MAILOPTS # Additional options for sendmail(8).#MAILOPTS="-f bounces.go.here at example.com"; export MAILOPTS Trying to get all of the configs.All routers sucessfully completed. cvs diff: Diffing .cvs diff: Diffing configscvs commit: Examining .cvs commit: Examining configs/home/rancid/var/rancid/CVS/demo-vpn/configs/imp_620,v <-- configs/imp_620new revision: 1.30; previous revision: 1.29/home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found Thanks!From: lee.e.rian at census.gov To: namelessjoe at hotmail.com; rancid-discuss at shrubbery.net Date: Wed, 11 Mar 2015 14:58:12 +0000 Subject: Re: [rancid] Rancid 3.1 control_rancid errors when there are diffs I had the same problem after building rancid on a machine that didn't have sendmail installed. Install sendmail and edit control_rancid to change all the no -t $MAILOPTS to sendmail -t $MAILOPTS Regards, Lee From: Rancid-discuss on behalf of Tanner Lyle Sent: Wednesday, March 11, 2015 10:07 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs I have installed rancid 3.1 and have it working on a Ubuntu install. It works and collects diffs and shows them in the repository and i have the cvs web working, but i cannot get it to e-mail me the diffs and am getting an error in the var/logs only when there are diffs. it errors on the control_rancid portion of it i can send mail through postfix with both the sendmail and mail command. I installed postfix after sendmail fail as i thought it was my problem. Below is the log of both and the control_rancid, and yes i am a newbie rancid log when there are no changes rancid at lyle ~/var/logs $ tail -f networking.20150311.080400 starting: Wed Mar 11 08:04:00 CDT 2015 Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs ending: Wed Mar 11 08:05:14 CDT 2015 rancid log when there are changes rancid at lyle ~/var/logs $ tail -f networking.20150311.083546 starting: Wed Mar 11 08:35:46 CDT 2015 Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs /usr/local/rancid/var/CVS/networking/configs/foundryswitch,v <-- configs/foundryswitch new revision: 1.11; previous revision: 1.10 /usr/local/rancid/bin/control_rancid: 483: /usr/local/rancid/bin/control_rancid: no: not found ending: Wed Mar 11 08:37:07 CDT 2015 control_rancid line 483 is the ) | no -t $MAILOPTS # Mail out the diffs (if there are any). if [ -s $TMP.diff ] ; then MAXSZ=${MAILSPLIT:=0} if [ $MAXSZ -ne 0 ] ; then BLOCKSIZE=1024; export BLOCKSIZE tmpk=`perl -e "my(@S) = stat(\"$TMP.diff\"); print int(\\$S[7] / 1024);"` unset BLOCKSIZE if [ $tmpk -lt $MAXSZ ] ; then MAXSZ=0 fi fi if [ $MAXSZ -eq 0 ] ; then ( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff ) | no -t $MAILOPTS else CDIR=`pwd` SDIR=${TMPDIR:=/tmp}/rancid.$GROUP.$$.mail error=`mkdir $SDIR` if [ $? -ne 0 ] ; then echo "Could not create $SDIR directory" >&2 echo $error >&2 else cd $SDIR split -b${MAXSZ}k $TMP.diff nfiles=`ls | wc -l | sed -e 's/^ *//' |cut -d' ' -f1` n=0 dt=`perl -e 'print time();'` for file in `ls`; do n=`expr $n + 1` MSGID="<$dt.RANCID$GROUP$$${nfiles}${n}@`hostname`>" ( echo "To: $mailrcpt" echo "Subject: $n of ${nfiles}: $subject" echo "Message-Id: $MSGID" if [ $n -gt 1 ] ; then echo "References: $LASTIDS" fi echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $file ) | no -t $MAILOPTS LASTIDS="$LASTIDS $MSGID" if [ $n -lt $nfiles ]; then # this just tries to make the msgs order right in MUAs sleep 1 fi done cd $CDIR rm -rf $SDIR fi fi fi _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From djones at ena.com Wed Mar 11 16:25:01 2015 From: djones at ena.com (David Jones) Date: Wed, 11 Mar 2015 16:25:01 +0000 Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs In-Reply-To: References: , <1426085890917.60562@census.gov>, Message-ID: <1426091100058.53905@ena.com> I have Rancid 3.1 working with Postfix: 1. This removes the need to setup an alias in /etc/aliases for every single group Postfix - /etc/postfix/main.cf luser_relay = my.email at example.com mydomain = [valid DNS domain] myorigin = $mydomain relayhost = [valid internal mail relay if you have one] 2. Rancid config: etc/rancid.conf SENDMAIL="/bin/true" #MAILOPTS="-f ..."; export MAILOPTS <- all variables starting with MAIL are commented out ?I get the diff reports and the config fetcher reports with the above configuration. Dave ________________________________ From: Rancid-discuss on behalf of Daniel Shields Sent: Wednesday, March 11, 2015 10:29 AM To: Lee Rian CENSUSTCO FED; Tanner Lyle; rancid-discuss at shrubbery.net Subject: Re: [rancid] Rancid 3.1 control_rancid errors when there are diffs I have a similar issue running 3.1.99, but using postfix. I get the error "/home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found". I had the same issue before upgrading (was running 3.1). " ) | -t $MAILOPTS" is the line of the control_rancid where it hangs. Any help is greatly appreciated. if [ $MAXSZ -eq 0 ] ; then ( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff ) | -t $MAILOPTS # Additional options for sendmail(8). #MAILOPTS="-f bounces.go.here at example.com"; export MAILOPTS Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs /home/rancid/var/rancid/CVS/demo-vpn/configs/imp_620,v <-- configs/imp_620 new revision: 1.30; previous revision: 1.29 /home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found Thanks! ________________________________ From: lee.e.rian at census.gov To: namelessjoe at hotmail.com; rancid-discuss at shrubbery.net Date: Wed, 11 Mar 2015 14:58:12 +0000 Subject: Re: [rancid] Rancid 3.1 control_rancid errors when there are diffs I had the same problem after building rancid on a machine that didn't have sendmail installed. Install sendmail and edit control_rancid to change all the no -t $MAILOPTS to sendmail -t $MAILOPTS Regards, Lee ________________________________ From: Rancid-discuss on behalf of Tanner Lyle Sent: Wednesday, March 11, 2015 10:07 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs I have installed rancid 3.1 and have it working on a Ubuntu install. It works and collects diffs and shows them in the repository and i have the cvs web working, but i cannot get it to e-mail me the diffs and am getting an error in the var/logs only when there are diffs. it errors on the control_rancid portion of it i can send mail through postfix with both the sendmail and mail command. I installed postfix after sendmail fail as i thought it was my problem. Below is the log of both and the control_rancid, and yes i am a newbie rancid log when there are no changes rancid at lyle ~/var/logs $ tail -f networking.20150311.080400 starting: Wed Mar 11 08:04:00 CDT 2015 Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs ending: Wed Mar 11 08:05:14 CDT 2015 rancid log when there are changes rancid at lyle ~/var/logs $ tail -f networking.20150311.083546 starting: Wed Mar 11 08:35:46 CDT 2015 Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs /usr/local/rancid/var/CVS/networking/configs/foundryswitch,v <-- configs/foundryswitch new revision: 1.11; previous revision: 1.10 /usr/local/rancid/bin/control_rancid: 483: /usr/local/rancid/bin/control_rancid: no: not found ending: Wed Mar 11 08:37:07 CDT 2015 control_rancid line 483 is the ) | no -t $MAILOPTS # Mail out the diffs (if there are any). if [ -s $TMP.diff ] ; then MAXSZ=${MAILSPLIT:=0} if [ $MAXSZ -ne 0 ] ; then BLOCKSIZE=1024; export BLOCKSIZE tmpk=`perl -e "my(@S) = stat(\"$TMP.diff\"); print int(\\$S[7] / 1024);"` unset BLOCKSIZE if [ $tmpk -lt $MAXSZ ] ; then MAXSZ=0 fi fi if [ $MAXSZ -eq 0 ] ; then ( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff ) | no -t $MAILOPTS else CDIR=`pwd` SDIR=${TMPDIR:=/tmp}/rancid.$GROUP.$$.mail error=`mkdir $SDIR` if [ $? -ne 0 ] ; then echo "Could not create $SDIR directory" >&2 echo $error >&2 else cd $SDIR split -b${MAXSZ}k $TMP.diff nfiles=`ls | wc -l | sed -e 's/^ *//' |cut -d' ' -f1` n=0 dt=`perl -e 'print time();'` for file in `ls`; do n=`expr $n + 1` MSGID="<$dt.RANCID$GROUP$$${nfiles}${n}@`hostname`>" ( echo "To: $mailrcpt" echo "Subject: $n of ${nfiles}: $subject" echo "Message-Id: $MSGID" if [ $n -gt 1 ] ; then echo "References: $LASTIDS" fi echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $file ) | no -t $MAILOPTS LASTIDS="$LASTIDS $MSGID" if [ $n -lt $nfiles ]; then # this just tries to make the msgs order right in MUAs sleep 1 fi done cd $CDIR rm -rf $SDIR fi fi fi _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From lee.e.rian at census.gov Wed Mar 11 16:58:22 2015 From: lee.e.rian at census.gov (Lee Rian (CENSUS/TCO FED)) Date: Wed, 11 Mar 2015 16:58:22 +0000 Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs In-Reply-To: References: , <1426085890917.60562@census.gov>, Message-ID: <1426093101203.97953@census.gov> You don't have a program called "-t" so yes, it's going to complain about " -t: not found" I have no idea how postfix works -- maybe piping the output of all those echo commands to postfix -t $MAILOPTS will send you mail, in which case you need to change all the )| -t $MAILOPTS lines to )| postfix -t $MAILOPTS Regards, Lee ________________________________ From: Daniel Shields Sent: Wednesday, March 11, 2015 11:29 AM To: Lee Rian (CENSUS/TCO FED); Tanner Lyle; rancid-discuss at shrubbery.net Subject: RE: [rancid] Rancid 3.1 control_rancid errors when there are diffs I have a similar issue running 3.1.99, but using postfix. I get the error "/home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found". I had the same issue before upgrading (was running 3.1). " ) | -t $MAILOPTS" is the line of the control_rancid where it hangs. Any help is greatly appreciated. if [ $MAXSZ -eq 0 ] ; then ( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff ) | -t $MAILOPTS # Additional options for sendmail(8). #MAILOPTS="-f bounces.go.here at example.com"; export MAILOPTS Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs /home/rancid/var/rancid/CVS/demo-vpn/configs/imp_620,v <-- configs/imp_620 new revision: 1.30; previous revision: 1.29 /home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found Thanks! ________________________________ From: lee.e.rian at census.gov To: namelessjoe at hotmail.com; rancid-discuss at shrubbery.net Date: Wed, 11 Mar 2015 14:58:12 +0000 Subject: Re: [rancid] Rancid 3.1 control_rancid errors when there are diffs I had the same problem after building rancid on a machine that didn't have sendmail installed. Install sendmail and edit control_rancid to change all the no -t $MAILOPTS to sendmail -t $MAILOPTS Regards, Lee ________________________________ From: Rancid-discuss on behalf of Tanner Lyle Sent: Wednesday, March 11, 2015 10:07 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs I have installed rancid 3.1 and have it working on a Ubuntu install. It works and collects diffs and shows them in the repository and i have the cvs web working, but i cannot get it to e-mail me the diffs and am getting an error in the var/logs only when there are diffs. it errors on the control_rancid portion of it i can send mail through postfix with both the sendmail and mail command. I installed postfix after sendmail fail as i thought it was my problem. Below is the log of both and the control_rancid, and yes i am a newbie rancid log when there are no changes rancid at lyle ~/var/logs $ tail -f networking.20150311.080400 starting: Wed Mar 11 08:04:00 CDT 2015 Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs ending: Wed Mar 11 08:05:14 CDT 2015 rancid log when there are changes rancid at lyle ~/var/logs $ tail -f networking.20150311.083546 starting: Wed Mar 11 08:35:46 CDT 2015 Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs /usr/local/rancid/var/CVS/networking/configs/foundryswitch,v <-- configs/foundryswitch new revision: 1.11; previous revision: 1.10 /usr/local/rancid/bin/control_rancid: 483: /usr/local/rancid/bin/control_rancid: no: not found ending: Wed Mar 11 08:37:07 CDT 2015 control_rancid line 483 is the ) | no -t $MAILOPTS # Mail out the diffs (if there are any). if [ -s $TMP.diff ] ; then MAXSZ=${MAILSPLIT:=0} if [ $MAXSZ -ne 0 ] ; then BLOCKSIZE=1024; export BLOCKSIZE tmpk=`perl -e "my(@S) = stat(\"$TMP.diff\"); print int(\\$S[7] / 1024);"` unset BLOCKSIZE if [ $tmpk -lt $MAXSZ ] ; then MAXSZ=0 fi fi if [ $MAXSZ -eq 0 ] ; then ( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff ) | no -t $MAILOPTS else CDIR=`pwd` SDIR=${TMPDIR:=/tmp}/rancid.$GROUP.$$.mail error=`mkdir $SDIR` if [ $? -ne 0 ] ; then echo "Could not create $SDIR directory" >&2 echo $error >&2 else cd $SDIR split -b${MAXSZ}k $TMP.diff nfiles=`ls | wc -l | sed -e 's/^ *//' |cut -d' ' -f1` n=0 dt=`perl -e 'print time();'` for file in `ls`; do n=`expr $n + 1` MSGID="<$dt.RANCID$GROUP$$${nfiles}${n}@`hostname`>" ( echo "To: $mailrcpt" echo "Subject: $n of ${nfiles}: $subject" echo "Message-Id: $MSGID" if [ $n -gt 1 ] ; then echo "References: $LASTIDS" fi echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $file ) | no -t $MAILOPTS LASTIDS="$LASTIDS $MSGID" if [ $n -lt $nfiles ]; then # this just tries to make the msgs order right in MUAs sleep 1 fi done cd $CDIR rm -rf $SDIR fi fi fi _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From loren_wilson at harvard.edu Wed Mar 11 17:13:44 2015 From: loren_wilson at harvard.edu (Loren Jan Wilson) Date: Wed, 11 Mar 2015 13:13:44 -0400 Subject: [rancid] official Git support Message-ID: Hello! How is official Git support coming along? Is there anything I can do to help? I've read through the list archives and Heasley mentioned that he was testing the git patch back in June 2014 (just after the 3.1 release), but I can't find any updates since then. Tangentially, I'd love to see (and contribute to) rancid on github. Thank you! Loren -------------- next part -------------- An HTML attachment was scrubbed... URL: From namelessjoe at hotmail.com Wed Mar 11 18:29:46 2015 From: namelessjoe at hotmail.com (Tanner -) Date: Wed, 11 Mar 2015 18:29:46 +0000 Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs In-Reply-To: References: , <1426085890917.60562@census.gov>, , Message-ID: I have postfix installed and it has a sendmail clone function that works from the command line i changed the no -t $MAILOPTS to sendmail -t $MAILOPTS and i still get an error is it a path issue or what am i not understanding Trying to get all of the configs.All routers sucessfully completed. cvs diff: Diffing .cvs diff: Diffing configscvs commit: Examining .cvs commit: Examining configs/usr/local/rancid/var/CVS/networking/configs/198.210.70.10,v <-- configs/198.210.70.10new revision: 1.12; previous revision: 1.11/usr/local/rancid/bin/control_rancid: 483: /usr/local/rancid/bin/control_rancid: sendmail: not found ending: Wed Mar 11 10:27:32 CDT 2015 From: grungelizard9 at hotmail.com To: lee.e.rian at census.gov; namelessjoe at hotmail.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Rancid 3.1 control_rancid errors when there are diffs Date: Wed, 11 Mar 2015 11:29:18 -0400 I have a similar issue running 3.1.99, but using postfix. I get the error "/home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found". I had the same issue before upgrading (was running 3.1). " ) | -t $MAILOPTS" is the line of the control_rancid where it hangs. Any help is greatly appreciated. if [ $MAXSZ -eq 0 ] ; then ( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff ) | -t $MAILOPTS # Additional options for sendmail(8).#MAILOPTS="-f bounces.go.here at example.com"; export MAILOPTS Trying to get all of the configs.All routers sucessfully completed. cvs diff: Diffing .cvs diff: Diffing configscvs commit: Examining .cvs commit: Examining configs/home/rancid/var/rancid/CVS/demo-vpn/configs/imp_620,v <-- configs/imp_620new revision: 1.30; previous revision: 1.29/home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found Thanks!From: lee.e.rian at census.gov To: namelessjoe at hotmail.com; rancid-discuss at shrubbery.net Date: Wed, 11 Mar 2015 14:58:12 +0000 Subject: Re: [rancid] Rancid 3.1 control_rancid errors when there are diffs I had the same problem after building rancid on a machine that didn't have sendmail installed. Install sendmail and edit control_rancid to change all the no -t $MAILOPTS to sendmail -t $MAILOPTS Regards, Lee From: Rancid-discuss on behalf of Tanner Lyle Sent: Wednesday, March 11, 2015 10:07 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs I have installed rancid 3.1 and have it working on a Ubuntu install. It works and collects diffs and shows them in the repository and i have the cvs web working, but i cannot get it to e-mail me the diffs and am getting an error in the var/logs only when there are diffs. it errors on the control_rancid portion of it i can send mail through postfix with both the sendmail and mail command. I installed postfix after sendmail fail as i thought it was my problem. Below is the log of both and the control_rancid, and yes i am a newbie rancid log when there are no changes rancid at lyle ~/var/logs $ tail -f networking.20150311.080400 starting: Wed Mar 11 08:04:00 CDT 2015 Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs ending: Wed Mar 11 08:05:14 CDT 2015 rancid log when there are changes rancid at lyle ~/var/logs $ tail -f networking.20150311.083546 starting: Wed Mar 11 08:35:46 CDT 2015 Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs /usr/local/rancid/var/CVS/networking/configs/foundryswitch,v <-- configs/foundryswitch new revision: 1.11; previous revision: 1.10 /usr/local/rancid/bin/control_rancid: 483: /usr/local/rancid/bin/control_rancid: no: not found ending: Wed Mar 11 08:37:07 CDT 2015 control_rancid line 483 is the ) | no -t $MAILOPTS # Mail out the diffs (if there are any). if [ -s $TMP.diff ] ; then MAXSZ=${MAILSPLIT:=0} if [ $MAXSZ -ne 0 ] ; then BLOCKSIZE=1024; export BLOCKSIZE tmpk=`perl -e "my(@S) = stat(\"$TMP.diff\"); print int(\\$S[7] / 1024);"` unset BLOCKSIZE if [ $tmpk -lt $MAXSZ ] ; then MAXSZ=0 fi fi if [ $MAXSZ -eq 0 ] ; then ( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff ) | no -t $MAILOPTS else CDIR=`pwd` SDIR=${TMPDIR:=/tmp}/rancid.$GROUP.$$.mail error=`mkdir $SDIR` if [ $? -ne 0 ] ; then echo "Could not create $SDIR directory" >&2 echo $error >&2 else cd $SDIR split -b${MAXSZ}k $TMP.diff nfiles=`ls | wc -l | sed -e 's/^ *//' |cut -d' ' -f1` n=0 dt=`perl -e 'print time();'` for file in `ls`; do n=`expr $n + 1` MSGID="<$dt.RANCID$GROUP$$${nfiles}${n}@`hostname`>" ( echo "To: $mailrcpt" echo "Subject: $n of ${nfiles}: $subject" echo "Message-Id: $MSGID" if [ $n -gt 1 ] ; then echo "References: $LASTIDS" fi echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $file ) | no -t $MAILOPTS LASTIDS="$LASTIDS $MSGID" if [ $n -lt $nfiles ]; then # this just tries to make the msgs order right in MUAs sleep 1 fi done cd $CDIR rm -rf $SDIR fi fi fi _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From grungelizard9 at hotmail.com Wed Mar 11 18:30:05 2015 From: grungelizard9 at hotmail.com (Daniel Shields) Date: Wed, 11 Mar 2015 14:30:05 -0400 Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs In-Reply-To: <1426093101203.97953@census.gov> References: , <1426085890917.60562@census.gov>, , <1426093101203.97953@census.gov> Message-ID: Thanks Lee, You're exactly right. I changed all of the )| -t $MAILOPTSlines to )| sendmail -t $MAILOPTS and mail is being sent. Just need to get my aliases straightened out so that they get sent to the right email address. Thanks! From: lee.e.rian at census.gov To: grungelizard9 at hotmail.com; namelessjoe at hotmail.com; rancid-discuss at shrubbery.net Subject: Re: [rancid] Rancid 3.1 control_rancid errors when there are diffs Date: Wed, 11 Mar 2015 16:58:22 +0000 You don't have a program called "-t" so yes, it's going to complain about " -t: not found" I have no idea how postfix works -- maybe piping the output of all those echo commands to postfix -t $MAILOPTS will send you mail, in which case you need to change all the )| -t $MAILOPTS lines to )| postfix -t $MAILOPTS Regards, Lee From: Daniel Shields Sent: Wednesday, March 11, 2015 11:29 AM To: Lee Rian (CENSUS/TCO FED); Tanner Lyle; rancid-discuss at shrubbery.net Subject: RE: [rancid] Rancid 3.1 control_rancid errors when there are diffs I have a similar issue running 3.1.99, but using postfix. I get the error "/home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found". I had the same issue before upgrading (was running 3.1). " ) | -t $MAILOPTS" is the line of the control_rancid where it hangs. Any help is greatly appreciated. if [ $MAXSZ -eq 0 ] ; then ( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff ) | -t $MAILOPTS # Additional options for sendmail(8). #MAILOPTS="-f bounces.go.here at example.com"; export MAILOPTS Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs /home/rancid/var/rancid/CVS/demo-vpn/configs/imp_620,v <-- configs/imp_620 new revision: 1.30; previous revision: 1.29 /home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found Thanks! From: lee.e.rian at census.gov To: namelessjoe at hotmail.com; rancid-discuss at shrubbery.net Date: Wed, 11 Mar 2015 14:58:12 +0000 Subject: Re: [rancid] Rancid 3.1 control_rancid errors when there are diffs I had the same problem after building rancid on a machine that didn't have sendmail installed. Install sendmail and edit control_rancid to change all the no -t $MAILOPTS to sendmail -t $MAILOPTS Regards, Lee From: Rancid-discuss on behalf of Tanner Lyle Sent: Wednesday, March 11, 2015 10:07 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs I have installed rancid 3.1 and have it working on a Ubuntu install. It works and collects diffs and shows them in the repository and i have the cvs web working, but i cannot get it to e-mail me the diffs and am getting an error in the var/logs only when there are diffs. it errors on the control_rancid portion of it i can send mail through postfix with both the sendmail and mail command. I installed postfix after sendmail fail as i thought it was my problem. Below is the log of both and the control_rancid, and yes i am a newbie rancid log when there are no changes rancid at lyle ~/var/logs $ tail -f networking.20150311.080400 starting: Wed Mar 11 08:04:00 CDT 2015 Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs ending: Wed Mar 11 08:05:14 CDT 2015 rancid log when there are changes rancid at lyle ~/var/logs $ tail -f networking.20150311.083546 starting: Wed Mar 11 08:35:46 CDT 2015 Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs /usr/local/rancid/var/CVS/networking/configs/foundryswitch,v <-- configs/foundryswitch new revision: 1.11; previous revision: 1.10 /usr/local/rancid/bin/control_rancid: 483: /usr/local/rancid/bin/control_rancid: no: not found ending: Wed Mar 11 08:37:07 CDT 2015 control_rancid line 483 is the ) | no -t $MAILOPTS # Mail out the diffs (if there are any). if [ -s $TMP.diff ] ; then MAXSZ=${MAILSPLIT:=0} if [ $MAXSZ -ne 0 ] ; then BLOCKSIZE=1024; export BLOCKSIZE tmpk=`perl -e "my(@S) = stat(\"$TMP.diff\"); print int(\\$S[7] / 1024);"` unset BLOCKSIZE if [ $tmpk -lt $MAXSZ ] ; then MAXSZ=0 fi fi if [ $MAXSZ -eq 0 ] ; then ( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff ) | no -t $MAILOPTS else CDIR=`pwd` SDIR=${TMPDIR:=/tmp}/rancid.$GROUP.$$.mail error=`mkdir $SDIR` if [ $? -ne 0 ] ; then echo "Could not create $SDIR directory" >&2 echo $error >&2 else cd $SDIR split -b${MAXSZ}k $TMP.diff nfiles=`ls | wc -l | sed -e 's/^ *//' |cut -d' ' -f1` n=0 dt=`perl -e 'print time();'` for file in `ls`; do n=`expr $n + 1` MSGID="<$dt.RANCID$GROUP$$${nfiles}${n}@`hostname`>" ( echo "To: $mailrcpt" echo "Subject: $n of ${nfiles}: $subject" echo "Message-Id: $MSGID" if [ $n -gt 1 ] ; then echo "References: $LASTIDS" fi echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $file ) | no -t $MAILOPTS LASTIDS="$LASTIDS $MSGID" if [ $n -lt $nfiles ]; then # this just tries to make the msgs order right in MUAs sleep 1 fi done cd $CDIR rm -rf $SDIR fi fi fi _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From namelessjoe at hotmail.com Wed Mar 11 19:26:28 2015 From: namelessjoe at hotmail.com (Tanner -) Date: Wed, 11 Mar 2015 19:26:28 +0000 Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs In-Reply-To: References: , , <1426085890917.60562@census.gov>, , , , Message-ID: I got it fixed thanks to everyone for their contributions I had to change a fee things. Thanks Lee and David control_rancid no -t $MAILOPTStosendmail -t $MAILOPTS in rancid.conf PATH=/usr/local/rancid/bin:/usr/bin:.:/bin:/usr/local/bin:/usr/bin; export PATHto include /usr/sbinPATH=/usr/local/rancid/bin:/usr/bin:.:/bin:/usr/local/bin:/usr/bin:/usr/sbin; export PATH #SENDMAIL="no"toSENDMAIL="sendmail" From: namelessjoe at hotmail.com To: rancid-discuss at shrubbery.net Date: Wed, 11 Mar 2015 18:29:46 +0000 Subject: Re: [rancid] Rancid 3.1 control_rancid errors when there are diffs I have postfix installed and it has a sendmail clone function that works from the command line i changed the no -t $MAILOPTS to sendmail -t $MAILOPTS and i still get an error is it a path issue or what am i not understanding Trying to get all of the configs.All routers sucessfully completed. cvs diff: Diffing .cvs diff: Diffing configscvs commit: Examining .cvs commit: Examining configs/usr/local/rancid/var/CVS/networking/configs/198.210.70.10,v <-- configs/198.210.70.10new revision: 1.12; previous revision: 1.11/usr/local/rancid/bin/control_rancid: 483: /usr/local/rancid/bin/control_rancid: sendmail: not found ending: Wed Mar 11 10:27:32 CDT 2015 From: grungelizard9 at hotmail.com To: lee.e.rian at census.gov; namelessjoe at hotmail.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Rancid 3.1 control_rancid errors when there are diffs Date: Wed, 11 Mar 2015 11:29:18 -0400 I have a similar issue running 3.1.99, but using postfix. I get the error "/home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found". I had the same issue before upgrading (was running 3.1). " ) | -t $MAILOPTS" is the line of the control_rancid where it hangs. Any help is greatly appreciated. if [ $MAXSZ -eq 0 ] ; then ( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff ) | -t $MAILOPTS # Additional options for sendmail(8).#MAILOPTS="-f bounces.go.here at example.com"; export MAILOPTS Trying to get all of the configs.All routers sucessfully completed. cvs diff: Diffing .cvs diff: Diffing configscvs commit: Examining .cvs commit: Examining configs/home/rancid/var/rancid/CVS/demo-vpn/configs/imp_620,v <-- configs/imp_620new revision: 1.30; previous revision: 1.29/home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found Thanks!From: lee.e.rian at census.gov To: namelessjoe at hotmail.com; rancid-discuss at shrubbery.net Date: Wed, 11 Mar 2015 14:58:12 +0000 Subject: Re: [rancid] Rancid 3.1 control_rancid errors when there are diffs I had the same problem after building rancid on a machine that didn't have sendmail installed. Install sendmail and edit control_rancid to change all the no -t $MAILOPTS to sendmail -t $MAILOPTS Regards, Lee From: Rancid-discuss on behalf of Tanner Lyle Sent: Wednesday, March 11, 2015 10:07 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs I have installed rancid 3.1 and have it working on a Ubuntu install. It works and collects diffs and shows them in the repository and i have the cvs web working, but i cannot get it to e-mail me the diffs and am getting an error in the var/logs only when there are diffs. it errors on the control_rancid portion of it i can send mail through postfix with both the sendmail and mail command. I installed postfix after sendmail fail as i thought it was my problem. Below is the log of both and the control_rancid, and yes i am a newbie rancid log when there are no changes rancid at lyle ~/var/logs $ tail -f networking.20150311.080400 starting: Wed Mar 11 08:04:00 CDT 2015 Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs ending: Wed Mar 11 08:05:14 CDT 2015 rancid log when there are changes rancid at lyle ~/var/logs $ tail -f networking.20150311.083546 starting: Wed Mar 11 08:35:46 CDT 2015 Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs /usr/local/rancid/var/CVS/networking/configs/foundryswitch,v <-- configs/foundryswitch new revision: 1.11; previous revision: 1.10 /usr/local/rancid/bin/control_rancid: 483: /usr/local/rancid/bin/control_rancid: no: not found ending: Wed Mar 11 08:37:07 CDT 2015 control_rancid line 483 is the ) | no -t $MAILOPTS # Mail out the diffs (if there are any). if [ -s $TMP.diff ] ; then MAXSZ=${MAILSPLIT:=0} if [ $MAXSZ -ne 0 ] ; then BLOCKSIZE=1024; export BLOCKSIZE tmpk=`perl -e "my(@S) = stat(\"$TMP.diff\"); print int(\\$S[7] / 1024);"` unset BLOCKSIZE if [ $tmpk -lt $MAXSZ ] ; then MAXSZ=0 fi fi if [ $MAXSZ -eq 0 ] ; then ( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff ) | no -t $MAILOPTS else CDIR=`pwd` SDIR=${TMPDIR:=/tmp}/rancid.$GROUP.$$.mail error=`mkdir $SDIR` if [ $? -ne 0 ] ; then echo "Could not create $SDIR directory" >&2 echo $error >&2 else cd $SDIR split -b${MAXSZ}k $TMP.diff nfiles=`ls | wc -l | sed -e 's/^ *//' |cut -d' ' -f1` n=0 dt=`perl -e 'print time();'` for file in `ls`; do n=`expr $n + 1` MSGID="<$dt.RANCID$GROUP$$${nfiles}${n}@`hostname`>" ( echo "To: $mailrcpt" echo "Subject: $n of ${nfiles}: $subject" echo "Message-Id: $MSGID" if [ $n -gt 1 ] ; then echo "References: $LASTIDS" fi echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $file ) | no -t $MAILOPTS LASTIDS="$LASTIDS $MSGID" if [ $n -lt $nfiles ]; then # this just tries to make the msgs order right in MUAs sleep 1 fi done cd $CDIR rm -rf $SDIR fi fi fi _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Wed Mar 11 21:42:04 2015 From: heas at shrubbery.net (heasley) Date: Wed, 11 Mar 2015 21:42:04 +0000 Subject: [rancid] Rancid 3.1.99 Alpha git integration issues. In-Reply-To: <72054478-7310-45B0-B925-78B31C74BCD2@tsone.net.uk> References: <20150208042257.GB27729@shrubbery.net> <72054478-7310-45B0-B925-78B31C74BCD2@tsone.net.uk> Message-ID: <20150311214204.GA25101@shrubbery.net> Wed, Feb 18, 2015 at 01:01:25PM +0000, Thomas Greer: > >>> I?ve recently (read today) installed the above alpha in anticipation of the git support. I?ve setup rancid a few times before, but I?m struggling with the git stuff. > >>> > >>> When I run rancid-cvs after a fresh install, I get a load of errors. > >>> > >>> -bash-4.1$ ./bin/rancid-cvs > >>> error: Malformed value for push.default: simple > >>> error: Must be one of nothing, matching, tracking or current. > >>> fatal: bad config file line 6 in /usr/local/rancid//.gitconfig > >>> error: Malformed value for push.default: simple > >>> error: Must be one of nothing, matching, tracking or current. > >>> fatal: bad config file line 6 in /usr/local/rancid//.gitconfig > >> > >> entirely possible that i've screwed-up the git support; i'll have to re-test > >> it. but, this error is odd. rancid-cvs doesnt create .gitconfig itself. > >> so, what is the source of that file and thus this error? > >> > >>> fatal: Not a git repository (or any of the parent directories): .git ... > >>> fatal: Not a git repository (or any of the parent directories): .git > >>> > >>> My rancid.conf contains: > >>> > >>> # Select which RCS system to use, "cvs" (default), "svn" or "git". Do not > >>> # change this after CVSROOT has been created with rancid-cvs. Changing between > >>> # these requires manual conversions. > >>> RCSSYS=git; export RCSSYS > >>> > >>> The README and UPGRADING mention nothing specific to initialising git other than to run rancid-cvs. > >>> > >>> Running on Centos 6.6 > >>> git version 1.7.1 I'm not certain why this error occurs; it occurs with git 1.7, but not git 2.3. Is it reasonable to just upgrade your installation of git? From tgreer at tsone.net.uk Wed Mar 11 21:45:16 2015 From: tgreer at tsone.net.uk (Thomas Greer) Date: Wed, 11 Mar 2015 21:45:16 +0000 Subject: [rancid] Rancid 3.1.99 Alpha git integration issues. In-Reply-To: <20150311214204.GA25101@shrubbery.net> References: <20150208042257.GB27729@shrubbery.net> <72054478-7310-45B0-B925-78B31C74BCD2@tsone.net.uk>, <20150311214204.GA25101@shrubbery.net> Message-ID: <3D7FC204-264D-40B4-B639-B8C43791FA52@tsone.net.uk> That's the highest available is centos standard. I can have a look and see > On 11 Mar 2015, at 21:42, heasley wrote: > > Wed, Feb 18, 2015 at 01:01:25PM +0000, Thomas Greer: >>>>> I?ve recently (read today) installed the above alpha in anticipation of the git support. I?ve setup rancid a few times before, but I?m struggling with the git stuff. >>>>> >>>>> When I run rancid-cvs after a fresh install, I get a load of errors. >>>>> >>>>> -bash-4.1$ ./bin/rancid-cvs >>>>> error: Malformed value for push.default: simple >>>>> error: Must be one of nothing, matching, tracking or current. >>>>> fatal: bad config file line 6 in /usr/local/rancid//.gitconfig >>>>> error: Malformed value for push.default: simple >>>>> error: Must be one of nothing, matching, tracking or current. >>>>> fatal: bad config file line 6 in /usr/local/rancid//.gitconfig >>>> >>>> entirely possible that i've screwed-up the git support; i'll have to re-test >>>> it. but, this error is odd. rancid-cvs doesnt create .gitconfig itself. >>>> so, what is the source of that file and thus this error? >>>> >>>>> fatal: Not a git repository (or any of the parent directories): .git > > ... > >>>>> fatal: Not a git repository (or any of the parent directories): .git >>>>> >>>>> My rancid.conf contains: >>>>> >>>>> # Select which RCS system to use, "cvs" (default), "svn" or "git". Do not >>>>> # change this after CVSROOT has been created with rancid-cvs. Changing between >>>>> # these requires manual conversions. >>>>> RCSSYS=git; export RCSSYS >>>>> >>>>> The README and UPGRADING mention nothing specific to initialising git other than to run rancid-cvs. >>>>> >>>>> Running on Centos 6.6 >>>>> git version 1.7.1 > > I'm not certain why this error occurs; it occurs with git 1.7, but not git > 2.3. Is it reasonable to just upgrade your installation of git? From pelle at hemmop.com Wed Mar 11 22:30:54 2015 From: pelle at hemmop.com (Per Carlson) Date: Wed, 11 Mar 2015 23:30:54 +0100 Subject: [rancid] Rancid 3.1.99 Alpha git integration issues. In-Reply-To: <20150311214204.GA25101@shrubbery.net> References: <20150208042257.GB27729@shrubbery.net> <72054478-7310-45B0-B925-78B31C74BCD2@tsone.net.uk> <20150311214204.GA25101@shrubbery.net> Message-ID: Hi. On 11 March 2015 at 22:42, heasley wrote: > > I'm not certain why this error occurs; it occurs with git 1.7, but not git > 2.3. > ?The default push mode did change in git 2.0.0 ( https://github.com/git/git/blob/master/Documentation/RelNotes/2.0.0.txt#L7-L23). Before 2.0.0 it was "matching" but from 2.0.0 it's "simple". The error occurs when using a git version less than 1.7.11 (when "simple" where introduced, see https://github.com/git/git/blob/master/Documentation/RelNotes/1.7.11.txt#L9-L14). ? To fix that a compatible mode must be used, like "current" (or "matching"). This can be set by running "git config push.default " or manually editing the repository git config file (please don't set this globally). For more information of the available modes (and what they do), search for "push.default" in http://git-scm.com/docs/git-config. -- Pelle Research is what I'm doing when I don't know what I'm doing. - Wernher von Braun -------------- next part -------------- An HTML attachment was scrubbed... URL: From gmourani at gmail.com Wed Mar 11 18:45:19 2015 From: gmourani at gmail.com (Gerhard Mourani) Date: Wed, 11 Mar 2015 14:45:19 -0400 Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs In-Reply-To: References: <, > <1426085890917.60562@census.gov> <, > <, >

Message-ID: Did you have a ?sendmail? symlink available under /usr/lib (32bits) or /usr/lib64 (64bits) ? ls -l /usr/lib64/sendmail > On Mar 11, 2015, at 2:29 PM, Tanner - wrote: > > > I have postfix installed and it has a sendmail clone function that works from the command line i changed the > > no -t $MAILOPTS > > to sendmail -t $MAILOPTS and i still get an error is it a path issue or what am i not understanding > > Trying to get all of the configs. > All routers sucessfully completed. > > cvs diff: Diffing . > cvs diff: Diffing configs > cvs commit: Examining . > cvs commit: Examining configs > /usr/local/rancid/var/CVS/networking/configs/198.210.70.10,v <-- configs/198.210.70.10 > new revision: 1.12; previous revision: 1.11 > /usr/local/rancid/bin/control_rancid: 483: /usr/local/rancid/bin/control_rancid: sendmail: not found > > ending: Wed Mar 11 10:27:32 CDT 2015 > > From: grungelizard9 at hotmail.com > To: lee.e.rian at census.gov ; namelessjoe at hotmail.com ; rancid-discuss at shrubbery.net > Subject: RE: [rancid] Rancid 3.1 control_rancid errors when there are diffs > Date: Wed, 11 Mar 2015 11:29:18 -0400 > > I have a similar issue running 3.1.99, but using postfix. I get the error "/home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found". I had the same issue before upgrading (was running 3.1). " ) | -t $MAILOPTS" is the line of the control_rancid where it hangs. Any help is greatly appreciated. > > if [ $MAXSZ -eq 0 ] ; then > ( > echo "To: $mailrcpt" > echo "Subject: $subject" > echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' > echo "" > cat $TMP.diff > ) | -t $MAILOPTS > > > # Additional options for sendmail(8). > #MAILOPTS="-f bounces.go.here at example.com "; export MAILOPTS > > > Trying to get all of the configs. > All routers sucessfully completed. > > cvs diff: Diffing . > cvs diff: Diffing configs > cvs commit: Examining . > cvs commit: Examining configs > /home/rancid/var/rancid/CVS/demo-vpn/configs/imp_620,v <-- configs/imp_620 > new revision: 1.30; previous revision: 1.29 > /home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found > > > Thanks! > From: lee.e.rian at census.gov > To: namelessjoe at hotmail.com ; rancid-discuss at shrubbery.net > Date: Wed, 11 Mar 2015 14:58:12 +0000 > Subject: Re: [rancid] Rancid 3.1 control_rancid errors when there are diffs > > I had the same problem after building rancid on a machine that didn't have sendmail installed. Install sendmail and edit control_rancid to change all the > no -t $MAILOPTS > to > sendmail -t $MAILOPTS > > > Regards, > Lee > > > > > From: Rancid-discuss > on behalf of Tanner Lyle > > Sent: Wednesday, March 11, 2015 10:07 AM > To: rancid-discuss at shrubbery.net > Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs > > I have installed rancid 3.1 and have it working on a Ubuntu install. It works and collects diffs and shows them in the repository and i have the cvs web working, but i cannot get it to e-mail me the diffs and am getting an error in the var/logs only when there are diffs. it errors on the control_rancid portion of it i can send mail through postfix with both the sendmail and mail command. I installed postfix after sendmail fail as i thought it was my problem. Below is the log of both and the control_rancid, and yes i am a newbie > > > > rancid log when there are no changes > > rancid at lyle ~/var/logs $ tail -f networking.20150311.080400 > starting: Wed Mar 11 08:04:00 CDT 2015 > > Trying to get all of the configs. > All routers sucessfully completed. > > cvs diff: Diffing . > cvs diff: Diffing configs > cvs commit: Examining . > cvs commit: Examining configs > > ending: Wed Mar 11 08:05:14 CDT 2015 > > > rancid log when there are changes > > rancid at lyle ~/var/logs $ tail -f networking.20150311.083546 > starting: Wed Mar 11 08:35:46 CDT 2015 > > Trying to get all of the configs. > All routers sucessfully completed. > > cvs diff: Diffing . > cvs diff: Diffing configs > cvs commit: Examining . > cvs commit: Examining configs > /usr/local/rancid/var/CVS/networking/configs/foundryswitch,v <-- configs/foundryswitch > new revision: 1.11; previous revision: 1.10 > /usr/local/rancid/bin/control_rancid: 483: /usr/local/rancid/bin/control_rancid: no: not found > > ending: Wed Mar 11 08:37:07 CDT 2015 > > > control_rancid line 483 is the ) | no -t $MAILOPTS > > # Mail out the diffs (if there are any). > if [ -s $TMP.diff ] ; then > MAXSZ=${MAILSPLIT:=0} > if [ $MAXSZ -ne 0 ] ; then > BLOCKSIZE=1024; export BLOCKSIZE > tmpk=`perl -e "my(@S) = stat(\"$TMP.diff\"); print int(\\$S[7] / 1024);"` > unset BLOCKSIZE > if [ $tmpk -lt $MAXSZ ] ; then > MAXSZ=0 > fi > fi > if [ $MAXSZ -eq 0 ] ; then > ( > echo "To: $mailrcpt" > echo "Subject: $subject" > echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' > echo "" > cat $TMP.diff > ) | no -t $MAILOPTS > else > CDIR=`pwd` > SDIR=${TMPDIR:=/tmp}/rancid.$GROUP.$$.mail > error=`mkdir $SDIR` > if [ $? -ne 0 ] ; then > echo "Could not create $SDIR directory" >&2 > echo $error >&2 > else > cd $SDIR > split -b${MAXSZ}k $TMP.diff > nfiles=`ls | wc -l | sed -e 's/^ *//' |cut -d' ' -f1` > n=0 > dt=`perl -e 'print time();'` > for file in `ls`; do > n=`expr $n + 1` > MSGID="<$dt.RANCID$GROUP$$${nfiles}${n}@`hostname`>" > ( > echo "To: $mailrcpt" > echo "Subject: $n of ${nfiles}: $subject" > echo "Message-Id: $MSGID" > if [ $n -gt 1 ] ; then > echo "References: $LASTIDS" > fi > echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' > echo "" > cat $file > ) | no -t $MAILOPTS > LASTIDS="$LASTIDS $MSGID" > if [ $n -lt $nfiles ]; then > # this just tries to make the msgs order right in MUAs > sleep 1 > fi > done > cd $CDIR > rm -rf $SDIR > fi > fi > fi > > > > > > > > > _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From grungelizard9 at hotmail.com Thu Mar 12 04:02:26 2015 From: grungelizard9 at hotmail.com (Daniel Shields) Date: Thu, 12 Mar 2015 00:02:26 -0400 Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs In-Reply-To: References: <,,> <1426085890917.60562@census.gov> <,,> <,,> , , Message-ID: Hello all, Well, I tried everything I could find on the interwebs and here in the forums (thanks for the tips and suggestions), but had to modify control_rancid to get the alerts to go to my email. I don't think this has anything to do with RANCID. It sent the alerts to postfix like a champ with the group names that I have set up like the script was telling it to. Pretty sure this is a postfix issue. Anyways, hope this helps if anybody runs into the same. Thanks all. # the receipient(s) of diffs & mail options#mailrcpt=${mailrcpt:-"rancid-${GROUP}${MAILDOMAIN}"}; export mailrcptmailrcpt=${mailrcpt:-"grungelizard9"}; export mailrcpt#adminmailrcpt=${adminmailrcpt:-"rancid-admin-${GROUP}${MAILDOMAIN}"};adminmailrcpt=${adminmailrcpt:-"grungelizard9"}; From: gmourani at gmail.com Date: Wed, 11 Mar 2015 14:45:19 -0400 To: namelessjoe at hotmail.com CC: rancid-discuss at shrubbery.net Subject: Re: [rancid] Rancid 3.1 control_rancid errors when there are diffs Did you have a ?sendmail? symlink available under /usr/lib (32bits) or /usr/lib64 (64bits) ?ls -l /usr/lib64/sendmail On Mar 11, 2015, at 2:29 PM, Tanner - wrote:I have postfix installed and it has a sendmail clone function that works from the command line i changed the no -t $MAILOPTS to sendmail -t $MAILOPTS and i still get an error is it a path issue or what am i not understanding Trying to get all of the configs.All routers sucessfully completed. cvs diff: Diffing .cvs diff: Diffing configscvs commit: Examining .cvs commit: Examining configs/usr/local/rancid/var/CVS/networking/configs/198.210.70.10,v <-- configs/198.210.70.10new revision: 1.12; previous revision: 1.11/usr/local/rancid/bin/control_rancid: 483: /usr/local/rancid/bin/control_rancid: sendmail: not found ending: Wed Mar 11 10:27:32 CDT 2015 From: grungelizard9 at hotmail.com To: lee.e.rian at census.gov; namelessjoe at hotmail.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Rancid 3.1 control_rancid errors when there are diffs Date: Wed, 11 Mar 2015 11:29:18 -0400 I have a similar issue running 3.1.99, but using postfix. I get the error "/home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found". I had the same issue before upgrading (was running 3.1). " ) | -t $MAILOPTS" is the line of the control_rancid where it hangs. Any help is greatly appreciated. if [ $MAXSZ -eq 0 ] ; then ( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff ) | -t $MAILOPTS # Additional options for sendmail(8).#MAILOPTS="-f bounces.go.here at example.com"; export MAILOPTS Trying to get all of the configs.All routers sucessfully completed. cvs diff: Diffing .cvs diff: Diffing configscvs commit: Examining .cvs commit: Examining configs/home/rancid/var/rancid/CVS/demo-vpn/configs/imp_620,v <-- configs/imp_620new revision: 1.30; previous revision: 1.29/home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found Thanks!From: lee.e.rian at census.gov To: namelessjoe at hotmail.com; rancid-discuss at shrubbery.net Date: Wed, 11 Mar 2015 14:58:12 +0000 Subject: Re: [rancid] Rancid 3.1 control_rancid errors when there are diffs I had the same problem after building rancid on a machine that didn't have sendmail installed. Install sendmail and edit control_rancid to change all the no -t $MAILOPTS to sendmail -t $MAILOPTS Regards, Lee From: Rancid-discuss on behalf of Tanner Lyle Sent: Wednesday, March 11, 2015 10:07 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs I have installed rancid 3.1 and have it working on a Ubuntu install. It works and collects diffs and shows them in the repository and i have the cvs web working, but i cannot get it to e-mail me the diffs and am getting an error in the var/logs only when there are diffs. it errors on the control_rancid portion of it i can send mail through postfix with both the sendmail and mail command. I installed postfix after sendmail fail as i thought it was my problem. Below is the log of both and the control_rancid, and yes i am a newbie rancid log when there are no changes rancid at lyle ~/var/logs $ tail -f networking.20150311.080400 starting: Wed Mar 11 08:04:00 CDT 2015 Trying to get all of the configs.All routers sucessfully completed. cvs diff: Diffing .cvs diff: Diffing configscvs commit: Examining .cvs commit: Examining configs ending: Wed Mar 11 08:05:14 CDT 2015 rancid log when there are changes rancid at lyle ~/var/logs $ tail -f networking.20150311.083546 starting: Wed Mar 11 08:35:46 CDT 2015 Trying to get all of the configs.All routers sucessfully completed. cvs diff: Diffing .cvs diff: Diffing configscvs commit: Examining .cvs commit: Examining configs/usr/local/rancid/var/CVS/networking/configs/foundryswitch,v <-- configs/foundryswitchnew revision: 1.11; previous revision: 1.10/usr/local/rancid/bin/control_rancid: 483: /usr/local/rancid/bin/control_rancid: no: not found ending: Wed Mar 11 08:37:07 CDT 2015 control_rancid line 483 is the ) | no -t $MAILOPTS # Mail out the diffs (if there are any).if [ -s $TMP.diff ] ; then MAXSZ=${MAILSPLIT:=0} if [ $MAXSZ -ne 0 ] ; thenBLOCKSIZE=1024; export BLOCKSIZEtmpk=`perl -e "my(@S) = stat(\"$TMP.diff\"); print int(\\$S[7] / 1024);"`unset BLOCKSIZEif [ $tmpk -lt $MAXSZ ] ; then MAXSZ=0fi fi if [ $MAXSZ -eq 0 ] ; then( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff) | no -t $MAILOPTS elseCDIR=`pwd`SDIR=${TMPDIR:=/tmp}/rancid.$GROUP.$$.mailerror=`mkdir $SDIR`if [ $? -ne 0 ] ; then echo "Could not create $SDIR directory" >&2 echo $error >&2else cd $SDIR split -b${MAXSZ}k $TMP.diff nfiles=`ls | wc -l | sed -e 's/^ *//' |cut -d' ' -f1` n=0 dt=`perl -e 'print time();'` for file in `ls`; don=`expr $n + 1`MSGID="<$dt.RANCID$GROUP$$${nfiles}${n}@`hostname`>"(echo "To: $mailrcpt"echo "Subject: $n of ${nfiles}: $subject"echo "Message-Id: $MSGID"if [ $n -gt 1 ] ; then echo "References: $LASTIDS"fiecho "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}'echo ""cat $file) | no -t $MAILOPTSLASTIDS="$LASTIDS $MSGID"if [ $n -lt $nfiles ]; then # this just tries to make the msgs order right in MUAs sleep 1fi done cd $CDIR rm -rf $SDIRfi fifi _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss_______________________________________________Rancid-discuss mailing listRancid-discuss at shrubbery.nethttp://www.shrubbery.net/mailman/listinfo/rancid-discuss _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From grungelizard9 at hotmail.com Thu Mar 12 04:04:52 2015 From: grungelizard9 at hotmail.com (Daniel Shields) Date: Thu, 12 Mar 2015 00:04:52 -0400 Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs In-Reply-To: References: <,,> <1426085890917.60562@census.gov> <,,> <,,> , , Message-ID: Have you set # SENDMAIL locationSENDMAIL=${SENDMAIL:=sendmail}; in control_rancid? Took me a bit to figure that one out. From: gmourani at gmail.com Date: Wed, 11 Mar 2015 14:45:19 -0400 To: namelessjoe at hotmail.com CC: rancid-discuss at shrubbery.net Subject: Re: [rancid] Rancid 3.1 control_rancid errors when there are diffs Did you have a ?sendmail? symlink available under /usr/lib (32bits) or /usr/lib64 (64bits) ?ls -l /usr/lib64/sendmail On Mar 11, 2015, at 2:29 PM, Tanner - wrote:I have postfix installed and it has a sendmail clone function that works from the command line i changed the no -t $MAILOPTS to sendmail -t $MAILOPTS and i still get an error is it a path issue or what am i not understanding Trying to get all of the configs.All routers sucessfully completed. cvs diff: Diffing .cvs diff: Diffing configscvs commit: Examining .cvs commit: Examining configs/usr/local/rancid/var/CVS/networking/configs/198.210.70.10,v <-- configs/198.210.70.10new revision: 1.12; previous revision: 1.11/usr/local/rancid/bin/control_rancid: 483: /usr/local/rancid/bin/control_rancid: sendmail: not found ending: Wed Mar 11 10:27:32 CDT 2015 From: grungelizard9 at hotmail.com To: lee.e.rian at census.gov; namelessjoe at hotmail.com; rancid-discuss at shrubbery.net Subject: RE: [rancid] Rancid 3.1 control_rancid errors when there are diffs Date: Wed, 11 Mar 2015 11:29:18 -0400 I have a similar issue running 3.1.99, but using postfix. I get the error "/home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found". I had the same issue before upgrading (was running 3.1). " ) | -t $MAILOPTS" is the line of the control_rancid where it hangs. Any help is greatly appreciated. if [ $MAXSZ -eq 0 ] ; then ( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff ) | -t $MAILOPTS # Additional options for sendmail(8).#MAILOPTS="-f bounces.go.here at example.com"; export MAILOPTS Trying to get all of the configs.All routers sucessfully completed. cvs diff: Diffing .cvs diff: Diffing configscvs commit: Examining .cvs commit: Examining configs/home/rancid/var/rancid/CVS/demo-vpn/configs/imp_620,v <-- configs/imp_620new revision: 1.30; previous revision: 1.29/home/rancid/bin/control_rancid: 631: /home/rancid/bin/control_rancid: -t: not found Thanks!From: lee.e.rian at census.gov To: namelessjoe at hotmail.com; rancid-discuss at shrubbery.net Date: Wed, 11 Mar 2015 14:58:12 +0000 Subject: Re: [rancid] Rancid 3.1 control_rancid errors when there are diffs I had the same problem after building rancid on a machine that didn't have sendmail installed. Install sendmail and edit control_rancid to change all the no -t $MAILOPTS to sendmail -t $MAILOPTS Regards, Lee From: Rancid-discuss on behalf of Tanner Lyle Sent: Wednesday, March 11, 2015 10:07 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs I have installed rancid 3.1 and have it working on a Ubuntu install. It works and collects diffs and shows them in the repository and i have the cvs web working, but i cannot get it to e-mail me the diffs and am getting an error in the var/logs only when there are diffs. it errors on the control_rancid portion of it i can send mail through postfix with both the sendmail and mail command. I installed postfix after sendmail fail as i thought it was my problem. Below is the log of both and the control_rancid, and yes i am a newbie rancid log when there are no changes rancid at lyle ~/var/logs $ tail -f networking.20150311.080400 starting: Wed Mar 11 08:04:00 CDT 2015 Trying to get all of the configs.All routers sucessfully completed. cvs diff: Diffing .cvs diff: Diffing configscvs commit: Examining .cvs commit: Examining configs ending: Wed Mar 11 08:05:14 CDT 2015 rancid log when there are changes rancid at lyle ~/var/logs $ tail -f networking.20150311.083546 starting: Wed Mar 11 08:35:46 CDT 2015 Trying to get all of the configs.All routers sucessfully completed. cvs diff: Diffing .cvs diff: Diffing configscvs commit: Examining .cvs commit: Examining configs/usr/local/rancid/var/CVS/networking/configs/foundryswitch,v <-- configs/foundryswitchnew revision: 1.11; previous revision: 1.10/usr/local/rancid/bin/control_rancid: 483: /usr/local/rancid/bin/control_rancid: no: not found ending: Wed Mar 11 08:37:07 CDT 2015 control_rancid line 483 is the ) | no -t $MAILOPTS # Mail out the diffs (if there are any).if [ -s $TMP.diff ] ; then MAXSZ=${MAILSPLIT:=0} if [ $MAXSZ -ne 0 ] ; thenBLOCKSIZE=1024; export BLOCKSIZEtmpk=`perl -e "my(@S) = stat(\"$TMP.diff\"); print int(\\$S[7] / 1024);"`unset BLOCKSIZEif [ $tmpk -lt $MAXSZ ] ; then MAXSZ=0fi fi if [ $MAXSZ -eq 0 ] ; then( echo "To: $mailrcpt" echo "Subject: $subject" echo "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}' echo "" cat $TMP.diff) | no -t $MAILOPTS elseCDIR=`pwd`SDIR=${TMPDIR:=/tmp}/rancid.$GROUP.$$.mailerror=`mkdir $SDIR`if [ $? -ne 0 ] ; then echo "Could not create $SDIR directory" >&2 echo $error >&2else cd $SDIR split -b${MAXSZ}k $TMP.diff nfiles=`ls | wc -l | sed -e 's/^ *//' |cut -d' ' -f1` n=0 dt=`perl -e 'print time();'` for file in `ls`; don=`expr $n + 1`MSGID="<$dt.RANCID$GROUP$$${nfiles}${n}@`hostname`>"(echo "To: $mailrcpt"echo "Subject: $n of ${nfiles}: $subject"echo "Message-Id: $MSGID"if [ $n -gt 1 ] ; then echo "References: $LASTIDS"fiecho "$MAILHEADERS" | awk '{L = "";LN = $0;while (LN ~ /\\n/) { I = index(LN,"\\n");L = L substr(LN,0,I-1) "\n";LN = substr(LN,I+2,length(LN)-I-1);}print L LN;}'echo ""cat $file) | no -t $MAILOPTSLASTIDS="$LASTIDS $MSGID"if [ $n -lt $nfiles ]; then # this just tries to make the msgs order right in MUAs sleep 1fi done cd $CDIR rm -rf $SDIRfi fifi _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss_______________________________________________Rancid-discuss mailing listRancid-discuss at shrubbery.nethttp://www.shrubbery.net/mailman/listinfo/rancid-discuss _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From tgreer at tsone.net.uk Thu Mar 12 11:09:00 2015 From: tgreer at tsone.net.uk (Thomas Greer) Date: Thu, 12 Mar 2015 11:09:00 +0000 Subject: [rancid] Rancid 3.1.99 Alpha git integration issues. In-Reply-To: References: <20150208042257.GB27729@shrubbery.net> <72054478-7310-45B0-B925-78B31C74BCD2@tsone.net.uk> <20150311214204.GA25101@shrubbery.net>, Message-ID: <1426158539449.35661@tsone.net.uk> ?I tried changing the line in rancid-cvs to say matching instead of simple... still many errors, suspect it's not just a simple swap out a keyword fix. ________________________________ From: Per Carlson Sent: 11 March 2015 22:30 To: heasley Cc: Thomas Greer; rancid-discuss at shrubbery.net Subject: Re: [rancid] Rancid 3.1.99 Alpha git integration issues. Hi. On 11 March 2015 at 22:42, heasley > wrote: I'm not certain why this error occurs; it occurs with git 1.7, but not git 2.3. ?The default push mode did change in git 2.0.0 (https://github.com/git/git/blob/master/Documentation/RelNotes/2.0.0.txt#L7-L23). Before 2.0.0 it was "matching" but from 2.0.0 it's "simple". The error occurs when using a git version less than 1.7.11 (when "simple" where introduced, see https://github.com/git/git/blob/master/Documentation/RelNotes/1.7.11.txt#L9-L14).? To fix that a compatible mode must be used, like "current" (or "matching"). This can be set by running "git config push.default " or manually editing the repository git config file (please don't set this globally). For more information of the available modes (and what they do), search for "push.default" in http://git-scm.com/docs/git-config. -- Pelle Research is what I'm doing when I don't know what I'm doing. - Wernher von Braun -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu Mar 12 12:33:34 2015 From: heas at shrubbery.net (heasley) Date: Thu, 12 Mar 2015 12:33:34 +0000 Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs In-Reply-To: References: <,,> <1426085890917.60562@census.gov> <,,> <,,>

Message-ID: <20150312123334.GD45842@shrubbery.net> try 3.1.99; i think the sendmail check in configure is fixed. the thread became illegible, but there was a note about postfix that was not correct. postfix provides a binary named sendmail for compatibility with sendmail. if it doesnt exist, your installation is incomplete - not that this is a postfix help list. From grungelizard9 at hotmail.com Thu Mar 12 18:07:11 2015 From: grungelizard9 at hotmail.com (Daniel Shields) Date: Thu, 12 Mar 2015 14:07:11 -0400 Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs In-Reply-To: <20150312123334.GD45842@shrubbery.net> References: <,,>,<1426085890917.60562@census.gov> <,,>, <, , >, , , , , <20150312123334.GD45842@shrubbery.net> Message-ID: Agreed. I'm on 3.1.99 and all works well. The sendmail binary was installed with postfix, just had to edit rancid_control to send to my email as aliases aren't working. I'll post back if I find a better fix. Thanks! > Date: Thu, 12 Mar 2015 12:33:34 +0000 > From: heas at shrubbery.net > To: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Rancid 3.1 control_rancid errors when there are diffs > > try 3.1.99; i think the sendmail check in configure is fixed. > > the thread became illegible, but there was a note about postfix that was > not correct. postfix provides a binary named sendmail for compatibility > with sendmail. if it doesnt exist, your installation is incomplete - not > that this is a postfix help list. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu Mar 12 18:13:38 2015 From: heas at shrubbery.net (heasley) Date: Thu, 12 Mar 2015 18:13:38 +0000 Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs In-Reply-To: References: <1426085890917.60562@census.gov> <,,> <,,>

<20150312123334.GD45842@shrubbery.net> Message-ID: <20150312181338.GH45842@shrubbery.net> Thu, Mar 12, 2015 at 02:07:11PM -0400, Daniel Shields: > I'll post back if I find a better fix. Thanks! i think this too could be handled in 3.1.99 (to be 3.2). see MAILDOMAIN. also see that it now supports a per-group rancid.conf; group/rancid.conf. From heas at shrubbery.net Thu Mar 12 18:23:07 2015 From: heas at shrubbery.net (heasley) Date: Thu, 12 Mar 2015 18:23:07 +0000 Subject: [rancid] Rancid 3.1.99 Alpha git integration issues. In-Reply-To: <1426158539449.35661@tsone.net.uk> References: <20150208042257.GB27729@shrubbery.net> <72054478-7310-45B0-B925-78B31C74BCD2@tsone.net.uk> <20150311214204.GA25101@shrubbery.net> <1426158539449.35661@tsone.net.uk> Message-ID: <20150312182307.GI45842@shrubbery.net> Thu, Mar 12, 2015 at 11:09:00AM +0000, Thomas Greer: > ?I tried changing the line in rancid-cvs to say matching instead of simple... still many errors, suspect it's not just a simple swap out a keyword fix. It does work for me; git 1.7.10.4. make sure that you start with a clean slate, including ~/.gitconfig. Thanks Per Carlson. > ________________________________ > From: Per Carlson > Sent: 11 March 2015 22:30 > To: heasley > Cc: Thomas Greer; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Rancid 3.1.99 Alpha git integration issues. > > Hi. > > On 11 March 2015 at 22:42, heasley > wrote: > > I'm not certain why this error occurs; it occurs with git 1.7, but not git > 2.3. > > ?The default push mode did change in git 2.0.0 (https://github.com/git/git/blob/master/Documentation/RelNotes/2.0.0.txt#L7-L23). Before 2.0.0 it was "matching" but from 2.0.0 it's "simple". The error occurs when using a git version less than 1.7.11 (when "simple" where introduced, see https://github.com/git/git/blob/master/Documentation/RelNotes/1.7.11.txt#L9-L14).? > > To fix that a compatible mode must be used, like "current" (or "matching"). This can be set by running "git config push.default " or manually editing the repository git config file (please don't set this globally). > > For more information of the available modes (and what they do), search for "push.default" in http://git-scm.com/docs/git-config. > > -- > Pelle > > Research is what I'm doing when I don't know what I'm doing. > - Wernher von Braun From grungelizard9 at hotmail.com Thu Mar 12 18:33:31 2015 From: grungelizard9 at hotmail.com (Daniel Shields) Date: Thu, 12 Mar 2015 14:33:31 -0400 Subject: [rancid] Rancid 3.1 control_rancid errors when there are diffs In-Reply-To: <20150312181338.GH45842@shrubbery.net> References: <1426085890917.60562@census.gov>, <, , >, , <, , >, , , , , <20150312123334.GD45842@shrubbery.net>, , <20150312181338.GH45842@shrubbery.net> Message-ID: Thanks Heasley. I saw the MAILDOMAIN option last night. The issue I had though is that RANCID composes the mail with the groupname in the To: line which is expected, but when the mail is sent to postfix, postfix doesn't change the username in the to: line before sending it. Therefore the mail was sent to the correct domain, but to a non-existent user. I made the tweak to rancid_control as a work-around until I'm able to get postfix to use the aliases. I'll definitely check out the per-group rancid.conf as well though. Thanks! > Date: Thu, 12 Mar 2015 18:13:38 +0000 > From: heas at shrubbery.net > To: grungelizard9 at hotmail.com > CC: heas at shrubbery.net; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Rancid 3.1 control_rancid errors when there are diffs > > Thu, Mar 12, 2015 at 02:07:11PM -0400, Daniel Shields: > > I'll post back if I find a better fix. Thanks! > > i think this too could be handled in 3.1.99 (to be 3.2). see MAILDOMAIN. > also see that it now supports a per-group rancid.conf; group/rancid.conf. -------------- next part -------------- An HTML attachment was scrubbed... URL: From tgreer at tsone.net.uk Thu Mar 12 18:42:59 2015 From: tgreer at tsone.net.uk (Thomas Greer) Date: Thu, 12 Mar 2015 18:42:59 +0000 Subject: [rancid] Rancid 3.1.99 Alpha git integration issues. In-Reply-To: <20150312182307.GI45842@shrubbery.net> References: <20150208042257.GB27729@shrubbery.net> <72054478-7310-45B0-B925-78B31C74BCD2@tsone.net.uk> <20150311214204.GA25101@shrubbery.net> <1426158539449.35661@tsone.net.uk> <20150312182307.GI45842@shrubbery.net> Message-ID: <50FBC875-5B18-4562-A5FE-FEC052695015@tsone.net.uk> Is the following output expected then? ./bin/rancid-cvs Initialized empty Git repository in /usr/local/rancid/var/CVS/lon/ Initialized empty Git repository in /usr/local/rancid/var/lon/.git/ warning: You appear to have cloned an empty repository. [master (root-commit) 523f48d] new 1 files changed, 2 insertions(+), 0 deletions(-) create mode 100644 configs/.gitignore No refs in common and none specified; doing nothing. Perhaps you should specify a branch such as 'master'. fatal: The remote end hung up unexpectedly error: failed to push some refs to '/usr/local/rancid/var/CVS/lon' [master 2638f0b] new 0 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 router.db No refs in common and none specified; doing nothing. Perhaps you should specify a branch such as 'master'. fatal: The remote end hung up unexpectedly error: failed to push some refs to '/usr/local/rancid/var/CVS/lon' Initialized empty Git repository in /usr/local/rancid/var/CVS/gs1/ Initialized empty Git repository in /usr/local/rancid/var/gs1/.git/ warning: You appear to have cloned an empty repository. [master (root-commit) 523f48d] new 1 files changed, 2 insertions(+), 0 deletions(-) create mode 100644 configs/.gitignore No refs in common and none specified; doing nothing. Perhaps you should specify a branch such as 'master'. fatal: The remote end hung up unexpectedly error: failed to push some refs to '/usr/local/rancid/var/CVS/gs1' [master 2638f0b] new 0 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 router.db No refs in common and none specified; doing nothing. Perhaps you should specify a branch such as 'master'. fatal: The remote end hung up unexpectedly error: failed to push some refs to '/usr/local/rancid/var/CVS/gs1' Initialized empty Git repository in /usr/local/rancid/var/CVS/tal/ Initialized empty Git repository in /usr/local/rancid/var/tal/.git/ warning: You appear to have cloned an empty repository. [master (root-commit) 523f48d] new 1 files changed, 2 insertions(+), 0 deletions(-) create mode 100644 configs/.gitignore No refs in common and none specified; doing nothing. Perhaps you should specify a branch such as 'master'. fatal: The remote end hung up unexpectedly error: failed to push some refs to '/usr/local/rancid/var/CVS/tal' [master 2638f0b] new 0 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 router.db No refs in common and none specified; doing nothing. Perhaps you should specify a branch such as 'master'. fatal: The remote end hung up unexpectedly error: failed to push some refs to '/usr/local/rancid/var/CVS/tal' > On 12 Mar 2015, at 18:23, heasley wrote: > > Thu, Mar 12, 2015 at 11:09:00AM +0000, Thomas Greer: >> ?I tried changing the line in rancid-cvs to say matching instead of simple... still many errors, suspect it's not just a simple swap out a keyword fix. > > It does work for me; git 1.7.10.4. make sure that you start with a clean > slate, including ~/.gitconfig. > > Thanks Per Carlson. > >> ________________________________ >> From: Per Carlson >> Sent: 11 March 2015 22:30 >> To: heasley >> Cc: Thomas Greer; rancid-discuss at shrubbery.net >> Subject: Re: [rancid] Rancid 3.1.99 Alpha git integration issues. >> >> Hi. >> >> On 11 March 2015 at 22:42, heasley > wrote: >> >> I'm not certain why this error occurs; it occurs with git 1.7, but not git >> 2.3. >> >> ?The default push mode did change in git 2.0.0 (https://github.com/git/git/blob/master/Documentation/RelNotes/2.0.0.txt#L7-L23). Before 2.0.0 it was "matching" but from 2.0.0 it's "simple". The error occurs when using a git version less than 1.7.11 (when "simple" where introduced, see https://github.com/git/git/blob/master/Documentation/RelNotes/1.7.11.txt#L9-L14).? >> >> To fix that a compatible mode must be used, like "current" (or "matching"). This can be set by running "git config push.default " or manually editing the repository git config file (please don't set this globally). >> >> For more information of the available modes (and what they do), search for "push.default" in http://git-scm.com/docs/git-config. >> >> -- >> Pelle >> >> Research is what I'm doing when I don't know what I'm doing. >> - Wernher von Braun -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 842 bytes Desc: Message signed with OpenPGP using GPGMail URL: From JHumes at acs.on.ca Thu Mar 12 20:05:56 2015 From: JHumes at acs.on.ca (Jason Humes) Date: Thu, 12 Mar 2015 20:05:56 +0000 Subject: [rancid] rancid finding changes that do not exist Message-ID: <0be99cad81e2417c937a5f51c4edff12@ACSMAIL.acs.local> Hi We've got some devices that rancid thinks have changed but have not, for example; Index: configs/acs_internetmonitoringfirewall =================================================================== - -- configs/acs_internetmonitoringfirewall (revision 3422) @@ -344,13 +344,13 @@ ip http secure-server ip http secure-port 4444 ! + ip nat inside source static tcp 142.46.14.24 21 interface + FastEthernet0/0 21 ip nat inside source static tcp 142.46.14.172 443 + interface FastEthernet0/0 443 ip nat inside source static tcp + 142.46.14.172 80 interface FastEthernet0/0 80 ip nat inside source static udp 142.46.14.167 162 interface FastEthernet0/0 162 ip nat inside source static udp 142.46.14.163 69 interface FastEthernet0/0 69 ip nat inside source static udp 142.46.14.19 514 interface FastEthernet0/0 514 ip nat inside source static udp 142.46.14.169 9996 interface FastEthernet0/0 9996 - ip nat inside source static tcp 142.46.14.24 21 interface FastEthernet0/0 21 - ip nat inside source static tcp 142.46.14.172 443 interface FastEthernet0/0 443 - ip nat inside source static tcp 142.46.14.172 80 interface FastEthernet0/0 80 ip nat inside source route-map nat interface FastEthernet0/0 overload ip route 10.1.0.0 255.255.0.0 172.31.230.225 ================================================================= The line; + ip nat inside source static tcp 142.46.14.24 21 interface + FastEthernet0/0 21 Is actually; ip nat inside source static tcp 142.46.14.24 21 interface FastEthernet0/0 21 Which rancid says was remvoed (-ip nat inside source static tcp 142.46.14.24 21 interface FastEthernet0/0 21) Any idea why it is parsing the text like this? Jason From alan.mckinnon at gmail.com Thu Mar 12 20:36:26 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Thu, 12 Mar 2015 22:36:26 +0200 Subject: [rancid] rancid finding changes that do not exist In-Reply-To: <0be99cad81e2417c937a5f51c4edff12@ACSMAIL.acs.local> References: <0be99cad81e2417c937a5f51c4edff12@ACSMAIL.acs.local> Message-ID: <5501F8CA.7010003@gmail.com> On 12/03/2015 22:05, Jason Humes wrote: > Hi > We've got some devices that rancid thinks have changed but have not, for example; > > > Index: configs/acs_internetmonitoringfirewall > =================================================================== > - -- configs/acs_internetmonitoringfirewall (revision 3422) > @@ -344,13 +344,13 @@ > ip http secure-server > ip http secure-port 4444 > ! > + ip nat inside source static tcp 142.46.14.24 21 interface > + FastEthernet0/0 21 ip nat inside source static tcp 142.46.14.172 443 > + interface FastEthernet0/0 443 ip nat inside source static tcp > + 142.46.14.172 80 interface FastEthernet0/0 80 > ip nat inside source static udp 142.46.14.167 162 interface FastEthernet0/0 162 > ip nat inside source static udp 142.46.14.163 69 interface FastEthernet0/0 69 > ip nat inside source static udp 142.46.14.19 514 interface FastEthernet0/0 514 > ip nat inside source static udp 142.46.14.169 9996 interface FastEthernet0/0 9996 > - ip nat inside source static tcp 142.46.14.24 21 interface FastEthernet0/0 21 > - ip nat inside source static tcp 142.46.14.172 443 interface FastEthernet0/0 443 > - ip nat inside source static tcp 142.46.14.172 80 interface FastEthernet0/0 80 > ip nat inside source route-map nat interface FastEthernet0/0 overload > ip route 10.1.0.0 255.255.0.0 172.31.230.225 > ================================================================= > > The line; > > + ip nat inside source static tcp 142.46.14.24 21 interface > + FastEthernet0/0 21 > > Is actually; > ip nat inside source static tcp 142.46.14.24 21 interface FastEthernet0/0 21 > > Which rancid says was remvoed (-ip nat inside source static tcp 142.46.14.24 21 interface FastEthernet0/0 21) > > Any idea why it is parsing the text like this? You seem to have a bunch of newlines removed. Considering how rancid works, it's hard to imagine that the bug is happening inside rancid itself, so maybe the device itself is doing it? But, the previous time rancid ran, it parsed the input correctly. Interesting.... What kind of device is this, what rancid version are you using, and what device type have you configured the firewall as? -- Alan McKinnon alan.mckinnon at gmail.com From danielj at dtdo.net Thu Mar 12 20:12:06 2015 From: danielj at dtdo.net (Daniel) Date: Thu, 12 Mar 2015 20:12:06 +0000 (UTC) Subject: [rancid] Adding Modules to RANCID 3.1.99 References: , <20150307180925.GC77180@shrubbery.net> Message-ID: Daniel Shields hotmail.com> writes: > > Thanks Heasley. ?Aruba's working great. ?Had to save in */lib/rancid/aerohive.pm as it's a module. ?Will work on Aerohive module and post back.> Date: Sat, 7 Mar 2015 18:09:25 +0000> From: heas shrubbery.net> To: grungelizard9 hotmail.com> CC: rancid-discuss shrubbery.net> Subject: Re: [rancid] Adding Modules to RANCID 3.1.99> > Fri, Mar 06, 2015 at 10:28:12AM -0500, Daniel Shields:> > Hello All,> > I am in the process of adding the Aruba module to RANCID 3.1.99 and modifying one for Aerohive and just wanted to verify, I have read in the forums that the step needed for 3.1.0 are:> > Place in /usr/local/rancid/bin save as whatever name> > Add module to /usr/local/rancid/etc/rancid.types.conf, i.e. ciscowlc;login;ciscowlc5 ---> add command line options here as well> > Update /usr/local/rancid/var/networking/router.db --> wlchost;ciscowlc;up> > (cisco being an example, will update the names)> > I just wanted to verify that the same still holds true for 3.1.99.> > yes, no changes in this regard. > Is this Aerohive module ready for prime time? I'd love to not have to start from scratch! Does it do APs and switches? Can I take a look at it? Thanks! Daniel From heas at shrubbery.net Thu Mar 12 21:32:25 2015 From: heas at shrubbery.net (heasley) Date: Thu, 12 Mar 2015 21:32:25 +0000 Subject: [rancid] rancid finding changes that do not exist In-Reply-To: <5501F8CA.7010003@gmail.com> References: <0be99cad81e2417c937a5f51c4edff12@ACSMAIL.acs.local> <5501F8CA.7010003@gmail.com> Message-ID: <20150312213225.GB63088@shrubbery.net> Thu, Mar 12, 2015 at 10:36:26PM +0200, Alan McKinnon: > On 12/03/2015 22:05, Jason Humes wrote: > > Hi > > We've got some devices that rancid thinks have changed but have not, for example; > > > > > > Index: configs/acs_internetmonitoringfirewall > > =================================================================== > > - -- configs/acs_internetmonitoringfirewall (revision 3422) > > @@ -344,13 +344,13 @@ > > ip http secure-server > > ip http secure-port 4444 > > ! > > + ip nat inside source static tcp 142.46.14.24 21 interface > > + FastEthernet0/0 21 ip nat inside source static tcp 142.46.14.172 443 > > + interface FastEthernet0/0 443 ip nat inside source static tcp > > + 142.46.14.172 80 interface FastEthernet0/0 80 > > ip nat inside source static udp 142.46.14.167 162 interface FastEthernet0/0 162 > > ip nat inside source static udp 142.46.14.163 69 interface FastEthernet0/0 69 > > ip nat inside source static udp 142.46.14.19 514 interface FastEthernet0/0 514 > > ip nat inside source static udp 142.46.14.169 9996 interface FastEthernet0/0 9996 > > - ip nat inside source static tcp 142.46.14.24 21 interface FastEthernet0/0 21 > > - ip nat inside source static tcp 142.46.14.172 443 interface FastEthernet0/0 443 > > - ip nat inside source static tcp 142.46.14.172 80 interface FastEthernet0/0 80 > > ip nat inside source route-map nat interface FastEthernet0/0 overload > > ip route 10.1.0.0 255.255.0.0 172.31.230.225 > > ================================================================= > > > > The line; > > > > + ip nat inside source static tcp 142.46.14.24 21 interface > > + FastEthernet0/0 21 > > > > Is actually; > > ip nat inside source static tcp 142.46.14.24 21 interface FastEthernet0/0 21 > > > > Which rancid says was remvoed (-ip nat inside source static tcp 142.46.14.24 21 interface FastEthernet0/0 21) > > > > Any idea why it is parsing the text like this? > > > You seem to have a bunch of newlines removed. Considering how rancid > works, it's hard to imagine that the bug is happening inside rancid > itself, so maybe the device itself is doing it? But, the previous time > rancid ran, it parsed the input correctly. Interesting.... > > > What kind of device is this, what rancid version are you using, and what > device type have you configured the firewall as? and is the login script able to disable the pager on this device? From heas at shrubbery.net Thu Mar 12 21:57:57 2015 From: heas at shrubbery.net (heasley) Date: Thu, 12 Mar 2015 21:57:57 +0000 Subject: [rancid] Rancid 3.1.99 Alpha git integration issues. In-Reply-To: <50FBC875-5B18-4562-A5FE-FEC052695015@tsone.net.uk> References: <20150208042257.GB27729@shrubbery.net> <72054478-7310-45B0-B925-78B31C74BCD2@tsone.net.uk> <20150311214204.GA25101@shrubbery.net> <1426158539449.35661@tsone.net.uk> <20150312182307.GI45842@shrubbery.net> <50FBC875-5B18-4562-A5FE-FEC052695015@tsone.net.uk> Message-ID: <20150312215757.GC63088@shrubbery.net> Thu, Mar 12, 2015 at 06:42:59PM +0000, Thomas Greer: > Is the following output expected then? no; i receive no such errors. if you started with a totally clean env, there is a variance between even 1.7.1 and 1.7.11.4. i'm not a git user; you apparently are, so whats wrong with this: git init --bare $CVSROOT/$GROUP git clone $CVSROOT/$GROUP . git config --global user.name RANCiD git config --global user.email $USER$MAILDOMAIN git config --global push.default current its clones it fine, commits fine, why wouldnt it push w/o specifying a branch? i dont want to specify a branch; i expect a user may clone sth. specific and pushes should just go to that branch - which is what "current" seems like its intended to do and seems to work in the previously mentioned versions. can't you just install sth. more recent and move on? 1.7.1 doesnt even appear to be available anymore. even the debian pkg is more than 2 years old. From tgreer at tsone.net.uk Thu Mar 12 21:59:58 2015 From: tgreer at tsone.net.uk (Thomas Greer) Date: Thu, 12 Mar 2015 21:59:58 +0000 Subject: [rancid] Rancid 3.1.99 Alpha git integration issues. In-Reply-To: <20150312215757.GC63088@shrubbery.net> References: <20150208042257.GB27729@shrubbery.net> <72054478-7310-45B0-B925-78B31C74BCD2@tsone.net.uk> <20150311214204.GA25101@shrubbery.net> <1426158539449.35661@tsone.net.uk> <20150312182307.GI45842@shrubbery.net> <50FBC875-5B18-4562-A5FE-FEC052695015@tsone.net.uk> <20150312215757.GC63088@shrubbery.net> Message-ID: If I fancy compiling git from scratch, sure, but that?s the latest debian has. Let me try again. > On 12 Mar 2015, at 21:57, heasley wrote: > > Thu, Mar 12, 2015 at 06:42:59PM +0000, Thomas Greer: >> Is the following output expected then? > > no; i receive no such errors. if you started with a totally clean env, > there is a variance between even 1.7.1 and 1.7.11.4. i'm not a git user; > you apparently are, so whats wrong with this: > > git init --bare $CVSROOT/$GROUP > git clone $CVSROOT/$GROUP . > git config --global user.name RANCiD > git config --global user.email $USER$MAILDOMAIN > git config --global push.default current > > its clones it fine, commits fine, why wouldnt it push w/o specifying a > branch? i dont want to specify a branch; i expect a user may clone sth. > specific and pushes should just go to that branch - which is what > "current" seems like its intended to do and seems to work in the previously > mentioned versions. > > can't you just install sth. more recent and move on? 1.7.1 doesnt even > appear to be available anymore. even the debian pkg is more than 2 years > old. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 842 bytes Desc: Message signed with OpenPGP using GPGMail URL: From heas at shrubbery.net Thu Mar 12 22:18:09 2015 From: heas at shrubbery.net (heasley) Date: Thu, 12 Mar 2015 22:18:09 +0000 Subject: [rancid] Rancid 3.1.99 Alpha git integration issues. In-Reply-To: References: <20150208042257.GB27729@shrubbery.net> <72054478-7310-45B0-B925-78B31C74BCD2@tsone.net.uk> <20150311214204.GA25101@shrubbery.net> <1426158539449.35661@tsone.net.uk> <20150312182307.GI45842@shrubbery.net> <50FBC875-5B18-4562-A5FE-FEC052695015@tsone.net.uk> <20150312215757.GC63088@shrubbery.net> Message-ID: <20150312221809.GE63088@shrubbery.net> Thu, Mar 12, 2015 at 09:59:58PM +0000, Thomas Greer: > If I fancy compiling git from scratch, sure, but that?s the latest debian has. Let me try again. the process seems layed-out here: http://tecadmin.net/install-git-2-0-on-centos-rhel-fedora/ maybe one of these other rpm repos has a newer git? http://wiki.centos.org/AdditionalResources/Repositories?action=show&redirect=Repositories > > On 12 Mar 2015, at 21:57, heasley wrote: > > > > Thu, Mar 12, 2015 at 06:42:59PM +0000, Thomas Greer: > >> Is the following output expected then? > > > > no; i receive no such errors. if you started with a totally clean env, > > there is a variance between even 1.7.1 and 1.7.11.4. i'm not a git user; > > you apparently are, so whats wrong with this: > > > > git init --bare $CVSROOT/$GROUP > > git clone $CVSROOT/$GROUP . > > git config --global user.name RANCiD > > git config --global user.email $USER$MAILDOMAIN > > git config --global push.default current > > > > its clones it fine, commits fine, why wouldnt it push w/o specifying a > > branch? i dont want to specify a branch; i expect a user may clone sth. > > specific and pushes should just go to that branch - which is what or what command provides the branch name of the clone, which can then be passed to push? > > "current" seems like its intended to do and seems to work in the previously > > mentioned versions. > > > > can't you just install sth. more recent and move on? 1.7.1 doesnt even > > appear to be available anymore. even the debian pkg is more than 2 years > > old. > From tgreer at tsone.net.uk Thu Mar 12 22:03:38 2015 From: tgreer at tsone.net.uk (Thomas Greer) Date: Thu, 12 Mar 2015 22:03:38 +0000 Subject: [rancid] Rancid 3.1.99 Alpha git integration issues. In-Reply-To: References: <20150208042257.GB27729@shrubbery.net> <72054478-7310-45B0-B925-78B31C74BCD2@tsone.net.uk> <20150311214204.GA25101@shrubbery.net> <1426158539449.35661@tsone.net.uk> <20150312182307.GI45842@shrubbery.net> <50FBC875-5B18-4562-A5FE-FEC052695015@tsone.net.uk> <20150312215757.GC63088@shrubbery.net> Message-ID: <7D4F079D-5E37-4179-8066-0546D4AC9563@tsone.net.uk> It appears, that i has matching, which doesn?t play ball, however, current works fine. I?ll soldier on. Many thanks Thomas > On 12 Mar 2015, at 21:59, Thomas Greer wrote: > > If I fancy compiling git from scratch, sure, but that?s the latest debian has. Let me try again. > >> On 12 Mar 2015, at 21:57, heasley wrote: >> >> Thu, Mar 12, 2015 at 06:42:59PM +0000, Thomas Greer: >>> Is the following output expected then? >> >> no; i receive no such errors. if you started with a totally clean env, >> there is a variance between even 1.7.1 and 1.7.11.4. i'm not a git user; >> you apparently are, so whats wrong with this: >> >> git init --bare $CVSROOT/$GROUP >> git clone $CVSROOT/$GROUP . >> git config --global user.name RANCiD >> git config --global user.email $USER$MAILDOMAIN >> git config --global push.default current >> >> its clones it fine, commits fine, why wouldnt it push w/o specifying a >> branch? i dont want to specify a branch; i expect a user may clone sth. >> specific and pushes should just go to that branch - which is what >> "current" seems like its intended to do and seems to work in the previously >> mentioned versions. >> >> can't you just install sth. more recent and move on? 1.7.1 doesnt even >> appear to be available anymore. even the debian pkg is more than 2 years >> old. > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 842 bytes Desc: Message signed with OpenPGP using GPGMail URL: From el.es.cr at gmail.com Fri Mar 13 13:42:56 2015 From: el.es.cr at gmail.com (Lukasz Sokol) Date: Fri, 13 Mar 2015 13:42:56 +0000 Subject: [rancid] Mikrotik + ssh with cert + rancid + as rancid user = can not login ? Message-ID: Hi, my first post here, hopefully I can still be helped ;) I'm on Rancid 2.3.8-3 and ssh 6.0p1-4+deb7u1 from Debian repos. As myself (user lukasz), from command line, i can do [myrouter is not yet in router.db, imagine an IP given here] [myuser is configured in .cloginrc see way below] lukasz at george:~$ ~rancid/bin/mtlogin myrouter myrouter spawn ssh -c 3des -x -l myuser+ct myrouter [mikrotik router welcome and prompt follow as normal] and get into ssh prompt, no problem here. (I've a certificate made by /me/ in .ssh and installed on the router, and also router is in cached ssh fingerprints, so no problem here either) Next then I copied & chown'd the .cloginrc and the certificate file into relevant places in ~rancid, first doing ssh to myrouter to add it to fingerprint cache, then I'm trying to run mtlogin as rancid user and I get this: lukasz at george:~$ sudo su - rancid [sudo] password for lukasz: rancid at george:~$ cd rancid at george:~$ pwd /var/lib/rancid rancid at george:~$ bin/mtlogin myrouter myrouter spawn ssh -c 3des -x -l myuser+ct myrouter myuser+ct at myrouter's password: Permission denied, please try again. myuser+ct at myrouter's password: y Permission denied, please try again. myuser+ct at myrouter's password: Permission denied (password). Error: Check your passwd for myrouter rancid at george:~$ So it seems to be somehow /not/ noticing there is a certificate to be used...? ...but : > rancid at george:~$ ls -l .ssh/ total 12 -rw------- 1 rancid rancid 668 Dec 27 2013 id_ssa_for_mt_backup ...and : > rancid at george:~$ ssh -i .ssh/id_ssa_for_mt_backup myuser at myrouter gives me ssh to Mikrotik myrouter as normal... ~rancid/.cloginrc has add user * myuser add password * totallyboguspassword add method * ssh add identity * /var/lib/rancid/.ssh/id_ssa_for_mt_backup // this line on 'lukasz' user is without path Any pointer / keyword / wave of hand would be appreciated. Kind Regards el es From heas at shrubbery.net Fri Mar 13 14:40:05 2015 From: heas at shrubbery.net (heasley) Date: Fri, 13 Mar 2015 14:40:05 +0000 Subject: [rancid] Mikrotik + ssh with cert + rancid + as rancid user = can not login ? In-Reply-To: References: Message-ID: <20150313144005.GA89252@shrubbery.net> Fri, Mar 13, 2015 at 01:42:56PM +0000, Lukasz Sokol: > rancid at george:~$ bin/mtlogin myrouter > myrouter > spawn ssh -c 3des -x -l myuser+ct myrouter what is the full spawn line above? > myuser+ct at myrouter's password: > Permission denied, please try again. > myuser+ct at myrouter's password: y > Permission denied, please try again. > myuser+ct at myrouter's password: > Permission denied (password). > > Error: Check your passwd for myrouter > rancid at george:~$ > > So it seems to be somehow /not/ noticing there is a certificate to be used...? > > ...but : > > > rancid at george:~$ ls -l .ssh/ > total 12 > -rw------- 1 rancid rancid 668 Dec 27 2013 id_ssa_for_mt_backup > > ...and : > > > rancid at george:~$ ssh -i .ssh/id_ssa_for_mt_backup myuser at myrouter > > gives me ssh to Mikrotik myrouter as normal... > > ~rancid/.cloginrc has > > add user * myuser > add password * totallyboguspassword > add method * ssh > add identity * /var/lib/rancid/.ssh/id_ssa_for_mt_backup // this line on 'lukasz' user is without path > > Any pointer / keyword / wave of hand would be appreciated. > > Kind Regards > > el es > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From el.es.cr at gmail.com Fri Mar 13 14:47:40 2015 From: el.es.cr at gmail.com (Lukasz Sokol) Date: Fri, 13 Mar 2015 14:47:40 +0000 Subject: [rancid] Mikrotik + ssh with cert + rancid + as rancid user = can not login ? In-Reply-To: <20150313144005.GA89252@shrubbery.net> References: <20150313144005.GA89252@shrubbery.net> Message-ID: <5502F88C.4020308@gmail.com> Hello heasley, On 13/03/15 14:40, heasley wrote: > Fri, Mar 13, 2015 at 01:42:56PM +0000, Lukasz Sokol: >> rancid at george:~$ bin/mtlogin myrouter >> myrouter >> spawn ssh -c 3des -x -l myuser+ct myrouter > > what is the full spawn line above? i copied it verbatim from my terminal... (and just obscured the real myrouter and myuser) that is full spawn line all that it prints to console, as far as I can find... (I tried bin/mtlogin -d myrouter > session 2>> session , and the session file contains exactly the same thing) el es > >> myuser+ct at myrouter's password: >> Permission denied, please try again. >> myuser+ct at myrouter's password: y >> Permission denied, please try again. >> myuser+ct at myrouter's password: >> Permission denied (password). >> >> Error: Check your passwd for myrouter >> rancid at george:~$ >> [trim] From el.es.cr at gmail.com Fri Mar 13 17:07:19 2015 From: el.es.cr at gmail.com (Lukasz Sokol) Date: Fri, 13 Mar 2015 17:07:19 +0000 Subject: [rancid] Mikrotik + ssh with cert + rancid + as rancid user = can not login ? In-Reply-To: <550316CA.7000405@gmail.com> References: <20150313144005.GA89252@shrubbery.net> <550316CA.7000405@gmail.com> Message-ID: <55031947.3010806@gmail.com> On 13/03/15 16:56, Lukasz Sokol wrote: > On 13/03/15 14:40, heasley wrote: >> Fri, Mar 13, 2015 at 01:42:56PM +0000, Lukasz Sokol: >>> rancid at george:~$ bin/mtlogin myrouter >>> myrouter >>> spawn ssh -c 3des -x -l myuser+ct myrouter >> >> what is the full spawn line above? >> > [...] > > so the joke is on ssh probably ? > > Joke's definitively on ssh, duh. > Sorry, it's been a long day ;) Actually - it's mtlogin that does not seem to pass -i to ssh at all - this makes it not work when invoked mtlogin as user rancid - when ran as user lukasz it's ssh that finds there is an identity key and 'just' uses it. > el es > Hope it still can be helped ;) Kind Regards, el es From el.es.cr at gmail.com Fri Mar 13 16:56:42 2015 From: el.es.cr at gmail.com (Lukasz Sokol) Date: Fri, 13 Mar 2015 16:56:42 +0000 Subject: [rancid] Mikrotik + ssh with cert + rancid + as rancid user = can not login ? In-Reply-To: <20150313144005.GA89252@shrubbery.net> References: <20150313144005.GA89252@shrubbery.net> Message-ID: <550316CA.7000405@gmail.com> On 13/03/15 14:40, heasley wrote: > Fri, Mar 13, 2015 at 01:42:56PM +0000, Lukasz Sokol: >> rancid at george:~$ bin/mtlogin myrouter >> myrouter >> spawn ssh -c 3des -x -l myuser+ct myrouter > > what is the full spawn line above? > [...] so the joke is on ssh probably ? Joke's definitively on ssh, duh. (caught by ssh -vvv myuser at myrouter as rancid user) debug1: Authentications that can continue: publickey,password debug3: start over, passed a different list publickey,password debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /var/lib/rancid/.ssh/id_rsa debug3: no such identity: /var/lib/rancid/.ssh/id_rsa: No such file or directory debug1: Trying private key: /var/lib/rancid/.ssh/id_dsa debug3: no such identity: /var/lib/rancid/.ssh/id_dsa: No such file or directory debug1: Trying private key: /var/lib/rancid/.ssh/id_ecdsa debug3: no such identity: /var/lib/rancid/.ssh/id_ecdsa: No such file or directory debug1: Trying private key: /var/lib/rancid/.ssh/id_ed25519 debug3: no such identity: /var/lib/rancid/.ssh/id_ed25519: No such file or directory ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ well this one doesn't exist. but where did it come from ? ... debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password el es From el.es.cr at gmail.com Fri Mar 13 15:19:26 2015 From: el.es.cr at gmail.com (Lukasz Sokol) Date: Fri, 13 Mar 2015 15:19:26 +0000 Subject: [rancid] Mikrotik + ssh with cert + rancid + as rancid user = can not login ? In-Reply-To: <20150313144005.GA89252@shrubbery.net> References: <20150313144005.GA89252@shrubbery.net> Message-ID: <5502FFFE.1070503@gmail.com> On 13/03/15 14:40, heasley wrote: > Fri, Mar 13, 2015 at 01:42:56PM +0000, Lukasz Sokol: >> rancid at george:~$ bin/mtlogin myrouter >> myrouter >> spawn ssh -c 3des -x -l myuser+ct myrouter > > what is the full spawn line above? > running strace mtlogin -d myrouter ( > session 2>>session) does show amongst others: open("/var/lib/rancid/.cloginrc", O_RDONLY|O_LARGEFILE) = 6 fcntl64(6, F_SETFD, FD_CLOEXEC) = 0 ioctl(6, SNDCTL_TMR_TIMEBASE or TCGETS, 0xbf8ed108) = -1 ENOTTY (Inappropriate ioctl for device) read(6, "add user * myuser\nadd passwor"..., 4096) = 128 read(6, "", 4096) = 0 close(6) = 0 write(1, "myrouter\n", 15) = 15 brk(0xa01a000) = 0xa01a000 write(1, "spawn", 5) = 5 write(1, " ", 1) = 1 write(1, "ssh", 3) = 3 write(1, " ", 1) = 1 write(1, "-c", 2) = 2 write(1, " ", 1) = 1 write(1, "3des", 4) = 4 write(1, " ", 1) = 1 write(1, "-x", 2) = 2 write(1, " ", 1) = 1 write(1, "-l", 2) = 2 write(1, " ", 1) = 1 write(1, "myuser+ct", 12) = 12 write(1, " ", 1) = 1 write(1, "myrouter", 14) = 14 write(1, "\r\n", 2) = 2 open("/dev/ptmx", O_RDWR) = 6 (as rancid user) so the line above seems to be what gets spawned? And the mtlogin ran as 'lukasz' user, doesn't do /anything/ different here either... so the joke is on ssh probably ? el es From heas at shrubbery.net Fri Mar 13 20:43:41 2015 From: heas at shrubbery.net (heasley) Date: Fri, 13 Mar 2015 20:43:41 +0000 Subject: [rancid] Mikrotik + ssh with cert + rancid + as rancid user = can not login ? In-Reply-To: <20150313203221.B4DCA9728C@sea.shrubbery.net> <55031947.3010806@gmail.com> Message-ID: <20150313204341.GA4459@shrubbery.net> Fri, Mar 13, 2015 at 05:07:19PM +0000, Lukasz Sokol: > On 13/03/15 16:56, Lukasz Sokol wrote: > > On 13/03/15 14:40, heasley wrote: > >> Fri, Mar 13, 2015 at 01:42:56PM +0000, Lukasz Sokol: > >>> rancid at george:~$ bin/mtlogin myrouter > >>> myrouter > >>> spawn ssh -c 3des -x -l myuser+ct myrouter > >> > >> what is the full spawn line above? > >> > > [...] > > > > so the joke is on ssh probably ? > > > > Joke's definitively on ssh, duh. > > > > Sorry, it's been a long day ;) > > Actually > > - it's mtlogin that does not seem to pass -i to ssh at all indeed it doesnt; contributed code. does this patch work? Index: bin/mtlogin.in =================================================================== --- bin/mtlogin.in (revision 3056) +++ bin/mtlogin.in (working copy) @@ -119,7 +119,10 @@ set do_passwd 0 # ssh passphrase } -r* { - # ignore -r + if {! [regexp .\[rR\](.+) $arg ignore passphrase]} { + incr i + set avpassphrase [lindex $argv $i] + } # Version string } -V* { send_user "rancid 2.3.2a9\n" @@ -290,7 +293,7 @@ # Log into the router. # returns: 0 on success, 1 on failure -proc login { router user userpswd passwd prompt cmethod cyphertype } { +proc login { router user userpswd passwd prompt cmethod cyphertype identfile } { global spawn_id in_proc do_command do_script global u_prompt p_prompt sshcmd set in_proc 1 @@ -312,10 +315,20 @@ return 1 } } elseif ![string compare $prog "ssh"] { - if [ catch {spawn $sshcmd -c $cyphertype -x -l $user+ct $router} reason ] { - send_user "\nError: $sshcmd failed: $reason\n" - return 1 - } + # ssh to the router & try to login with or without an identfile. + regexp {ssh(:([^[:space:]]+))*} $prog methcmd suffix port + set cmd $sshcmd + if {"$port" != ""} { + set cmd "$cmd -p $port" + } + if {"$identfile" != ""} { + set cmd "$cmd -i $identfile" + } + set retval [catch {eval spawn [split "$cmd -c $cyphertype -x -l $user+ct $router" { }]} reason] + if { $retval } { + send_user "\nError: $cmd failed: $reason\n" + return 1 + } } elseif ![string compare $prog "rsh"] { send_error "\nError: unsupported method: rsh\n" if { $progs == 0 } { @@ -527,6 +540,19 @@ set p_prompt [join [lindex $p_prompt 0] ""] } + # Figure out identity file to use + set identfile [join [lindex [find identity $router] 0] ""] + + # Figure out passphrase to use + if {[info exists avpassphrase]} { + set passphrase $avpassphrase + } else { + set passphrase [join [lindex [find passphrase $router] 0] ""] + } + if { ! [string length "$passphrase"]} { + set passphrase $passwd + } + # Figure out cypher type if {[info exists cypher]} { # command line cypher type @@ -545,7 +571,7 @@ if { "$sshcmd" == "" } { set sshcmd {ssh} } # Login to the router - if {[login $router $ruser $userpswd $passwd $prompt $cmethod $cyphertype]} { + if {[login $router $ruser $userpswd $passwd $prompt $cmethod $cyphertype $identfile]} { incr exitval continue } From el.es.cr at gmail.com Fri Mar 13 21:32:58 2015 From: el.es.cr at gmail.com (Lukasz Sokol) Date: Fri, 13 Mar 2015 21:32:58 +0000 Subject: [rancid] Mikrotik + ssh with cert + rancid + as rancid user = can not login ? In-Reply-To: <20150313204341.GA4459@shrubbery.net> References: <20150313203221.B4DCA9728C@sea.shrubbery.net> <55031947.3010806@gmail.com> <20150313204341.GA4459@shrubbery.net> Message-ID: Hi heasley, On Fri, Mar 13, 2015 at 8:43 PM, heasley wrote: > > Fri, Mar 13, 2015 at 05:07:19PM +0000, Lukasz Sokol: > > Actually > > > > - it's mtlogin that does not seem to pass -i to ssh at all > > indeed it doesnt; contributed code. > > does this patch work? > Thank you, I've no way to check right now - but will check on Monday (GMT is my time zone) (unless someone else who cares, beats me to it) Kind Regards, el es -- (intentionally put below sig delimiter) > > Index: bin/mtlogin.in > =================================================================== > --- bin/mtlogin.in (revision 3056) > +++ bin/mtlogin.in (working copy) > @@ -119,7 +119,10 @@ > set do_passwd 0 > # ssh passphrase > } -r* { > - # ignore -r > + if {! [regexp .\[rR\](.+) $arg ignore passphrase]} { > + incr i > + set avpassphrase [lindex $argv $i] > + } > # Version string > } -V* { > send_user "rancid 2.3.2a9\n" > @@ -290,7 +293,7 @@ > > # Log into the router. > # returns: 0 on success, 1 on failure > -proc login { router user userpswd passwd prompt cmethod cyphertype } { > +proc login { router user userpswd passwd prompt cmethod cyphertype identfile } { > global spawn_id in_proc do_command do_script > global u_prompt p_prompt sshcmd > set in_proc 1 > @@ -312,10 +315,20 @@ > return 1 > } > } elseif ![string compare $prog "ssh"] { > - if [ catch {spawn $sshcmd -c $cyphertype -x -l $user+ct $router} reason ] { > - send_user "\nError: $sshcmd failed: $reason\n" > - return 1 > - } > + # ssh to the router & try to login with or without an identfile. > + regexp {ssh(:([^[:space:]]+))*} $prog methcmd suffix port > + set cmd $sshcmd > + if {"$port" != ""} { > + set cmd "$cmd -p $port" > + } > + if {"$identfile" != ""} { > + set cmd "$cmd -i $identfile" > + } > + set retval [catch {eval spawn [split "$cmd -c $cyphertype -x -l $user+ct $router" { }]} reason] > + if { $retval } { > + send_user "\nError: $cmd failed: $reason\n" > + return 1 > + } > } elseif ![string compare $prog "rsh"] { > send_error "\nError: unsupported method: rsh\n" > if { $progs == 0 } { > @@ -527,6 +540,19 @@ > set p_prompt [join [lindex $p_prompt 0] ""] > } > > + # Figure out identity file to use > + set identfile [join [lindex [find identity $router] 0] ""] > + > + # Figure out passphrase to use > + if {[info exists avpassphrase]} { > + set passphrase $avpassphrase > + } else { > + set passphrase [join [lindex [find passphrase $router] 0] ""] > + } > + if { ! [string length "$passphrase"]} { > + set passphrase $passwd > + } > + > # Figure out cypher type > if {[info exists cypher]} { > # command line cypher type > @@ -545,7 +571,7 @@ > if { "$sshcmd" == "" } { set sshcmd {ssh} } > > # Login to the router > - if {[login $router $ruser $userpswd $passwd $prompt $cmethod $cyphertype]} { > + if {[login $router $ruser $userpswd $passwd $prompt $cmethod $cyphertype $identfile]} { > incr exitval > continue > } > From Michael.Josten at hs-niederrhein.de Mon Mar 16 08:28:57 2015 From: Michael.Josten at hs-niederrhein.de (Josten, Michael) Date: Mon, 16 Mar 2015 09:28:57 +0100 Subject: [rancid] switch timeout, empty config in SVN Message-ID: <9BDA0B754D62C64FBE6B0CFFA429C47A37B1A3DB3D@prometheus> Hello, some older switches, like Enterasys matrix N7 don't get processed by rancid reliably. Sometimes it shows "Error: TIMEOUT reached" after some lines. Is there a variable I can tweak for a polling rate or wait timer ? Those old switches have weak cpu power and are easily stressed. Best regards Michael Josten Mitarbeiter IT-Betrieb Hochschule Niederrhein KIS - Kommunikations und Informationssysteme Service Niederrhein University of Applied Sciences Communication and Informationsystems Service Reinarzstr. 49 D - 47805 Krefeld Telefon: +49 2151 822 3129 Fax: +49 2151 822 853123 Email: michael.josten at hs-niederrhein.de www.hs-niederrhein.de -------------- next part -------------- An HTML attachment was scrubbed... URL: From el.es.cr at gmail.com Mon Mar 16 10:11:07 2015 From: el.es.cr at gmail.com (Lukasz Sokol) Date: Mon, 16 Mar 2015 10:11:07 +0000 Subject: [rancid] Mikrotik + ssh with cert + rancid + as rancid user = can not login ? In-Reply-To: References: <20150313203221.B4DCA9728C@sea.shrubbery.net> <55031947.3010806@gmail.com> <20150313204341.GA4459@shrubbery.net> Message-ID: <5506AC3B.5030606@gmail.com> Hi heasley, On 13/03/15 21:32, Lukasz Sokol wrote: > Hi heasley, > > On Fri, Mar 13, 2015 at 8:43 PM, heasley wrote: >> >> Fri, Mar 13, 2015 at 05:07:19PM +0000, Lukasz Sokol: >>> Actually >>> >>> - it's mtlogin that does not seem to pass -i to ssh at all >> >> indeed it doesnt; contributed code. >> >> does this patch work? >> yes, though I had to manually backport it (my file isn't named mtlogin.in, as I'm on the deb package...) (and it did not have -v option so I had to slap the -r* cmdline param recognition somewhere where I deemed fit) but with this : ---- (patch begin) ---- --- mtlogin.orig 2012-05-29 18:15:02.000000000 +0100 +++ mtlogin 2015-03-16 10:02:59.032715133 +0000 @@ -194,6 +194,14 @@ close $cmd_fd set command [join [split $cmd_text \n] \;] set do_command 1 +# portion of backport of ssh identity provision from trunk + # ssh passphrase + } -r* { + if {! [regexp .\[rR\](.+) $arg ignore passphrase]} { + incr i + set avpassphrase [lindex $argv $i] + } +# backport end # Do we enable? } -noenable { # ignore -noenable @@ -293,7 +301,8 @@ # Log into the router. # returns: 0 on success, 1 on failure -proc login { router user userpswd passwd prompt cmethod cyphertype } { +# proc login { router user userpswd passwd prompt cmethod cyphertype } { +proc login { router user userpswd passwd prompt cmethod cyphertype identfile } { global spawn_id in_proc do_command do_script global u_prompt p_prompt sshcmd set in_proc 1 @@ -315,10 +324,21 @@ return 1 } } elseif ![string compare $prog "ssh"] { - if [ catch {spawn $sshcmd -c $cyphertype -x -l $user+ct $router} reason ] { - send_user "\nError: $sshcmd failed: $reason\n" - return 1 - } + # ssh to the router & try to login with or without an identfile. backported from trunk. + regexp {ssh(:([^[:space:]]+))*} $prog methcmd suffix port + set cmd $sshcmd + if {"$port" != ""} { + set cmd "$cmd -p $port" + } + if {"$identfile" != ""} { + set cmd "$cmd -i $identfile" + } + set retval [catch {eval spawn [split "$cmd -c $cyphertype -x -l $user+ct $router" { }]} reason] + if { $retval } { + send_user "\nError: $cmd failed: $reason\n" + return 1 + } +# end of backport portion } elseif ![string compare $prog "rsh"] { send_error "\nError: unsupported method: rsh\n" if { $progs == 0 } { @@ -508,6 +528,21 @@ set p_prompt [join [lindex $p_prompt 0] ""] } +# backport of ssh ident provision from trunk + # Figure out identity file to use + set identfile [join [lindex [find identity $router] 0] ""] + + # Figure out passphrase to use + if {[info exists avpassphrase]} { + set passphrase $avpassphrase + } else { + set passphrase [join [lindex [find passphrase $router] 0] ""] + } + if { ! [string length "$passphrase"]} { + set passphrase $passwd + } +# backport of ssh ident provision from trunk + # Figure out cypher type if {[info exists cypher]} { # command line cypher type @@ -526,7 +561,8 @@ if { "$sshcmd" == "" } { set sshcmd {ssh} } # Login to the router - if {[login $router $ruser $userpswd $passwd $prompt $cmethod $cyphertype]} { +# backport of ssh ident provision from trunk + if {[login $router $ruser $userpswd $passwd $prompt $cmethod $cyphertype $identfile]} { incr exitval continue } ---- (patch end) ----- i have this : ./mtlogin myrouter myrouter spawn ssh -i /var/lib/rancid/.ssh/id_ssa_for_mt_backup -c 3des -x -l myuser+ct myrouter [ mikrotik prompts follows ] Thanks ! :) (patch also in attachment) > > Kind Regards, > > el es > el es -------------- next part -------------- A non-text attachment was scrubbed... Name: debian-package-ssh-provision.patch Type: text/x-patch Size: 2847 bytes Desc: not available URL: From heas at shrubbery.net Mon Mar 16 16:33:41 2015 From: heas at shrubbery.net (heasley) Date: Mon, 16 Mar 2015 16:33:41 +0000 Subject: [rancid] switch timeout, empty config in SVN In-Reply-To: <9BDA0B754D62C64FBE6B0CFFA429C47A37B1A3DB3D@prometheus> References: <9BDA0B754D62C64FBE6B0CFFA429C47A37B1A3DB3D@prometheus> Message-ID: <20150316163340.GM42080@shrubbery.net> Mon, Mar 16, 2015 at 09:28:57AM +0100, Josten, Michael: > Hello, > > some older switches, like Enterasys matrix N7 don't get processed by rancid reliably. > Sometimes it shows "Error: TIMEOUT reached" after some lines. Is there a variable > I can tweak for a polling rate or wait timer ? Those old switches have weak cpu power > and are easily stressed. Please see the timeout directive in cloginrc(5). From heas at shrubbery.net Mon Mar 16 23:56:56 2015 From: heas at shrubbery.net (heasley) Date: Mon, 16 Mar 2015 23:56:56 +0000 Subject: [rancid] Radware/Alteon Interactive Commands In-Reply-To: <9C96D799-3F4C-4B92-BE7D-7855199303FF@altn.com> References: <20150226093837.GB88419@shrubbery.net> <9C96D799-3F4C-4B92-BE7D-7855199303FF@altn.com> Message-ID: <20150316235656.GB42080@shrubbery.net> Thu, Feb 26, 2015 at 06:20:56AM -0600, Bob Franzke: > There is not unfortunately. You could remove the certificate and it would no longer prompt but those are needed. > looking at alogin, there is already code there to send 'y'. for the purposes of automation, this is likely the right choice. although, it looks like the prompt has changed in your new version and the match needs to be updated as follows: Index: bin/alogin.in =================================================================== --- bin/alogin.in (revision 3061) +++ bin/alogin.in (working copy) @@ -456,7 +459,7 @@ -re "^\[^\n\r]*$reprompt" {} -re "^\[^\n\r ]*>>.*$reprompt" { exp_continue } -re "\[\n\r]+" { exp_continue } - -re "^\*Display private keys? \[y/n]:" { + -re "^\*?Display private keys? \[y/n]:" { send "y\r" exp_continue } please lmk if that works. > > On Feb 26, 2015, at 3:39 AM, heasley wrote: > > > > Wed, Feb 25, 2015 at 04:39:00PM -0600, Robert Franzke: > >> So I recently upgraded the code on my Alteon 4408 Load Balancers. Since this upgrade, when running the /c/dump command listed in arancid to print out the current config while having some type of SSL certificate installed on the device, the device asks you if you want to Display the Private Keys and expects the user to reply with a ?y? or ?n? like so: > >> > >>>> ALTEON-A - Standalone ADC - Main# /c/d > >> Display private keys? [y/n]: > >> > >> This hangs RANCID up and causes the device config to not be retrieved. Is there some way to fix this in the list of commands in alogin/arancid such that the script would catch the ?Display private keys? [y/n]:? and then send a ?n?? I am not too sure which file I would add this too to fix this. > > > > is there a configuration knob or argument to /c/dump to tell it not to prompt? From imd at acens.com Tue Mar 17 08:24:12 2015 From: imd at acens.com (=?Windows-1252?Q?I=F1aki_Mart=EDnez_D=EDez?=) Date: Tue, 17 Mar 2015 09:24:12 +0100 Subject: [rancid] Radware/Alteon Interactive Commands In-Reply-To: <20150316235656.GB42080@shrubbery.net> References: <20150226093837.GB88419@shrubbery.net> <9C96D799-3F4C-4B92-BE7D-7855199303FF@altn.com> <20150316235656.GB42080@shrubbery.net> Message-ID: Hello, The problem is that if you connect via TELNET and answered ?y? you obtain: # /cfg/dump Display private keys? [y/n]: y Access Denied: This operation can only be performed over a secure connection such as HTTPS or SSH. Connect to the device using a secure protocol and retry. So my solution was this: -re "Display private keys" { if { "$cmethod" == "ssh" } { send "y\r" } else { send "n\r" } exp_continue } So it is checked the method of connection. But if you connect via SSH and answered ?y? you need to answered another question: # /cfg/dump Display private keys? [y/n]: y Enter passphrase: So my solution was to add: -re "passphrase" { send ?PASSWORD\r" exp_continue } Where ?PASSWORD? is a fix password that your certificates are cipher, so any certificate to import needs that PASSWORD. I hope this helps, for me it is working several months ago with several versions and models of Radware including new models 4408, 5208 and 5224. NOTE: I am still using Rancid 2.3.3 very modified to fit my needs, so migrate to new 3.X (3.2 right now) seems very complicated. -- Un saludo. ________________________________________ I?aki Mart?nez D?ez Departamento de redes acens Technologies S.L. imd at acens.com Tel?fono: 637 772 156 Fax: 944 412 426 Este mensaje puede contener informaci?n confidencial dirigida exclusivamente a su destinatario. No se permite su copia o distribuci?n sin la autorizaci?n expresa y por anticipado de acens. Si recibi? este mensaje por error, por favor, comun?quelo al emisor y elim?nelo de su ordenador. Gracias. This message may contain confidential information exclusively addressed to its intended recipient. The copy or distribution of this message is not permitted without the prior express consent by acens. If you are not the intended recipient of this message please advise the sender and delete it. Thank you. -----Mensaje original----- De: heasley Fecha: martes, 17 de marzo de 2015, 0:56 Para: Bob Franzke CC: "rancid-discuss at shrubbery.net" Asunto: Re: [rancid] Radware/Alteon Interactive Commands >Thu, Feb 26, 2015 at 06:20:56AM -0600, Bob Franzke: >> There is not unfortunately. You could remove the certificate and it >>would no longer prompt but those are needed. >> > >looking at alogin, there is already code there to send 'y'. for the >purposes >of automation, this is likely the right choice. although, it looks like >the >prompt has changed in your new version and the match needs to be updated >as >follows: > >Index: bin/alogin.in >=================================================================== >--- bin/alogin.in (revision 3061) >+++ bin/alogin.in (working copy) >@@ -456,7 +459,7 @@ > -re "^\[^\n\r]*$reprompt" {} > -re "^\[^\n\r ]*>>.*$reprompt" { exp_continue } > -re "\[\n\r]+" { exp_continue } >- -re "^\*Display private keys? \[y/n]:" { >+ -re "^\*?Display private keys? \[y/n]:" { > send "y\r" > exp_continue > } > >please lmk if that works. > >> > On Feb 26, 2015, at 3:39 AM, heasley wrote: >> > >> > Wed, Feb 25, 2015 at 04:39:00PM -0600, Robert Franzke: >> >> So I recently upgraded the code on my Alteon 4408 Load Balancers. >>Since this upgrade, when running the /c/dump command listed in arancid >>to print out the current config while having some type of SSL >>certificate installed on the device, the device asks you if you want to >>Display the Private Keys and expects the user to reply with a ?y? or ?n? >>like so: >> >> >> >>>> ALTEON-A - Standalone ADC - Main# /c/d >> >> Display private keys? [y/n]: >> >> >> >> This hangs RANCID up and causes the device config to not be >>retrieved. Is there some way to fix this in the list of commands in >>alogin/arancid such that the script would catch the ?Display private >>keys? [y/n]:? and then send a ?n?? I am not too sure which file I would >>add this too to fix this. >> > >> > is there a configuration knob or argument to /c/dump to tell it not >>to prompt? >_______________________________________________ >Rancid-discuss mailing list >Rancid-discuss at shrubbery.net >http://www.shrubbery.net/mailman/listinfo/rancid-discuss From bob.franzke at altn.com Tue Mar 17 13:50:00 2015 From: bob.franzke at altn.com (Robert Franzke) Date: Tue, 17 Mar 2015 08:50:00 -0500 Subject: [rancid] Radware/Alteon Interactive Commands In-Reply-To: <20150316235656.GB42080@shrubbery.net> Message-ID: <61f605b1.1d060b9.1cfec8.29@altn.com> Thanks for the reply here. My version of alogin does not contain any of the automation code for this prompt. expect { -re "^\[^\n\r]*$reprompt" {} -re "^\[^\n\r ]*>>.*$reprompt" { exp_continue } -re "\[\n\r]+" { exp_continue } } } Perhaps that?s all that?s needed here is to get the latest version of the alogin script. Apologies but I am not sure I know how this is done and would appreciate someone pointing me in the right direction on how I can do that. Running this on FreeBSD 9.1-RELEASE and RANCID 2.3.8_2. Does updating RANCID not get the latest login scripts? In the meantime I am going to try and just add the code for this and see how it goes. Will report back. Thanks again. -----Original Message----- From: heasley [mailto:heas at shrubbery.net] Sent: Monday, March 16, 2015 6:57 PM To: Bob Franzke Cc: heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Radware/Alteon Interactive Commands Thu, Feb 26, 2015 at 06:20:56AM -0600, Bob Franzke: > There is not unfortunately. You could remove the certificate and it would no longer prompt but those are needed. > looking at alogin, there is already code there to send 'y'. for the purposes of automation, this is likely the right choice. although, it looks like the prompt has changed in your new version and the match needs to be updated as follows: Index: bin/alogin.in =================================================================== --- bin/alogin.in (revision 3061) +++ bin/alogin.in (working copy) @@ -456,7 +459,7 @@ -re "^\[^\n\r]*$reprompt" {} -re "^\[^\n\r ]*>>.*$reprompt" { exp_continue } -re "\[\n\r]+" { exp_continue } - -re "^\*Display private keys? \[y/n]:" { + -re "^\*?Display private keys? \[y/n]:" { send "y\r" exp_continue } please lmk if that works. > > On Feb 26, 2015, at 3:39 AM, heasley wrote: > > > > Wed, Feb 25, 2015 at 04:39:00PM -0600, Robert Franzke: > >> So I recently upgraded the code on my Alteon 4408 Load Balancers. Since this upgrade, when running the /c/dump command listed in arancid to print out the current config while having some type of SSL certificate installed on the device, the device asks you if you want to Display the Private Keys and expects the user to reply with a ?y? or ?n? like so: > >> > >>>> ALTEON-A - Standalone ADC - Main# /c/d > >> Display private keys? [y/n]: > >> > >> This hangs RANCID up and causes the device config to not be retrieved. Is there some way to fix this in the list of commands in alogin/arancid such that the script would catch the ?Display private keys? [y/n]:? and then send a ?n?? I am not too sure which file I would add this too to fix this. > > > > is there a configuration knob or argument to /c/dump to tell it not to prompt? From JHumes at acs.on.ca Tue Mar 17 15:02:28 2015 From: JHumes at acs.on.ca (Jason Humes) Date: Tue, 17 Mar 2015 15:02:28 +0000 Subject: [rancid] rancid finding changes that do not exist Message-ID: Hi This is a Cisco 1800 IOS router/firewall configured in router.db as a 'cisco'. The version of RANCID is; rancid at Netmon-Backup:~$ bin/rancid -V rancid 3.1 I'm not sure what is meant by maybe the device is doing it...doing what? The diff is done by rancid, the router just does outputs the response of 'show' commands, no? Thanks Jason -----Original Message----- From: Jason Humes Sent: Thursday, March 12, 2015 4:06 PM To: rancid-discuss at shrubbery.net Subject: rancid finding changes that do not exist Hi We've got some devices that rancid thinks have changed but have not, for example; Index: configs/acs_internetmonitoringfirewall =================================================================== - -- configs/acs_internetmonitoringfirewall (revision 3422) @@ -344,13 +344,13 @@ ip http secure-server ip http secure-port 4444 ! + ip nat inside source static tcp 142.46.14.24 21 interface + FastEthernet0/0 21 ip nat inside source static tcp 142.46.14.172 443 + interface FastEthernet0/0 443 ip nat inside source static tcp + 142.46.14.172 80 interface FastEthernet0/0 80 ip nat inside source static udp 142.46.14.167 162 interface FastEthernet0/0 162 ip nat inside source static udp 142.46.14.163 69 interface FastEthernet0/0 69 ip nat inside source static udp 142.46.14.19 514 interface FastEthernet0/0 514 ip nat inside source static udp 142.46.14.169 9996 interface FastEthernet0/0 9996 - ip nat inside source static tcp 142.46.14.24 21 interface FastEthernet0/0 21 - ip nat inside source static tcp 142.46.14.172 443 interface FastEthernet0/0 443 - ip nat inside source static tcp 142.46.14.172 80 interface FastEthernet0/0 80 ip nat inside source route-map nat interface FastEthernet0/0 overload ip route 10.1.0.0 255.255.0.0 172.31.230.225 ================================================================= The line; + ip nat inside source static tcp 142.46.14.24 21 interface + FastEthernet0/0 21 Is actually; ip nat inside source static tcp 142.46.14.24 21 interface FastEthernet0/0 21 Which rancid says was remvoed (-ip nat inside source static tcp 142.46.14.24 21 interface FastEthernet0/0 21) Any idea why it is parsing the text like this? Jason From JHumes at acs.on.ca Tue Mar 17 15:19:19 2015 From: JHumes at acs.on.ca (Jason Humes) Date: Tue, 17 Mar 2015 15:19:19 +0000 Subject: [rancid] upgrade to rancid 3.2 from 3.1 and getting error "Use of uninitialized value $norder...." Message-ID: Hi Just upgraded our rancid from 3.1 to 3.2 and now getting this error in the logs; Use of uninitialized value $norder in unpack at /home/rancid/lib/rancid/rancid.pm line 378, line 1971. This is an Ubuntu system...any idea what this error is and how to correct? Thanks Jason From heas at shrubbery.net Tue Mar 17 15:25:09 2015 From: heas at shrubbery.net (heasley) Date: Tue, 17 Mar 2015 15:25:09 +0000 Subject: [rancid] upgrade to rancid 3.2 from 3.1 and getting error "Use of uninitialized value $norder...." In-Reply-To: References: Message-ID: <20150317152509.GA83353@shrubbery.net> Tue, Mar 17, 2015 at 03:19:19PM +0000, Jason Humes: > Hi > Just upgraded our rancid from 3.1 to 3.2 and now getting this error in the logs; > > Use of uninitialized value $norder in unpack at /home/rancid/lib/rancid/rancid.pm line 378, line 1971. do you know what device type is generating the error? i think its a bug in the script calling ipsort(). From bob.franzke at altn.com Tue Mar 17 15:38:00 2015 From: bob.franzke at altn.com (Robert Franzke) Date: Tue, 17 Mar 2015 10:38:00 -0500 Subject: [rancid] Radware/Alteon Interactive Commands In-Reply-To: <20150316235656.GB42080@shrubbery.net> Message-ID: <5d94675a.1d060c8.7f2f9a.3cb@altn.com> OK I tried the additional code. It did not seem to work. Getting ?couldn't compile regular expression pattern: quantifier operand invalid? error testing. While looking through this however this it's becoming clear that I just have a way outdated version of the alogin code and this has been fixed long ago. I found an updated script on GitHub and added it to my system. It's working correctly now and I can once again keep config revisions for my Alteon gear. I should have looked for this prolly before posting here but I had assumed the updated scripts would be included in RANCID updates via the ports tree. Clearly this is wrong. Without researching I am sure this info is one of those 'read UPDATING' BSD things I skipped. Gets me every time. Stupid stupid. Sorry for the bother and thanks for the help. -----Original Message----- From: heasley [mailto:heas at shrubbery.net] Sent: Monday, March 16, 2015 6:57 PM To: Bob Franzke Cc: heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Radware/Alteon Interactive Commands Thu, Feb 26, 2015 at 06:20:56AM -0600, Bob Franzke: > There is not unfortunately. You could remove the certificate and it would no longer prompt but those are needed. > looking at alogin, there is already code there to send 'y'. for the purposes of automation, this is likely the right choice. although, it looks like the prompt has changed in your new version and the match needs to be updated as follows: Index: bin/alogin.in =================================================================== --- bin/alogin.in (revision 3061) +++ bin/alogin.in (working copy) @@ -456,7 +459,7 @@ -re "^\[^\n\r]*$reprompt" {} -re "^\[^\n\r ]*>>.*$reprompt" { exp_continue } -re "\[\n\r]+" { exp_continue } - -re "^\*Display private keys? \[y/n]:" { + -re "^\*?Display private keys? \[y/n]:" { send "y\r" exp_continue } please lmk if that works. > > On Feb 26, 2015, at 3:39 AM, heasley wrote: > > > > Wed, Feb 25, 2015 at 04:39:00PM -0600, Robert Franzke: > >> So I recently upgraded the code on my Alteon 4408 Load Balancers. Since this upgrade, when running the /c/dump command listed in arancid to print out the current config while having some type of SSL certificate installed on the device, the device asks you if you want to Display the Private Keys and expects the user to reply with a ?y? or ?n? like so: > >> > >>>> ALTEON-A - Standalone ADC - Main# /c/d > >> Display private keys? [y/n]: > >> > >> This hangs RANCID up and causes the device config to not be retrieved. Is there some way to fix this in the list of commands in alogin/arancid such that the script would catch the ?Display private keys? [y/n]:? and then send a ?n?? I am not too sure which file I would add this too to fix this. > > > > is there a configuration knob or argument to /c/dump to tell it not to prompt? From JHumes at acs.on.ca Tue Mar 17 17:59:11 2015 From: JHumes at acs.on.ca (Jason Humes) Date: Tue, 17 Mar 2015 17:59:11 +0000 Subject: [rancid] upgrade to rancid 3.2 from 3.1 and getting error "Use of uninitialized value $norder...." In-Reply-To: <20150317152509.GA83353@shrubbery.net> References: <20150317152509.GA83353@shrubbery.net> Message-ID: <88cbd32d504f40109e04791177f0458c@ACSMAIL.acs.local> Hi It would be a device type of cisco. Thanks Jason -----Original Message----- From: heasley [mailto:heas at shrubbery.net] Sent: Tuesday, March 17, 2015 11:25 AM To: Jason Humes Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] upgrade to rancid 3.2 from 3.1 and getting error "Use of uninitialized value $norder...." Tue, Mar 17, 2015 at 03:19:19PM +0000, Jason Humes: > Hi > Just upgraded our rancid from 3.1 to 3.2 and now getting this error in > the logs; > > Use of uninitialized value $norder in unpack at /home/rancid/lib/rancid/rancid.pm line 378, line 1971. do you know what device type is generating the error? i think its a bug in the script calling ipsort(). From heas at shrubbery.net Tue Mar 17 18:59:25 2015 From: heas at shrubbery.net (heasley) Date: Tue, 17 Mar 2015 18:59:25 +0000 Subject: [rancid] Radware/Alteon Interactive Commands In-Reply-To: References: <20150226093837.GB88419@shrubbery.net> <9C96D799-3F4C-4B92-BE7D-7855199303FF@altn.com> <20150316235656.GB42080@shrubbery.net> Message-ID: <20150317185925.GS83353@shrubbery.net> Tue, Mar 17, 2015 at 09:24:12AM +0100, I?aki Mart?nez D?ez: > Hello, > > The problem is that if you connect via TELNET and answered ?y? you obtain: > > # /cfg/dump > Display private keys? [y/n]: y > > Access Denied: This operation can only be performed over a secure > connection such as HTTPS or SSH. > Connect to the device using a secure protocol and retry. > > So my solution was this: > > -re "Display private keys" { > if { "$cmethod" == "ssh" } { > send "y\r" > } else { > send "n\r" > } > exp_continue > > So it is checked the method of connection. > > But if you connect via SSH and answered ?y? you need to answered another > question: > > # /cfg/dump > Display private keys? [y/n]: y > Enter passphrase: > > So my solution was to add: > > -re "passphrase" { > send ?PASSWORD\r" > exp_continue > } > > Where ?PASSWORD? is a fix password that your certificates are cipher, so > any certificate to import needs that PASSWORD. Do you mean that the password is the passphrase for the Certificate? Not the password for the device. Thats ugly. I'm not sure how to handle that generically. From JHumes at acs.on.ca Tue Mar 17 19:07:57 2015 From: JHumes at acs.on.ca (Jason Humes) Date: Tue, 17 Mar 2015 19:07:57 +0000 Subject: [rancid] upgrade to rancid 3.2 from 3.1 and getting error "Use of uninitialized value $norder...." In-Reply-To: <20150317185435.GR83353@shrubbery.net> References: <20150317185402.3FD64974AE@sea.shrubbery.net> <88cbd32d504f40109e04791177f0458c@ACSMAIL.acs.local> <20150317185435.GR83353@shrubbery.net> Message-ID: <8eec23e44d05453bb3e1a23d6194494f@ACSMAIL.acs.local> Hi Yes that patch fixed the errors. Thanks Jason -----Original Message----- From: heasley [mailto:heas at shrubbery.net] Sent: Tuesday, March 17, 2015 2:55 PM To: Jason Humes Cc: heasley Subject: Re: [rancid] upgrade to rancid 3.2 from 3.1 and getting error "Use of uninitialized value $norder...." Tue, Mar 17, 2015 at 05:59:11PM +0000, Jason Humes: > Hi > It would be a device type of cisco. does this patch fix it? > Thanks > > > Jason > > > -----Original Message----- > From: heasley [mailto:heas at shrubbery.net] > Sent: Tuesday, March 17, 2015 11:25 AM > To: Jason Humes > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] upgrade to rancid 3.2 from 3.1 and getting error "Use of uninitialized value $norder...." > > Tue, Mar 17, 2015 at 03:19:19PM +0000, Jason Humes: > > Hi > > Just upgraded our rancid from 3.1 to 3.2 and now getting this error > > in the logs; > > > > Use of uninitialized value $norder in unpack at /home/rancid/lib/rancid/rancid.pm line 378, line 1971. > > do you know what device type is generating the error? i think its a bug in the script calling ipsort(). Index: lib/rancid.pm.in =================================================================== --- lib/rancid.pm.in (revision 3065) +++ lib/rancid.pm.in (working copy) @@ -366,7 +366,9 @@ $l = 128; } $norder = inet_pton(AF_INET6, $a); - return unpack("H*", $norder) . unpack("H*", pack("C", $l)); + if (defined($norder)) { + return unpack("H*", $norder) . unpack("H*", pack("C", $l)); + } } else { my($l); if ($a =~ /\//) { @@ -375,7 +377,9 @@ $l = 32; } $norder = inet_pton(AF_INET, $a); - return(unpack("H*", $norder) . unpack("H*", pack("C", $l))); + if (defined($norder)) { + return(unpack("H*", $norder) . unpack("H*", pack("C", $l))); + } } # otherwise return the original key value, so as not to sort on null From bob.franzke at altn.com Tue Mar 17 21:58:00 2015 From: bob.franzke at altn.com (Robert Franzke) Date: Tue, 17 Mar 2015 16:58:00 -0500 Subject: [rancid] Radware/Alteon Interactive Commands In-Reply-To: <20150317185925.GS83353@shrubbery.net> Message-ID: <7c9a2bfe.1d060fd.1db5079.117e@altn.com> Yes, I think he means the passphrase for the certificate, not the device. When you answer yes it then prompts for a passphrase for the certificate before it runs the dump. I answer 'n' so I get no passphrase prompt, but someone who wants to include the private keys of any installed certificates on the device in the config dump would need to provide the passphrase for them to see them. Agreed, ugly. -----Original Message----- From: heasley [mailto:heas at shrubbery.net] Sent: Tuesday, March 17, 2015 1:59 PM To: I?aki Mart?nez D?ez Cc: heasley; Bob Franzke; rancid-discuss at shrubbery.net Subject: Re: [rancid] Radware/Alteon Interactive Commands Tue, Mar 17, 2015 at 09:24:12AM +0100, I?aki Mart?nez D?ez: > Hello, > > The problem is that if you connect via TELNET and answered ?y? you obtain: > > # /cfg/dump > Display private keys? [y/n]: y > > Access Denied: This operation can only be performed over a secure > connection such as HTTPS or SSH. > Connect to the device using a secure protocol and retry. > > So my solution was this: > > -re "Display private keys" { > if { "$cmethod" == "ssh" } { > send "y\r" > } else { > send "n\r" > } > exp_continue > > So it is checked the method of connection. > > But if you connect via SSH and answered ?y? you need to answered > another > question: > > # /cfg/dump > Display private keys? [y/n]: y > Enter passphrase: > > So my solution was to add: > > -re "passphrase" { > send ?PASSWORD\r" > exp_continue > } > > Where ?PASSWORD? is a fix password that your certificates are cipher, > so any certificate to import needs that PASSWORD. Do you mean that the password is the passphrase for the Certificate? Not the password for the device. Thats ugly. I'm not sure how to handle that generically. From matthew at walster.org Wed Mar 18 22:33:11 2015 From: matthew at walster.org (Matthew Walster) Date: Wed, 18 Mar 2015 22:33:11 +0000 Subject: [rancid] Merging rancid-git with mainline rancid Message-ID: Hi, For a few years now, I've been running a separate patch tree for the git work Jeff Ollie once did. I've accepted a few patches into it for different functionality, but ultimately I've been trying to get people to submit these patches to upstream (i.e. here). Very few (if any) actually did. Now that we have git support in the mainline release, I'd like to try and re-integrate those patches back upstream... Except there's a big problem: rancid-git currently does one repo per install. rancid currently does one repo per group. Clearly, the rancid (upstream) way is a consistent, proper way to do it. Therefore I'm planning on writing some kind of migration tool which will re-write a history. Would that be interesting to people? Also, John Heasley -- there's a few patches in my branch that might be interesting to you (pfsense support, fixes for modern F5 etc), would you prefer patch sets of "one per feature" to be submitted, or just one big patch set? Feel free to reject anything you don't like. Many thanks in advance, Matthew Walster aka https://github.com/dotwaffle/rancid-git aka "the git that was running a fork he barely maintained" -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu Mar 19 06:00:40 2015 From: heas at shrubbery.net (heasley) Date: Thu, 19 Mar 2015 06:00:40 +0000 Subject: [rancid] Merging rancid-git with mainline rancid In-Reply-To: References: Message-ID: <20150319060040.GC46544@shrubbery.net> Wed, Mar 18, 2015 at 10:33:11PM +0000, Matthew Walster: > For a few years now, I've been running a separate patch tree for the git > work Jeff Ollie once did. I've accepted a few patches into it for different > functionality, but ultimately I've been trying to get people to submit > these patches to upstream (i.e. here). Very few (if any) actually did. > > Now that we have git support in the mainline release, I'd like to try and > re-integrate those patches back upstream... Except there's a big problem: > > rancid-git currently does one repo per install. > > rancid currently does one repo per group. > > Clearly, the rancid (upstream) way is a consistent, proper way to do it. i'm relieved that folks agree. i was concerned that folks would be angry about that, but after discussing it with a few, it seemed the best choice. > Therefore I'm planning on writing some kind of migration tool which will > re-write a history. Would that be interesting to people? > > Also, John Heasley -- there's a few patches in my branch that might be > interesting to you (pfsense support, fixes for modern F5 etc), would you > prefer patch sets of "one per feature" to be submitted, or just one big > patch set? Feel free to reject anything you don't like. either way; though i prefer the latter, since it may be easier to debug issues if they arise in other's environments. From shouldbeq931 at gmail.com Thu Mar 19 17:59:07 2015 From: shouldbeq931 at gmail.com (shouldbe q931) Date: Thu, 19 Mar 2015 17:59:07 +0000 Subject: [rancid] failure with downloading old versions Message-ID: I tried to download an older version of rancid from ftp://ftp.shrubbery.net/pub/rancid/.old/ but got an access denied message. I was wondering if the permissions had changed, they currently look like -r--r----- 1 7053 rancid 372436 Feb 15 2011 rancid-2.3.6.tar.gz Cheers From Andrew.Meyer at tsg2.com Sun Mar 22 19:25:13 2015 From: Andrew.Meyer at tsg2.com (Andrew S. Meyer) Date: Sun, 22 Mar 2015 19:25:13 +0000 Subject: [rancid] Setting up Rancid on FreeBSD 10.1 Message-ID: Hi everyone, I seem to be having some difficulty getting rancid to send emails on FBSD 10.1 using postfix or sendmail (built-in). I have configured postfix to relay to another mail server in my setup but doesn't seem to do it when I have the rancid cronjob setup to run. Although if I run the following command uname -a | mail -s "`uname -n`: Test mail config" user at tld.com it works just fine. I can run this command as any user and it works, but the automated emails do not for the rancid user. Has anyone else run into this? If so how do you fix it? I'm almost done with my rancid setup. Here is my postfix config root at monitoring1:~ # postconf -n postconf: warning: /usr/local/etc/postfix/main.cf, line 573: overriding earlier entry: alias_maps=dbm:/etc/mail/aliases alias_maps = hash:/etc/mail/aliases command_directory = /usr/local/sbin config_directory = /usr/local/etc/postfix daemon_directory = /usr/local/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 html_directory = /usr/local/share/doc/postfix inet_protocols = ipv4 mail_owner = postfix mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man mynetworks_style = host newaliases_path = /usr/local/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/local/share/doc/postfix relayhost = [192.168.220.56] sample_directory = /usr/local/etc/postfix sendmail_path = /usr/local/sbin/sendmail setgid_group = maildrop unknown_local_recipient_reject_code = 550 root at monitoring1:~ # /var/log/maillog output Mar 22 14:15:00 monitoring1 postfix/local[1513]: warning: /usr/local/etc/postfix/main.cf, line 573: overriding earlier entry: alias_maps=dbm:/etc/mail/aliases Mar 22 14:15:00 monitoring1 postfix/local[1513]: warning: database /etc/mail/aliases.db is older than source file /etc/mail/aliases Mar 22 14:15:00 monitoring1 postfix/local[1513]: 0E2DC7590B: to=, orig_to=, relay=local, delay=0.02, delays=0.01/0/0/0, dsn=2.0.0, status=sent (delivered to mailbox) Mar 22 14:15:00 monitoring1 postfix/qmgr[632]: 0E2DC7590B: removed Mar 22 14:20:00 monitoring1 postfix/sendmail[1586]: warning: /usr/local/etc/postfix/main.cf, line 573: overriding earlier entry: alias_maps=dbm:/etc/mail/aliases Mar 22 19:20:00 monitoring1 postfix/postdrop[1588]: warning: /usr/local/etc/postfix/main.cf, line 573: overriding earlier entry: alias_maps=dbm:/etc/mail/aliases Mar 22 14:20:00 monitoring1 postfix/cleanup[1594]: warning: /usr/local/etc/postfix/main.cf, line 573: overriding earlier entry: alias_maps=dbm:/etc/mail/aliases Mar 22 14:20:00 monitoring1 postfix/pickup[631]: 096427590B: uid=1002 from= Mar 22 14:20:00 monitoring1 postfix/trivial-rewrite[1595]: warning: /usr/local/etc/postfix/main.cf, line 573: overriding earlier entry: alias_maps=dbm:/etc/mail/aliases Mar 22 14:20:00 monitoring1 postfix/cleanup[1594]: 096427590B: message-id=<20150322192000.096427590B at monitoring1.borg.priv> Mar 22 14:20:00 monitoring1 postfix/qmgr[632]: 096427590B: from=, size=622, nrcpt=1 (queue active) Mar 22 14:20:00 monitoring1 postfix/local[1597]: warning: /usr/local/etc/postfix/main.cf, line 573: overriding earlier entry: alias_maps=dbm:/etc/mail/aliases Mar 22 14:20:00 monitoring1 postfix/local[1597]: warning: database /etc/mail/aliases.db is older than source file /etc/mail/aliases Mar 22 14:20:00 monitoring1 postfix/local[1597]: 096427590B: to=, orig_to=, relay=local, delay=0.02, delays=0.01/0/0/0, dsn=2.0.0, status=sent (delivered to mailbox) Mar 22 14:20:00 monitoring1 postfix/qmgr[632]: 096427590B: removed root at monitoring1:~ # As for rancid - here is what I have setup: LIST_OF_GROUPS="NetworkDevices" MAILDOMAIN="@borg.local"; export MAILDOMAIN I have run rancid-cvs to set it all up. Here is the crontab for rancid. I have it setup to check and email me so often to do some testing. I DO plan to change this once completed: [rancid at monitoring1 ~]$ crontab -l 1,5,10,15,20,25,30,35,40,45,50,55 * * * * /usr/local/bin/rancid-run #hourly router dump 1,5,10,15,20,25,30,35,40,45,50,55 * * * * /usr/bin/find /usr/local/var/rancid/logs -type -f -mtime +2 -exec rm -rf {} \; [rancid at monitoring1 ~]$ Also, Has anyone started using Rancid 3.0 yet? If so how hard is it to setup? Andrew -------------- next part -------------- An HTML attachment was scrubbed... URL: From nick at foobar.org Sun Mar 22 20:54:57 2015 From: nick at foobar.org (Nick Hilliard) Date: Sun, 22 Mar 2015 20:54:57 +0000 Subject: [rancid] Setting up Rancid on FreeBSD 10.1 In-Reply-To: References: Message-ID: <550F2C21.9030205@foobar.org> On 22/03/2015 19:25, Andrew S. Meyer wrote: > Has anyone else run into this? If so how do you fix it? I?m almost done > with my rancid setup. this is a mail configuration problem rather than a rancid problem. Looks to me like there could be a problem with your mail aliases. > Mar 22 14:15:00 monitoring1 postfix/local[1513]: warning: > /usr/local/etc/postfix/main.cf, line 573: overriding earlier entry: > alias_maps=dbm:/etc/mail/aliases this looks like a mistake in your postfix config. > Mar 22 14:15:00 monitoring1 postfix/local[1513]: warning: database > /etc/mail/aliases.db is older than source file /etc/mail/aliases you need to run: # postalias /etc/mail/aliases > Mar 22 14:15:00 monitoring1 postfix/local[1513]: 0E2DC7590B: > to=, orig_to=, relay=local, > delay=0.02, delays=0.01/0/0/0, dsn=2.0.0, status=sent (delivered to mailbox) looks like the mail was delivered to /var/mail/rancid. > Here is the crontab for rancid. I have it setup to check and email me so > often to do some testing. I DO plan to change this once completed: bear in mind that if you are polling devices with nvram, rancid will issue a configuration write. On some types of kit, this can cause the nvram to wear out after a couple of years. Nick From magnus at excellent-hosting.se Mon Mar 23 08:55:53 2015 From: magnus at excellent-hosting.se (Magnus Ringdahl) Date: Mon, 23 Mar 2015 08:55:53 +0000 Subject: [rancid] Rancid 3.2 issue with perl/inet_pton Message-ID: <7f7fb630b27642e2a9906f4bfa0341d9@mx01.excellent-hosting.net> Hi, I'm having issues with rancid since i upgraded (removed old and installed 3.2) rancid. I'm getting no output from rancid-run, but I get the following from rancid -d. "inet_pton" is not exported by the Socket module Can't continue after import errors at /usr/local/rancid/lib/rancid/rancid.pm line 51 BEGIN failed--compilation aborted at /usr/local/rancid/lib/rancid/rancid.pm line 51. Compilation failed in require at ./rancid line 61. BEGIN failed--compilation aborted at ./rancid line 61. Anyone seen this before, couldn't find much about this issue. I'm running this on Debian 2.6.32-5-686 with Perl 5.10.1-17squeeze2. Med v?nlig h?lsning/Kind Regards, [cid:part1.01000801.07050402 at mullet.se] Magnus Ringdahl Lagmansgatan 4B 214 66 Malm? M: 0766-34 88 86 T: 040-670 76 90 http://www.excellent-hosting.se -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 4009 bytes Desc: image001.jpg URL: From nick at foobar.org Mon Mar 23 10:22:16 2015 From: nick at foobar.org (Nick Hilliard) Date: Mon, 23 Mar 2015 10:22:16 +0000 Subject: [rancid] Rancid 3.2 issue with perl/inet_pton In-Reply-To: <7f7fb630b27642e2a9906f4bfa0341d9@mx01.excellent-hosting.net> References: <7f7fb630b27642e2a9906f4bfa0341d9@mx01.excellent-hosting.net> Message-ID: <550FE958.3030209@foobar.org> An HTML attachment was scrubbed... URL: From alligator94 at laposte.net Mon Mar 23 13:47:13 2015 From: alligator94 at laposte.net (alligator94) Date: Mon, 23 Mar 2015 14:47:13 +0100 Subject: [rancid] archive cisco command and rancid Message-ID: <001801d0656f$deff8f90$9cfeaeb0$@laposte.net> Hi, We use rancid for years now. We manage too much cisco devices, so rancid runs daily during almost 15 hours. As, most part of the time, the configurations have not changed, I would like to use the cisco archive command to ftp the configuration when it is saved in the cisco device. So we could run rancid only once a week . Is there a way to process the files sent by ftp as input to rancid to have the formatting and the differences processed and stored as with native rancid? Thanks Gilles -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Mon Mar 23 16:15:55 2015 From: heas at shrubbery.net (Heasley) Date: Mon, 23 Mar 2015 11:15:55 -0500 Subject: [rancid] archive cisco command and rancid In-Reply-To: <001801d0656f$deff8f90$9cfeaeb0$@laposte.net> References: <001801d0656f$deff8f90$9cfeaeb0$@laposte.net> Message-ID: <4B1CA2E6-B2E4-44A3-B83B-D1E5A203CD49@shrubbery.net> Am 23.03.2015 um 08:47 schrieb alligator94 : > > Hi, > We use rancid for years now. We manage too much cisco devices, so rancid runs daily during almost 15 hours. Ignoring the question below for now. 15hours seems outrageous, so tell us more about your environment please. How many devices, models, connectivity, rancid host, rancid.conf PAR count, etc. i collect about 450 devices each hour without issue. > As, most part of the time, the configurations have not changed, I would like to use the cisco archive command to ftp the configuration when it is saved in the cisco device. So we could run rancid only once a week . > Is there a way to process the files sent by ftp as input to rancid to have the formatting and the differences processed and stored as with native rancid? > Thanks > Gilles > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From alligator94 at laposte.net Mon Mar 23 17:35:18 2015 From: alligator94 at laposte.net (alligator94) Date: Mon, 23 Mar 2015 18:35:18 +0100 Subject: [rancid] archive cisco command and rancid In-Reply-To: <4B1CA2E6-B2E4-44A3-B83B-D1E5A203CD49@shrubbery.net> References: <001801d0656f$deff8f90$9cfeaeb0$@laposte.net> <4B1CA2E6-B2E4-44A3-B83B-D1E5A203CD49@shrubbery.net> Message-ID: <002601d0658f$bc21e110$3465a330$@laposte.net> We use rancid to backup daily around 3700 cisco devices (routers and switches + some WAP and FW) all around the world and let?s say that 10 percent randomly may not be reachable because they are switched off at night or due to any other connectivity issue. As we have the standard rancid configuration, I think that there are 3 retries, so it may take time. I have no access right now to the rancid config, but several clogin run in //. We have a lot of different models of cisco devices, connected through a stable and not overloaded mpls network or using ipsec tunnels. Some use satellite connectivity in the far east countries. Rancid runs on a separate linux system, so it is not disturbing while rancid run is below 24hours . But I was wondering if, as we don?t change the devices configuration very often, once a week would be enough if we use the ?archive ? cisco command to store the updated config. Today we run rancid on a daily basis not to miss any change in the devices configurations. Regards Gilles From: Heasley [mailto:heas at shrubbery.net] Sent: lundi 23 mars 2015 17:16 To: alligator94 Cc: Subject: Re: [rancid] archive cisco command and rancid Am 23.03.2015 um 08:47 schrieb alligator94 < alligator94 at laposte.net>: Hi, We use rancid for years now. We manage too much cisco devices, so rancid runs daily during almost 15 hours. Ignoring the question below for now. 15hours seems outrageous, so tell us more about your environment please. How many devices, models, connectivity, rancid host, rancid.conf PAR count, etc. i collect about 450 devices each hour without issue. As, most part of the time, the configurations have not changed, I would like to use the cisco archive command to ftp the configuration when it is saved in the cisco device. So we could run rancid only once a week . Is there a way to process the files sent by ftp as input to rancid to have the formatting and the differences processed and stored as with native rancid? Thanks Gilles _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Mon Mar 23 18:26:53 2015 From: heas at shrubbery.net ('Heasley') Date: Mon, 23 Mar 2015 18:26:53 +0000 Subject: [rancid] archive cisco command and rancid In-Reply-To: <002601d0658f$bc21e110$3465a330$@laposte.net> References: <001801d0656f$deff8f90$9cfeaeb0$@laposte.net> <4B1CA2E6-B2E4-44A3-B83B-D1E5A203CD49@shrubbery.net> <002601d0658f$bc21e110$3465a330$@laposte.net> Message-ID: <20150323182653.GC74061@shrubbery.net> Mon, Mar 23, 2015 at 06:35:18PM +0100, alligator94: > We use rancid to backup daily around 3700 cisco devices (routers and switches + some WAP and FW) all around the world and let?s say that 10 percent randomly may not be reachable because they are switched off at night or due to any other connectivity issue. As we have the standard rancid configuration, I think that there are 3 retries, so it may take time. > > I have no access right now to the rancid config, but several clogin run in //. > > We have a lot of different models of cisco devices, connected through a stable and not overloaded mpls network or using ipsec tunnels. Some use satellite connectivity in the far east countries. A few things I can suggest to improve the collection time: - since you have a lot of devices (probably) with long RTTs - increase rancid.conf:PAR_COUNT. Perhaps double the number of CPUs. most processes will be waiting on the network. if the host *only* does rancid, increase it furture - perhaps 4 times. you will have to play with the value a bit to find your acceptable load vs time comfort. - if you can separate topologically distanct devices from near by group, you could use /rancid.conf to tailor PAR_COUNT for the workload w/ 3.2. - if devices may be turned-off or may suffer outages often, these two could be separated into a separate group and use /rancid.conf to lower the MAX_ROUNDS variable. - you could also try lowering the timeout in cloginrc for devices that are often inaccessible. - you may also consider switching to svn, which is faster than cvs. or git, but please create a test instance for yourself before moving to git as the support is new. - rancid.conf:NOPIPE=YES will improve performance of the perl part of a collection a little. - also, see the FAQ for triggering rancid runs from syslog configuration change messages. Use that for daily activity and run once a week to CYA. > Rancid runs on a separate linux system, so it is not disturbing while rancid run is below 24hours . But I was wondering if, as we don?t change the devices configuration very often, once a week would be enough if we use the ?archive ? cisco command to store the updated config. Today we run rancid on a daily basis not to miss any change in the devices configurations. > As, most part of the time, the configurations have not changed, I would like to use the cisco archive command to ftp the configuration when it is saved in the cisco device. So we could run rancid only once a week . > > Is there a way to process the files sent by ftp as input to rancid to have the formatting and the differences processed and stored as with native rancid? I've not tried transfering the archives from devices. there is no support currently for reading the ftp file, but it is of course entirely possible to add such a mechanism. but, it would still need to connect to the device to collect other info, or at least show version. From rdrake at direcpath.com Mon Mar 23 18:29:52 2015 From: rdrake at direcpath.com (rdrake) Date: Mon, 23 Mar 2015 14:29:52 -0400 Subject: [rancid] archive cisco command and rancid In-Reply-To: <002601d0658f$bc21e110$3465a330$@laposte.net> References: <001801d0656f$deff8f90$9cfeaeb0$@laposte.net> <4B1CA2E6-B2E4-44A3-B83B-D1E5A203CD49@shrubbery.net> <002601d0658f$bc21e110$3465a330$@laposte.net> Message-ID: <55105BA0.1000604@direcpath.com> On 03/23/2015 01:35 PM, alligator94 wrote: > > We use rancid to backup daily around 3700 cisco devices (routers and > switches + some WAP and FW) all around the world and let?s say that 10 > percent randomly may not be reachable because they are switched off at > night or due to any other connectivity issue. As we have the standard > rancid configuration, I think that there are 3 retries, so it may take > time. > > I have no access right now to the rancid config, but several clogin > run in //. > > > > We have a lot of different models of cisco devices, connected through > a stable and not overloaded mpls network or using ipsec tunnels. Some > use satellite connectivity in the far east countries. > > > > Rancid runs on a separate linux system, so it is not disturbing while > rancid run is below 24hours . But I was wondering if, as we don?t > change the devices configuration very often, once a week would be > enough if we use the ?archive ? cisco command to store the updated > config. Today we run rancid on a daily basis not to miss any change in > the devices configurations. > > > > Regards > > Gilles > > > > > > > You could do a few things. If you're running tacacs you could kickoff an individual rancid-run on a single node after a login to that node. Or if you're using a syslog server you can watch for "Configured from " in the logs and kick it off from that. If you were to use the ftp config you would need to heavily modify the rancid script. It would need to detect that the file was newer than what was saved in CVS, then grab the comments out of the existing CVS file, combine that with the "sh run" from the ftp. This would fake things out and the comments would be wrong on some devices and that would be .. not ideal. Either that, or you could strip all the comments from both files and diff them then only run rancid on files that are different. That lets you save lots of runtime and gives you the correct answers, so it would be much better than the above, at the cost of a little more network traffic. If you did these I would still advise you to do a full run once a week. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From heas at shrubbery.net Mon Mar 23 19:12:42 2015 From: heas at shrubbery.net ('Heasley') Date: Mon, 23 Mar 2015 19:12:42 +0000 Subject: [rancid] archive cisco command and rancid In-Reply-To: <000901d0659c$2cc18d10$8644a730$@laposte.net> References: <001801d0656f$deff8f90$9cfeaeb0$@laposte.net> <4B1CA2E6-B2E4-44A3-B83B-D1E5A203CD49@shrubbery.net> <002601d0658f$bc21e110$3465a330$@laposte.net> <20150323182653.GC74061@shrubbery.net> <000901d0659c$2cc18d10$8644a730$@laposte.net> Message-ID: <20150323191242.GD75002@shrubbery.net> Mon, Mar 23, 2015 at 08:04:22PM +0100, Alligator: > I am thinking at /rancid.conf that I didn't know. thats new in 3.2 (or 3.). > A few things I can suggest to improve the collection time: > - since you have a lot of devices (probably) with long RTTs > - increase rancid.conf:PAR_COUNT. Perhaps double the number of CPUs. > most processes will be waiting on the network. if the host *only* > does rancid, increase it furture - perhaps 4 times. you will have s/future/further/ - brain in different place than fingers. > to play with the value a bit to find your acceptable load vs time > comfort. From alligator94 at laposte.net Mon Mar 23 19:04:22 2015 From: alligator94 at laposte.net (Alligator) Date: Mon, 23 Mar 2015 20:04:22 +0100 Subject: [rancid] archive cisco command and rancid In-Reply-To: <20150323182653.GC74061@shrubbery.net> References: <001801d0656f$deff8f90$9cfeaeb0$@laposte.net> <4B1CA2E6-B2E4-44A3-B83B-D1E5A203CD49@shrubbery.net> <002601d0658f$bc21e110$3465a330$@laposte.net> <20150323182653.GC74061@shrubbery.net> Message-ID: <000901d0659c$2cc18d10$8644a730$@laposte.net> Thanks a lot for all these parameters to tune. I am thinking at /rancid.conf that I didn't know. I also have just had a look at the FAQ and "sec" seems to be quite simple to use and efficient. Very helpful. Thanks Gilles -----Original Message----- From: 'Heasley' [mailto:heas at shrubbery.net] Sent: lundi 23 mars 2015 19:27 To: alligator94 Cc: 'Heasley'; rancid-discuss at shrubbery.net Subject: Re: [rancid] archive cisco command and rancid Mon, Mar 23, 2015 at 06:35:18PM +0100, alligator94: > We use rancid to backup daily around 3700 cisco devices (routers and switches + some WAP and FW) all around the world and let?s say that 10 percent randomly may not be reachable because they are switched off at night or due to any other connectivity issue. As we have the standard rancid configuration, I think that there are 3 retries, so it may take time. > > I have no access right now to the rancid config, but several clogin run in //. > > We have a lot of different models of cisco devices, connected through a stable and not overloaded mpls network or using ipsec tunnels. Some use satellite connectivity in the far east countries. A few things I can suggest to improve the collection time: - since you have a lot of devices (probably) with long RTTs - increase rancid.conf:PAR_COUNT. Perhaps double the number of CPUs. most processes will be waiting on the network. if the host *only* does rancid, increase it furture - perhaps 4 times. you will have to play with the value a bit to find your acceptable load vs time comfort. - if you can separate topologically distanct devices from near by group, you could use /rancid.conf to tailor PAR_COUNT for the workload w/ 3.2. - if devices may be turned-off or may suffer outages often, these two could be separated into a separate group and use /rancid.conf to lower the MAX_ROUNDS variable. - you could also try lowering the timeout in cloginrc for devices that are often inaccessible. - you may also consider switching to svn, which is faster than cvs. or git, but please create a test instance for yourself before moving to git as the support is new. - rancid.conf:NOPIPE=YES will improve performance of the perl part of a collection a little. - also, see the FAQ for triggering rancid runs from syslog configuration change messages. Use that for daily activity and run once a week to CYA. > Rancid runs on a separate linux system, so it is not disturbing while rancid run is below 24hours . But I was wondering if, as we don?t change the devices configuration very often, once a week would be enough if we use the ?archive ? cisco command to store the updated config. Today we run rancid on a daily basis not to miss any change in the devices configurations. > As, most part of the time, the configurations have not changed, I would like to use the cisco archive command to ftp the configuration when it is saved in the cisco device. So we could run rancid only once a week . > > Is there a way to process the files sent by ftp as input to rancid to have the formatting and the differences processed and stored as with native rancid? I've not tried transfering the archives from devices. there is no support currently for reading the ftp file, but it is of course entirely possible to add such a mechanism. but, it would still need to connect to the device to collect other info, or at least show version. From alligator94 at laposte.net Mon Mar 23 19:16:23 2015 From: alligator94 at laposte.net (Alligator) Date: Mon, 23 Mar 2015 20:16:23 +0100 Subject: [rancid] archive cisco command and rancid In-Reply-To: <55105BA0.1000604@direcpath.com> References: <001801d0656f$deff8f90$9cfeaeb0$@laposte.net> <4B1CA2E6-B2E4-44A3-B83B-D1E5A203CD49@shrubbery.net> <002601d0658f$bc21e110$3465a330$@laposte.net> <55105BA0.1000604@direcpath.com> Message-ID: <000a01d0659d$daaee430$900cac90$@laposte.net> Thanks a lot. As you say, it will need to heavily modify the rancid script. Thanks for the useful tips. Regards, Gilles. From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of rdrake Sent: lundi 23 mars 2015 19:30 To: rancid-discuss at shrubbery.net Subject: Re: [rancid] archive cisco command and rancid On 03/23/2015 01:35 PM, alligator94 wrote: We use rancid to backup daily around 3700 cisco devices (routers and switches + some WAP and FW) all around the world and let's say that 10 percent randomly may not be reachable because they are switched off at night or due to any other connectivity issue. As we have the standard rancid configuration, I think that there are 3 retries, so it may take time. I have no access right now to the rancid config, but several clogin run in //. We have a lot of different models of cisco devices, connected through a stable and not overloaded mpls network or using ipsec tunnels. Some use satellite connectivity in the far east countries. Rancid runs on a separate linux system, so it is not disturbing while rancid run is below 24hours . But I was wondering if, as we don't change the devices configuration very often, once a week would be enough if we use the "archive " cisco command to store the updated config. Today we run rancid on a daily basis not to miss any change in the devices configurations. Regards Gilles You could do a few things. If you're running tacacs you could kickoff an individual rancid-run on a single node after a login to that node. Or if you're using a syslog server you can watch for "Configured from " in the logs and kick it off from that. If you were to use the ftp config you would need to heavily modify the rancid script. It would need to detect that the file was newer than what was saved in CVS, then grab the comments out of the existing CVS file, combine that with the "sh run" from the ftp. This would fake things out and the comments would be wrong on some devices and that would be .. not ideal. Either that, or you could strip all the comments from both files and diff them then only run rancid on files that are different. That lets you save lots of runtime and gives you the correct answers, so it would be much better than the above, at the cost of a little more network traffic. If you did these I would still advise you to do a full run once a week. -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Mon Mar 23 19:58:00 2015 From: heas at shrubbery.net (heasley) Date: Mon, 23 Mar 2015 19:58:00 +0000 Subject: [rancid] Rancid 3.2 issue with perl/inet_pton In-Reply-To: <20150323193131.73E88994BE@sea.shrubbery.net> <550FE958.3030209@foobar.org> Message-ID: <20150323195800.GB76719@shrubbery.net> Mon, Mar 23, 2015 at 10:22:16AM +0000, Nick Hilliard: > you need to update the perl Socket module from CPAN.? Socket-2.018 > should work fine.
Thanks. It appears that 2.006 is sufficient, fwiw. This patch adds runtime & configtime checks: ftp://ftp.shrubbery.net/pub/rancid/rancid-3.2.p3.gz From TERRY at tmk.com Tue Mar 24 02:04:34 2015 From: TERRY at tmk.com (Terry Kennedy) Date: Mon, 23 Mar 2015 22:04:34 -0400 (EDT) Subject: [rancid] rancid finding changes that do not exist Message-ID: <01PJYO1TJYC4001EC7@tmk.com> This is because Perl 5.18 and newer changed their sort algorithm. You should be able to fix it by adding: # TMK - Deal with Perl 5.18's new random hashing (by nuking it) #PERL_HASH_SEED_DEBUG="1"; export PERL_HASH_SEED_DEBUG PERL_HASH_SEED="0123456789ABCDEF"; export PERL_HASH_SEED PERL_PERTURB_KEYS="0"; export PERL_PERTURB_KEYS near the top of your rancid.conf file. You can pick some random hex string for PERL_HASH_SEED if you like. For a more complete explanation of what Perl is doing by default, see: http://perldoc.perl.org/perlsec.html#Algorithmic-Complexity-Attacks There's some earlier discussion of the issue (without resolution) here: http://www.shrubbery.net/pipermail/rancid-discuss/2014-May/007630.html Terry Kennedy http://www.ispnetinc.net ISPnet, Inc. New York, NY USA terry at tmk.com 800-806-NETS From alan.mckinnon at gmail.com Tue Mar 24 07:31:32 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Tue, 24 Mar 2015 09:31:32 +0200 Subject: [rancid] archive cisco command and rancid In-Reply-To: <20150323182653.GC74061@shrubbery.net> References: <001801d0656f$deff8f90$9cfeaeb0$@laposte.net> <4B1CA2E6-B2E4-44A3-B83B-D1E5A203CD49@shrubbery.net> <002601d0658f$bc21e110$3465a330$@laposte.net> <20150323182653.GC74061@shrubbery.net> Message-ID: <551112D4.9060706@gmail.com> On 23/03/2015 20:26, 'Heasley' wrote: > Mon, Mar 23, 2015 at 06:35:18PM +0100, alligator94: >> > We use rancid to backup daily around 3700 cisco devices (routers and switches + some WAP and FW) all around the world and let?s say that 10 percent randomly may not be reachable because they are switched off at night or due to any other connectivity issue. As we have the standard rancid configuration, I think that there are 3 retries, so it may take time. >> > >> > I have no access right now to the rancid config, but several clogin run in //. >> > >> > We have a lot of different models of cisco devices, connected through a stable and not overloaded mpls network or using ipsec tunnels. Some use satellite connectivity in the far east countries. > A few things I can suggest to improve the collection time: > - since you have a lot of devices (probably) with long RTTs > - increase rancid.conf:PAR_COUNT. Perhaps double the number of CPUs. > most processes will be waiting on the network. if the host *only* > does rancid, increase it furture - perhaps 4 times. you will have > to play with the value a bit to find your acceptable load vs time > comfort. > - if you can separate topologically distanct devices from near by > group, you could use /rancid.conf to tailor PAR_COUNT for the > workload w/ 3.2. > - if devices may be turned-off or may suffer outages often, these two could be > separated into a separate group and use /rancid.conf to lower the > MAX_ROUNDS variable. > - you could also try lowering the timeout in cloginrc for devices that are > often inaccessible. > - you may also consider switching to svn, which is faster than cvs. or git, > but please create a test instance for yourself before moving to git as the > support is new. > - rancid.conf:NOPIPE=YES will improve performance of the perl part of a > collection a little. > - also, see the FAQ for triggering rancid runs from syslog configuration > change messages. Use that for daily activity and run once a week to CYA. > I have some experience with setups like this: More than 8000 CE devices (mostly Cisco) distributed throughout Africa over whatever links happened to be available at the time. The list of devices was constantly changing, they may or may not be up at any given time, the username/password may or may not follow the standard, and the device in question may or may not even exist at all in the real world. With 2.3.8 on a single-CPU VM with 512MB RAM, I got this to run in about 4 hours: - Crank PAR_COUNT way up. I had mine set to 50 IIRC. - Split your devices up into groups of a few hundred each - Set the telnet/ssh timeout as high as you need it to be to work reliably 95% of the time The rancid perl processes are all shared, and the code spends most of it's time waiting on the network as characters come in one by one. The actual amount of CPU work done per process is miniscule and disk accesses are so infrequent you can almost ignore their effect, so don't be scared to set PAR_COUNT very high. top and load measurements tend to go very high with rancid, ignore those numbers - it's a false positive because the machine is doing so much waiting on the network. I found, somewhat counter-intuitively, that with one large group of 8000 devices, cvs itself was adding a significant amount of time with each commit. Maybe cvs was misconfigured on my end, but it got much better when I created 26 groups (initial letter of the hostname) so I never took the time to investigate cvs further. I also had MAX_ROUNDS set to 0 so rancid never retried a given device. My logic was that connectivity to the device was not my problem at all so I didn't need to deal with it, and rancid would simply poll the device again in 12 hours (mine ran twice a day). The OP might not have the freedom to work under a policy like this though. -- Alan McKinnon alan.mckinnon at gmail.com From sstavdal at gmail.com Tue Mar 24 07:29:09 2015 From: sstavdal at gmail.com (Simen Stavdal) Date: Tue, 24 Mar 2015 08:29:09 +0100 Subject: [rancid] rancid finding changes that do not exist In-Reply-To: <01PJYO1TJYC4001EC7@tmk.com> References: <01PJYO1TJYC4001EC7@tmk.com> Message-ID: Hi Terry, Thanks for the suggestion. Added the variables to rancid.conf and ran it again. It produced the same messages in the log file. Funny thing. I tried to install rancid3.1, and it worked flawlessly with the same version of Perl. Then i tried to go back to 3.2 and the same thing again. I will go through the compilation logs to see if there is something not quite right here. Cheers, Simon. On 24 March 2015 at 03:04, Terry Kennedy wrote: > This is because Perl 5.18 and newer changed their sort algorithm. You > should be able to fix it by adding: > > # TMK - Deal with Perl 5.18's new random hashing (by nuking it) > #PERL_HASH_SEED_DEBUG="1"; export PERL_HASH_SEED_DEBUG > PERL_HASH_SEED="0123456789ABCDEF"; export PERL_HASH_SEED > PERL_PERTURB_KEYS="0"; export PERL_PERTURB_KEYS > > near the top of your rancid.conf file. You can pick some random hex > string for PERL_HASH_SEED if you like. > > For a more complete explanation of what Perl is doing by default, see: > http://perldoc.perl.org/perlsec.html#Algorithmic-Complexity-Attacks > > There's some earlier discussion of the issue (without resolution) here: > http://www.shrubbery.net/pipermail/rancid-discuss/2014-May/007630.html > > Terry Kennedy http://www.ispnetinc.net > ISPnet, Inc. New York, NY USA > terry at tmk.com 800-806-NETS > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jethro.binks at strath.ac.uk Tue Mar 24 09:48:05 2015 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Tue, 24 Mar 2015 09:48:05 +0000 (GMT) Subject: [rancid] archive cisco command and rancid In-Reply-To: <55105BA0.1000604@direcpath.com> References: <001801d0656f$deff8f90$9cfeaeb0$@laposte.net> <4B1CA2E6-B2E4-44A3-B83B-D1E5A203CD49@shrubbery.net> <002601d0658f$bc21e110$3465a330$@laposte.net> <55105BA0.1000604@direcpath.com> Message-ID: On Mon, 23 Mar 2015, rdrake wrote: > If you were to use the ftp config you would need to heavily modify the > rancid script. It would need to detect that the file was newer than > what was saved in CVS, then grab the comments out of the existing CVS > file, combine that with the "sh run" from the ftp. This would fake > things out and the comments would be wrong on some devices and that > would be .. not ideal. On this point, I recommend original poster Google for "wrancid" and "wraprancid". But neither developed for rancid 3.x so far. They allow you to run ar arbitrary command to fetch a config by whatever means, which can then be processed. Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. From heas at shrubbery.net Tue Mar 24 15:09:11 2015 From: heas at shrubbery.net (heasley) Date: Tue, 24 Mar 2015 15:09:11 +0000 Subject: [rancid] rancid finding changes that do not exist In-Reply-To: References: <01PJYO1TJYC4001EC7@tmk.com> Message-ID: <20150324150911.GC8231@shrubbery.net> Tue, Mar 24, 2015 at 08:29:09AM +0100, Simen Stavdal: > Thanks for the suggestion. Added the variables to rancid.conf and ran it > again. > It produced the same messages in the log file. i believe terry is responding to a different issue. > Funny thing. I tried to install rancid3.1, and it worked flawlessly with > the same version of Perl. > Then i tried to go back to 3.2 and the same thing again. I've already replied to you about this, but for other's edification; the Socket.pm dependency did not appear until 3.2. I do not understand the problem that you had updating Socket.pm, but suspect that something was not updated properly by Socket's install process or you have multiple perl installations. I tested updating Socket.pm and it worked. From heas at shrubbery.net Tue Mar 24 15:12:08 2015 From: heas at shrubbery.net (heasley) Date: Tue, 24 Mar 2015 15:12:08 +0000 Subject: [rancid] rancid finding changes that do not exist In-Reply-To: <01PJYO1TJYC4001EC7@tmk.com> References: <01PJYO1TJYC4001EC7@tmk.com> Message-ID: <20150324151208.GD8231@shrubbery.net> Mon, Mar 23, 2015 at 10:04:34PM -0400, Terry Kennedy: > This is because Perl 5.18 and newer changed their sort algorithm. You > should be able to fix it by adding: > > # TMK - Deal with Perl 5.18's new random hashing (by nuking it) > #PERL_HASH_SEED_DEBUG="1"; export PERL_HASH_SEED_DEBUG > PERL_HASH_SEED="0123456789ABCDEF"; export PERL_HASH_SEED > PERL_PERTURB_KEYS="0"; export PERL_PERTURB_KEYS > > near the top of your rancid.conf file. You can pick some random hex > string for PERL_HASH_SEED if you like. I do not believe that the problem Humes is having is related to this. I also believe that changes have made setting these variables unnecessary by 3.2. If I am wrong, please let me know and I'll add them for 3.3. > For a more complete explanation of what Perl is doing by default, see: > http://perldoc.perl.org/perlsec.html#Algorithmic-Complexity-Attacks > > There's some earlier discussion of the issue (without resolution) here: > http://www.shrubbery.net/pipermail/rancid-discuss/2014-May/007630.html > > Terry Kennedy http://www.ispnetinc.net > ISPnet, Inc. New York, NY USA > terry at tmk.com 800-806-NETS > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From heas at shrubbery.net Wed Mar 25 16:14:46 2015 From: heas at shrubbery.net (heasley) Date: Wed, 25 Mar 2015 16:14:46 +0000 Subject: [rancid] proxy-login rancid collection Message-ID: <20150325161446.GF45425@shrubbery.net> Many have asked for this and it will probably be the primary addition to rancid 3.3, but I do not have a use for it, so although I've digested most of the maillist discussion on the topic ('out of band access script change', 'download configs from on router through another', etc), I'm not sure that I'd include all the relevant features, therefore i want to solicit input. I am tempted to limit the utility to executing other login scripts, ie: the assumption that it through a device supported by one of rancid's login scripts, rather than an arbitrary unix command. Please feel free to reply to me directly or to the list. From skyeh at uidaho.edu Wed Mar 25 17:01:37 2015 From: skyeh at uidaho.edu (Hagen, Skye (skyeh@uidaho.edu)) Date: Wed, 25 Mar 2015 17:01:37 +0000 Subject: [rancid] proxy-login rancid collection In-Reply-To: <20150325161446.GF45425@shrubbery.net> References: <20150325161446.GF45425@shrubbery.net> Message-ID: My particular need is when I have multiple contexts on a Cisco ASA. While I can easily setup rancid to get the config for each individual context, there is a special 'system' area that cannot be accessed directly. It can only be accessed by logging into one of the contexts, then changing to the system area. (This system area handles the physical interfaces, and the allocation of these interfaces to the individual contexts.) To get from the context to the system area is a single command, 'changeto system'. I don't need to enter any additional credentials. The prompt will also change. I am using the 'usercmd' patch to accomplish this now, in rancid 2.3.6. Here is what my .cloginrc looks like: # Backup system context # 'asa1-system.its.uidaho.edu' is just a name for rancid. No DNS or address is needed. # The magic happens one line below: login to asa1-system.its.uidaho.edu via {clogin} for {my-context-enabled-device} # When logged in, change to system context and backup add method asa1-system.its.uidaho.edu {usercmd} add usercmd asa1-system.its.uidaho.edu {clogin} {asa1-accessfw.its.uidaho.edu} add usercmd_chat asa1-system.its.uidaho.edu {#} {changeto system\r} {#} {terminal pager 0\r} The router.db files looks like: asa1-system.its.uidaho.edu:cisco:up:System Context, Added by me on 7-24-2014 asa1-accessfw.its.uidaho.edu:cisco:up:Added by me on 7-16-2014 Here is the output showing the prompts and responses. [rancid at netman-collect rancid]$ ssh me at asa1-accessfw Warning: Permanently added 'asa1-accessfw,129.101.252.62' (RSA) to the list of known hosts. me at asa1-accessfw's password: Type help or '?' for a list of available commands. lib-asa1/ACCESSFW/act/pri> en Password: ********* lib-asa1/ACCESSFW/act/pri# changeto system lib-asa1/act/pri# Hope this helps, Skye. On 3/25/15, 9:14 AM, "heasley" wrote: >Many have asked for this and it will probably be the primary addition to >rancid 3.3, but I do not have a use for it, so although I've digested most >of the maillist discussion on the topic ('out of band access script >change', >'download configs from on router through another', etc), I'm not sure that >I'd include all the relevant features, therefore i want to solicit input. > >I am tempted to limit the utility to executing other login scripts, ie: >the assumption that it through a device supported by one of rancid's login >scripts, rather than an arbitrary unix command. > >Please feel free to reply to me directly or to the list. >_______________________________________________ >Rancid-discuss mailing list >Rancid-discuss at shrubbery.net >http://www.shrubbery.net/mailman/listinfo/rancid-discuss From el.es.cr at gmail.com Thu Mar 26 11:15:16 2015 From: el.es.cr at gmail.com (Lukasz Sokol) Date: Thu, 26 Mar 2015 11:15:16 +0000 Subject: [rancid] mtlogin error: Error TIMEOUT reached (2.3.8 deb) Message-ID: Hi, How can I debug, what's given to expect as timeout during rancid-run ? (other than using & analyzing strace, possibly) TL;DR: still using the version from debian package on wheezy+backports, lukasz at george:~$ sudo apt-cache show rancid Package: rancid Version: 2.3.8-3 rancid at george:~$ bin/mtrancid -V rancid 2.3.8 On one router, while rancid-run, i get in the logs: myrouter mtlogin error: Error: TIMEOUT reached myrouter: missed cmd(s): system license print,system routerboard print,export,system package print detail without-paging myrouter: End of run not found and predictably no config is collected. So I split the cmd(s) to separate mtlogin -c invocations, slapped them into a script and ran it under time, revealing time ./myscript > /dev/null real 0m57.423s user 0m0.148s sys 0m0.060s Running each mtlogin -c command separately, reveals that in particular "export" command can take its time, interrupting its output for up to 40-45 seconds at a time. I have increased timeo and timeout settings in mtrancid and mtlogin, to 120s each, but the "TIMEOUT reached" in logs still appears. Neither command, when ran separately, is hanging forever, i.e. each one completes and exits successfully. I googled and found one occurrence on this m/l when someone asked, is the router having a lot or routes, but that, as far as I could follow, wasn't answered; in my case, the answer is YES, and NO I can't put any less on it. Hope this can still be helped ;) el es From timoid at timoid.org Thu Mar 26 11:19:07 2015 From: timoid at timoid.org (Tim Warnock) Date: Thu, 26 Mar 2015 11:19:07 +0000 Subject: [rancid] mtlogin error: Error TIMEOUT reached (2.3.8 deb) In-Reply-To: References: Message-ID: > I googled and found one occurrence on this m/l when someone asked, is the > router having a lot or routes, > but that, as far as I could follow, wasn't answered; in my case, the answer is > YES, and NO I can't put any less on it. > > Hope this can still be helped ;) > > el es Ok simple test. How long does an /export take if you run it from ssh/winbox? From alan.mckinnon at gmail.com Thu Mar 26 11:24:05 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Thu, 26 Mar 2015 13:24:05 +0200 Subject: [rancid] mtlogin error: Error TIMEOUT reached (2.3.8 deb) In-Reply-To: