[rancid] rancid with svn

Andrew Meyer andrewm659 at yahoo.com
Tue Sep 29 01:56:54 UTC 2015


I was able to setup Ranicd with SVN however I added a new device and made a few changes to my own hardware and I don't see the updates reflecting in in websvn.  Here is my configs:FreeBSD 10.1 running in Jail using ezjail with routing inside the jail.root at rancid2svn:~ # cat /usr/local/etc/rancid/rancid.conf
# rancid 2.3.8
# This file sets up the environment used for rancid.  see rancid.conf(5)
#
# This will be site specific
#
TERM=network;export TERM
#
# Collating locale
LC_COLLATE="POSIX"; export LC_COLLATE
#
# Create files w/o world read/write/exec permissions, but read/exec permissions
# for group.
umask 027
#
# Under BASEDIR (i.e.: --localstatedir), there will be a "logs" directory for
# the logs from rancid and a directory for each group of routers defined in
# LIST_OF_GROUPS (below).  In addition to these, there will be a "CVS"
# directory which is the cvs (or Subversion) repository.
#
# Use a full path (no sym-links) for BASEDIR.
#
TMPDIR=/tmp; export TMPDIR
# Be careful changing this, it affects CVSROOT below.  It should be a FQPN, not
# relative.
BASEDIR=/usr/local/var/rancid; export BASEDIR
PATH=/usr/local/libexec/rancid:/usr/local/bin:/usr/sbin:/usr/bin:.:/bin:/usr/bin; export PATH
# Location of the CVS/SVN repository.  Be careful changing this.
# If RCSSYS is svn, this can be:
# - an (absolute) path (a subdirectory of BASEDIR by default).
# - any URL that subversion understands, but beware that:
#   - no attempt will be made to create the repository when running rancid-cvs.
#   - authentication credentials, if necessary, MUST be cached (see the SVN
#     book, Ch. 3, Network Model, Caching credentials) before non-interactive
#     commands can run, e.g. by running rancid-cvs after installation.
CVSROOT=$BASEDIR/SVN; export CVSROOT
# Location of log files produced by rancid-run(1).
LOGDIR=$BASEDIR/logs; export LOGDIR
#
# Select which RCS system to use, "cvs" (default) or "svn".  Do not change
# this after CVSROOT has been created with rancid-cvs.  Changing between these
# requires manual conversions.
RCSSYS=svn; export RCSSYS
#
# if ACLSORT is NO, access-lists will NOT be sorted.
#ACLSORT=YES; export ACLSORT
#
# if NOPIPE is set, temp files will be used instead of a cmd pipe during
# collection from the router(s).
#NOPIPE=YES; export NOPIPE
#
# FILTER_PWDS determines which passwords are filtered from configs by the
# value set (NO | YES | ALL).  see rancid.conf(5).
#FILTER_PWDS=YES; export FILTER_PWDS
#
# if NOCOMMSTR is set, snmp community strings will be stripped from the configs
#NOCOMMSTR=YES; export NOCOMMSTR
#
# How many times failed collections are retried (for each run) before
# giving up.  Minimum: 1
#MAX_ROUNDS=4; export MAX_ROUNDS
#
# How many hours should pass before complaining about routers that
# can not be reached.  The value should be greater than the number
# of hours between your rancid-run cron job.  Default: 24
#OLDTIME=4; export OLDTIME
#
# How many hours should pass before complaining that a group's collection
# (the age of it's lock file) is hung.
#LOCKTIME=4; export LOCKTIME
#
# The number of devices to collect simultaneously.
#PAR_COUNT=5; export PAR_COUNT
#
# list of rancid groups
LIST_OF_GROUPS="NetworkDevices"
# more groups...
#LIST_OF_GROUPS="$LIST_OF_GROUPS noc billybobisp"
#
# For each group, define a list of people to receive the diffs.
# in sendmail's /etc/aliases.
#   rancid-group:       joe,moe at foo
#   rancid-admin-group: hostmaster
# be sure to read ../README regarding aliases.
#
# If your MTA configuration is broken or you want mail to be forwarded to a
# domain not the same as the local one, define that domain here.  "@" must be
# included, as this is simply appended to the usual recipients.  It is NOT
# appended to recipients specified in rancid-run's -m option.
#MAILDOMAIN="@example.com"; export MAILDOMAIN
#
# By default, rancid mail is marked with precedence "bulk".  This may be
# changed by setting the MAILHEADERS variable; for example no header by setting
# it to "" or adding X- style headers.  Individual headers must be separated
# by a \n.
#MAILHEADERS="Precedence: bulk"; export MAILHEADERS
root at rancid2svn:~ #

root at rancid2svn:~ # cat /usr/local/var/rancid/SVN/conf/svnserve.conf### This file controls the configuration of the svnserve daemon, if you### use it to allow access to this repository.  (If you only allow### access through http: and/or file: URLs, then this file is### irrelevant.)
### Visit http://subversion.apache.org/ for more information.
[general]### The anon-access and auth-access options control access to the### repository for unauthenticated (a.k.a. anonymous) users and### authenticated users, respectively.### Valid values are "write", "read", and "none".### Setting the value to "none" prohibits both reading and writing;### "read" allows read-only access, and "write" allows complete### read/write access to the repository.### The sample settings below are the defaults and specify that anonymous### users have read-only access to the repository, while authenticated### users have read and write access to the repository.anon-access = readauth-access = write### The password-db option controls the location of the password### database file.  Unless you specify a path starting with a /,### the file's location is relative to the directory containing### this configuration file.### If SASL is enabled (see below), this file will NOT be used.### Uncomment the line below to use the default password file.password-db = /usr/local/var/rancid/SVN/conf/passwd### The authz-db option controls the location of the authorization### rules for path-based access control.  Unless you specify a path### starting with a /, the file's location is relative to the### directory containing this file.  The specified path may be a### repository relative URL (^/) or an absolute file:// URL to a text### file in a Subversion repository.  If you don't specify an authz-db,### no path-based access control is done.### Uncomment the line below to use the default authorization file.# authz-db = authz### The groups-db option controls the location of the groups file.### Unless you specify a path starting with a /, the file's location is### relative to the directory containing this file.  The specified path### may be a repository relative URL (^/) or an absolute file:// URL to a### text file in a Subversion repository.# groups-db = groups### This option specifies the authentication realm of the repository.### If two repositories have the same authentication realm, they should### have the same password database, and vice versa.  The default realm### is repository's uuid.# realm = My First Repository### The force-username-case option causes svnserve to case-normalize### usernames before comparing them against the authorization rules in the### authz-db file configured above.  Valid values are "upper" (to upper-### case the usernames), "lower" (to lowercase the usernames), and### "none" (to compare usernames as-is without case conversion, which### is the default behavior).# force-username-case = none### The hooks-env options specifies a path to the hook script environment### configuration file. This option overrides the per-repository default### and can be used to configure the hook script environment for multiple### repositories in a single file, if an absolute path is specified.### Unless you specify an absolute path, the file's location is relative### to the directory containing this file.# hooks-env = hooks-env
[sasl]### This option specifies whether you want to use the Cyrus SASL### library for authentication. Default is false.### This section will be ignored if svnserve is not built with Cyrus### SASL support; to check, run 'svnserve --version' and look for a line### reading 'Cyrus SASL authentication is available.'# use-sasl = true### These options specify the desired strength of the security layer### that you want SASL to provide. 0 means no encryption, 1 means### integrity-checking only, values larger than 1 are correlated### to the effective key length for encryption (e.g. 128 means 128-bit### encryption). The values below are the defaults.# min-encryption = 0# max-encryption = 256root at rancid2svn:~ #

root at rancid2svn:~ # su - rancid$ ls -altotal 164drwxrwxr-x  7 rancid  rancid     512 Sep 24 18:01 .drwxr-xr-x  4 root    wheel      512 Aug  8 21:39 ..-rw-------  1 rancid  rancid     388 Sep 24 18:03 .cloginrc-rw-r--r--  1 rancid  rancid    1066 Aug  8 21:44 .cshrc-rw-r--r--  1 rancid  rancid     252 Aug  8 21:44 .login-rw-r--r--  1 rancid  rancid     163 Aug  8 21:44 .login_conf-rw-------  1 rancid  rancid     379 Aug  8 21:44 .mail_aliases-rw-r--r--  1 rancid  rancid     336 Aug  8 21:44 .mailrc-rw-r--r--  1 rancid  rancid     817 Aug  8 21:44 .profile-rw-------  1 rancid  rancid     281 Aug  8 21:44 .rhosts-rw-r--r--  1 rancid  rancid     978 Aug  8 21:44 .shrcdrwx------  2 rancid  rancid     512 Aug  8 22:00 .sshdrwxr-x---  3 rancid  rancid     512 Aug  8 21:46 .subversion-rw-------  1 rancid  rancid    2215 Sep 24 18:01 .viminfodrwxr-x---  4 rancid  rancid     512 Sep 24 18:01 NetworkDevicesdrwxrwx---  6 rancid  www        512 Aug  8 21:46 SVNdrwxr-x---  2 rancid  rancid  101888 Sep 28 20:00 logs$

$ cat NetworkDevices.20150928.200000starting: Mon Sep 28 20:00:00 CDT 2015
hourly config diffs failed: /tmp/.NetworkDevices.run.lock exists-rw-r-----  1 rancid  wheel  0 Aug 20 09:30 /tmp/.NetworkDevices.run.lock
ending: Mon Sep 28 20:00:00 CDT 2015$


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20150929/c2d9903d/attachment.html>


More information about the Rancid-discuss mailing list