From Aaron.Wasserott at flexential.com Tue Oct 2 00:04:01 2018 From: Aaron.Wasserott at flexential.com (Aaron Wasserott) Date: Tue, 2 Oct 2018 00:04:01 +0000 Subject: [rancid] RANCID and gitweb - preventing the CVS repo path from showing Message-ID: Upgraded my old RANCID software to the latest, and switched from CVS to git. I also installed gitweb as the WebUI interface for browsing RANCID files. One minor annoyance I ran into was not only was every group folder being displayed (e.g, switches, routers, firewalls, etc) but the CVS path of each was displayed as well. So the gitweb page would show something like this: firewall/.git router/.git switch/.git CVS/firewall CVS/router CVS/switch Makes the page quite cluttered when you have a ton of different groups. I am guessing it has to do with how RANCID originally would store CVS files, versus how git expects to handle them. Here is an easy way I found to hide all of the CVS/* instances of those paths on gitweb: Modify your gitweb configuration file (e.g, /etc/gitweb.conf) and add this line somewhere: our $export_ok = "COMMIT_EDITMSG"; note: this doesn't prevent webui access to those other repos, if someone types in the full URL manually. It just cleans up the gitweb portal a bit. That forces gitweb to only display repo paths that have that file present. Poking around I see only the actual configuration directory paths do, not the CVS variants. If anyone knows of a better solution, or other steps one should take to more fully move away from CVS to git inside of RANCID, please let me know! -Aaron This message contains information that may be confidential, privileged or otherwise protected by law from disclosure. It is intended for the exclusive use of the addressee(s) and only the addressee or authorized agent of the addressee may review, copy, distribute or disclose to anyone the message or any information contained within. If you are not the addressee, please contact the sender by electronic reply and immediately delete all copies of the message. This message is not an offer capable of acceptance, does not create an obligation of any kind and no recipient may rely on this message. -------------- next part -------------- An HTML attachment was scrubbed... URL: From nineoften at hotmail.com Tue Oct 2 18:15:20 2018 From: nineoften at hotmail.com (Ni Ne) Date: Tue, 2 Oct 2018 18:15:20 +0000 Subject: [rancid] Run secondary login / collection script for entries in router.db? Anyone doing something like this? Message-ID: I am curious to see the effort behind having the default configuration backup contain only the device configuration, and push other things like file system, interface status, inventory, etc, into a separate file. The main reason is I want to greatly increase the amount of ancillary data retrieved for each device, but don't want to clutter the configuration file itself, so disaster recovery is simpler. Is anyone doing this in a stream-lined fashion, where secondary login scripts are called for each device present in a router.db file? Ideally the administrator would only need to add a device once, and then based on vendor type that secondary login process would run transparently. I am still digging (back) into the RANCID internals to see how easy this would be to accomplish, so just curious if anyone is doing something like this already. Thanks! -Aaron -------------- next part -------------- An HTML attachment was scrubbed... URL: From howie at thingy.com Tue Oct 2 18:46:05 2018 From: howie at thingy.com (Howard Jones) Date: Tue, 2 Oct 2018 19:46:05 +0100 Subject: [rancid] Run secondary login / collection script for entries in router.db? Anyone doing something like this? In-Reply-To: References: Message-ID: Probably easier to do it the other way around - collect it all in one big swoop. The extra stuff is all done as comments anyway. And postprocess those collected files into a second directory/file/repo for the just-config parts. On Tue, 2 Oct 2018 at 19:15, Ni Ne wrote: > > I am curious to see the effort behind having the default configuration backup contain only the device configuration, and push other things like file system, interface status, inventory, etc, into a separate file. The main reason is I want to greatly increase the amount of ancillary data retrieved for each device, but don't want to clutter the configuration file itself, so disaster recovery is simpler. > > Is anyone doing this in a stream-lined fashion, where secondary login scripts are called for each device present in a router.db file? Ideally the administrator would only need to add a device once, and then based on vendor type that secondary login process would run transparently. > > I am still digging (back) into the RANCID internals to see how easy this would be to accomplish, so just curious if anyone is doing something like this already. > > Thanks! > > -Aaron > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From v.frenot at pixid.fr Wed Oct 3 16:05:23 2018 From: v.frenot at pixid.fr (Vivien FRENOT) Date: Wed, 3 Oct 2018 16:05:23 +0000 Subject: [rancid] Rancid and Brocade 6510 In-Reply-To: <20180907171835.GA25519@shrubbery.net> References: <20180907171835.GA25519@shrubbery.net> Message-ID: Hello, Yes, brlogin is working fine. The foundry module is not a solution, as it does not use brocade commande. I guess, I'm now missing the parsing module that seems to be not included on the latest release. I hope this is still a work in progress, but as this is SAN switches, we want to backup it automatically. Regards, Vivien -----Message d'origine----- De : heasley Envoy? : vendredi 7 septembre 2018 19:19 ? : Vivien FRENOT Cc : rancid-discuss at shrubbery.net Objet : Re: [rancid] Rancid and Brocade 6510 Wed, Sep 05, 2018 at 01:37:23PM +0000, Vivien FRENOT: > Hello, > > We are deploying Rancid to backup the configuration of our switches, but I'm having issues with Brocade 6510. I've seen in 'rancid.types.base' a Brocad entry that may do the job, but, there's no module for it. > > # Brocade > #XXX brocade;script;rancid -t brocade > brocade;login;brlogin > #XXX brocade;module; XXX > #XXX brocade;inloop; XXX > #XXX brocade;command;XXX::ChassisShow;chassisShow > #XXX brocade;command;XXX::FirmwareShow;firmwareShow > #XXX brocade;command;XXX::FirmwareShow;version > #XXX brocade;command;XXX::FirmwareShow;zoneshow > #XXX brocade;command;XXX::FirmwareShow;portcfgshow > #XXX brocade;command;XXX::Fosconfig;fosConfig --show > #XXX brocade;command;XXX::IpAddrShow;ipAddrShow > #XXX brocade;command;XXX::LicenseShow;licenseShow > #XXX brocade;command;XXX::DomainsShow;domainsShow > #XXX brocade;command;XXX::ConfigShow;configShow > # > > There was a discussion started in 2015 about it (http://www.shrubbery.net/pipermail/rancid-discuss/2015-May/008408.html) but no one seems to actually answerd this. > > Any Ideas ? does brlogin work, according to the tests in the FAQ S3 Q2? Ce message et toutes les pi?ces jointes (ci-apr?s le 'Message') sont ?tablis ? l'intention exclusive des destinataires et les informations qui y figurent sont strictement confidentielles. Toute utilisation de ce Message non conforme ? sa destination, toute diffusion ou toute publication totale ou partielle, est interdite sauf autorisation expresse. Si vous n'?tes pas le destinataire de ce Message, il vous est interdit de le copier, de le faire suivre, de le divulguer ou d'en utiliser tout ou partie. Si vous avez re?u ce Message par erreur, merci de le supprimer de votre syst?me, ainsi que toutes ses copies, et de n'en garder aucune trace sur quelque support que ce soit. Nous vous remercions ?galement d'en avertir imm?diatement l'exp?diteur par retour du message. Il est impossible de garantir que les communications par messagerie ?lectronique arrivent en temps utile, sont s?curis?es ou d?nu?es de toute erreur ou virus. This message and any attachments (the 'Message') are intended solely for the addressees. The information contained in this Message is confidential. Any use of information contained in this Message not in accord with its purpose, any dissemination or disclosure, either whole or partial, is prohibited except formal approval. If you are not the addressee, you may not copy, forward, disclose or use any part of it. If you have received this message in error, please delete it and all copies from your system and notify the sender immediately by return message. E-mail communication cannot be guaranteed to be timely, secure, error or virus-free. From heas at shrubbery.net Sat Oct 6 15:34:06 2018 From: heas at shrubbery.net (heasley) Date: Sat, 6 Oct 2018 15:34:06 +0000 Subject: [rancid] Run secondary login / collection script for entries in router.db? Anyone doing something like this? In-Reply-To: References: Message-ID: <20181006153405.GB27683@shrubbery.net> Tue, Oct 02, 2018 at 06:15:20PM +0000, Ni Ne: > I am curious to see the effort behind having the default configuration backup contain only the device configuration, and push other things like file system, interface status, inventory, etc, into a separate file. The main reason is I want to greatly increase the amount of ancillary data retrieved for each device, but don't want to clutter the configuration file itself, so disaster recovery is simpler. my suggestion is that you do not alter the existing device types in rancid, leave them as is and collect the additional information as separate device types in a separate group to avoid the hostname collision. group1/router.db: host.name.co;cisco;up group2/router.db: host.name.co;cisco-expanded;up define cisco-expanded in rancid.type.conf with your own perl module to do whatever filtering/etc is needed. I think I wrote an example of this in the FAQ or perhaps in rancid.types.conf(5). > Is anyone doing this in a stream-lined fashion, where secondary login scripts are called for each device present in a router.db file? Ideally the administrator would only need to add a device once, and then based on vendor type that secondary login process would run transparently. > > I am still digging (back) into the RANCID internals to see how easy this would be to accomplish, so just curious if anyone is doing something like this already. > > Thanks! > > -Aaron > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From weylin at bu.edu Sat Oct 6 20:41:58 2018 From: weylin at bu.edu (Piegorsch, Weylin William) Date: Sat, 6 Oct 2018 20:41:58 +0000 Subject: [rancid] Run secondary login / collection script for entries in router.db? Anyone doing something like this? In-Reply-To: <20181006153405.GB27683@shrubbery.net> References: <20181006153405.GB27683@shrubbery.net> Message-ID: <34A5A68E-E9B5-45A3-AB20-87E2790C3531@bu.edu> If you want for an administrator to only add a device once, you can create a cron job that periodically (every 5 min? Hourly? Daily?) duplicates the router.db file of one group into a router.db file of a secondary group, using sed or something to convert "cisco" (or whatever) into "cisco-secondary". This would have the benefit of both adding and deleting devices only in one location, since the cron job's function is to maintain the synchronicity. weylin ?On 10/6/18, 11:34 AM, "heasley" wrote: Tue, Oct 02, 2018 at 06:15:20PM +0000, Ni Ne: > I am curious to see the effort behind having the default configuration backup contain only the device configuration, and push other things like file system, interface status, inventory, etc, into a separate file. The main reason is I want to greatly increase the amount of ancillary data retrieved for each device, but don't want to clutter the configuration file itself, so disaster recovery is simpler. my suggestion is that you do not alter the existing device types in rancid, leave them as is and collect the additional information as separate device types in a separate group to avoid the hostname collision. group1/router.db: host.name.co;cisco;up group2/router.db: host.name.co;cisco-expanded;up define cisco-expanded in rancid.type.conf with your own perl module to do whatever filtering/etc is needed. I think I wrote an example of this in the FAQ or perhaps in rancid.types.conf(5). > Is anyone doing this in a stream-lined fashion, where secondary login scripts are called for each device present in a router.db file? Ideally the administrator would only need to add a device once, and then based on vendor type that secondary login process would run transparently. > > I am still digging (back) into the RANCID internals to see how easy this would be to accomplish, so just curious if anyone is doing something like this already. > > Thanks! > > -Aaron > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From andyb at the-space.net Mon Oct 8 22:15:30 2018 From: andyb at the-space.net (Andrew Biddle) Date: Mon, 8 Oct 2018 15:15:30 -0700 Subject: [rancid] Simple web-frontend for rancid files? Message-ID: I just installed rancid and found WebSVN to front-end it. (About 5 years ago this is the setup I used, so it's what I'm sort of familiar with.) I have rancid working, but I need a better front-end. WebSVN is a little clunky (perhaps it's the way I've built it?) and doesn't have a simple way to just download a file. It does a good job of displaying configs and comparing two versions. But it I want to copy the file locally, I'm copy and pasting... It also appears to be a dropped project, so it doesn't look like I should ever expect improvements. Anything better out there? I can switch over to git if there's a better interface in that direction. The front-end needs to be web-based so that I can just point people to a URL. It should have a means to compare various revisions... and of course a means to pull the files down to your local system. It doesn't need to support any sort of push from client to repository since that's something that I only want rancid doing... Thought? What are you all using? Thanks in advance! -------------- next part -------------- An HTML attachment was scrubbed... URL: From cgauthier at comscore.com Tue Oct 9 18:22:02 2018 From: cgauthier at comscore.com (Gauthier, Chris) Date: Tue, 9 Oct 2018 18:22:02 +0000 Subject: [rancid] Simple web-frontend for rancid files? In-Reply-To: References: Message-ID: <16C99697-2664-4650-8F93-ED310E31D954@comscore.com> I loved CVSweb in previous installations. Now that I use Git for the VCS, there really is no ?nice? and simple implementation (like CVSweb is). I?m open to suggestions, as I do have to follow KISS for some of my colleagues who are not Linux experts (nor should they necessarily need to be). --Chris Chris Gauthier Senior Network Engineer | comScore, Inc. t +1 (503) 331-2704 | cgauthier at comscore.com 317 SW Alder Street, Suite 700 | Portland, OR 97204 United States comscore.com ???This e-mail (including any attachments) may contain information that is private, confidential, or protected by attorney-client or other privilege. If you received this e-mail in error, please delete it from your system and notify sender. From: Rancid-discuss on behalf of Andrew Biddle Date: Monday, October 8, 2018 at 3:16 PM To: "rancid-discuss at shrubbery.net" Subject: [rancid] Simple web-frontend for rancid files? I just installed rancid and found WebSVN to front-end it. (About 5 years ago this is the setup I used, so it's what I'm sort of familiar with.) I have rancid working, but I need a better front-end. WebSVN is a little clunky (perhaps it's the way I've built it?) and doesn't have a simple way to just download a file. It does a good job of displaying configs and comparing two versions. But it I want to copy the file locally, I'm copy and pasting... It also appears to be a dropped project, so it doesn't look like I should ever expect improvements. Anything better out there? I can switch over to git if there's a better interface in that direction. The front-end needs to be web-based so that I can just point people to a URL. It should have a means to compare various revisions... and of course a means to pull the files down to your local system. It doesn't need to support any sort of push from client to repository since that's something that I only want rancid doing... Thought? What are you all using? Thanks in advance! -------------- next part -------------- An HTML attachment was scrubbed... URL: From nineoften at hotmail.com Tue Oct 9 19:41:00 2018 From: nineoften at hotmail.com (Ni Ne) Date: Tue, 9 Oct 2018 19:41:00 +0000 Subject: [rancid] Fw: Simple web-frontend for rancid files? In-Reply-To: References: , Message-ID: I recently converted to git and installed gitweb running under Apache. Pretty easy to setup. It's not what I would call great or pretty. The only real gripe I have is drilling into the configs\ folder is a bit clunky. But all we need is a WebUI to make config diffs easier, for our TAC staff. I made another thread the other week about how to hide the extra CVS\ directories when using it, if you do go that route. -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Wed Oct 10 13:53:03 2018 From: heas at shrubbery.net (heasley) Date: Wed, 10 Oct 2018 13:53:03 +0000 Subject: [rancid] RANCID and gitweb - preventing the CVS repo path from showing In-Reply-To: References: Message-ID: <20181010135302.GA74045@shrubbery.net> Tue, Oct 02, 2018 at 12:04:01AM +0000, Aaron Wasserott: > Upgraded my old RANCID software to the latest, and switched from CVS to git. I also installed gitweb as the WebUI interface for browsing RANCID files. > > One minor annoyance I ran into was not only was every group folder being displayed (e.g, switches, routers, firewalls, etc) but the CVS path of each was displayed as well. > > So the gitweb page would show something like this: > > firewall/.git > router/.git > switch/.git > CVS/firewall > CVS/router > CVS/switch The one that i have uses our $projects_list = "/path/rancid/etc/gitweb.conf"; that is built hourly with a list of groups, /.git /.git ... CVS/* do not appear. From ericx at whoi.edu Wed Oct 10 15:30:54 2018 From: ericx at whoi.edu (Eric W. Bates) Date: Wed, 10 Oct 2018 11:30:54 -0400 Subject: [rancid] Simple web-frontend for rancid files? In-Reply-To: <16C99697-2664-4650-8F93-ED310E31D954@comscore.com> References: <16C99697-2664-4650-8F93-ED310E31D954@comscore.com> Message-ID: We have a copy of Gitlab CE which we use for a lot of git repositories. It's got a nice front end. So we do a git push from RANCiD to Gitlab every time RANCiD commits. I stole this idea from the book: "5 Unsung Tools of DevOps" We already use ssh public key authentication on most of our switching gear; so the RANCiD user (rancid) already has keys set up. We added an account for rancid on gitlab and added its public key for authentication. - set up a repository on gitlab writable by your RANCiD user - add the gitlab repository URL as a second remote so your remotes look something like: # git remote -v gitlab git at gitlab.foobar.com:cns/RANCiD.git (fetch) gitlab git at gitlab.foobar.com:cns/RANCiD.git (push) origin /usr/local/rancid3/var/gitroot/cns (fetch) origin /usr/local/rancid3/var/gitroot/cns (push) - add a post-commit hook to the repository on RANCiD such that it pushes to gitlab: # cat .git/hooks/post-commit #!/bin/sh # this just pushes a copy of this repo to gitlab everytime there's a commit /usr/bin/git push gitlab It's a little elaborate, but we had Gitlab already. I also want to add another git push to our Observium server. On 10/9/18 2:22 PM, Gauthier, Chris wrote: > I loved CVSweb in previous installations.? Now that I use Git for the > VCS, there really is no ?nice? and simple implementation (like CVSweb > is).? I?m open to suggestions, as I do have to follow KISS for some of > my colleagues who are not Linux experts (nor should they necessarily > need to be). > > --Chris > > Chris? Gauthier ?Senior?Network?Engineer ?| comScore,?Inc. > > t?+1 *(503)?331-2704* ?| > *cgauthier at comscore.com* > > 317?SW?Alder?Street,?Suite?700 ?| Portland,?OR?97204 ?United?States > > *comscore.com* > > ???This e-mail (including any attachments) may contain information that > is private, confidential, or protected by attorney-client or other > privilege. If you received this e-mail in error, please delete it from > your system and notify sender. > > *From: *Rancid-discuss on behalf > of Andrew Biddle > *Date: *Monday, October 8, 2018 at 3:16 PM > *To: *"rancid-discuss at shrubbery.net" > *Subject: *[rancid] Simple web-frontend for rancid files? > > I just installed rancid and found WebSVN to front-end it.?? (About 5 > years ago this is the setup I used, so it's what I'm sort of familiar > with.)?? I have rancid working, but I need a better front-end.? WebSVN > is a little clunky (perhaps it's the way I've built it?) and doesn't > have a simple way to just download a file.? It does a good job of > displaying configs and comparing two versions.? But it I want to copy > the file locally, I'm copy and pasting...? It also appears to be a > dropped project, so it doesn't look like I should ever expect improvements. > > Anything better out there? ? I can switch over to git if there's a > better interface in that direction. ? The front-end needs to be > web-based so that I can just point people to a URL. ? It should have a > means to compare various revisions... ? and of course a means to pull > the files down to your local system. ? It doesn't need to support any > sort of push from client to repository since that's something that I > only want rancid doing... > > Thought??? What are you all using? > > Thanks in advance! > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4188 bytes Desc: S/MIME Cryptographic Signature URL: From heas at shrubbery.net Wed Oct 10 15:36:16 2018 From: heas at shrubbery.net (heasley) Date: Wed, 10 Oct 2018 15:36:16 +0000 Subject: [rancid] Simple web-frontend for rancid files? In-Reply-To: References: <16C99697-2664-4650-8F93-ED310E31D954@comscore.com> Message-ID: <20181010153615.GD74045@shrubbery.net> Wed, Oct 10, 2018 at 11:30:54AM -0400, Eric W. Bates: > - add a post-commit hook to the repository on RANCiD such that it pushes > to gitlab: that should not be necessary, if the remote is added to the origin. http://www.shrubbery.net/pipermail/rancid-discuss/2018-August/010348.html From julien.duay at netplusentremont.ch Wed Oct 10 15:38:03 2018 From: julien.duay at netplusentremont.ch (Duay Julien) Date: Wed, 10 Oct 2018 15:38:03 +0000 Subject: [rancid] CASA SYSTEMS 100G with RANCID Message-ID: Hello, We succeeded to use the clogin command to connect to our CMTS CASA 100G with the enable mode. Unfortunately, when using the rancid-run command, the software can't save the configuration of the device. Has anyone ever used RANCID with a CASA SYSTEMS equipment? Did you create your own CASA SYSTEMS library ? Regards Julien Duay from Switzerland -------------- next part -------------- An HTML attachment was scrubbed... URL: From andyb at the-space.net Wed Oct 10 18:33:26 2018 From: andyb at the-space.net (Andrew Biddle) Date: Wed, 10 Oct 2018 11:33:26 -0700 Subject: [rancid] Simple web-frontend for rancid files? In-Reply-To: <20181010153615.GD74045@shrubbery.net> References: <16C99697-2664-4650-8F93-ED310E31D954@comscore.com> <20181010153615.GD74045@shrubbery.net> Message-ID: I ended up switching over to git and using GitList. Send like it has a nice interface and does mostly what I need. Thanks everyone. On Wed, Oct 10, 2018 at 8:36 AM heasley wrote: > Wed, Oct 10, 2018 at 11:30:54AM -0400, Eric W. Bates: > > - add a post-commit hook to the repository on RANCiD such that it pushes > > to gitlab: > > that should not be necessary, if the remote is added to the origin. > > http://www.shrubbery.net/pipermail/rancid-discuss/2018-August/010348.html > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.schmidt at wyo.gov Thu Oct 11 17:33:38 2018 From: daniel.schmidt at wyo.gov (Daniel Schmidt) Date: Thu, 11 Oct 2018 11:33:38 -0600 Subject: [rancid] Simple web-frontend for rancid files? In-Reply-To: References: <16C99697-2664-4650-8F93-ED310E31D954@comscore.com> <20181010153615.GD74045@shrubbery.net> Message-ID: Two Cents: LibreNMS generates my router.db but kept wigging out & deleting everything out of Rancid. Hence, I switched back to CVS and CVSWeb. Hideous 70's orange, but I got my attic back - perfectly happy with it. On Wed, Oct 10, 2018 at 12:34 PM Andrew Biddle wrote: > I ended up switching over to git and using GitList. > > Send like it has a nice interface and does mostly what I need. > > Thanks everyone. > > On Wed, Oct 10, 2018 at 8:36 AM heasley wrote: > >> Wed, Oct 10, 2018 at 11:30:54AM -0400, Eric W. Bates: >> > - add a post-commit hook to the repository on RANCiD such that it >> pushes >> > to gitlab: >> >> that should not be necessary, if the remote is added to the origin. >> >> http://www.shrubbery.net/pipermail/rancid-discuss/2018-August/010348.html >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. -------------- next part -------------- An HTML attachment was scrubbed... URL: From weylin at bu.edu Fri Oct 12 15:36:20 2018 From: weylin at bu.edu (Piegorsch, Weylin William) Date: Fri, 12 Oct 2018 15:36:20 +0000 Subject: [rancid] Unable to Conduct Cisco Wireless Controller Backup References: <80F727C1-7252-49B0-9ED2-C192CC18B935@bu.edu> <817ED5C7-EF9B-4955-B5D6-8193AFF5828C@bu.edu> <20180726224316.GA25468@shrubbery.net> <56402173-7D20-4C40-9293-0B35E08F971D@bu.edu> <0864E58E-95EA-4F33-AF85-19FE53E06A9C@bu.edu> <20180727151557.GA39011@shrubbery.net> <4F748F05-1C24-4F5C-AF0F-583831D13422@bu.edu> <20180731004433.GA31150@shrubbery.net> <9595FD09-B472-4F2E-A380-F49E2E192B9E@bu.edu> Message-ID: <124CF3AE-02DF-4F6F-B278-7D6C2C5F6B67@bu.edu> Hi John, I?m getting increasingly annoyed with the Cisco WLC CLI ? the WLC is clearly designed to be lifecycle-managed and -operated from Cisco PRIME Infrastructure, but for a while to come (because "boss said so") the CLI is all I have to work with for this effort. As time permitted, I?ve dug around on the logout issue. I found that wlogin on 3.4.1 has this at line... I think it would be line 561 on a clean install of rancid 3.4.1: send -h "exit\r" I changed that line to ' send -h "logout\r" ', and now I'm getting a clean logout. Wlogin from 3.8 seems to fix this from reading through wlogin.in (I couldn't fudge things to get wlogin-3.8 to work and still use the rest of the 3.4.1 files). In addition to catching these two -re match blocks in run_commands (I actually need both, it wouldn't work at all when I tried to combine them), that seems to have cleared up all the issues I have.... -re "^--More or .*" { send " " exp_continue } -re "^--More-- .*" { send " " exp_continue } ...with the exception of ?if (!$clean_run || !$found_end)?. For some reason I don?t understand, I keep getting ?End of run not found?. I?ve attached .raw and .new files following an execution of ?NOPIPE=YES rancid -d -t cisco-wlc5 ?. I?m guessing it?s somehow related to how the session closes, but that?s a 100% guess. Any idea how I can resolve? weylin On 7/31/18, 8:13 AM, "Piegorsch, Weylin William" wrote: > this is a(nother) design flaw in the o/s, imiho. FULLY AGREE!!!!! "config pager disable" is a per-session setting, and has no permanence. I tried setting it, and it lasted the duration of my session, but once I logged out/in the CLI reverted to a paging behavior. And yet, it's not available to a read-only user. Grrrr.... I'll start working with the wlogin from 3.8, and either upgrade rancid (management depending), replace wlogin, copy wlogin to wlogin-3.8 and define a new WLC type in rancid.types.conf, or as a last resort copy/paste the appropriate change. Thanks for the help through this process. weylin -----Original Message----- From: heasley Date: Monday, July 30, 2018 at 8:45 PM To: Weylin Piegorsch Cc: heasley , Daniel Schmidt , "rancid-discuss at shrubbery.net" Subject: Re: [rancid] Unable to Conduct Cisco Wireless Controller Backup Mon, Jul 30, 2018 at 10:59:39AM +0000, Piegorsch, Weylin William: > Hi John, > > I'm still playing around with AAA. What I'm finding, is that the f*&^% WLC CLI authorization mechanism is all bork bork bork. I can set a read-only role, but that disables the ability to issue the "config pager disable" command since the entire "config *" command tree is not available. I can set a higher role, and perhaps the command will appear, but I'm struggling to figure out how to create a custom role definition (I suspect it might be impossible since the Cisco WLC is designed to be GUI-based). We can discuss another time allowing automation to make changes to the system - I'm fighting this battle internally but it's not going well, for now let's just say I need to demonstrate confidence that rancid will only get data, not change anything more complicated than a "last login" notice. this is a(nother) design flaw in the o/s, imiho. as in ios, the pager should only affect the given vty, not the config of the device. not needing to manipulate the pager is very convenient. > In any event - so, this leaves me with the CLI role I have, and without the "config paging disable" to be used. you could also change the config to disabled the pager, if most folk just use the web UI. or try setting the stty rows to some large number before initiating the connection to the device; it might honor it, but i've seen many of these half-baked platforms ignore it if it doesn't lie within some unspoken acceptable range. > I'm running rancid 3.4.1, I notice the latest 3.8 is slightly different in wlogin. But, they're relatively similar, and neither version (I think?) catches the specific prompts that might appear to prompt for paging. Might they possibly be added? See below what I did to wlogin v3.4.1 (aka my installation), let me know if I did this wrong (I'm an accomplished network engineer... but a poor excuse for a software engineer). > > Also, wlogin uses "exit" to close the CLI when -c or -x is specified; it needs to be "logout" instead regardless of user role. Where do I change this? I suppose I can do this in rancid.types.base (.conf?), but I'd prefer not to since I /do/ use *login with the -p and -u options on occasion with some simple BASH command-line scripts to accomplish manual campus-wide pre-planned changes. I tried grep'ing through some files, that didn't work too well. you just need a newer wlogin; current is using logout. > Weylin > > I modified 3.4.1 bin/wlogin on this line: > > for {set i 0} {$i < $num_commands} { incr i} { > send -- "[subst -nocommands [lindex $commands $i]]\r" > expect { > -re "\b+" { exp_continue } > -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" > } > -re "^\[^\n\r]*$reprompt." { send_user -- "$expect_out(buffer)" > exp_continue > } > -re "^--More--\[\r\n]+" { # specific match c1900 pager > send " " > exp_continue > } > -re "\[\n\r]+" { send_user -- "$expect_out(buffer)" > exp_continue > } > + -re "^--More-- .*" { send "q" # note the [[:space:]] between --More-- and the period > + exp_continue > + } difficult to say if that might cause problems with the output without seeing the raw input. it depends upon how the device manipulates the pager prompt. if that RE is matching too little/much, the line following the prompt will shift back & forth randomly. > } > }} > > > On 7/27/18, 6:30 PM, "Piegorsch, Weylin William" wrote: > > This might be a tacacs issue. When I log in as a normal user, the config paging disable command appears when I type "?". I'll play around with that over the weekend. > Weylin > > > (cumm111-wism-aca05) >? > > debug Manages system debug options. > exit > grep Print lines matching a pattern. > help Help > linktest Perform a link test to a specified MAC address. > logout Exit this session. Any unsaved changes are lost. > show Display switch options and settings. > > (cumm111-wism-aca05) > > > > > > > On 7/27/18, 6:29 PM, "Piegorsch, Weylin William" wrote: > > Ah; thanks, I see it there. Something is amiss with that. "eval... ; cat -v" output below. > Weylin > > > > > [rancid at nsgv-prod-59 ~]$ eval `rancid -t cisco-wlc5 -C cumm111-wism-aca05.bu.edu` &> output > [rancid at nsgv-prod-59 ~]$ cat -v output > cumm111-wism-aca05.bu.edu > spawn ssh -2 -c aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc -x -l rancid cumm111-wism-aca05.bu.edu^M > ^M > Access to this system is permitted for authorized persons only. All connections are logged and monitored. By accessing this system, you acknowledge that use of this and any other technology at Boston University is subject to the terms of the Boston University Conditions of Use and Policy on Computing Ethics; please see: http://www.bu.edu/computing/ethics for details.^M > (cumm111-wism-aca05) ^M > User: rancid^M > Password:*******^M > (cumm111-wism-aca05) >^M > (cumm111-wism-aca05) >config paging disable^M > ^M > Incorrect usage. Use the '?' or key to list commands.^M > ^M > (cumm111-wism-aca05) >show udi^M > > ^MNAME: "Chassis" , DESCR: "Cisco Wireless Services Module 2" > ^MPID: WS-SVC-WISM2-K9, VID: V01, SN: SAL172893FZ^M > ^M > (cumm111-wism-aca05) >show sysinfo^M > ^M > Manufacturer's Name.............................. Cisco Systems Inc.^M > Product Name..................................... Cisco Controller^M > Product Version.................................. 8.2.166.0^M > Bootloader Version............................... 1.0.20^M > Field Recovery Image Version..................... 7.6.101.1^M > Firmware Version................................. FPGA 1.7, Env 0.0, USB console 2.2^M > Build Type....................................... DATA + WPS > ^M > System Name...................................... cumm111-wism-aca05^M > System Location.................................. 111 Cummington St., Room B05^M > System Contact................................... Network Operations Center^M > System ObjectID.................................. 1.3.6.1.4.1.9.1.1293^M > Redundancy Mode.................................. SSO^M > IP Address....................................... 10.123.18.234^M > IPv6 Address..................................... ::^M > Last Reset....................................... Software reset^M > System Up Time................................... 98 days 3 hrs 47 mins 5 secs^M > System Timezone Location......................... (GMT -5:00) Eastern Time (US and Canada)^M > System Stats Realtime Interval................... 5^M > System Stats Normal Interval..................... 180 > ^M > ^M > > Error: TIMEOUT reached > [rancid at nsgv-prod-59 ~]$ > > > > > > On 7/27/18, 11:16 AM, "heasley" wrote: > > Fri, Jul 27, 2018 at 12:08:37PM +0000, Piegorsch, Weylin William: > > I did some experimenting, issuing the "config paging disable" CLI command on initial login seems to eliminate the paging issue, similar to the ASA "terminal pager 0" or the IOS "terminal length 0". > > weylin > > wlogin should have sent this command at the beginning. please look at > the beginning of the transcript with the device. > > > On 7/27/18, 8:01 AM, "Piegorsch, Weylin William" wrote: > > > > When I login as myself and run the "show sysinfo" command, I get the below output. I notice that rancid (wlogin) gets stuck on the prompt at the end there. When expect sees the prompt, a would be the appropriate response. I'm not sure how to disable paging, unfortunately. > > > > Weylin > > > > (cumm111-wism-aca05) >show sysinfo > > > > Manufacturer's Name.............................. Cisco Systems Inc. > > Product Name..................................... Cisco Controller > > Product Version.................................. 8.2.166.0 > > Bootloader Version............................... 1.0.20 > > Field Recovery Image Version..................... 7.6.101.1 > > Firmware Version................................. FPGA 1.7, Env 0.0, USB console 2.2 > > Build Type....................................... DATA + WPS > > > > System Name...................................... cumm111-wism-aca05 > > System Location.................................. 111 Cummington St., Room B05 > > System Contact................................... Network Operations Center > > System ObjectID.................................. 1.3.6.1.4.1.9.1.1293 > > Redundancy Mode.................................. SSO > > IP Address....................................... 10.123.18.234 > > IPv6 Address..................................... :: > > Last Reset....................................... Software reset > > System Up Time................................... 97 days 17 hrs 26 mins 34 secs > > System Timezone Location......................... (GMT -5:00) Eastern Time (US and Canada) > > System Stats Realtime Interval................... 5 > > System Stats Normal Interval..................... 180 > > > > > > --More-- or (q)uit > > > > > > > > > > > > On 7/26/18, 6:43 PM, "heasley" wrote: > > > > Thu, Jul 26, 2018 at 09:20:42PM +0000, Piegorsch, Weylin William: > > > I should note that using the NOPIPE=yes thing causes the "controller wlogin error: Error: Connection closed (ssh): controller" message that I show below. If I omit the NOPIPE environment variable on the CLI, I get the output I showed in the other email, where it hangs in the middle of output. > > > > > > weylin > > > > i dont see the problem in what you've provided; you'll have to share more > > output with me. > > > > eval `rancid -t cisco-wlc8 -C hostname` &> output > > > > > > > > > > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: cumm111-wism-aca01.bu.edu.new Type: application/octet-stream Size: 161441 bytes Desc: cumm111-wism-aca01.bu.edu.new URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: cumm111-wism-aca01.bu.edu.raw Type: application/octet-stream Size: 176107 bytes Desc: cumm111-wism-aca01.bu.edu.raw URL: From heas at shrubbery.net Fri Oct 12 23:44:11 2018 From: heas at shrubbery.net (heasley) Date: Fri, 12 Oct 2018 23:44:11 +0000 Subject: [rancid] Unable to Conduct Cisco Wireless Controller Backup In-Reply-To: <124CF3AE-02DF-4F6F-B278-7D6C2C5F6B67@bu.edu> References: <20180726224316.GA25468@shrubbery.net> <56402173-7D20-4C40-9293-0B35E08F971D@bu.edu> <0864E58E-95EA-4F33-AF85-19FE53E06A9C@bu.edu> <20180727151557.GA39011@shrubbery.net> <4F748F05-1C24-4F5C-AF0F-583831D13422@bu.edu> <20180731004433.GA31150@shrubbery.net> <9595FD09-B472-4F2E-A380-F49E2E192B9E@bu.edu> <124CF3AE-02DF-4F6F-B278-7D6C2C5F6B67@bu.edu> Message-ID: <20181012234411.GA65766@shrubbery.net> Fri, Oct 12, 2018 at 03:36:20PM +0000, Piegorsch, Weylin William: > send -h "exit\r" > > I changed that line to ' send -h "logout\r" ', and now I'm getting a clean logout. Wlogin from 3.8 seems to fix this from reading through wlogin.in (I couldn't fudge things to get wlogin-3.8 to work and still use the rest of the 3.4.1 files). that is right. if you installed 3.4.1 from source, you can probably just copy wlogin.in from 3.8 over that of 3.4.1, build and install. > In addition to catching these two -re match blocks in run_commands (I actually need both, it wouldn't work at all when I tried to combine them), that seems to have cleared up all the issues I have.... > > -re "^--More or .*" { send " " > exp_continue > } > -re "^--More-- .*" { send " " > exp_continue > } 3.8 has versions of these; it is not clear to me if you are saying that you added these to 3.8, or if you needed them in addition to what is in 3.8. > ...with the exception of ?if (!$clean_run || !$found_end)?. For some reason I don?t understand, I keep getting ?End of run not found?. I?ve attached .raw and .new files following an execution of ?NOPIPE=YES rancid -d -t cisco-wlc5 ?. I?m guessing it?s somehow related to how the session closes, but that?s a 100% guess. Any idea how I can resolve? > i'll look. From heas at shrubbery.net Sat Oct 13 00:38:14 2018 From: heas at shrubbery.net (heasley) Date: Sat, 13 Oct 2018 00:38:14 +0000 Subject: [rancid] Unable to Conduct Cisco Wireless Controller Backup In-Reply-To: <20181013003559.29D0E458B4@sea.shrubbery.net> <124CF3AE-02DF-4F6F-B278-7D6C2C5F6B67@bu.edu> Message-ID: <20181013003814.GB65766@shrubbery.net> Fri, Oct 12, 2018 at 03:36:20PM +0000, Piegorsch, Weylin William: > ...with the exception of ?if (!$clean_run || !$found_end)?. For some reason I don?t understand, I keep getting ?End of run not found?. I?ve attached .raw and .new files following an execution of ?NOPIPE=YES rancid -d -t cisco-wlc5 ?. I?m guessing it?s somehow related to how the session closes, but that?s a 100% guess. Any idea how I can resolve? the device isnt echoing the \r\n at the logout. i think this will fix it: Index: lib/ciscowlc.pm.in =================================================================== --- lib/ciscowlc.pm.in (revision 3875) +++ lib/ciscowlc.pm.in (working copy) @@ -42,10 +42,6 @@ TOP: while(<$INPUT>) { tr/\015//d; - if (/^.*logout(\s*Connection.*closed.*)?$/) { - $clean_run = 1; - last; - } if (/^Error:/) { print STDOUT ("$host wlogin error: $_"); print STDERR ("$host wlogin error: $_") if ($debug); @@ -78,6 +74,10 @@ last TOP; } } + if (/^.*logout(\s*connection.*closed.*)?$/i) { + $clean_run = 1; + last; + } } } @@ -91,6 +91,7 @@ while (<$INPUT>) { tr/\015//d; tr/\020//d; + last if (/^$prompt/); next if (/^\s*rogue ap classify/); next if (/^\s*rogue (adhoc|client) (alert|unknown)/i); @@ -118,7 +119,6 @@ ProcessHistory("","","","!$1 \n"); next; } - last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); $linecnt++; From weylin at bu.edu Mon Oct 15 05:09:52 2018 From: weylin at bu.edu (Piegorsch, Weylin William) Date: Mon, 15 Oct 2018 05:09:52 +0000 Subject: [rancid] Unable to Conduct Cisco Wireless Controller Backup In-Reply-To: <20181012234411.GA65766@shrubbery.net> References: <20180726224316.GA25468@shrubbery.net> <56402173-7D20-4C40-9293-0B35E08F971D@bu.edu> <0864E58E-95EA-4F33-AF85-19FE53E06A9C@bu.edu> <20180727151557.GA39011@shrubbery.net> <4F748F05-1C24-4F5C-AF0F-583831D13422@bu.edu> <20180731004433.GA31150@shrubbery.net> <9595FD09-B472-4F2E-A380-F49E2E192B9E@bu.edu> <124CF3AE-02DF-4F6F-B278-7D6C2C5F6B67@bu.edu> <20181012234411.GA65766@shrubbery.net> Message-ID: I added those lines to 3.4.1. I didn't dig too deeply into the 3.8 code, so if it's already fixed there then no worries. weylin ?-----Original Message----- From: heasley Date: Friday, October 12, 2018 at 7:44 PM To: Weylin Piegorsch Cc: heasley , "rancid-discuss at shrubbery.net" Subject: Re: [rancid] Unable to Conduct Cisco Wireless Controller Backup Fri, Oct 12, 2018 at 03:36:20PM +0000, Piegorsch, Weylin William: > send -h "exit\r" > > I changed that line to ' send -h "logout\r" ', and now I'm getting a clean logout. Wlogin from 3.8 seems to fix this from reading through wlogin.in (I couldn't fudge things to get wlogin-3.8 to work and still use the rest of the 3.4.1 files). that is right. if you installed 3.4.1 from source, you can probably just copy wlogin.in from 3.8 over that of 3.4.1, build and install. > In addition to catching these two -re match blocks in run_commands (I actually need both, it wouldn't work at all when I tried to combine them), that seems to have cleared up all the issues I have.... > > -re "^--More or .*" { send " " > exp_continue > } > -re "^--More-- .*" { send " " > exp_continue > } 3.8 has versions of these; it is not clear to me if you are saying that you added these to 3.8, or if you needed them in addition to what is in 3.8. > ...with the exception of ?if (!$clean_run || !$found_end)?. For some reason I don?t understand, I keep getting ?End of run not found?. I?ve attached .raw and .new files following an execution of ?NOPIPE=YES rancid -d -t cisco-wlc5 ?. I?m guessing it?s somehow related to how the session closes, but that?s a 100% guess. Any idea how I can resolve? > i'll look. From andrewm659 at yahoo.com Tue Oct 16 14:14:56 2018 From: andrewm659 at yahoo.com (Andrew Meyer) Date: Tue, 16 Oct 2018 14:14:56 +0000 (UTC) Subject: [rancid] error after migrating to new server References: <1742160819.599271.1539699296712.ref@mail.yahoo.com> Message-ID: <1742160819.599271.1539699296712@mail.yahoo.com> Recently we have migrated from our in house setup to AWS.? Rancid is installed on Amazon Linux 2, but i'm seeing this issue in the logs: cat NetworkDevices.20181016.140101starting: Tue Oct 16 14:01:01 UTC 2018 Trying to get all of the configs./usr/bin/control_rancid: line 503: par: command not found=====================================Getting missed routers: round 1./usr/bin/control_rancid: line 533: par: command not found=====================================Getting missed routers: round 2./usr/bin/control_rancid: line 533: par: command not found=====================================Getting missed routers: round 3./usr/bin/control_rancid: line 533: par: command not found=====================================Getting missed routers: round 4./usr/bin/control_rancid: line 533: par: command not found On branch masterYour branch is up-to-date with 'origin/master'. nothing to commit, working tree cleanEverything up-to-date ending: Tue Oct 16 14:01:01 UTC 2018 Is this a command that didn't get installed? -------------- next part -------------- An HTML attachment was scrubbed... URL: From Charles.Brooks at hbcs.org Tue Oct 16 14:44:31 2018 From: Charles.Brooks at hbcs.org (Charles T. Brooks) Date: Tue, 16 Oct 2018 14:44:31 +0000 Subject: [rancid] error after migrating to new server In-Reply-To: <1742160819.599271.1539699296712@mail.yahoo.com> References: <1742160819.599271.1539699296712.ref@mail.yahoo.com>, <1742160819.599271.1539699296712@mail.yahoo.com> Message-ID: Short answer, yes. But "par" is troublesome. RANCiD needs a program by that name for "parallel command processing", but the name conflicts with other software packages, particularly on Ubuntu linux as I recall. I don't know if it conflicts with Amazon's linux. I renamed it to rancid_par back when I built the Red Hat packages of RANCiD 3.4.1, but I haven't done so in more recent packages because I don't need any of the other programs named "par" on any of my Red Hat boxen. --Charlie From: Rancid-discuss [rancid-discuss-bounces at shrubbery.net] on behalf of Andrew Meyer [andrewm659 at yahoo.com] Sent: Tuesday, October 16, 2018 10:14 AM To: rancid-discuss at shrubbery.net Subject: [rancid] error after migrating to new server Recently we have migrated from our in house setup to AWS. Rancid is installed on Amazon Linux 2, but i'm seeing this issue in the logs: cat NetworkDevices.20181016.140101 starting: Tue Oct 16 14:01:01 UTC 2018 Trying to get all of the configs. /usr/bin/control_rancid: line 503: par: command not found ===================================== Getting missed routers: round 1. /usr/bin/control_rancid: line 533: par: command not found ===================================== Getting missed routers: round 2. /usr/bin/control_rancid: line 533: par: command not found ===================================== Getting missed routers: round 3. /usr/bin/control_rancid: line 533: par: command not found ===================================== Getting missed routers: round 4. /usr/bin/control_rancid: line 533: par: command not found On branch master Your branch is up-to-date with 'origin/master'. nothing to commit, working tree clean Everything up-to-date ending: Tue Oct 16 14:01:01 UTC 2018 Is this a command that didn't get installed? ------------------ CONFIDENTIALITY NOTICE --------------- This message, including any attachments, is for the sole use of the intended recipient(s) and may contain privileged confidential information protected by law. Any unauthorized review, use, disclosure or distribution of this message is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of this message. ------------------ CONFIDENTIALITY NOTICE --------------- From nick.nauwelaerts at aquafin.be Tue Oct 16 14:49:10 2018 From: nick.nauwelaerts at aquafin.be (Nick Nauwelaerts) Date: Tue, 16 Oct 2018 14:49:10 +0000 Subject: [rancid] error after migrating to new server In-Reply-To: References: <1742160819.599271.1539699296712.ref@mail.yahoo.com>, <1742160819.599271.1539699296712@mail.yahoo.com> Message-ID: also, it seems you installed it under /usr/bin, best practices for rancid & package management in general is not do this. perhaps install it under the rancid user's homedir & make sure $HOME/bin is in your $PATH first. second option is that you used a vendor provided rancid package instead of building from source, which might not include par. third option is that your cron or whatever scheduler you're using is does not have par in it's $PATH. // nick -----Original Message----- From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Charles T. Brooks Sent: Tuesday, October 16, 2018 16:45 To: Andrew Meyer Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] error after migrating to new server Short answer, yes. But "par" is troublesome. RANCiD needs a program by that name for "parallel command processing", but the name conflicts with other software packages, particularly on Ubuntu linux as I recall. I don't know if it conflicts with Amazon's linux. I renamed it to rancid_par back when I built the Red Hat packages of RANCiD 3.4.1, but I haven't done so in more recent packages because I don't need any of the other programs named "par" on any of my Red Hat boxen. --Charlie From: Rancid-discuss [rancid-discuss-bounces at shrubbery.net] on behalf of Andrew Meyer [andrewm659 at yahoo.com] Sent: Tuesday, October 16, 2018 10:14 AM To: rancid-discuss at shrubbery.net Subject: [rancid] error after migrating to new server Recently we have migrated from our in house setup to AWS. Rancid is installed on Amazon Linux 2, but i'm seeing this issue in the logs: cat NetworkDevices.20181016.140101 starting: Tue Oct 16 14:01:01 UTC 2018 Trying to get all of the configs. /usr/bin/control_rancid: line 503: par: command not found ===================================== Getting missed routers: round 1. /usr/bin/control_rancid: line 533: par: command not found ===================================== Getting missed routers: round 2. /usr/bin/control_rancid: line 533: par: command not found ===================================== Getting missed routers: round 3. /usr/bin/control_rancid: line 533: par: command not found ===================================== Getting missed routers: round 4. /usr/bin/control_rancid: line 533: par: command not found On branch master Your branch is up-to-date with 'origin/master'. nothing to commit, working tree clean Everything up-to-date ending: Tue Oct 16 14:01:01 UTC 2018 Is this a command that didn't get installed? ------------------ CONFIDENTIALITY NOTICE --------------- This message, including any attachments, is for the sole use of the intended recipient(s) and may contain privileged confidential information protected by law. Any unauthorized review, use, disclosure or distribution of this message is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of this message. ------------------ CONFIDENTIALITY NOTICE --------------- _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss ________________________________ Volg Aquafin op Facebook | Twitter | YouTube | LinkedIN In het kader van de uitoefening van onze taken verzamelen we bij Aquafin persoonsgegevens. Hoe we omgaan met deze gegevens en wat de rechten van de betrokkenen zijn, kan je nalezen in onze privacy policy. [https://www.aquafin.be/sites/aquafin/files/styles/paragraph_with_caption/public/2018-08/email_banner_web_0.jpg] P Denk aan het milieu. Druk deze mail niet onnodig af. From andrewm659 at yahoo.com Tue Oct 16 15:06:53 2018 From: andrewm659 at yahoo.com (Andrew Meyer) Date: Tue, 16 Oct 2018 15:06:53 +0000 (UTC) Subject: [rancid] error after migrating to new server In-Reply-To: References: <1742160819.599271.1539699296712.ref@mail.yahoo.com> <1742160819.599271.1539699296712@mail.yahoo.com> Message-ID: <490542406.626684.1539702413615@mail.yahoo.com> Is this a perl/python or something else command?? I think I found the package in Amazon Linux. On Tuesday, October 16, 2018 9:44 AM, Charles T. Brooks wrote: Short answer, yes.? But "par" is troublesome. RANCiD needs a program by that name for "parallel command processing", but the name conflicts with other software packages, particularly on Ubuntu linux as I recall.? I don't know if it conflicts with Amazon's linux. I renamed it to rancid_par back when I built the Red Hat packages of RANCiD 3.4.1, but I haven't done so in more recent packages because I don't need any of the other programs named "par" on any of my Red Hat boxen. --Charlie From: Rancid-discuss [rancid-discuss-bounces at shrubbery.net] on behalf of Andrew Meyer [andrewm659 at yahoo.com] Sent: Tuesday, October 16, 2018 10:14 AM To: rancid-discuss at shrubbery.net Subject: [rancid] error after migrating to new server Recently we have migrated from our in house setup to AWS.? Rancid is installed on Amazon Linux 2, but i'm seeing this issue in the logs: cat NetworkDevices.20181016.140101 starting: Tue Oct 16 14:01:01 UTC 2018 Trying to get all of the configs. /usr/bin/control_rancid: line 503: par: command not found ===================================== Getting missed routers: round 1. /usr/bin/control_rancid: line 533: par: command not found ===================================== Getting missed routers: round 2. /usr/bin/control_rancid: line 533: par: command not found ===================================== Getting missed routers: round 3. /usr/bin/control_rancid: line 533: par: command not found ===================================== Getting missed routers: round 4. /usr/bin/control_rancid: line 533: par: command not found On branch master Your branch is up-to-date with 'origin/master'. nothing to commit, working tree clean Everything up-to-date ending: Tue Oct 16 14:01:01 UTC 2018 Is this a command that didn't get installed? ------------------? CONFIDENTIALITY NOTICE? --------------- ? This message, including any attachments, is for the sole use of the intended recipient(s) and may contain privileged confidential information protected by law. Any unauthorized review, use, disclosure or distribution of this message is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of this message. ? ? ------------------? CONFIDENTIALITY NOTICE? --------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: From Charles.Brooks at hbcs.org Tue Oct 16 15:24:19 2018 From: Charles.Brooks at hbcs.org (Charles T. Brooks) Date: Tue, 16 Oct 2018 15:24:19 +0000 Subject: [rancid] error after migrating to new server In-Reply-To: <490542406.626684.1539702413615@mail.yahoo.com> References: <1742160819.599271.1539699296712.ref@mail.yahoo.com> <1742160819.599271.1539699296712@mail.yahoo.com> , <490542406.626684.1539702413615@mail.yahoo.com> Message-ID: The "file" command says it's an executable image, not a script. [charlie at gitdrome ~]# file /usr/libexec/rancid/par /usr/libexec/rancid/par: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, BuildID[sha1]=968bbb9325486639b0fd1294bebcfef7c67317ed, stripped If you've found the correct par (and not one of the other programs of the same name) then like Nick said you need to make sure it's in the PATH of the user executing rancid-run. --Charlie ________________________________ From: Andrew Meyer [andrewm659 at yahoo.com] Sent: Tuesday, October 16, 2018 11:06 AM To: Charles T. Brooks Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] error after migrating to new server Is this a perl/python or something else command? I think I found the package in Amazon Linux. On Tuesday, October 16, 2018 9:44 AM, Charles T. Brooks wrote: Short answer, yes. But "par" is troublesome. RANCiD needs a program by that name for "parallel command processing", but the name conflicts with other software packages, particularly on Ubuntu linux as I recall. I don't know if it conflicts with Amazon's linux. I renamed it to rancid_par back when I built the Red Hat packages of RANCiD 3.4.1, but I haven't done so in more recent packages because I don't need any of the other programs named "par" on any of my Red Hat boxen. --Charlie From: Rancid-discuss [rancid-discuss-bounces at shrubbery.net] on behalf of Andrew Meyer [andrewm659 at yahoo.com] Sent: Tuesday, October 16, 2018 10:14 AM To: rancid-discuss at shrubbery.net Subject: [rancid] error after migrating to new server Recently we have migrated from our in house setup to AWS. Rancid is installed on Amazon Linux 2, but i'm seeing this issue in the logs: cat NetworkDevices.20181016.140101 starting: Tue Oct 16 14:01:01 UTC 2018 Trying to get all of the configs. /usr/bin/control_rancid: line 503: par: command not found ===================================== Getting missed routers: round 1. /usr/bin/control_rancid: line 533: par: command not found ===================================== Getting missed routers: round 2. /usr/bin/control_rancid: line 533: par: command not found ===================================== Getting missed routers: round 3. /usr/bin/control_rancid: line 533: par: command not found ===================================== Getting missed routers: round 4. /usr/bin/control_rancid: line 533: par: command not found On branch master Your branch is up-to-date with 'origin/master'. nothing to commit, working tree clean Everything up-to-date ending: Tue Oct 16 14:01:01 UTC 2018 Is this a command that didn't get installed? ------------------ CONFIDENTIALITY NOTICE --------------- This message, including any attachments, is for the sole use of the intended recipient(s) and may contain privileged confidential information protected by law. Any unauthorized review, use, disclosure or distribution of this message is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of this message. ------------------ CONFIDENTIALITY NOTICE --------------- ------------------ CONFIDENTIALITY NOTICE --------------- This message, including any attachments, is for the sole use of the intended recipient(s) and may contain privileged confidential information protected by law. Any unauthorized review, use, disclosure or distribution of this message is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of this message. ------------------ CONFIDENTIALITY NOTICE --------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrewm659 at yahoo.com Tue Oct 16 16:44:30 2018 From: andrewm659 at yahoo.com (Andrew Meyer) Date: Tue, 16 Oct 2018 16:44:30 +0000 (UTC) Subject: [rancid] error after migrating to new server In-Reply-To: References: <1742160819.599271.1539699296712.ref@mail.yahoo.com> <1742160819.599271.1539699296712@mail.yahoo.com> <490542406.626684.1539702413615@mail.yahoo.com> Message-ID: <1254591574.710077.1539708270177@mail.yahoo.com> Where is this thread from Nick?? I don't see it. On Tuesday, October 16, 2018 10:24 AM, Charles T. Brooks wrote: #yiv8312995359 P {margin-top:0;margin-bottom:0;}The "file" command says it's an executable image, not a script. [charlie at gitdrome ~]# file /usr/libexec/rancid/par /usr/libexec/rancid/par: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, BuildID[sha1]=968bbb9325486639b0fd1294bebcfef7c67317ed, stripped If you've found the correct par (and not one of the other programs of the same name) then like Nick said you need to make sure it's in the PATH of the user executing rancid-run. --Charlie From: Andrew Meyer [andrewm659 at yahoo.com] Sent: Tuesday, October 16, 2018 11:06 AM To: Charles T. Brooks Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] error after migrating to new server Is this a perl/python or something else command?? I think I found the package in Amazon Linux. On Tuesday, October 16, 2018 9:44 AM, Charles T. Brooks wrote: Short answer, yes.? But "par" is troublesome. RANCiD needs a program by that name for "parallel command processing", but the name conflicts with other software packages, particularly on Ubuntu linux as I recall.? I don't know if it conflicts with Amazon's linux. I renamed it to rancid_par back when I built the Red Hat packages of RANCiD 3.4.1, but I haven't done so in more recent packages because I don't need any of the other programs named "par" on any of my Red Hat boxen. --Charlie From: Rancid-discuss [rancid-discuss-bounces at shrubbery.net] on behalf of Andrew Meyer [andrewm659 at yahoo.com] Sent: Tuesday, October 16, 2018 10:14 AM To: rancid-discuss at shrubbery.net Subject: [rancid] error after migrating to new server Recently we have migrated from our in house setup to AWS.? Rancid is installed on Amazon Linux 2, but i'm seeing this issue in the logs: cat NetworkDevices.20181016.140101 starting: Tue Oct 16 14:01:01 UTC 2018 Trying to get all of the configs. /usr/bin/control_rancid: line 503: par: command not found ===================================== Getting missed routers: round 1. /usr/bin/control_rancid: line 533: par: command not found ===================================== Getting missed routers: round 2. /usr/bin/control_rancid: line 533: par: command not found ===================================== Getting missed routers: round 3. /usr/bin/control_rancid: line 533: par: command not found ===================================== Getting missed routers: round 4. /usr/bin/control_rancid: line 533: par: command not found On branch master Your branch is up-to-date with 'origin/master'. nothing to commit, working tree clean Everything up-to-date ending: Tue Oct 16 14:01:01 UTC 2018 Is this a command that didn't get installed? ------------------? CONFIDENTIALITY NOTICE? --------------- ? This message, including any attachments, is for the sole use of the intended recipient(s) and may contain privileged confidential information protected by law. Any unauthorized review, use, disclosure or distribution of this message is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of this message. ? ? ------------------? CONFIDENTIALITY NOTICE? --------------- ? ? ? ------------------? CONFIDENTIALITY NOTICE? ---------------? This message, including any attachments, is for the sole use of the intended recipient(s) and may contain privileged confidential information protected by law. Any unauthorized review, use, disclosure or distribution of this message is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of this message.? ? ? ------------------? CONFIDENTIALITY NOTICE? --------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: From nineoften at hotmail.com Tue Oct 16 20:21:48 2018 From: nineoften at hotmail.com (Ni Ne) Date: Tue, 16 Oct 2018 20:21:48 +0000 Subject: [rancid] FortiGate login banner Message-ID: If you configure a login banner to FortiGates, you have to accept it before you can login to the device. This pops up after entering the password, and you are prompted with: $banner-message (Press 'a' to accept): I successfully tested these small changes to fnlogin (version 3.8, build 3763) to automatically accept the login banner. The lines between the hash-marks were added to the fnlogin script. ----------------------- -re "@\[^\r\n]+\[Pp]assword:" { # ssh pwd prompt sleep 1 send -- "$userpswd\r" exp_continue } -re "$p_prompt" { sleep 1; if {$uprompt_seen == 1} { send -- "$userpswd\r" } else { send -- "$passwd\r" } exp_continue } ### accept banner "(Press 'a' to accept):" { send "a\r" exp_continue } ### accept banner /end -- "$prompt" { break; } } } set in_proc 0 return 0 } ----------------------- Regards, -Aaron -------------- next part -------------- An HTML attachment was scrubbed... URL: From llarsen at longlines.biz Tue Oct 16 21:00:06 2018 From: llarsen at longlines.biz (Larry Larsen) Date: Tue, 16 Oct 2018 21:00:06 +0000 Subject: [rancid] Rancid not updating Message-ID: Community; I am new to the company, and my predecessor had setup Rancid to collect all our configs and do the comparisons. He also used CVS to display the configs on a webpage. I have no experience with Rancid nor CVS and I was wondering if I could get some assistance. Here is my issue. I am a Windows guy, and am learning Linux. I made a small change on one of my routers to SNMP, and wanted to see if Rancid would pick it up. The date on the file still shows 7 months ago, and not the change I made earlier today. We make changes almost daily for VLANS, etc, and nothing is showing updated. The schedule to download and send config difference emails is every hour. I have seen multiple emails, but nothing with my change in it. I also went into the Rancid directory structure in Linux and the date in there is also 7 months old. Is there anything you can do to assist? Thank you! Larry L. -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Tue Oct 16 21:17:53 2018 From: heas at shrubbery.net (heasley) Date: Tue, 16 Oct 2018 21:17:53 +0000 Subject: [rancid] error after migrating to new server In-Reply-To: <490542406.626684.1539702413615@mail.yahoo.com> References: <1742160819.599271.1539699296712.ref@mail.yahoo.com> <1742160819.599271.1539699296712@mail.yahoo.com> <490542406.626684.1539702413615@mail.yahoo.com> Message-ID: <20181016211753.GL19911@shrubbery.net> Tue, Oct 16, 2018 at 03:06:53PM +0000, Andrew Meyer: > Is this a perl/python or something else command?? I think I found the package in Amazon Linux. its a command that comes with rancid. my guess is one of - you copied rancid from another machine and missed it - the pre-built package you installed is broken - you copied rancid.conf from another machine and its PATH doesnt match, so it cant find par. - you deleted it somehow - you're using an old version of rancid, when par was a perl script, and the interpretter line is wrong - par lacks executable mode bits From on at LEFerguson.com Tue Oct 16 22:24:24 2018 From: on at LEFerguson.com (on at LEFerguson.com) Date: Tue, 16 Oct 2018 22:24:24 +0000 Subject: [rancid] Rancid not updating In-Reply-To: References: Message-ID: Start by looking in the log file (usually in the rancid directory structure, try ~/var/rancid/logs (though I think depending on how installed it may be elsewhere). Find the latest log, look at it, see what is happening. If it's not there (i.e. no logs) rancid is probably not starting. Restarting it depends on linux variant, but if a reboot is possible just reboot. If the log is there and it gives an error, start with that as it should give a clue. Post results if you need further help after seeing that. There are also lots of debugging postings on the net (just try searching for rancid debug), indeed one technique is to follow the install instructions after the install where it describes how to test login, etc. Linwood From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Larry Larsen Sent: Tuesday, October 16, 2018 5:00 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Rancid not updating Community; I am new to the company, and my predecessor had setup Rancid to collect all our configs and do the comparisons. He also used CVS to display the configs on a webpage. I have no experience with Rancid nor CVS and I was wondering if I could get some assistance. Here is my issue. I am a Windows guy, and am learning Linux. I made a small change on one of my routers to SNMP, and wanted to see if Rancid would pick it up. The date on the file still shows 7 months ago, and not the change I made earlier today. We make changes almost daily for VLANS, etc, and nothing is showing updated. The schedule to download and send config difference emails is every hour. I have seen multiple emails, but nothing with my change in it. I also went into the Rancid directory structure in Linux and the date in there is also 7 months old. Is there anything you can do to assist? Thank you! Larry L. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrewm659 at yahoo.com Tue Oct 16 22:27:36 2018 From: andrewm659 at yahoo.com (Andrew Meyer) Date: Tue, 16 Oct 2018 22:27:36 +0000 (UTC) Subject: [rancid] error after migrating to new server In-Reply-To: <20181016211753.GL19911@shrubbery.net> References: <1742160819.599271.1539699296712.ref@mail.yahoo.com> <1742160819.599271.1539699296712@mail.yahoo.com> <490542406.626684.1539702413615@mail.yahoo.com> <20181016211753.GL19911@shrubbery.net> Message-ID: <1523345018.936693.1539728856693@mail.yahoo.com> I fixed.? Had to create a symlink from, /usr/bin/par to /usr/libexec/rancid/par. Thank you! On Tuesday, October 16, 2018 4:17 PM, heasley wrote: Tue, Oct 16, 2018 at 03:06:53PM +0000, Andrew Meyer: > Is this a perl/python or something else command?? I think I found the package in Amazon Linux. its a command that comes with rancid.? my guess is one of - you copied rancid from another machine and missed it - the pre-built package you installed is broken - you copied rancid.conf from another machine and its PATH doesnt match, ? so it cant find par. - you deleted it somehow - you're using an old version of rancid, when par was a perl script, and ? the interpretter line is wrong - par lacks executable mode bits -------------- next part -------------- An HTML attachment was scrubbed... URL: From nineoften at hotmail.com Wed Oct 17 04:36:35 2018 From: nineoften at hotmail.com (Ni Ne) Date: Wed, 17 Oct 2018 04:36:35 +0000 Subject: [rancid] FortiGate - config fetch ends prematurely - hash-mark in config file Message-ID: Noticed that a full config backup of some of our FortiGates have been failing due to a hash-mark (#) present in the configuration itself. FortiGates let you add comments to nearly any objects. The comment field is free-form, best I can tell, and lets you insert hash-mark characters. For example a service object had this configuration causing the rancid run to fail at the offending line of "set comment": -------------- config firewall service custom edit "TCP/UDP-4118-4122" set proxy disable set category '' set protocol TCP/UDP/SCTP set helper auto set check-reset-range default set comment "Ticket # 123456" set color 1 set visibility enable set iprange 0.0.0.0 set fqdn '' set tcp-portrange 4118-4122 set udp-portrange 4118-4122 unset sctp-portrange set tcp-halfclose-timer 0 set tcp-halfopen-timer 0 set tcp-timewait-timer 0 set udp-idle-timer 0 set session-ttl 0 next end -------------- After removing all offending characters from the firewall config the rancid-run completed fully and normally. I've been playing around with fnrancid (3.8, build 3763) to try to find a way to accommodate this happening again, but with only partial success. I changed the prompt setting code to the following: -------------- # - FortiGate prompts end with either '#' or '$'. Further, they may # be prepended with a '~' if the hostname is too long. Therefore, # we need to figure out what our prompt really is. if (!defined($prompt)) { if ($_ =~ '^(.*) # ') { $prompt = "$1 # "; -------------- The above works great when the rancid user has root/super_admin permissions (hash-mark (#) prompt). Adjusting rancid to have non-root permissions with a dollar-sign ($) prompt and tacking on some additional code, rancid fails due to end of run not found. -------------- # - FortiGate prompts end with either '#' or '$'. Further, they may # be prepended with a '~' if the hostname is too long. Therefore, # we need to figure out what our prompt really is. if (!defined($prompt)) { if ($_ =~ '^(.*) # ') { $prompt = "$1 # "; } else { if ($_ =~ '^(.*) \$ ') { $prompt = "$1 \$ "; } } } -------------- I tried some variations and either get the same error (end of run not found) or every config line is pre-pended with #. I even tried explicitly defining the firewall name inside $prompt against the firewall I am testing to bypass $1 expansion. Anyone have ideas why this is failing? I added some debug statements and my regex matches and $prompt is being set as I would expect, but for some reason it's not matching when rancid runs. Doing some testing, when the hostname in the prompt does get truncated, it stays the same regardless of what config level you enter. Here is example of setting a 25-character hostname and then entering a few levels of config: -------------- fortigate-firewall # config system global fortigate-firewall (global) # set hostname 1234567890123456789012345 fortigate-firewall (global) # end 12345678901234567890~345 # 12345678901234567890~345 # config firewall service group 12345678901234567890~345 (group) # edit JD_TEST_GROUP 12345678901234567890~345 (JD_TEST_GROUP) # set comment "coding is fun" 12345678901234567890~345 (JD_TEST_GROUP) # end 12345678901234567890~345 # -------------- Thanks, -Aaron -------------- next part -------------- An HTML attachment was scrubbed... URL: From llarsen at longlines.biz Wed Oct 17 13:48:43 2018 From: llarsen at longlines.biz (Larry Larsen) Date: Wed, 17 Oct 2018 13:48:43 +0000 Subject: [rancid] Rancid not updating In-Reply-To: References: Message-ID: Linwood; Thank you for your assistance. Attached is the log. I think the biggest error is Up-to-Date check failed and I have to correct the errors first. I have tried a cvs update, but I get the error: cvs update: No CVSROOT specified! Please use the `-d' option cvs [update aborted]: or set the CVSROOT environment variable. Any other assistance would be appreciated. Thank you! Larry L. From: on at LEFerguson.com Sent: Tuesday, October 16, 2018 5:24 PM To: Larry Larsen ; rancid-discuss at shrubbery.net Subject: RE: Rancid not updating Start by looking in the log file (usually in the rancid directory structure, try ~/var/rancid/logs (though I think depending on how installed it may be elsewhere). Find the latest log, look at it, see what is happening. If it's not there (i.e. no logs) rancid is probably not starting. Restarting it depends on linux variant, but if a reboot is possible just reboot. If the log is there and it gives an error, start with that as it should give a clue. Post results if you need further help after seeing that. There are also lots of debugging postings on the net (just try searching for rancid debug), indeed one technique is to follow the install instructions after the install where it describes how to test login, etc. Linwood From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Larry Larsen Sent: Tuesday, October 16, 2018 5:00 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Rancid not updating Community; I am new to the company, and my predecessor had setup Rancid to collect all our configs and do the comparisons. He also used CVS to display the configs on a webpage. I have no experience with Rancid nor CVS and I was wondering if I could get some assistance. Here is my issue. I am a Windows guy, and am learning Linux. I made a small change on one of my routers to SNMP, and wanted to see if Rancid would pick it up. The date on the file still shows 7 months ago, and not the change I made earlier today. We make changes almost daily for VLANS, etc, and nothing is showing updated. The schedule to download and send config difference emails is every hour. I have seen multiple emails, but nothing with my change in it. I also went into the Rancid directory structure in Linux and the date in there is also 7 months old. Is there anything you can do to assist? Thank you! Larry L. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: rancid logs.txt URL: From on at LEFerguson.com Wed Oct 17 14:27:37 2018 From: on at LEFerguson.com (on at LEFerguson.com) Date: Wed, 17 Oct 2018 14:27:37 +0000 Subject: [rancid] Rancid not updating In-Reply-To: References: Message-ID: You have a bunch of issues, but I agree, the "up to date" is an issue. I know almost nothing about CVS, it just plugged in and worked for me, so hopefully someone can work. Many of the other errors are configuration and router change issues, e.g. The "refused" implies that device does not (or no longer) allow telnet. Whether it ever worked is another issue, but you need to get the login protocol (defined in .cloginrc) to match what the devices allow. A distantly related issue is the "host key ... has changed". This is usually from a router change/upgrade, where ssh (used by rancid to pull configs) has stashed a key, and it is warning you that you may be seeing a different device (e.g. a spoofing of some sort). You can clear these individually (log in as rancid, and ssh to the device, and follow what it prompts -- you may need to remove it from the indicated file entirely, it tells you the line), or just delete the entire key file and let it rebuild, or (not a great idea if it's a general use machine for security reasons but OK if it's pure NMS) edit /etc/ssh/ssh_config and put in something like this: StrictHostKeyChecking no userKnownHostsFile=/dev/null Doing that from memory, google for ssh key changes and you'll find lots of different approaches. The timeouts may be simply missing devices. The end of runs not found are usually devices not supported, or that have been entered with incorrect device types. It MAY be that the "up to date" checks are because these commands are all failing, or you might have a CVS problem. If it was me I'd fix some of these first (e.g. the SSH keys are easy to fix), and then run it again and see if anything changes. In particular fix it for one listed in the up-to-date error (e.g. 192.168.215.10) and see if the up-to-date goes away when it can process the device. Hopefully someone more CVS knowledgeable can advise on what that actually means. Linwood From: Larry Larsen [mailto:llarsen at longlines.biz] Sent: Wednesday, October 17, 2018 9:49 AM To: on at LEFerguson.com; rancid-discuss at shrubbery.net Subject: RE: Rancid not updating Linwood; Thank you for your assistance. Attached is the log. I think the biggest error is Up-to-Date check failed and I have to correct the errors first. I have tried a cvs update, but I get the error: cvs update: No CVSROOT specified! Please use the `-d' option cvs [update aborted]: or set the CVSROOT environment variable. Any other assistance would be appreciated. Thank you! Larry L. From: on at LEFerguson.com > Sent: Tuesday, October 16, 2018 5:24 PM To: Larry Larsen >; rancid-discuss at shrubbery.net Subject: RE: Rancid not updating Start by looking in the log file (usually in the rancid directory structure, try ~/var/rancid/logs (though I think depending on how installed it may be elsewhere). Find the latest log, look at it, see what is happening. If it's not there (i.e. no logs) rancid is probably not starting. Restarting it depends on linux variant, but if a reboot is possible just reboot. If the log is there and it gives an error, start with that as it should give a clue. Post results if you need further help after seeing that. There are also lots of debugging postings on the net (just try searching for rancid debug), indeed one technique is to follow the install instructions after the install where it describes how to test login, etc. Linwood From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Larry Larsen Sent: Tuesday, October 16, 2018 5:00 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Rancid not updating Community; I am new to the company, and my predecessor had setup Rancid to collect all our configs and do the comparisons. He also used CVS to display the configs on a webpage. I have no experience with Rancid nor CVS and I was wondering if I could get some assistance. Here is my issue. I am a Windows guy, and am learning Linux. I made a small change on one of my routers to SNMP, and wanted to see if Rancid would pick it up. The date on the file still shows 7 months ago, and not the change I made earlier today. We make changes almost daily for VLANS, etc, and nothing is showing updated. The schedule to download and send config difference emails is every hour. I have seen multiple emails, but nothing with my change in it. I also went into the Rancid directory structure in Linux and the date in there is also 7 months old. Is there anything you can do to assist? Thank you! Larry L. -------------- next part -------------- An HTML attachment was scrubbed... URL: From llarsen at longlines.biz Wed Oct 17 14:40:50 2018 From: llarsen at longlines.biz (Larry Larsen) Date: Wed, 17 Oct 2018 14:40:50 +0000 Subject: [rancid] Rancid not updating In-Reply-To: References: Message-ID: I agree with your analysis on refused, host key and time outs. I was going to work on them one by one as it went along. Hopefully someone knows something about CVS. Thank you! Larry L. From: on at LEFerguson.com Sent: Wednesday, October 17, 2018 9:28 AM To: Larry Larsen ; rancid-discuss at shrubbery.net Subject: RE: Rancid not updating You have a bunch of issues, but I agree, the "up to date" is an issue. I know almost nothing about CVS, it just plugged in and worked for me, so hopefully someone can work. Many of the other errors are configuration and router change issues, e.g. The "refused" implies that device does not (or no longer) allow telnet. Whether it ever worked is another issue, but you need to get the login protocol (defined in .cloginrc) to match what the devices allow. A distantly related issue is the "host key ... has changed". This is usually from a router change/upgrade, where ssh (used by rancid to pull configs) has stashed a key, and it is warning you that you may be seeing a different device (e.g. a spoofing of some sort). You can clear these individually (log in as rancid, and ssh to the device, and follow what it prompts -- you may need to remove it from the indicated file entirely, it tells you the line), or just delete the entire key file and let it rebuild, or (not a great idea if it's a general use machine for security reasons but OK if it's pure NMS) edit /etc/ssh/ssh_config and put in something like this: StrictHostKeyChecking no userKnownHostsFile=/dev/null Doing that from memory, google for ssh key changes and you'll find lots of different approaches. The timeouts may be simply missing devices. The end of runs not found are usually devices not supported, or that have been entered with incorrect device types. It MAY be that the "up to date" checks are because these commands are all failing, or you might have a CVS problem. If it was me I'd fix some of these first (e.g. the SSH keys are easy to fix), and then run it again and see if anything changes. In particular fix it for one listed in the up-to-date error (e.g. 192.168.215.10) and see if the up-to-date goes away when it can process the device. Hopefully someone more CVS knowledgeable can advise on what that actually means. Linwood From: Larry Larsen [mailto:llarsen at longlines.biz] Sent: Wednesday, October 17, 2018 9:49 AM To: on at LEFerguson.com; rancid-discuss at shrubbery.net Subject: RE: Rancid not updating Linwood; Thank you for your assistance. Attached is the log. I think the biggest error is Up-to-Date check failed and I have to correct the errors first. I have tried a cvs update, but I get the error: cvs update: No CVSROOT specified! Please use the `-d' option cvs [update aborted]: or set the CVSROOT environment variable. Any other assistance would be appreciated. Thank you! Larry L. From: on at LEFerguson.com > Sent: Tuesday, October 16, 2018 5:24 PM To: Larry Larsen >; rancid-discuss at shrubbery.net Subject: RE: Rancid not updating Start by looking in the log file (usually in the rancid directory structure, try ~/var/rancid/logs (though I think depending on how installed it may be elsewhere). Find the latest log, look at it, see what is happening. If it's not there (i.e. no logs) rancid is probably not starting. Restarting it depends on linux variant, but if a reboot is possible just reboot. If the log is there and it gives an error, start with that as it should give a clue. Post results if you need further help after seeing that. There are also lots of debugging postings on the net (just try searching for rancid debug), indeed one technique is to follow the install instructions after the install where it describes how to test login, etc. Linwood From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Larry Larsen Sent: Tuesday, October 16, 2018 5:00 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Rancid not updating Community; I am new to the company, and my predecessor had setup Rancid to collect all our configs and do the comparisons. He also used CVS to display the configs on a webpage. I have no experience with Rancid nor CVS and I was wondering if I could get some assistance. Here is my issue. I am a Windows guy, and am learning Linux. I made a small change on one of my routers to SNMP, and wanted to see if Rancid would pick it up. The date on the file still shows 7 months ago, and not the change I made earlier today. We make changes almost daily for VLANS, etc, and nothing is showing updated. The schedule to download and send config difference emails is every hour. I have seen multiple emails, but nothing with my change in it. I also went into the Rancid directory structure in Linux and the date in there is also 7 months old. Is there anything you can do to assist? Thank you! Larry L. -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Wed Oct 17 21:25:55 2018 From: heas at shrubbery.net (heasley) Date: Wed, 17 Oct 2018 21:25:55 +0000 Subject: [rancid] Rancid not updating In-Reply-To: References: Message-ID: <20181017212555.GA11559@shrubbery.net> Wed, Oct 17, 2018 at 02:40:50PM +0000, Larry Larsen: > I agree with your analysis on refused, host key and time outs. I was going to work on them one by one as it went along. Hopefully someone knows something about CVS. that is addressed in the rancid FAQ. From weylin at bu.edu Thu Oct 18 03:17:56 2018 From: weylin at bu.edu (Piegorsch, Weylin William) Date: Thu, 18 Oct 2018 03:17:56 +0000 Subject: [rancid] Unable to Conduct Cisco Wireless Controller Backup References: <20181013003559.29D0E458B4@sea.shrubbery.net> <124CF3AE-02DF-4F6F-B278-7D6C2C5F6B67@bu.edu> <20181013003814.GB65766@shrubbery.net> Message-ID: <25FFDD71-69D6-42A4-9A66-7753BD4BF768@bu.edu> Thanks. I just tried, and got the same "end of run not found." Then I realized I wasn?t merely cutting/pasting from one location to another, but also the specific logout text test changed; once I updated to what you showed, it worked perfectly. Also - the lines I had were at different indexes, and different offsets between old/new locations where the commands moved. For reference, diff below not to my .in file (I don?t have the original install makefiles), but against the production library file. Lest I forget ? Muchos mahalo for the help on this the past few months working through things. Weylin [rancid at nsgv-prod-59 ~]$ diff -u lib/rancid/ciscowlc.pm-original-3.4.1 lib/rancid/ciscowlc.pm --- lib/rancid/ciscowlc.pm-original-3.4.1 2016-08-01 22:57:39.636366474 -0400 +++ lib/rancid/ciscowlc.pm 2018-10-15 02:12:48.334651972 -0400 @@ -90,10 +90,6 @@ TOP: while(<$INPUT>) { tr/\015//d; - if (/^.*logout$/) { - $clean_run = 1; - last; - } if (/^Error:/) { print STDOUT ("$host wlogin error: $_"); print STDERR ("$host wlogin error: $_") if ($debug); @@ -126,6 +122,10 @@ last TOP; } } + if (/^.*logout(\s*connection.*closed.*)?$/i) { + $clean_run = 1; + last; + } } } @@ -140,6 +140,7 @@ tr/\015//d; tr/\020//d; + last if (/^$prompt/); next if (/^\s*rogue ap classify/); next if (/^\s*rogue adhoc alert/); @@ -165,7 +166,6 @@ ProcessHistory("","","","!$1 \n"); next; } - last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); $linecnt++; [rancid at nsgv-prod-59 ~]$ -----Original Message----- From: heasley Date: Friday, October 12, 2018 at 8:38 PM To: Weylin Piegorsch Cc: "rancid-discuss at shrubbery.net" Subject: Re: [rancid] Unable to Conduct Cisco Wireless Controller Backup Fri, Oct 12, 2018 at 03:36:20PM +0000, Piegorsch, Weylin William: > ...with the exception of ?if (!$clean_run || !$found_end)?. For some reason I don?t understand, I keep getting ?End of run not found?. I?ve attached .raw and .new files following an execution of ?NOPIPE=YES rancid -d -t cisco-wlc5 ?. I?m guessing it?s somehow related to how the session closes, but that?s a 100% guess. Any idea how I can resolve? the device isnt echoing the \r\n at the logout. i think this will fix it: Index: lib/ciscowlc.pm.in =================================================================== --- lib/ciscowlc.pm.in (revision 3875) +++ lib/ciscowlc.pm.in (working copy) @@ -42,10 +42,6 @@ TOP: while(<$INPUT>) { tr/\015//d; - if (/^.*logout(\s*Connection.*closed.*)?$/) { - $clean_run = 1; - last; - } if (/^Error:/) { print STDOUT ("$host wlogin error: $_"); print STDERR ("$host wlogin error: $_") if ($debug); @@ -78,6 +74,10 @@ last TOP; } } + if (/^.*logout(\s*connection.*closed.*)?$/i) { + $clean_run = 1; + last; + } } } @@ -91,6 +91,7 @@ while (<$INPUT>) { tr/\015//d; tr/\020//d; + last if (/^$prompt/); next if (/^\s*rogue ap classify/); next if (/^\s*rogue (adhoc|client) (alert|unknown)/i); @@ -118,7 +119,6 @@ ProcessHistory("","","","!$1 \n"); next; } - last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); $linecnt++; -------------- next part -------------- An HTML attachment was scrubbed... URL: From raed.habib at tawasolnet.com Thu Oct 18 07:55:19 2018 From: raed.habib at tawasolnet.com (Ra'ed Habib | TAWASOL) Date: Thu, 18 Oct 2018 07:55:19 +0000 Subject: [rancid] rancid - show password in configs Message-ID: Hello there, We have been using rancid to backup our switches and it has been amazing so far, but the issue is that anywhere a password or a smtp community it appears as "", is there anyway to show the actual password in plain text ? Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu Oct 18 19:01:58 2018 From: heas at shrubbery.net (heasley) Date: Thu, 18 Oct 2018 19:01:58 +0000 Subject: [rancid] rancid - show password in configs In-Reply-To: References: Message-ID: <20181018190158.GC99582@shrubbery.net> Thu, Oct 18, 2018 at 07:55:19AM +0000, Ra'ed Habib | TAWASOL: > Hello there, > > We have been using rancid to backup our switches and it has been amazing so far, but the issue is that anywhere a password or a smtp community it appears as "", is there anyway to show the actual password in plain text ? > see rancid.conf(5). From heas at shrubbery.net Thu Oct 18 19:16:53 2018 From: heas at shrubbery.net (heasley) Date: Thu, 18 Oct 2018 19:16:53 +0000 Subject: [rancid] Unable to Conduct Cisco Wireless Controller Backup In-Reply-To: <25FFDD71-69D6-42A4-9A66-7753BD4BF768@bu.edu> References: <20181013003559.29D0E458B4@sea.shrubbery.net> <124CF3AE-02DF-4F6F-B278-7D6C2C5F6B67@bu.edu> <20181013003814.GB65766@shrubbery.net> <25FFDD71-69D6-42A4-9A66-7753BD4BF768@bu.edu> Message-ID: <20181018191653.GE99582@shrubbery.net> Thu, Oct 18, 2018 at 03:17:56AM +0000, Piegorsch, Weylin William: > Thanks. I just tried, and got the same "end of run not found." Then I realized I wasn?t merely cutting/pasting from one location to another, but also the specific logout text test changed; once I updated to what you showed, it worked perfectly. Also - the lines I had were at different indexes, and different offsets between old/new locations where the commands moved. For reference, diff below not to my .in file (I don?t have the original install makefiles), but against the production library file. super. these changes have been committed, so you can have the full file from the alpha tarball or the svn repo at http://rancid.shrubbery.net/rancid/svn/rancid/trunk/rancid . > Lest I forget ? Muchos mahalo for the help on this the past few months working through things. thank you! for being responsive & helping. From heas at shrubbery.net Thu Oct 18 21:21:19 2018 From: heas at shrubbery.net (heasley) Date: Thu, 18 Oct 2018 21:21:19 +0000 Subject: [rancid] FortiGate - config fetch ends prematurely - hash-mark in config file In-Reply-To: References: Message-ID: <20181018212118.GA60909@shrubbery.net> Wed, Oct 17, 2018 at 04:36:35AM +0000, Ni Ne: > Noticed that a full config backup of some of our FortiGates have been failing due to a hash-mark (#) present in the configuration itself. FortiGates let you add comments to nearly any objects. The comment field is free-form, best I can tell, and lets you insert hash-mark characters. For example a service object had this configuration causing the rancid run to fail at the offending line of "set comment": > > -------------- > config firewall service custom > edit "TCP/UDP-4118-4122" > set proxy disable > set category '' > set protocol TCP/UDP/SCTP > set helper auto > set check-reset-range default > set comment "Ticket # 123456" > set color 1 > set visibility enable > set iprange 0.0.0.0 > set fqdn '' > set tcp-portrange 4118-4122 > set udp-portrange 4118-4122 > unset sctp-portrange > set tcp-halfclose-timer 0 > set tcp-halfopen-timer 0 > set tcp-timewait-timer 0 > set udp-idle-timer 0 > set session-ttl 0 > next > end > -------------- > > After removing all offending characters from the firewall config the rancid-run completed fully and normally. > > I've been playing around with fnrancid (3.8, build 3763) to try to find a way to accommodate this happening again, but with only partial success. > > I changed the prompt setting code to the following: > > -------------- > # - FortiGate prompts end with either '#' or '$'. Further, they may > # be prepended with a '~' if the hostname is too long. Therefore, > # we need to figure out what our prompt really is. > if (!defined($prompt)) { > if ($_ =~ '^(.*) # ') { > $prompt = "$1 # "; > -------------- > > The above works great when the rancid user has root/super_admin permissions (hash-mark (#) prompt). Adjusting rancid to have non-root permissions with a dollar-sign ($) prompt and tacking on some additional code, rancid fails due to end of run not found. > > -------------- > # - FortiGate prompts end with either '#' or '$'. Further, they may > # be prepended with a '~' if the hostname is too long. Therefore, > # we need to figure out what our prompt really is. > if (!defined($prompt)) { > if ($_ =~ '^(.*) # ') { > $prompt = "$1 # "; > } else { > if ($_ =~ '^(.*) \$ ') { > $prompt = "$1 \$ "; > } > } > } > -------------- > > I tried some variations and either get the same error (end of run not found) or every config line is pre-pended with #. I even tried explicitly defining the firewall name inside $prompt against the firewall I am testing to bypass $1 expansion. > > Anyone have ideas why this is failing? I added some debug statements and my regex matches and $prompt is being set as I would expect, but for some reason it's not matching when rancid runs. > > Doing some testing, when the hostname in the prompt does get truncated, it stays the same regardless of what config level you enter. > > Here is example of setting a 25-character hostname and then entering a few levels of config: is the content before the '~' consistent? ie: the first 20 characters? and its always followed by a space? and possibly a sub-level in parentheses? IOS does similar junk, so we have an art for this that just needs to be tailored. > -------------- > fortigate-firewall # config system global > fortigate-firewall (global) # set hostname 1234567890123456789012345 > fortigate-firewall (global) # end > 12345678901234567890~345 # > 12345678901234567890~345 # config firewall service group > 12345678901234567890~345 (group) # edit JD_TEST_GROUP > 12345678901234567890~345 (JD_TEST_GROUP) # set comment "coding is fun" > 12345678901234567890~345 (JD_TEST_GROUP) # end > 12345678901234567890~345 # > -------------- > > > Thanks, > > -Aaron > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From Wayne.Eisenberg at CarolinasIT.com Fri Oct 19 05:54:48 2018 From: Wayne.Eisenberg at CarolinasIT.com (Wayne Eisenberg) Date: Fri, 19 Oct 2018 05:54:48 +0000 Subject: [rancid] router config diffs Message-ID: <75603c37c4c146c9b9b85c52e7c896e1@CarolinasIT.com> I just upgraded from 3.1 to 3.8, and all of a sudden I am getting emails every time there is a change in the config - 'router config diff' emails. I must have tweaked something in the previous version so that I wasn't getting them for every change in config, but I don't remember what. Is there a switch or conf variable that can turn it off? I just want to be notified if rancid can't contact a device. Thanks, Wayne ________________________________ The information in this Internet e-mail (and any attachments) is confidential, may be legally privileged and is intended solely for the Addressee(s) named above. If you are not the intended recipient, or the employee or agent responsible for delivering it to the intended recipient, then any dissemination or copying of this e-mail (and any attachments) is prohibited and may be unlawful. If you received this e-mail in error, please immediately notify us by e-mail or telephone, then delete the message. Thank you. From heas at shrubbery.net Fri Oct 19 15:46:49 2018 From: heas at shrubbery.net (heasley) Date: Fri, 19 Oct 2018 15:46:49 +0000 Subject: [rancid] router config diffs In-Reply-To: <75603c37c4c146c9b9b85c52e7c896e1@CarolinasIT.com> References: <75603c37c4c146c9b9b85c52e7c896e1@CarolinasIT.com> Message-ID: <20181019154648.GC23032@shrubbery.net> Fri, Oct 19, 2018 at 05:54:48AM +0000, Wayne Eisenberg: > I just upgraded from 3.1 to 3.8, and all of a sudden I am getting emails every time there is a change in the config - 'router config diff' emails. I must have tweaked something in the previous version so that I wasn't getting them for every change in config, but I don't remember what. Is there a switch or conf variable that can turn it off? I just want to be notified if rancid can't contact a device. > please see the FAQ S2 Q4. your cvs working directory is most likely out of sync somehow. From Wayne.Eisenberg at CarolinasIT.com Sun Oct 21 20:43:38 2018 From: Wayne.Eisenberg at CarolinasIT.com (Wayne Eisenberg) Date: Sun, 21 Oct 2018 20:43:38 +0000 Subject: [rancid] router config diffs In-Reply-To: <20181019154648.GC23032@shrubbery.net> References: <75603c37c4c146c9b9b85c52e7c896e1@CarolinasIT.com> <20181019154648.GC23032@shrubbery.net> Message-ID: <041a24f4c3c84290b2f620292be1df32@CarolinasIT.com> Hi, I'm using SVN, not CVS. I probably didn't do a good job of explaining. I'm not getting the same diff over and over. They are new versions, valid diffs. I don't see how svn could get out of sync, when the crontab was inactive (everything rem'ed out) so there was no activity during the upgrade. Before the upgrade, I know there were router config changes taking place and I did not get an email about them. Now I do. So I'm hunting for how to turn the notifications off. I'm also noticing a .cvsignore file in the 'configs' folder in WebSVN. Not sure why that is there or if I should care. It wasn't there before the upgrade. Thanks, Wayne -----Original Message----- From: heasley [mailto:heas at shrubbery.net] Sent: Friday, October 19, 2018 11:47 AM To: Wayne Eisenberg Cc: 'rancid-discuss at shrubbery.net' Subject: Re: [rancid] router config diffs Fri, Oct 19, 2018 at 05:54:48AM +0000, Wayne Eisenberg: > I just upgraded from 3.1 to 3.8, and all of a sudden I am getting emails every time there is a change in the config - 'router config diff' emails. I must have tweaked something in the previous version so that I wasn't getting them for every change in config, but I don't remember what. Is there a switch or conf variable that can turn it off? I just want to be notified if rancid can't contact a device. > please see the FAQ S2 Q4. your cvs working directory is most likely out of sync somehow. ________________________________ The information in this Internet e-mail (and any attachments) is confidential, may be legally privileged and is intended solely for the Addressee(s) named above. If you are not the intended recipient, or the employee or agent responsible for delivering it to the intended recipient, then any dissemination or copying of this e-mail (and any attachments) is prohibited and may be unlawful. If you received this e-mail in error, please immediately notify us by e-mail or telephone, then delete the message. Thank you. From ler762 at gmail.com Sun Oct 21 21:45:41 2018 From: ler762 at gmail.com (Lee) Date: Sun, 21 Oct 2018 17:45:41 -0400 Subject: [rancid] router config diffs In-Reply-To: <041a24f4c3c84290b2f620292be1df32@CarolinasIT.com> References: <75603c37c4c146c9b9b85c52e7c896e1@CarolinasIT.com> <20181019154648.GC23032@shrubbery.net> <041a24f4c3c84290b2f620292be1df32@CarolinasIT.com> Message-ID: On 10/21/18, Wayne Eisenberg wrote: > Hi, > > I'm using SVN, not CVS. > > I probably didn't do a good job of explaining. I'm not getting the same diff > over and over. They are new versions, valid diffs. I don't see how svn could > get out of sync, when the crontab was inactive (everything rem'ed out) so > there was no activity during the upgrade. Before the upgrade, I know there > were router config changes taking place and I did not get an email about > them. Now I do. So I'm hunting for how to turn the notifications off. I'd go with changing control_rancid. Search for # Mail out the diffs (if there are any). if [ -s $TMP.diff ] ; then which looks like the line to change to turn notifications off. Or check the FAQ: Q. I just want to store configrurations, I do not want to receive diffs. How can I accomplish this? A. Use procmail to filter them out of your inbox. OR, redirect the mail aliases in your MTA's aliases file or database to a mailman list with no subscribers. OR, redirect the mail aliases to /dev/null. OR, set DIFFSCRIPT in rancid.conf to something that eats it's input, such as "dd of=/dev/null bs=16k". Regards, Lee > > I'm also noticing a .cvsignore file in the 'configs' folder in WebSVN. Not > sure why that is there or if I should care. It wasn't there before the > upgrade. > > Thanks, > Wayne > > > -----Original Message----- > From: heasley [mailto:heas at shrubbery.net] > Sent: Friday, October 19, 2018 11:47 AM > To: Wayne Eisenberg > Cc: 'rancid-discuss at shrubbery.net' > Subject: Re: [rancid] router config diffs > > Fri, Oct 19, 2018 at 05:54:48AM +0000, Wayne Eisenberg: >> I just upgraded from 3.1 to 3.8, and all of a sudden I am getting emails >> every time there is a change in the config - 'router config diff' emails. >> I must have tweaked something in the previous version so that I wasn't >> getting them for every change in config, but I don't remember what. Is >> there a switch or conf variable that can turn it off? I just want to be >> notified if rancid can't contact a device. >> > > please see the FAQ S2 Q4. your cvs working directory is most likely out of > sync somehow. > > > ________________________________ > From heas at shrubbery.net Sun Oct 21 23:00:28 2018 From: heas at shrubbery.net (heasley) Date: Sun, 21 Oct 2018 23:00:28 +0000 Subject: [rancid] router config diffs In-Reply-To: References: <75603c37c4c146c9b9b85c52e7c896e1@CarolinasIT.com> <20181019154648.GC23032@shrubbery.net> <041a24f4c3c84290b2f620292be1df32@CarolinasIT.com> Message-ID: <20181021230028.GB14542@shrubbery.net> Sun, Oct 21, 2018 at 05:45:41PM -0400, Lee: > On 10/21/18, Wayne Eisenberg wrote: > > Hi, > > > > I'm using SVN, not CVS. > > > > I probably didn't do a good job of explaining. I'm not getting the same diff > > over and over. They are new versions, valid diffs. I don't see how svn could > > get out of sync, when the crontab was inactive (everything rem'ed out) so > > there was no activity during the upgrade. Before the upgrade, I know there > > were router config changes taking place and I did not get an email about > > them. Now I do. So I'm hunting for how to turn the notifications off. > > I'd go with changing control_rancid. Search for > > # Mail out the diffs (if there are any). > if [ -s $TMP.diff ] ; then > > which looks like the line to change to turn notifications off. Or > check the FAQ: > Q. I just want to store configrurations, I do not want to receive diffs. How > can I accomplish this? > A. Use procmail to filter them out of your inbox. > OR, redirect the mail aliases in your MTA's aliases file or database to a > mailman list with no subscribers. > OR, redirect the mail aliases to /dev/null. > OR, set DIFFSCRIPT in rancid.conf to something that eats it's input, such > as "dd of=/dev/null bs=16k". Ja. or if it is a diff repeatedly of something that ought to be ignored, share examples. > Regards, > Lee > > > > I'm also noticing a .cvsignore file in the 'configs' folder in WebSVN. Not > > sure why that is there or if I should care. It wasn't there before the > > upgrade. its also used for svn > > Thanks, > > Wayne > > > > > > -----Original Message----- > > From: heasley [mailto:heas at shrubbery.net] > > Sent: Friday, October 19, 2018 11:47 AM > > To: Wayne Eisenberg > > Cc: 'rancid-discuss at shrubbery.net' > > Subject: Re: [rancid] router config diffs > > > > Fri, Oct 19, 2018 at 05:54:48AM +0000, Wayne Eisenberg: > >> I just upgraded from 3.1 to 3.8, and all of a sudden I am getting emails > >> every time there is a change in the config - 'router config diff' emails. > >> I must have tweaked something in the previous version so that I wasn't > >> getting them for every change in config, but I don't remember what. Is > >> there a switch or conf variable that can turn it off? I just want to be > >> notified if rancid can't contact a device. > >> > > > > please see the FAQ S2 Q4. your cvs working directory is most likely out of > > sync somehow. > > > > > > ________________________________ > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From heas at shrubbery.net Wed Oct 24 17:28:39 2018 From: heas at shrubbery.net (heasley) Date: Wed, 24 Oct 2018 17:28:39 +0000 Subject: [rancid] clogin commenting script commands following multiple blanks lines In-Reply-To: <20181024172552.BD1339BD82@sea.shrubbery.net> <61b82bfa-07ef-485b-35dc-0b81755c933a@buh.org> Message-ID: <20181024172839.GE5984@shrubbery.net> Sat, Sep 29, 2018 at 03:19:00PM -0700, Erik Muller: > So here's an odd thing I just ran across. Running clogin with a script with multiple blank lines has some very unexpected behaviour. It looks like it's turning \n\n into \n;, with the net effect of commenting out any command that follows two blank lines. Reproducible on ubuntu 12.04 and OSX 10.13 with stock 3.8 source. Works as expected in 2.3.8 ubuntu packages. > > The culprit is definitely in the "# handle escaped ;s in commands, and ;; and ^;" section of clogin (rolling that block back to what was in 2.3.8 fixes it), but trying to grok that in expect language to provide a real fix makes my head hurt, so I'll leave this as a bug report. Examples below. > > thanks, > -e I believe that patch addresses this bug. Index: bin/clogin.in =================================================================== --- bin/clogin.in (revision 3909) +++ bin/clogin.in (working copy) @@ -76,12 +76,12 @@ } # handle escaped ;s in commands, and ;; and ^; - regsub -all {([^\\]);;} $command "\\1;\u002;" esccommand - regsub {^;} $esccommand "\u002;" command - set sep "\\1\u001" - regsub -all {([^\\])\;} $command "$sep" esccommand - set sep "\u001" - set commands [split $esccommand $sep] + regsub -all {([^\\]);} $command "\\1\u002;" esccommand + regsub -all {([^\\]);;} $esccommand "\\1;\u002;" command + regsub {^;} $command "\u002;" esccommand + regsub -all {[\\];} $esccommand ";" command + set sep "\u002;" + set commands [split $command $sep] set num_commands [llength $commands] set rshfail 0 for {set i 0} {$i < $num_commands && !$rshfail} { incr i} { @@ -373,12 +373,12 @@ log_user 0 # handle escaped ;s in commands, and ;; and ^; - regsub -all {([^\\]);;} $command "\\1;\u002;" esccommand - regsub {^;} $esccommand "\u002;" command - set sep "\\1\u001" - regsub -all {([^\\])\;} $command "$sep" esccommand - set sep "\u001" - set commands [split $esccommand $sep] + regsub -all {([^\\]);} $command "\\1\u002;" esccommand + regsub -all {([^\\]);;} $esccommand "\\1;\u002;" command + regsub {^;} $command "\u002;" esccommand + regsub -all {[\\];} $esccommand ";" command + set sep "\u002;" + set commands [split $command $sep] set num_commands [llength $commands] # the pager can not be turned off on the PIX, so we have to look # for the "More" prompt. the extreme is equally obnoxious in pre-12.3 XOS, From erikm at buh.org Wed Oct 24 20:43:41 2018 From: erikm at buh.org (Erik Muller) Date: Wed, 24 Oct 2018 16:43:41 -0400 Subject: [rancid] clogin commenting script commands following multiple blanks lines In-Reply-To: <20181024172839.GE5984@shrubbery.net> References: <20181024172839.GE5984@shrubbery.net> Message-ID: On 10/24/18 13:28 , heasley wrote: > Sat, Sep 29, 2018 at 03:19:00PM -0700, Erik Muller: >> So here's an odd thing I just ran across. Running clogin with a script with multiple blank lines has some very unexpected behaviour. It looks like it's turning \n\n into \n;, with the net effect of commenting out any command that follows two blank lines. Reproducible on ubuntu 12.04 and OSX 10.13 with stock 3.8 source. Works as expected in 2.3.8 ubuntu packages. >> >> The culprit is definitely in the "# handle escaped ;s in commands, and ;; and ^;" section of clogin (rolling that block back to what was in 2.3.8 fixes it), but trying to grok that in expect language to provide a real fix makes my head hurt, so I'll leave this as a bug report. Examples below. >> >> thanks, >> -e > > I believe that patch addresses this bug. That definitely fixes the blanks-may-comment-the-next-line issue, though it looks like it also breaks handling of escaped ;s as well. before: $ clogin-3.8 -c 'sh ip bgp nei | inc 1\; ; show ver | inc ^Model Num' fl1-as01 ... fl1-as01#sh ip bgp nei | inc 1; Route to peer address reachability Up: 1; Down: 0 Connections established 1; dropped 0 with patch: $ clogin -c 'sh ip bgp nei | inc 1\; ; show ver | inc ^Model Num' fl1-as01 ... fl1-as01#sh ip bgp nei | inc 1 BGP neighbor is x.x.x.x, remote AS 4200000000, external link And it seems to eat leading semicolon comments as well: $ cat ~/clogin-blanks-test2 show bridge ; just a comment $ clogin -x ~/clogin-blanks-test2 fl1-as01.polaris.corp ... fl1-as01#show bridge fl1-as01# fl1-as01# fl1-as01# fl1-as01# just a comment ^ % Invalid input detected at '^' marker. From heas at shrubbery.net Wed Oct 24 21:19:31 2018 From: heas at shrubbery.net (heasley) Date: Wed, 24 Oct 2018 21:19:31 +0000 Subject: [rancid] clogin commenting script commands following multiple blanks lines In-Reply-To: <20181024211803.E44A79CA7B@sea.shrubbery.net> Message-ID: <20181024211930.GA72307@shrubbery.net> Wed, Oct 24, 2018 at 04:43:41PM -0400, Erik Muller: > On 10/24/18 13:28 , heasley wrote: > > Sat, Sep 29, 2018 at 03:19:00PM -0700, Erik Muller: > >> So here's an odd thing I just ran across. Running clogin with a script with multiple blank lines has some very unexpected behaviour. It looks like it's turning \n\n into \n;, with the net effect of commenting out any command that follows two blank lines. Reproducible on ubuntu 12.04 and OSX 10.13 with stock 3.8 source. Works as expected in 2.3.8 ubuntu packages. > >> > >> The culprit is definitely in the "# handle escaped ;s in commands, and ;; and ^;" section of clogin (rolling that block back to what was in 2.3.8 fixes it), but trying to grok that in expect language to provide a real fix makes my head hurt, so I'll leave this as a bug report. Examples below. > >> > >> thanks, > >> -e > > > > I believe that patch addresses this bug. > > > That definitely fixes the blanks-may-comment-the-next-line issue, though it looks like it also breaks handling of escaped ;s as well. > > before: > $ clogin-3.8 -c 'sh ip bgp nei | inc 1\; ; show ver | inc ^Model Num' fl1-as01 > ... > fl1-as01#sh ip bgp nei | inc 1; > Route to peer address reachability Up: 1; Down: 0 > Connections established 1; dropped 0 > > > with patch: > $ clogin -c 'sh ip bgp nei | inc 1\; ; show ver | inc ^Model Num' fl1-as01 > ... > fl1-as01#sh ip bgp nei | inc 1 > BGP neighbor is x.x.x.x, remote AS 4200000000, external link > > > > And it seems to eat leading semicolon comments as well: > > $ cat ~/clogin-blanks-test2 > show bridge > ; just a comment > $ clogin -x ~/clogin-blanks-test2 fl1-as01.polaris.corp > ... > fl1-as01#show bridge > fl1-as01# > fl1-as01# > fl1-as01# > fl1-as01# just a comment > ^ > % Invalid input detected at '^' marker. > I missed that in your example, but noticed it in testing...after I sent that patch. This is my final patch, i think. I havent committed it yet, as I want to review it once more. Index: bin/clogin.in =================================================================== --- bin/clogin.in (revision 3909) +++ bin/clogin.in (working copy) @@ -76,11 +76,12 @@ } # handle escaped ;s in commands, and ;; and ^; - regsub -all {([^\\]);;} $command "\\1;\u002;" esccommand - regsub {^;} $esccommand "\u002;" command - set sep "\\1\u001" - regsub -all {([^\\])\;} $command "$sep" esccommand - set sep "\u001" + regsub -all {([^\\]);} $command "\\1\u002;" esccommand + regsub -all {([^\\]);;} $esccommand "\\1;\u002;" command + regsub {^;} $command "\u002;" esccommand + regsub -all {[\\];} $esccommand ";" command + regsub -all {\u002;} $command "\u002" esccommand + set sep "\u002;" set commands [split $esccommand $sep] set num_commands [llength $commands] set rshfail 0 @@ -373,11 +374,12 @@ log_user 0 # handle escaped ;s in commands, and ;; and ^; - regsub -all {([^\\]);;} $command "\\1;\u002;" esccommand - regsub {^;} $esccommand "\u002;" command - set sep "\\1\u001" - regsub -all {([^\\])\;} $command "$sep" esccommand - set sep "\u001" + regsub -all {([^\\]);} $command "\\1\u002;" esccommand + regsub -all {([^\\]);;} $esccommand "\\1;\u002;" command + regsub {^;} $command "\u002;" esccommand + regsub -all {[\\];} $esccommand ";" command + regsub -all {\u002;} $command "\u002" esccommand + set sep "\u002" set commands [split $esccommand $sep] set num_commands [llength $commands] # the pager can not be turned off on the PIX, so we have to look @@ -384,11 +386,7 @@ # for the "More" prompt. the extreme is equally obnoxious in pre-12.3 XOS, # with a global switch in the config. for {set i 0} {$i < $num_commands} { incr i} { - if { [lindex $commands $i] == "\u002" } { - send -- "\r" - } else { - send -- "[subst -nocommands [lindex $commands $i]]\r" - } + send -h -- "[subst -nocommands [lindex $commands $i]]\r" expect { -re "^\b+" { exp_continue } -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" From heas at shrubbery.net Wed Oct 24 22:32:10 2018 From: heas at shrubbery.net (heasley) Date: Wed, 24 Oct 2018 22:32:10 +0000 Subject: [rancid] clogin commenting script commands following multiple blanks lines In-Reply-To: <20181024211930.GA72307@shrubbery.net> References: <20181024211803.E44A79CA7B@sea.shrubbery.net> <20181024211930.GA72307@shrubbery.net> Message-ID: <20181024223210.GC72307@shrubbery.net> Wed, Oct 24, 2018 at 09:19:31PM +0000, heasley: > I missed that in your example, but noticed it in testing...after I sent that > patch. This is my final patch, i think. I havent committed it yet, as I > want to review it once more. ok; committed. Either the alpha tarball or the svn repo. Welcome testers, esp for palo alto, of which I have none. From Wayne.Eisenberg at CarolinasIT.com Thu Oct 25 04:46:48 2018 From: Wayne.Eisenberg at CarolinasIT.com (Wayne Eisenberg) Date: Thu, 25 Oct 2018 04:46:48 +0000 Subject: [rancid] router config diffs Message-ID: <62d708e80b6f44699cbe990c69edc393@CarolinasIT.com> > I'd go with changing control_rancid. Search for > > # Mail out the diffs (if there are any). > if [ -s $TMP.diff ] ; then Bingo. I found my tweak. Thanks, Lee! Instead of actually sending the email, I had just redirected it to /dev/null. - ) | $SENDMAIL -t $MAILOPTS + ) > /dev/null Maybe that could be a config choice in rancid.conf (if it were a global switch) or .cloginrc (if you wanted to turn off mail for specific devices or groups)? Best Regards, Wayne -----Original Message----- From: Lee [mailto:ler762 at gmail.com] Sent: Sunday, October 21, 2018 5:46 PM To: Wayne Eisenberg Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] router config diffs On 10/21/18, Wayne Eisenberg wrote: > Hi, > > I'm using SVN, not CVS. > > I probably didn't do a good job of explaining. I'm not getting the > same diff over and over. They are new versions, valid diffs. I don't > see how svn could get out of sync, when the crontab was inactive > (everything rem'ed out) so there was no activity during the upgrade. > Before the upgrade, I know there were router config changes taking > place and I did not get an email about them. Now I do. So I'm hunting for how to turn the notifications off. I'd go with changing control_rancid. Search for # Mail out the diffs (if there are any). if [ -s $TMP.diff ] ; then which looks like the line to change to turn notifications off. Or check the FAQ: Q. I just want to store configrurations, I do not want to receive diffs. How can I accomplish this? A. Use procmail to filter them out of your inbox. OR, redirect the mail aliases in your MTA's aliases file or database to a mailman list with no subscribers. OR, redirect the mail aliases to /dev/null. OR, set DIFFSCRIPT in rancid.conf to something that eats it's input, such as "dd of=/dev/null bs=16k". Regards, Lee > > I'm also noticing a .cvsignore file in the 'configs' folder in WebSVN. > Not sure why that is there or if I should care. It wasn't there before > the upgrade. > > Thanks, > Wayne > > > -----Original Message----- > From: heasley [mailto:heas at shrubbery.net] > Sent: Friday, October 19, 2018 11:47 AM > To: Wayne Eisenberg > Cc: 'rancid-discuss at shrubbery.net' > Subject: Re: [rancid] router config diffs > > Fri, Oct 19, 2018 at 05:54:48AM +0000, Wayne Eisenberg: >> I just upgraded from 3.1 to 3.8, and all of a sudden I am getting >> emails every time there is a change in the config - 'router config diff' emails. >> I must have tweaked something in the previous version so that I >> wasn't getting them for every change in config, but I don't remember >> what. Is there a switch or conf variable that can turn it off? I just >> want to be notified if rancid can't contact a device. >> > > please see the FAQ S2 Q4. your cvs working directory is most likely > out of sync somehow. > > > ________________________________ > ________________________________ The information in this Internet e-mail (and any attachments) is confidential, may be legally privileged and is intended solely for the Addressee(s) named above. If you are not the intended recipient, or the employee or agent responsible for delivering it to the intended recipient, then any dissemination or copying of this e-mail (and any attachments) is prohibited and may be unlawful. If you received this e-mail in error, please immediately notify us by e-mail or telephone, then delete the message. Thank you. From ler762 at gmail.com Thu Oct 25 08:17:20 2018 From: ler762 at gmail.com (Lee) Date: Thu, 25 Oct 2018 04:17:20 -0400 Subject: [rancid] router config diffs In-Reply-To: <62d708e80b6f44699cbe990c69edc393@CarolinasIT.com> References: <62d708e80b6f44699cbe990c69edc393@CarolinasIT.com> Message-ID: On 10/25/18, Wayne Eisenberg wrote: >> I'd go with changing control_rancid. Search for >> >> # Mail out the diffs (if there are any). >> if [ -s $TMP.diff ] ; then > > Bingo. I found my tweak. Thanks, Lee! Instead of actually sending the email, > I had just redirected it to /dev/null. > > - ) | $SENDMAIL -t $MAILOPTS > + ) > /dev/null > > Maybe that could be a config choice in rancid.conf (if it were a global > switch) or .cloginrc (if you wanted to turn off mail for specific devices or > groups)? For a global switch just use your version of sendmail instead of the system version: $ cat sendmail #!/bin/sh # # rancid insists on having sendmail # so give it one # echo "" >> /tmp/sendmail.txt date >> /tmp/sendmail.txt echo "$*" >> /tmp/sendmail.txt while read LINE do echo $LINE >> /tmp/sendmail.txt done echo "" >> /tmp/sendmail.txt altho you'd probably want it to be just exit and if you ever want rancid to actually send mail, have your sendmail be a link to the real one. Regards, Lee > > -----Original Message----- > From: Lee [mailto:ler762 at gmail.com] > Sent: Sunday, October 21, 2018 5:46 PM > To: Wayne Eisenberg > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] router config diffs > > On 10/21/18, Wayne Eisenberg wrote: >> Hi, >> >> I'm using SVN, not CVS. >> >> I probably didn't do a good job of explaining. I'm not getting the >> same diff over and over. They are new versions, valid diffs. I don't >> see how svn could get out of sync, when the crontab was inactive >> (everything rem'ed out) so there was no activity during the upgrade. >> Before the upgrade, I know there were router config changes taking >> place and I did not get an email about them. Now I do. So I'm hunting for >> how to turn the notifications off. > > I'd go with changing control_rancid. Search for > > # Mail out the diffs (if there are any). > if [ -s $TMP.diff ] ; then > > which looks like the line to change to turn notifications off. Or check the > FAQ: > Q. I just want to store configrurations, I do not want to receive diffs. > How > can I accomplish this? > A. Use procmail to filter them out of your inbox. > OR, redirect the mail aliases in your MTA's aliases file or database to > a > mailman list with no subscribers. > OR, redirect the mail aliases to /dev/null. > OR, set DIFFSCRIPT in rancid.conf to something that eats it's input, > such > as "dd of=/dev/null bs=16k". > > Regards, > Lee >> >> I'm also noticing a .cvsignore file in the 'configs' folder in WebSVN. >> Not sure why that is there or if I should care. It wasn't there before >> the upgrade. >> >> Thanks, >> Wayne >> >> >> -----Original Message----- >> From: heasley [mailto:heas at shrubbery.net] >> Sent: Friday, October 19, 2018 11:47 AM >> To: Wayne Eisenberg >> Cc: 'rancid-discuss at shrubbery.net' >> Subject: Re: [rancid] router config diffs >> >> Fri, Oct 19, 2018 at 05:54:48AM +0000, Wayne Eisenberg: >>> I just upgraded from 3.1 to 3.8, and all of a sudden I am getting >>> emails every time there is a change in the config - 'router config diff' >>> emails. >>> I must have tweaked something in the previous version so that I >>> wasn't getting them for every change in config, but I don't remember >>> what. Is there a switch or conf variable that can turn it off? I just >>> want to be notified if rancid can't contact a device. >>> >> >> please see the FAQ S2 Q4. your cvs working directory is most likely >> out of sync somehow. >> >> >> ________________________________ >> > > > ________________________________ > > The information in this Internet e-mail (and any attachments) is > confidential, may be legally privileged and is intended solely for the > Addressee(s) named above. If you are not the intended recipient, or the > employee or agent responsible for delivering it to the intended recipient, > then any dissemination or copying of this e-mail (and any attachments) is > prohibited and may be unlawful. If you received this e-mail in error, please > immediately notify us by e-mail or telephone, then delete the message. Thank > you. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > From heas at shrubbery.net Thu Oct 25 17:16:22 2018 From: heas at shrubbery.net (heasley) Date: Thu, 25 Oct 2018 17:16:22 +0000 Subject: [rancid] router config diffs In-Reply-To: <62d708e80b6f44699cbe990c69edc393@CarolinasIT.com> References: <62d708e80b6f44699cbe990c69edc393@CarolinasIT.com> Message-ID: <20181025171621.GI22950@shrubbery.net> Thu, Oct 25, 2018 at 04:46:48AM +0000, Wayne Eisenberg: > > I'd go with changing control_rancid. Search for > > > > # Mail out the diffs (if there are any). > > if [ -s $TMP.diff ] ; then > > Bingo. I found my tweak. Thanks, Lee! Instead of actually sending the email, I had just redirected it to /dev/null. > > - ) | $SENDMAIL -t $MAILOPTS > + ) > /dev/null > > Maybe that could be a config choice in rancid.conf (if it were a global switch) or .cloginrc (if you wanted to turn off mail for specific devices or groups)? > > Best Regards, > Wayne > > > -----Original Message----- > From: Lee [mailto:ler762 at gmail.com] > Sent: Sunday, October 21, 2018 5:46 PM > To: Wayne Eisenberg > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] router config diffs > > On 10/21/18, Wayne Eisenberg wrote: > > Hi, > > > > I'm using SVN, not CVS. > > > > I probably didn't do a good job of explaining. I'm not getting the > > same diff over and over. They are new versions, valid diffs. I don't > > see how svn could get out of sync, when the crontab was inactive > > (everything rem'ed out) so there was no activity during the upgrade. > > Before the upgrade, I know there were router config changes taking > > place and I did not get an email about them. Now I do. So I'm hunting for how to turn the notifications off. > > I'd go with changing control_rancid. Search for why? there are 3 manners of affecting the same result, but without modifying the installed base and without needing to remember that change following the next upgrade. embrace the unix methodology - assemble (pipe) simple tools for complex results. > # Mail out the diffs (if there are any). > if [ -s $TMP.diff ] ; then > > which looks like the line to change to turn notifications off. Or check the FAQ: > Q. I just want to store configrurations, I do not want to receive diffs. How > can I accomplish this? > A. Use procmail to filter them out of your inbox. > OR, redirect the mail aliases in your MTA's aliases file or database to a > mailman list with no subscribers. > OR, redirect the mail aliases to /dev/null. > OR, set DIFFSCRIPT in rancid.conf to something that eats it's input, such > as "dd of=/dev/null bs=16k". > > Regards, > Lee > > > > I'm also noticing a .cvsignore file in the 'configs' folder in WebSVN. > > Not sure why that is there or if I should care. It wasn't there before > > the upgrade. > > > > Thanks, > > Wayne > > > > > > -----Original Message----- > > From: heasley [mailto:heas at shrubbery.net] > > Sent: Friday, October 19, 2018 11:47 AM > > To: Wayne Eisenberg > > Cc: 'rancid-discuss at shrubbery.net' > > Subject: Re: [rancid] router config diffs > > > > Fri, Oct 19, 2018 at 05:54:48AM +0000, Wayne Eisenberg: > >> I just upgraded from 3.1 to 3.8, and all of a sudden I am getting > >> emails every time there is a change in the config - 'router config diff' emails. > >> I must have tweaked something in the previous version so that I > >> wasn't getting them for every change in config, but I don't remember > >> what. Is there a switch or conf variable that can turn it off? I just > >> want to be notified if rancid can't contact a device. > >> > > > > please see the FAQ S2 Q4. your cvs working directory is most likely > > out of sync somehow. > > > > > > ________________________________ > > > > > ________________________________ > > The information in this Internet e-mail (and any attachments) is confidential, may be legally privileged and is intended solely for the Addressee(s) named above. If you are not the intended recipient, or the employee or agent responsible for delivering it to the intended recipient, then any dissemination or copying of this e-mail (and any attachments) is prohibited and may be unlawful. If you received this e-mail in error, please immediately notify us by e-mail or telephone, then delete the message. Thank you. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From erikm at buh.org Thu Oct 25 19:53:41 2018 From: erikm at buh.org (Erik Muller) Date: Thu, 25 Oct 2018 15:53:41 -0400 Subject: [rancid] clogin commenting script commands following multiple blanks lines In-Reply-To: <20181024223210.GC72307@shrubbery.net> References: <20181024211803.E44A79CA7B@sea.shrubbery.net> <20181024211930.GA72307@shrubbery.net> <20181024223210.GC72307@shrubbery.net> Message-ID: <7dd9bcd2-8d7e-524d-ace4-5557cb0dee18@buh.org> On 10/24/18 18:32 , heasley wrote: > Wed, Oct 24, 2018 at 09:19:31PM +0000, heasley: >> I missed that in your example, but noticed it in testing...after I sent that >> patch. This is my final patch, i think. I havent committed it yet, as I >> want to review it once more. > > ok; committed. Either the alpha tarball or the svn repo. Welcome testers, > esp for palo alto, of which I have none. That one was really close, but still didn't pass through ^; from command files properly. After a bit more tweaking, the following change seems to get it to handle all my test cases correctly. erikm at vpn41:~/ports-dev [15:21 - 1497]$ diff -Naur /opt/local/libexec/rancid/clogin-3.99.99.bak /opt/local/libexec/rancid/clogin-3.99.99 --- /opt/local/libexec/rancid/clogin-3.99.99.bak 2018-10-24 19:46:30.000000000 -0400 +++ /opt/local/libexec/rancid/clogin-3.99.99 2018-10-25 15:21:18.000000000 -0400 @@ -253,7 +253,8 @@ } set cmd_text [read $cmd_fd] close $cmd_fd - set command [join [split $cmd_text \n] \;] + regsub -all {;} $cmd_text "\\;" cmd_text + set command [join [split $cmd_text \n] \u002;] set do_command 1 # 'ssh -c' cypher type } -y* { @@ -444,13 +445,8 @@ continue; } - # handle escaped ;s in commands, and ;; and ^; - regsub -all {([^\\]);} $command "\\1\u002;" esccommand - regsub -all {([^\\]);;} $esccommand "\\1;\u002;" command - regsub {^;} $command "\u002;" esccommand - regsub -all {[\\];} $esccommand ";" command - regsub -all {\u002;} $command "\u002" esccommand - set sep "\u002;" + set esccommand [escapecommandlist $command] + set sep "\u002" set commands [split $esccommand $sep] set num_commands [llength $commands] set rshfail 0 @@ -724,6 +720,21 @@ return 0 } +# handle escaped ;s in commands, and ;; and ^; +proc escapecommandlist {command} { + # \; should be passed through as a ; + # ^; should be treated as a comment (when coming from a command file) + # ;; represents a literal ; before a subsequent command (?) + # other ;s are separators between items in a sequence of commands + # note this is processed as one big multiline text blob, so ^ anchors may + # not work as expected + regsub -all {([^\\\u002]);} $command "\\1\u002;" esccommand + regsub -all {([^\\\u00a\u00d\u002]);;} $esccommand "\\1;\u002;" command + regsub -all {\u002;} $command "\u002" esccommand + regsub -all {[\\];} $esccommand ";" command + return $command +} + # Run commands given on the command line. proc run_commands { prompt command } { global do_interact do_saveconfig in_proc platform @@ -742,12 +753,7 @@ # this is the only way i see to get rid of more prompts in o/p..grrrrr log_user 0 - # handle escaped ;s in commands, and ;; and ^; - regsub -all {([^\\]);} $command "\\1\u002;" esccommand - regsub -all {([^\\]);;} $esccommand "\\1;\u002;" command - regsub {^;} $command "\u002;" esccommand - regsub -all {[\\];} $esccommand ";" command - regsub -all {\u002;} $command "\u002" esccommand + set esccommand [escapecommandlist $command] set sep "\u002" set commands [split $esccommand $sep] set num_commands [llength $commands] From heas at shrubbery.net Thu Oct 25 20:02:58 2018 From: heas at shrubbery.net (Heasley) Date: Thu, 25 Oct 2018 13:02:58 -0700 Subject: [rancid] clogin commenting script commands following multiple blanks lines In-Reply-To: <7dd9bcd2-8d7e-524d-ace4-5557cb0dee18@buh.org> References: <20181024211803.E44A79CA7B@sea.shrubbery.net> <20181024211930.GA72307@shrubbery.net> <20181024223210.GC72307@shrubbery.net> <7dd9bcd2-8d7e-524d-ace4-5557cb0dee18@buh.org> Message-ID: > Am 25.10.2018 um 12:53 schrieb Erik Muller : > >> On 10/24/18 18:32 , heasley wrote: >> Wed, Oct 24, 2018 at 09:19:31PM +0000, heasley: >>> I missed that in your example, but noticed it in testing...after I sent that >>> patch. This is my final patch, i think. I havent committed it yet, as I >>> want to review it once more. >> >> ok; committed. Either the alpha tarball or the svn repo. Welcome testers, >> esp for palo alto, of which I have none. > > That one was really close, but still didn't pass through ^; from command files properly. > After a bit more tweaking, the following change seems to get it to handle all my test cases correctly. > You have to escape the ; in the file (\;). The An argument could be made either way, i leN toward not altering the behavior of -x. > erikm at vpn41:~/ports-dev [15:21 - 1497]$ diff -Naur /opt/local/libexec/rancid/clogin-3.99.99.bak /opt/local/libexec/rancid/clogin-3.99.99 > --- /opt/local/libexec/rancid/clogin-3.99.99.bak 2018-10-24 19:46:30.000000000 -0400 > +++ /opt/local/libexec/rancid/clogin-3.99.99 2018-10-25 15:21:18.000000000 -0400 > @@ -253,7 +253,8 @@ > } > set cmd_text [read $cmd_fd] > close $cmd_fd > - set command [join [split $cmd_text \n] \;] > + regsub -all {;} $cmd_text "\\;" cmd_text > + set command [join [split $cmd_text \n] \u002;] > set do_command 1 > # 'ssh -c' cypher type > } -y* { > @@ -444,13 +445,8 @@ > continue; > } > > - # handle escaped ;s in commands, and ;; and ^; > - regsub -all {([^\\]);} $command "\\1\u002;" esccommand > - regsub -all {([^\\]);;} $esccommand "\\1;\u002;" command > - regsub {^;} $command "\u002;" esccommand > - regsub -all {[\\];} $esccommand ";" command > - regsub -all {\u002;} $command "\u002" esccommand > - set sep "\u002;" > + set esccommand [escapecommandlist $command] > + set sep "\u002" > set commands [split $esccommand $sep] > set num_commands [llength $commands] > set rshfail 0 > @@ -724,6 +720,21 @@ > return 0 > } > > +# handle escaped ;s in commands, and ;; and ^; > +proc escapecommandlist {command} { > + # \; should be passed through as a ; > + # ^; should be treated as a comment (when coming from a command file) > + # ;; represents a literal ; before a subsequent command (?) > + # other ;s are separators between items in a sequence of commands > + # note this is processed as one big multiline text blob, so ^ anchors may > + # not work as expected > + regsub -all {([^\\\u002]);} $command "\\1\u002;" esccommand > + regsub -all {([^\\\u00a\u00d\u002]);;} $esccommand "\\1;\u002;" command > + regsub -all {\u002;} $command "\u002" esccommand > + regsub -all {[\\];} $esccommand ";" command > + return $command > +} > + > # Run commands given on the command line. > proc run_commands { prompt command } { > global do_interact do_saveconfig in_proc platform > @@ -742,12 +753,7 @@ > # this is the only way i see to get rid of more prompts in o/p..grrrrr > log_user 0 > > - # handle escaped ;s in commands, and ;; and ^; > - regsub -all {([^\\]);} $command "\\1\u002;" esccommand > - regsub -all {([^\\]);;} $esccommand "\\1;\u002;" command > - regsub {^;} $command "\u002;" esccommand > - regsub -all {[\\];} $esccommand ";" command > - regsub -all {\u002;} $command "\u002" esccommand > + set esccommand [escapecommandlist $command] > set sep "\u002" > set commands [split $esccommand $sep] > set num_commands [llength $commands] > From ler762 at gmail.com Thu Oct 25 20:33:45 2018 From: ler762 at gmail.com (Lee) Date: Thu, 25 Oct 2018 16:33:45 -0400 Subject: [rancid] router config diffs In-Reply-To: <20181025171621.GI22950@shrubbery.net> References: <62d708e80b6f44699cbe990c69edc393@CarolinasIT.com> <20181025171621.GI22950@shrubbery.net> Message-ID: On 10/25/18, heasley wrote: > Thu, Oct 25, 2018 at 04:46:48AM +0000, Wayne Eisenberg: >> > I'd go with changing control_rancid. Search for >> > >> > # Mail out the diffs (if there are any). >> > if [ -s $TMP.diff ] ; then >> >> Bingo. I found my tweak. Thanks, Lee! Instead of actually sending the >> email, I had just redirected it to /dev/null. >> >> - ) | $SENDMAIL -t $MAILOPTS >> + ) > /dev/null >> >> Maybe that could be a config choice in rancid.conf (if it were a global >> switch) or .cloginrc (if you wanted to turn off mail for specific devices >> or groups)? >> >> >> -----Original Message----- >> From: Lee [mailto:ler762 at gmail.com] >> Sent: Sunday, October 21, 2018 5:46 PM >> To: Wayne Eisenberg >> Cc: rancid-discuss at shrubbery.net >> Subject: Re: [rancid] router config diffs >> >> On 10/21/18, Wayne Eisenberg wrote: <.. snip ..> >> > I probably didn't do a good job of explaining. I'm not getting the >> > same diff over and over. They are new versions, valid diffs. I don't >> > see how svn could get out of sync, when the crontab was inactive >> > (everything rem'ed out) so there was no activity during the upgrade. >> > Before the upgrade, I know there were router config changes taking >> > place and I did not get an email about them. Now I do. So I'm hunting >> > for how to turn the notifications off. >> >> I'd go with changing control_rancid. Search for > > why? there are 3 manners of affecting the same result, but without > modifying the installed base and without needing to remember that > change following the next upgrade. embrace the unix > methodology - assemble (pipe) simple tools for complex results. I haven't tried this, but it sure looks like one could build rancid with export SENDMAIL=/usr/local/bin/sendmail_alt ./configure --prefix= ..etc.. and have /usr/local/bin/sendmail_alt be just exit and that would take care of not sending emails or doing something other than sending mail. Yes? but that means you'd have to build rancid instead of just installing from some repository.. In any case, I went with changing control_rancid because there were a few other things I wanted to do like filtering out passwords, keys, hashes, etc. from the mail msg before sending it. So right after the # Diff the directory and then checkin. section I added # -LR- begin: remove passwords, etc. from diff listing /usr/local/bin/sanitize.sh $TMP.diff >$TMP.diff2 /bin/mv $TMP.diff2 $TMP.diff # -LR- end : remove passwords etc. from diff listing Regards, Lee From erikm at buh.org Thu Oct 25 21:08:34 2018 From: erikm at buh.org (Erik Muller) Date: Thu, 25 Oct 2018 17:08:34 -0400 Subject: [rancid] clogin commenting script commands following multiple blanks lines In-Reply-To: References: <20181024211803.E44A79CA7B@sea.shrubbery.net> <20181024211930.GA72307@shrubbery.net> <20181024223210.GC72307@shrubbery.net> <7dd9bcd2-8d7e-524d-ace4-5557cb0dee18@buh.org> Message-ID: On 10/25/18 16:02 , Heasley wrote: > > >> Am 25.10.2018 um 12:53 schrieb Erik Muller : >> >>> On 10/24/18 18:32 , heasley wrote: >>> Wed, Oct 24, 2018 at 09:19:31PM +0000, heasley: >>>> I missed that in your example, but noticed it in testing...after I sent that >>>> patch. This is my final patch, i think. I havent committed it yet, as I >>>> want to review it once more. >>> >>> ok; committed. Either the alpha tarball or the svn repo. Welcome testers, >>> esp for palo alto, of which I have none. >> >> That one was really close, but still didn't pass through ^; from command files properly. >> After a bit more tweaking, the following change seems to get it to handle all my test cases correctly. >> > > You have to escape the ; in the file (\;). The An argument could be made either way, i leN toward not altering the behavior of -x. I can live with that. Looks like ^; was equally broken in 2.x as well, and really it should be !comments instead since ~ios 10 anyway ;) From heas at shrubbery.net Thu Oct 25 22:48:27 2018 From: heas at shrubbery.net (heasley) Date: Thu, 25 Oct 2018 22:48:27 +0000 Subject: [rancid] router config diffs In-Reply-To: References: <62d708e80b6f44699cbe990c69edc393@CarolinasIT.com> <20181025171621.GI22950@shrubbery.net> Message-ID: <20181025224827.GA45368@shrubbery.net> Thu, Oct 25, 2018 at 04:33:45PM -0400, Lee: > On 10/25/18, heasley wrote: > > Thu, Oct 25, 2018 at 04:46:48AM +0000, Wayne Eisenberg: > >> > I'd go with changing control_rancid. Search for > >> > > >> > # Mail out the diffs (if there are any). > >> > if [ -s $TMP.diff ] ; then > >> > >> Bingo. I found my tweak. Thanks, Lee! Instead of actually sending the > >> email, I had just redirected it to /dev/null. > >> > >> - ) | $SENDMAIL -t $MAILOPTS > >> + ) > /dev/null > >> > >> Maybe that could be a config choice in rancid.conf (if it were a global > >> switch) or .cloginrc (if you wanted to turn off mail for specific devices > >> or groups)? > >> > >> > >> -----Original Message----- > >> From: Lee [mailto:ler762 at gmail.com] > >> Sent: Sunday, October 21, 2018 5:46 PM > >> To: Wayne Eisenberg > >> Cc: rancid-discuss at shrubbery.net > >> Subject: Re: [rancid] router config diffs > >> > >> On 10/21/18, Wayne Eisenberg wrote: > <.. snip ..> > >> > I probably didn't do a good job of explaining. I'm not getting the > >> > same diff over and over. They are new versions, valid diffs. I don't > >> > see how svn could get out of sync, when the crontab was inactive > >> > (everything rem'ed out) so there was no activity during the upgrade. > >> > Before the upgrade, I know there were router config changes taking > >> > place and I did not get an email about them. Now I do. So I'm hunting > >> > for how to turn the notifications off. > >> > >> I'd go with changing control_rancid. Search for > > > > why? there are 3 manners of affecting the same result, but without > > modifying the installed base and without needing to remember that > > change following the next upgrade. embrace the unix > > methodology - assemble (pipe) simple tools for complex results. > > I haven't tried this, but it sure looks like one could build rancid with > export SENDMAIL=/usr/local/bin/sendmail_alt > ./configure --prefix= ..etc.. > > and have /usr/local/bin/sendmail_alt be just > exit youre making that more difficult than necessary, export SENDMAIL="dd of=/dev/null bs=32k" but, you still want the admin email, imiho, and that will break it. > and that would take care of not sending emails or doing something > other than sending mail. Yes? but that means you'd have to build > rancid instead of just installing from some repository.. > > In any case, I went with changing control_rancid because there were a > few other things I wanted to do like filtering out passwords, keys, > hashes, etc. from the mail msg before sending it. So right after the > # Diff the directory and then checkin. > section I added > > # -LR- begin: remove passwords, etc. from diff listing > /usr/local/bin/sanitize.sh $TMP.diff >$TMP.diff2 > /bin/mv $TMP.diff2 $TMP.diff > # -LR- end : remove passwords etc. from diff listing this too is possible without changing control_rancid; see rancid.conf(5) for FILTER_PWDS & DIFFSCRIPT. From ler762 at gmail.com Fri Oct 26 01:02:11 2018 From: ler762 at gmail.com (Lee) Date: Thu, 25 Oct 2018 21:02:11 -0400 Subject: [rancid] router config diffs In-Reply-To: <20181025224827.GA45368@shrubbery.net> References: <62d708e80b6f44699cbe990c69edc393@CarolinasIT.com> <20181025171621.GI22950@shrubbery.net> <20181025224827.GA45368@shrubbery.net> Message-ID: On 10/25/18, heasley wrote: > Thu, Oct 25, 2018 at 04:33:45PM -0400, Lee: <.. snip lots ..> >> I haven't tried this, but it sure looks like one could build rancid with >> export SENDMAIL=/usr/local/bin/sendmail_alt >> ./configure --prefix= ..etc.. >> >> and have /usr/local/bin/sendmail_alt be just >> exit > > youre making that more difficult than necessary, > > export SENDMAIL="dd of=/dev/null bs=32k" > > but, you still want the admin email, imiho, and that will break it. > >> and that would take care of not sending emails or doing something >> other than sending mail. Yes? but that means you'd have to build >> rancid instead of just installing from some repository.. >> >> In any case, I went with changing control_rancid because there were a >> few other things I wanted to do like filtering out passwords, keys, >> hashes, etc. from the mail msg before sending it. So right after the >> # Diff the directory and then checkin. >> section I added >> >> # -LR- begin: remove passwords, etc. from diff listing >> /usr/local/bin/sanitize.sh $TMP.diff >$TMP.diff2 >> /bin/mv $TMP.diff2 $TMP.diff >> # -LR- end : remove passwords etc. from diff listing > > this too is possible without changing control_rancid; see rancid.conf(5) > for FILTER_PWDS & DIFFSCRIPT. FILTER_PWDS Determines which passwords will be filtered from configs. I don't want anything filtered from rancid; it's just email where I want passwords to be filtered out. Maybe I could figure out how to set DIFFSCRIPT to accomplish that, but I already had a script for blanking out sensitive info for when the security office or whoever wants to do an audit & demands a copy of all the configs. So I could add a few lines to control_rancid and call a script I already knew worked or spend who knows how long trying to figure how to set DIFFSCRIPT .. and expediency won. Regards, Lee From Wayne.Eisenberg at CarolinasIT.com Fri Oct 26 08:20:40 2018 From: Wayne.Eisenberg at CarolinasIT.com (Wayne Eisenberg) Date: Fri, 26 Oct 2018 08:20:40 +0000 Subject: [rancid] router config diffs In-Reply-To: References: <62d708e80b6f44699cbe990c69edc393@CarolinasIT.com> Message-ID: <23daf5a773774465a4d2d53b32ccebb2@CarolinasIT.com> Thanks, that's an interesting idea although what I was really thinking of was turning off the emailing of diffs, not totally disabling mail. (It would still be important to know if rancid lost contact with devices.) If that were part of the official control_rancid, then it could be controlled by a variable in the rancid.conf file. Just a newbie idea. -----Original Message----- From: Lee [mailto:ler762 at gmail.com] Sent: Thursday, October 25, 2018 4:17 AM To: Wayne Eisenberg Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] router config diffs On 10/25/18, Wayne Eisenberg wrote: >> I'd go with changing control_rancid. Search for >> >> # Mail out the diffs (if there are any). >> if [ -s $TMP.diff ] ; then > > Bingo. I found my tweak. Thanks, Lee! Instead of actually sending the > email, I had just redirected it to /dev/null. > > - ) | $SENDMAIL -t $MAILOPTS > + ) > /dev/null > > Maybe that could be a config choice in rancid.conf (if it were a > global > switch) or .cloginrc (if you wanted to turn off mail for specific > devices or groups)? For a global switch just use your version of sendmail instead of the system version: $ cat sendmail #!/bin/sh # # rancid insists on having sendmail # so give it one # echo "" >> /tmp/sendmail.txt date >> /tmp/sendmail.txt echo "$*" >> /tmp/sendmail.txt while read LINE do echo $LINE >> /tmp/sendmail.txt done echo "" >> /tmp/sendmail.txt altho you'd probably want it to be just exit and if you ever want rancid to actually send mail, have your sendmail be a link to the real one. Regards, Lee ________________________________ The information in this Internet e-mail (and any attachments) is confidential, may be legally privileged and is intended solely for the Addressee(s) named above. If you are not the intended recipient, or the employee or agent responsible for delivering it to the intended recipient, then any dissemination or copying of this e-mail (and any attachments) is prohibited and may be unlawful. If you received this e-mail in error, please immediately notify us by e-mail or telephone, then delete the message. Thank you. From erikm at buh.org Fri Oct 26 22:24:10 2018 From: erikm at buh.org (Erik Muller) Date: Fri, 26 Oct 2018 18:24:10 -0400 Subject: [rancid] paloalto feedback in current alpha [was: Re: clogin commenting script commands following multiple blanks lines] In-Reply-To: <20181024223210.GC72307@shrubbery.net> References: <20181024211803.E44A79CA7B@sea.shrubbery.net> <20181024211930.GA72307@shrubbery.net> <20181024223210.GC72307@shrubbery.net> Message-ID: <57c1f63c-e380-f367-cfb1-b20fc07a949b@buh.org> On 10/24/18 18:32 , heasley wrote: > Wed, Oct 24, 2018 at 09:19:31PM +0000, heasley: > ok; committed. Either the alpha tarball or the svn repo. Welcome testers, > esp for palo alto, of which I have none. At least on 8.1.4 on my 3250s, the cli is a little bit busted until you get out of interactive mode - for every space you enter between words in the command, it redraws the current line, which was messing up the prompt matching as below. Fix for that attached at end of message. -e rancid at status:~$ rancid -t paloalto -d fw1.ams loadtype: device type paloalto loadtype: found device type paloalto in /home/erikm/rancidtest/etc/rancid.types.base executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager off;show system info;show config running" fw1.ams line: fw1.ams line: spawn ssh -c aes256-ctr,aes192-ctr -x -l rancid fw1.ams line: Password: line: Last login: Fri Oct 26 20:04:51 2018 from 10.x.x.x line: No entry for terminal type "network"; line: using dumb terminal settings. line: line: Number of failed attempts since last successful login: 0 line: line: line: rancid at fw1.ams(active)> line: rancid at fw1.ams(active)> line: rancid at fw1.ams(active)> set line: rancid at fw1.ams(active)> set cli line: rancid at fw1.ams(active)> set cli scripting-mode line: rancid at fw1.ams(active)> set cli scripting-mode on PROMPT MATCH: rancid at fw1.ams\(active\)[#>] HIT COMMAND:rancid at fw1.ams(active)> set cli scripting-mode on COMMAND is: set cli scripting-mode on|rancid::RunCommand In RunCommand: rancid at fw1.ams(active)> set cli scripting-mode on line: srancid at fw1.ams(active)> how system info line: s line: hostname: fw1.ams line: ip-address: 10.x.x.x ... line: family: 3200 line: model: PA-3250 line: sw-version: 8.1.4-h2 ... line: multi-vsys: off line: operational-mode: normal line: line: rancid at fw1.ams(active)> how config running line: exit line: line: config { line: mgt-config { line: users { ... line: rancid at fw1.ams(active)> Connection to fw1.ams closed. fw1.ams: missed cmd(s): set cli pager off, show system info fw1.ams: End of run not found fw1.ams: clean_run is false fw1.ams: found_end is false ! erikm at status:~/src$ diff -ur rancid-3.99.99 rancid-3.99.99-em/ diff -ur rancid-3.99.99/bin/panlogin.in rancid-3.99.99-em/bin/panlogin.in --- rancid-3.99.99/bin/panlogin.in 2018-10-24 18:26:50.000000000 -0400 +++ rancid-3.99.99-em/bin/panlogin.in 2018-10-26 17:24:55.945967567 -0400 @@ -455,14 +455,22 @@ } } + # PAN-OS in interactive mode will send a newline and then redraw the + # whole prompt-and-command if you send a space. + if { $do_command || $do_script } { + set cmd "set cli scripting-mode on\r" + send $cmd + # ensure we eat the partial commands redrawn while entering the command + expect -re "$cmd.*$prompt" {} + send "set cli pager off\r" + expect -re $prompt {} + } + if { $do_command } { if {[run_commands $prompt $command]} { continue } } elseif { $do_script } { -# send "set cli scripting-mode on\r" -# send "set cli pager off\r" - expect -re $prompt {} source $sfile close } else { diff -ur rancid-3.99.99/etc/rancid.types.base rancid-3.99.99-em/etc/rancid.types.base --- rancid-3.99.99/etc/rancid.types.base 2018-10-24 11:13:49.000000000 -0400 +++ rancid-3.99.99-em/etc/rancid.types.base 2018-10-26 17:16:53.950868707 -0400 @@ -607,9 +607,8 @@ paloalto;login;panlogin paloalto;module;panos paloalto;inloop;panos::inloop -paloalto;command;rancid::RunCommand;set cli scripting-mode on -paloalto;command;rancid::RunCommand;set cli pager off paloalto;command;panos::ShowInfo;show system info +paloalto;command;panos::ShowInventory;show chassis inventory paloalto;command;panos::ShowConfig;show config running # procket;script;prancid diff -ur rancid-3.99.99/lib/nxos.pm.in rancid-3.99.99-em/lib/nxos.pm.in --- rancid-3.99.99/lib/nxos.pm.in 2018-09-19 18:02:44.000000000 -0400 +++ rancid-3.99.99-em/lib/nxos.pm.in 2018-10-26 17:58:51.611639817 -0400 @@ -494,9 +494,12 @@ # Drop vtp_debug.log and vtp_debug_old.log CDETS bug CSCuy87611 /\s+vtp_debug(_old)?\.log$/ && next; + # Drop bcm_mem_locl_trace.log + /\s+bcm_mem_lock_trace\.log$/ && next; + next if (/BufferMonitor-1HourData/); - if (/( debug_logs| log)\/$/) { + if (/( debug_logs| log| vdc_\d+)\/$/) { # change # 8192 Jan 08 14:05:05 2015 log/ # to diff -ur rancid-3.99.99/lib/panos.pm.in rancid-3.99.99-em/lib/panos.pm.in --- rancid-3.99.99/lib/panos.pm.in 2016-02-16 07:28:46.000000000 -0500 +++ rancid-3.99.99-em/lib/panos.pm.in 2018-10-26 17:19:11.552895792 -0400 @@ -119,6 +119,23 @@ return(0); } +# This routine parses "show chassis inventory" +sub ShowInventory { + my($INPUT, $OUTPUT, $cmd) = @_; + my($slot); + + print STDERR " In ShowInventory:: $_" if ($debug); + + while (<$INPUT>) { + tr/\015//d; + last if (/^$prompt/); + + ProcessHistory("INV","","","#$_"); + } + ProcessHistory("INV","","","#\n"); + return(0); +} + # This routine parses "show config running" sub ShowConfig { From andrewm659 at yahoo.com Mon Oct 29 21:11:31 2018 From: andrewm659 at yahoo.com (Andrew Meyer) Date: Mon, 29 Oct 2018 21:11:31 +0000 (UTC) Subject: [rancid] juniper devices References: <1580807972.997621.1540847491732.ref@mail.yahoo.com> Message-ID: <1580807972.997621.1540847491732@mail.yahoo.com> I am having some issues with rancid-3.2-2 on Amazon Linux 2.? I am trying to get rancid to talk to my Juniper (junos) switches and SRX firewalls and am stuck.?? Juniper EX2200Juniper SRX650 I have everything setup in my config. router.db?[rancid at rancid01 configs]$ cat ../router.dbfw.location.example.net;juniper-srx;upsw1.location.example.net;junos;upsw2.location.example.net;juniper;upsw3.location.example.net;juniper;upsw4.location.example.net;juniper;upsw5.location.example.net;juniper;uparuba1.location.example.net;aruba;uparuba2.location.example.net;aruba;down[rancid at rancid01 configs]$ Here is my logs.=====================================Getting missed routers: round 4.unknown router manufacturer for sw1.location.example.net: junossh: jlogin: command not foundfw.location.example.net: missed cmd(s): all commandsfw.location.example.net: End of run not foundsh: jlogin: command not foundsw2.location.example.net: missed cmd(s): all commandssw2.location.example.net: End of run not found##sh: clogin: command not foundaruba1.location.example.net: missed cmd(s): all commandsaruba1.location.example.net: End of run not found!sh: jlogin: command not foundsw3.location.example.net: missed cmd(s): all commandssw3.location.example.net: End of run not foundsh: jlogin: command not foundsw4.location.example.net: missed cmd(s): all commandssw4.location.example.net: End of run not found##sh: jlogin: command not foundsw5.location.example.net: missed cmd(s): all commandssw5.location.example.net: End of run not found# On branch masterYour branch is up-to-date with 'origin/master'. nothing to commit, working tree cleanEverything up-to-date ending: Mon Oct 29 21:01:01 UTC 2018[rancid at rancid01 logs]$ When I run a clogin command on its own, I can ssh in just fine but there is a sligh issue with the terminal.? I suspect it's pagination. It has been while since having to do this so I'm not sure where I got this mixed up. Any thoughts? Regards,Andrew -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Tue Oct 30 00:02:56 2018 From: heas at shrubbery.net (heasley) Date: Tue, 30 Oct 2018 00:02:56 +0000 Subject: [rancid] juniper devices In-Reply-To: <1580807972.997621.1540847491732@mail.yahoo.com> References: <1580807972.997621.1540847491732.ref@mail.yahoo.com> <1580807972.997621.1540847491732@mail.yahoo.com> Message-ID: <20181030000256.GB97269@shrubbery.net> > Mon, Oct 29, 2018 at 09:11:31PM +0000, Andrew Meyer: > I am having some issues with rancid-3.2-2 on Amazon Linux 2. I am trying to > get rancid to talk to my Juniper (junos) switches and SRX firewalls and am > stuck. > > Juniper EX2200 > Juniper SRX650 > > I have everything setup in my config. > > router.db > [rancid at rancid01 configs]$ cat ../router.db > fw.location.example.net;juniper-srx;up > sw1.location.example.net;junos;up > sw2.location.example.net;juniper;up > sw3.location.example.net;juniper;up > sw4.location.example.net;juniper;up > sw5.location.example.net;juniper;up > aruba1.location.example.net;aruba;up > aruba2.location.example.net;aruba;down > [rancid at rancid01 configs]$ > > > Here is my logs. > ===================================== > Getting missed routers: round 4. > unknown router manufacturer for sw1.location.example.net: junos ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type should be juniper > sh: jlogin: command not found ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > fw.location.example.net: missed cmd(s): all commands > fw.location.example.net: End of run not found > sh: jlogin: command not found > sw2.location.example.net: missed cmd(s): all commands > sw2.location.example.net: End of run not found > # > # > sh: clogin: command not found ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ I do not know what an Amazon Linux 2 is nor how you installed rancid, but because you can run clogin from your shell prompt, i assume you are not missing prerequisite packages. so, you probably just have a deficient PATH in your rancid.conf. > aruba1.location.example.net: missed cmd(s): all commands > aruba1.location.example.net: End of run not found > ! > sh: jlogin: command not found > sw3.location.example.net: missed cmd(s): all commands > sw3.location.example.net: End of run not found > sh: jlogin: command not found > sw4.location.example.net: missed cmd(s): all commands > sw4.location.example.net: End of run not found > # > # > sh: jlogin: command not found > sw5.location.example.net: missed cmd(s): all commands > sw5.location.example.net: End of run not found > # > > On branch master > Your branch is up-to-date with 'origin/master'. > > nothing to commit, working tree clean > Everything up-to-date > > ending: Mon Oct 29 21:01:01 UTC 2018 > [rancid at rancid01 logs]$ > > When I run a clogin command on its own, I can ssh in just fine but there is a > sligh issue with the terminal. I suspect it's pagination. > > > It has been while since having to do this so I'm not sure where I got this > mixed up. > > Any thoughts? > > Regards, > Andrew > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From andrewm659 at yahoo.com Tue Oct 30 00:29:29 2018 From: andrewm659 at yahoo.com (Andrew Meyer) Date: Tue, 30 Oct 2018 00:29:29 +0000 (UTC) Subject: [rancid] juniper devices In-Reply-To: <20181030000256.GB97269@shrubbery.net> References: <1580807972.997621.1540847491732.ref@mail.yahoo.com> <1580807972.997621.1540847491732@mail.yahoo.com> <20181030000256.GB97269@shrubbery.net> Message-ID: <897840590.1076394.1540859369993@mail.yahoo.com> Amazon Linux 2 is based on redhat/centos 7. Sent from Yahoo Mail on Android On Mon, Oct 29, 2018 at 19:02, heasley wrote: > Mon, Oct 29, 2018 at 09:11:31PM +0000, Andrew Meyer: > I am having some issues with rancid-3.2-2 on Amazon Linux 2.? I am trying to? ? > get rancid to talk to my Juniper (junos) switches and SRX firewalls and am > stuck. >? > Juniper EX2200 > Juniper SRX650 > > I have everything setup in my config. > > router.db > [rancid at rancid01 configs]$ cat ../router.db > fw.location.example.net;juniper-srx;up > sw1.location.example.net;junos;up > sw2.location.example.net;juniper;up > sw3.location.example.net;juniper;up > sw4.location.example.net;juniper;up > sw5.location.example.net;juniper;up > aruba1.location.example.net;aruba;up > aruba2.location.example.net;aruba;down > [rancid at rancid01 configs]$ > > > Here is my logs. > ===================================== > Getting missed routers: round 4. > unknown router manufacturer for sw1.location.example.net: junos ? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type should be juniper > sh: jlogin: command not found ? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > fw.location.example.net: missed cmd(s): all commands > fw.location.example.net: End of run not found > sh: jlogin: command not found > sw2.location.example.net: missed cmd(s): all commands > sw2.location.example.net: End of run not found > # > # > sh: clogin: command not found ? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ I do not know what an Amazon Linux 2 is nor how you installed rancid, but because you can run clogin from your shell prompt, i assume you are not missing prerequisite packages.? so, you probably just have a deficient PATH in your rancid.conf. > aruba1.location.example.net: missed cmd(s): all commands > aruba1.location.example.net: End of run not found > ! > sh: jlogin: command not found > sw3.location.example.net: missed cmd(s): all commands > sw3.location.example.net: End of run not found > sh: jlogin: command not found > sw4.location.example.net: missed cmd(s): all commands > sw4.location.example.net: End of run not found > # > # > sh: jlogin: command not found > sw5.location.example.net: missed cmd(s): all commands > sw5.location.example.net: End of run not found > # >? > On branch master > Your branch is up-to-date with 'origin/master'. > > nothing to commit, working tree clean > Everything up-to-date > > ending: Mon Oct 29 21:01:01 UTC 2018 > [rancid at rancid01 logs]$ > > When I run a clogin command on its own, I can ssh in just fine but there is a > sligh issue with the terminal.? I suspect it's pagination. > > > It has been while since having to do this so I'm not sure where I got this > mixed up. > > Any thoughts? > > Regards, > Andrew > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: Untitled URL: From serv.informatique.chd at gmail.com Tue Oct 30 11:02:09 2018 From: serv.informatique.chd at gmail.com (Service Informatique CH DECIZE) Date: Tue, 30 Oct 2018 12:02:09 +0100 Subject: [rancid] Problem rancid 3.7 after cmw / hp 5130 routers 5130 firmware upgrade In-Reply-To: References: Message-ID: Hello, We have made a firmware update on our cwm / hp 5130 routers : upgrade from 3115P05 release (7.1.045) to 3208P03 release (7.1.070). Since upgrade, we receive "config fetcher problems" mails, that indicates " The following routers have not been successfully contacted for more than 24 hours". In the rancid logs, we can see for these routers : " Trying to get all of the configs. swsr1: End of run not found return ========================================= Getting missed routers: round 1. swsr1: End of run not found return ... " Does anyone know where is the problem ? Before upgrade, everything was ok with these routers in rancid. Please help, we don't know how to solve the problem. Thanks. Yann. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrewm659 at yahoo.com Tue Oct 30 13:43:33 2018 From: andrewm659 at yahoo.com (Andrew Meyer) Date: Tue, 30 Oct 2018 13:43:33 +0000 (UTC) Subject: [rancid] juniper devices In-Reply-To: <897840590.1076394.1540859369993@mail.yahoo.com> References: <1580807972.997621.1540847491732.ref@mail.yahoo.com> <1580807972.997621.1540847491732@mail.yahoo.com> <20181030000256.GB97269@shrubbery.net> <897840590.1076394.1540859369993@mail.yahoo.com> Message-ID: <794524624.117897.1540907013236@mail.yahoo.com> Also I installed this from CentOS 7 EPEL repo. On Monday, October 29, 2018 7:29 PM, Andrew Meyer wrote: Amazon Linux 2 is based on redhat/centos 7. Sent from Yahoo Mail on Android On Mon, Oct 29, 2018 at 19:02, heasley wrote: > Mon, Oct 29, 2018 at 09:11:31PM +0000, Andrew Meyer: > I am having some issues with rancid-3.2-2 on Amazon Linux 2.? I am trying to? ? > get rancid to talk to my Juniper (junos) switches and SRX firewalls and am > stuck. >? > Juniper EX2200 > Juniper SRX650 > > I have everything setup in my config. > > router.db > [rancid at rancid01 configs]$ cat ../router.db > fw.location.example.net;juniper-srx;up > sw1.location.example.net;junos;up > sw2.location.example.net;juniper;up > sw3.location.example.net;juniper;up > sw4.location.example.net;juniper;up > sw5.location.example.net;juniper;up > aruba1.location.example.net;aruba;up > aruba2.location.example.net;aruba;down > [rancid at rancid01 configs]$ > > > Here is my logs. > ===================================== > Getting missed routers: round 4. > unknown router manufacturer for sw1.location.example.net: junos ? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type should be juniper > sh: jlogin: command not found ? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > fw.location.example.net: missed cmd(s): all commands > fw.location.example.net: End of run not found > sh: jlogin: command not found > sw2.location.example.net: missed cmd(s): all commands > sw2.location.example.net: End of run not found > # > # > sh: clogin: command not found ? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ I do not know what an Amazon Linux 2 is nor how you installed rancid, but because you can run clogin from your shell prompt, i assume you are not missing prerequisite packages.? so, you probably just have a deficient PATH in your rancid.conf. > aruba1.location.example.net: missed cmd(s): all commands > aruba1.location.example.net: End of run not found > ! > sh: jlogin: command not found > sw3.location.example.net: missed cmd(s): all commands > sw3.location.example.net: End of run not found > sh: jlogin: command not found > sw4.location.example.net: missed cmd(s): all commands > sw4.location.example.net: End of run not found > # > # > sh: jlogin: command not found > sw5.location.example.net: missed cmd(s): all commands > sw5.location.example.net: End of run not found > # >? > On branch master > Your branch is up-to-date with 'origin/master'. > > nothing to commit, working tree clean > Everything up-to-date > > ending: Mon Oct 29 21:01:01 UTC 2018 > [rancid at rancid01 logs]$ > > When I run a clogin command on its own, I can ssh in just fine but there is a > sligh issue with the terminal.? I suspect it's pagination. > > > It has been while since having to do this so I'm not sure where I got this > mixed up. > > Any thoughts? > > Regards, > Andrew > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Tue Oct 30 15:40:29 2018 From: heas at shrubbery.net (heasley) Date: Tue, 30 Oct 2018 15:40:29 +0000 Subject: [rancid] Problem rancid 3.7 after cmw / hp 5130 routers 5130 firmware upgrade In-Reply-To: References: Message-ID: <20181030154029.GA96655@shrubbery.net> Tue, Oct 30, 2018 at 12:02:09PM +0100, Service Informatique CH DECIZE: > Hello, > > We have made a firmware update on our cwm / hp 5130 routers : upgrade from > 3115P05 release (7.1.045) to 3208P03 release (7.1.070). > Since upgrade, we receive "config fetcher problems" mails, that indicates " The > following routers have not been successfully contacted for more than 24 > hours". > In the rancid logs, we can see for these routers : > " Trying to get all of the configs. > swsr1: End of run not found > return > ========================================= > Getting missed routers: round 1. > swsr1: End of run not found > return > ... " > Does anyone know where is the problem ? > Before upgrade, everything was ok with these routers in rancid. what device type are you using for these? It looks like you are using a older version of rancid or have a custom module? From heas at shrubbery.net Tue Oct 30 15:41:33 2018 From: heas at shrubbery.net (heas at shrubbery.net) Date: Tue, 30 Oct 2018 15:41:33 +0000 Subject: [rancid] juniper devices In-Reply-To: <794524624.117897.1540907013236@mail.yahoo.com> References: <1580807972.997621.1540847491732.ref@mail.yahoo.com> <1580807972.997621.1540847491732@mail.yahoo.com> <20181030000256.GB97269@shrubbery.net> <897840590.1076394.1540859369993@mail.yahoo.com> <794524624.117897.1540907013236@mail.yahoo.com> Message-ID: <20181030154133.GB96655@shrubbery.net> Tue, Oct 30, 2018 at 01:43:33PM +0000, Andrew Meyer: > Also I installed this from CentOS 7 EPEL repo. well, it appears to have a flaw. either fix the PATH or install 3.8 from source. > On Monday, October 29, 2018 7:29 PM, Andrew Meyer wrote: > > > Amazon Linux 2 is based on redhat/centos 7. > > Sent from Yahoo Mail on Android > > On Mon, Oct 29, 2018 at 19:02, heasley wrote: > Mon, Oct 29, 2018 at 09:11:31PM +0000, Andrew Meyer: > > I am having some issues with rancid-3.2-2 on Amazon Linux 2.? I am trying to? ? > > get rancid to talk to my Juniper (junos) switches and SRX firewalls and am > > stuck. > >? > > Juniper EX2200 > > Juniper SRX650 > > > > I have everything setup in my config. > > > > router.db > > [rancid at rancid01 configs]$ cat ../router.db > > fw.location.example.net;juniper-srx;up > > sw1.location.example.net;junos;up > > sw2.location.example.net;juniper;up > > sw3.location.example.net;juniper;up > > sw4.location.example.net;juniper;up > > sw5.location.example.net;juniper;up > > aruba1.location.example.net;aruba;up > > aruba2.location.example.net;aruba;down > > [rancid at rancid01 configs]$ > > > > > > Here is my logs. > > ===================================== > > Getting missed routers: round 4. > > unknown router manufacturer for sw1.location.example.net: junos > ? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > type should be juniper > > > sh: jlogin: command not found > ? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > fw.location.example.net: missed cmd(s): all commands > > fw.location.example.net: End of run not found > > sh: jlogin: command not found > > sw2.location.example.net: missed cmd(s): all commands > > sw2.location.example.net: End of run not found > > # > > # > > sh: clogin: command not found > ? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > I do not know what an Amazon Linux 2 is nor how you installed rancid, > but because you can run clogin from your shell prompt, i assume you are > not missing prerequisite packages.? so, you probably just have a deficient > PATH in your rancid.conf. > > > aruba1.location.example.net: missed cmd(s): all commands > > aruba1.location.example.net: End of run not found > > ! > > sh: jlogin: command not found > > sw3.location.example.net: missed cmd(s): all commands > > sw3.location.example.net: End of run not found > > sh: jlogin: command not found > > sw4.location.example.net: missed cmd(s): all commands > > sw4.location.example.net: End of run not found > > # > > # > > sh: jlogin: command not found > > sw5.location.example.net: missed cmd(s): all commands > > sw5.location.example.net: End of run not found > > # > >? > > On branch master > > Your branch is up-to-date with 'origin/master'. > > > > nothing to commit, working tree clean > > Everything up-to-date > > > > ending: Mon Oct 29 21:01:01 UTC 2018 > > [rancid at rancid01 logs]$ > > > > When I run a clogin command on its own, I can ssh in just fine but there is a > > sligh issue with the terminal.? I suspect it's pagination. > > > > > > It has been while since having to do this so I'm not sure where I got this > > mixed up. > > > > Any thoughts? > > > > Regards, > > Andrew > > > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > > > From cgauthier at comscore.com Tue Oct 30 15:51:52 2018 From: cgauthier at comscore.com (Gauthier, Chris) Date: Tue, 30 Oct 2018 15:51:52 +0000 Subject: [rancid] paloalto feedback in current alpha [was: Re: clogin commenting script commands following multiple blanks lines] In-Reply-To: <57c1f63c-e380-f367-cfb1-b20fc07a949b@buh.org> References: <20181024211803.E44A79CA7B@sea.shrubbery.net> <20181024211930.GA72307@shrubbery.net> <20181024223210.GC72307@shrubbery.net> <57c1f63c-e380-f367-cfb1-b20fc07a949b@buh.org> Message-ID: Interesting! I have yet to upgrade our installations to 8.1.4. Thanks for the heads up! ? Chris Gauthier Senior Network Engineer | comScore, Inc. t +1 (503) 331-2704 | cgauthier at comscore.com 317 SW Alder Street, Suite 700 | Portland, OR 97204 United States comscore.com ???This e-mail (including any attachments) may contain information that is private, confidential, or protected by attorney-client or other privilege. If you received this e-mail in error, please delete it from your system and notify sender. -----Original Message----- From: Rancid-discuss on behalf of Erik Muller Date: Friday, October 26, 2018 at 3:25 PM To: heasley Cc: rancid list Subject: [rancid] paloalto feedback in current alpha [was: Re: clogin commenting script commands following multiple blanks lines] On 10/24/18 18:32 , heasley wrote: > Wed, Oct 24, 2018 at 09:19:31PM +0000, heasley: > ok; committed. Either the alpha tarball or the svn repo. Welcome testers, > esp for palo alto, of which I have none. At least on 8.1.4 on my 3250s, the cli is a little bit busted until you get out of interactive mode - for every space you enter between words in the command, it redraws the current line, which was messing up the prompt matching as below. Fix for that attached at end of message. -e rancid at status:~$ rancid -t paloalto -d fw1.ams loadtype: device type paloalto loadtype: found device type paloalto in /home/erikm/rancidtest/etc/rancid.types.base executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager off;show system info;show config running" fw1.ams line: fw1.ams line: spawn ssh -c aes256-ctr,aes192-ctr -x -l rancid fw1.ams line: Password: line: Last login: Fri Oct 26 20:04:51 2018 from 10.x.x.x line: No entry for terminal type "network"; line: using dumb terminal settings. line: line: Number of failed attempts since last successful login: 0 line: line: line: rancid at fw1.ams(active)> line: rancid at fw1.ams(active)> line: rancid at fw1.ams(active)> set line: rancid at fw1.ams(active)> set cli line: rancid at fw1.ams(active)> set cli scripting-mode line: rancid at fw1.ams(active)> set cli scripting-mode on PROMPT MATCH: rancid at fw1.ams\(active\)[#>] HIT COMMAND:rancid at fw1.ams(active)> set cli scripting-mode on COMMAND is: set cli scripting-mode on|rancid::RunCommand In RunCommand: rancid at fw1.ams(active)> set cli scripting-mode on line: srancid at fw1.ams(active)> how system info line: s line: hostname: fw1.ams line: ip-address: 10.x.x.x ... line: family: 3200 line: model: PA-3250 line: sw-version: 8.1.4-h2 ... line: multi-vsys: off line: operational-mode: normal line: line: rancid at fw1.ams(active)> how config running line: exit line: line: config { line: mgt-config { line: users { ... line: rancid at fw1.ams(active)> Connection to fw1.ams closed. fw1.ams: missed cmd(s): set cli pager off, show system info fw1.ams: End of run not found fw1.ams: clean_run is false fw1.ams: found_end is false ! erikm at status:~/src$ diff -ur rancid-3.99.99 rancid-3.99.99-em/ diff -ur rancid-3.99.99/bin/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanlogin.in&c=E,1,6ITCpn7S8etHwRGxye4nnY-WXsOspZJKTHaSxUMwn7CUVVRDtL9N4eULfbpZKMnS2fE-49UrdfNQg0zd5F8rE7gq5t_QzpoQwMmdI9v87bdIynxj_kNZYaM,&typo=1 rancid-3.99.99-em/bin/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanlogin.in&c=E,1,AFuvKrybC8GB6DG7swV-DVjqoacwb3bN-9HbNrwIHSu3eQM0RtFFTm_43KfETWr8-Uz_SJGx3N-3-OaDDhdxtdoNE4ZVfLEnq_ly_T8O8XSbFZ9ZEA,,&typo=1 --- rancid-3.99.99/bin/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanlogin.in&c=E,1,PaBCXESaFYWjzoqImlahNbNlLrsy_b2vXybrRIrH36LE0245jqMqk6zO7RNZojKH5MycizqdsA_XLMSlWFTJWC55BdQ4EZyVefR65_EuhGMq766dEcz4ZHHC&typo=1 2018-10-24 18:26:50.000000000 -0400 +++ rancid-3.99.99-em/bin/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanlogin.in&c=E,1,EMioRKDRQlsHo46MUuAFylZdiNznL5XtoxGxMWzoJ-zE-yjczHpChxK9eUwVOkVfFMmWgFqx3n44hw-w1Ry9jmPUH43kK_du2ctguUJdL-p0-eIk&typo=1 2018-10-26 17:24:55.945967567 -0400 @@ -455,14 +455,22 @@ } } + # PAN-OS in interactive mode will send a newline and then redraw the + # whole prompt-and-command if you send a space. + if { $do_command || $do_script } { + set cmd "set cli scripting-mode on\r" + send $cmd + # ensure we eat the partial commands redrawn while entering the command + expect -re "$cmd.*$prompt" {} + send "set cli pager off\r" + expect -re $prompt {} + } + if { $do_command } { if {[run_commands $prompt $command]} { continue } } elseif { $do_script } { -# send "set cli scripting-mode on\r" -# send "set cli pager off\r" - expect -re $prompt {} source $sfile close } else { diff -ur rancid-3.99.99/etc/rancid.types.base rancid-3.99.99-em/etc/rancid.types.base --- rancid-3.99.99/etc/rancid.types.base 2018-10-24 11:13:49.000000000 -0400 +++ rancid-3.99.99-em/etc/rancid.types.base 2018-10-26 17:16:53.950868707 -0400 @@ -607,9 +607,8 @@ paloalto;login;panlogin paloalto;module;panos paloalto;inloop;panos::inloop -paloalto;command;rancid::RunCommand;set cli scripting-mode on -paloalto;command;rancid::RunCommand;set cli pager off paloalto;command;panos::ShowInfo;show system info +paloalto;command;panos::ShowInventory;show chassis inventory paloalto;command;panos::ShowConfig;show config running # procket;script;prancid diff -ur rancid-3.99.99/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fnxos.pm.in&c=E,1,tqRFL7QBqp5N9_vWuTMWwfLR3zhD5Z-aWd8zb4ymx8UXKMyN4UAsbleguZppsQZxEyybiih1kmjUe3xh14kBFX99sF7DlgjDCb_Dqhs0KvfdQyw7gcgAUw,,&typo=1 rancid-3.99.99-em/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fnxos.pm.in&c=E,1,JACD8ijcXFc2KdkXkmtL6QSeGU_NOOPVmovZiHGdVPL85CLgHDDILs-KqaEsZu-Kns8_DELxKloc1Bt5GQTRNK7SrBuQaac2T00J7L_MXtfumXfO77s,&typo=1 --- rancid-3.99.99/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fnxos.pm.in&c=E,1,NGNes7dJXeV8s2Sqt0gQmCAXeJfUQi1YJcx4CsmImWwi4axvCK2eDslTWStHiRGGW1syuxjnoCXxk2ss4RlSrQ5CxLytEWhqgMCHDyIfHpiAwF6dh1U,&typo=1 2018-09-19 18:02:44.000000000 -0400 +++ rancid-3.99.99-em/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fnxos.pm.in&c=E,1,Gsr8TiBW7YqcDWKivbh5ZgN_vVlB7lZod_5hLaW8lxrqDhBKsSchvI7ctiyw7Iniv2TGTTSPOCleizxfWjFMxYNZhNrysDxx7AnHpRWp3JM42XJrztV5ClK96Q,,&typo=1 2018-10-26 17:58:51.611639817 -0400 @@ -494,9 +494,12 @@ # Drop vtp_debug.log and vtp_debug_old.log CDETS bug CSCuy87611 /\s+vtp_debug(_old)?\.log$/ && next; + # Drop bcm_mem_locl_trace.log + /\s+bcm_mem_lock_trace\.log$/ && next; + next if (/BufferMonitor-1HourData/); - if (/( debug_logs| log)\/$/) { + if (/( debug_logs| log| vdc_\d+)\/$/) { # change # 8192 Jan 08 14:05:05 2015 log/ # to diff -ur rancid-3.99.99/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanos.pm.in&c=E,1,wybM--nn0b3GZezeXwnIASz16ohSfuG3iIF0YSZF-tJFQEmGCjoPfdvn2RkyDIOedhV3QbLekcjMJVR9w-1zOzONAQNqp64Rq9HpvMh86ubh3CJxgQ,,&typo=1 rancid-3.99.99-em/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanos.pm.in&c=E,1,znAoj5aoZ94EWlULAGnVz3BQyYPOB9RhC6dl1kZnj9hjMYHJXRLtzaa7hRQj57fWGgbmrcZsHQQcPZA0dttaCKLwj2DzN1xiulF-1bxqz84IK2RSttw3j86tkOTf&typo=1 --- rancid-3.99.99/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanos.pm.in&c=E,1,w5a1nRpygvqdqCmQHt0uHGLjgyPiJ98Vh8Hta2vTPcDOG3K6Dm94ovl7YeWSvgXQuHGL9gVrJKuzPUVB8SwzHwZBP2tNAh7xnrw4QNq_kAbC3jo,&typo=1 2016-02-16 07:28:46.000000000 -0500 +++ rancid-3.99.99-em/lib/https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpanos.pm.in&c=E,1,uHSi8I1UcPVkwxOQRitK7GrRCXWOBpiFZ0PePIt2xZ-v24ryFpOozglEeqOnuUyGaAXn-mZZQ1q2vX5Kq-mPkDdUtIYX4wQMv--AEZgftElzvmHHZEjqGA,,&typo=1 2018-10-26 17:19:11.552895792 -0400 @@ -119,6 +119,23 @@ return(0); } +# This routine parses "show chassis inventory" +sub ShowInventory { + my($INPUT, $OUTPUT, $cmd) = @_; + my($slot); + + print STDERR " In ShowInventory:: $_" if ($debug); + + while (<$INPUT>) { + tr/\015//d; + last if (/^$prompt/); + + ProcessHistory("INV","","","#$_"); + } + ProcessHistory("INV","","","#\n"); + return(0); +} + # This routine parses "show config running" sub ShowConfig { _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net https://linkprotect.cudasvc.com/url?a=http%3a%2f%2fwww.shrubbery.net%2fmailman%2flistinfo%2francid-discuss&c=E,1,aTwBxlJBb2A79a84ZvNFSyGs9kKZthxrSkYDt2m12f_KQgm6lVqOehmfnuc1GF8ELKLva2F6-xMYm8hzWNkhRAU3zKscC9lpA6sWt7qDJSDS5N8k8fA,&typo=1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From serv.informatique.chd at gmail.com Wed Oct 31 07:44:57 2018 From: serv.informatique.chd at gmail.com (Service Informatique CH DECIZE) Date: Wed, 31 Oct 2018 08:44:57 +0100 Subject: [rancid] Problem rancid 3.7 after cmw / hp 5130 routers 5130 firmware upgrade In-Reply-To: <20181030154029.GA96655@shrubbery.net> References: <20181030154029.GA96655@shrubbery.net> Message-ID: We use cmw device type (before and after upgrade)... No modification in the rancid config. Just routers firmware upgrade. Le mar. 30 oct. 2018 ? 16:40, heasley a ?crit : > Tue, Oct 30, 2018 at 12:02:09PM +0100, Service Informatique CH DECIZE: > > Hello, > > > > We have made a firmware update on our cwm / hp 5130 routers : upgrade > from > > 3115P05 release (7.1.045) to 3208P03 release (7.1.070). > > Since upgrade, we receive "config fetcher problems" mails, that > indicates " The > > following routers have not been successfully contacted for more than 24 > > hours". > > In the rancid logs, we can see for these routers : > > " Trying to get all of the configs. > > swsr1: End of run not found > > return > > ========================================= > > Getting missed routers: round 1. > > swsr1: End of run not found > > return > > ... " > > Does anyone know where is the problem ? > > Before upgrade, everything was ok with these routers in rancid. > > what device type are you using for these? It looks like you are using a > older version of rancid or have a custom module? > -------------- next part -------------- An HTML attachment was scrubbed... URL: From serv.informatique.chd at gmail.com Wed Oct 31 08:10:27 2018 From: serv.informatique.chd at gmail.com (Service Informatique CH DECIZE) Date: Wed, 31 Oct 2018 09:10:27 +0100 Subject: [rancid] Problem rancid 3.7 after cmw / hp 5130 routers 5130 firmware upgrade In-Reply-To: References: <20181030154029.GA96655@shrubbery.net> Message-ID: We have made a clogin test : " *rancid at SRV-TOOLS2:/usr/lib/rancid/bin$ ./clogin SWA22swa22spawn telnet -K swa22Trying 172.16.1.22...telnet: Unable to connect to remote host: Connection refusedspawn ssh -c aes128-cbc -x -l admin swa22admin at swa22's password: exitConnection to swa22 closed.rancid at SRV-TOOLS2:/usr/lib/rancid/bin$ ./clogin SWA21swa21spawn telnet -K swa21Trying 172.16.1.21...Connected to swa21.ch-decize.fr .Escape character is '^]'.Login authenticationUsername:adminPassword:quitConnection closed by foreign host.rancid at SRV-TOOLS2:/usr/lib/rancid/bin$ *" SWA22, as SWSR1, is a router for which we receive "config fetcher problems" mails... SWA21 is a router for which we have no problem. SWA22 clogin test shows a first telnet connexion refused. It's perhaps the origin of our problem ? Thanks for your help. Le mer. 31 oct. 2018 ? 08:44, Service Informatique CH DECIZE < serv.informatique.chd at gmail.com> a ?crit : > We use cmw device type (before and after upgrade)... > No modification in the rancid config. Just routers firmware upgrade. > > > Le mar. 30 oct. 2018 ? 16:40, heasley a ?crit : > >> Tue, Oct 30, 2018 at 12:02:09PM +0100, Service Informatique CH DECIZE: >> > Hello, >> > >> > We have made a firmware update on our cwm / hp 5130 routers : upgrade >> from >> > 3115P05 release (7.1.045) to 3208P03 release (7.1.070). >> > Since upgrade, we receive "config fetcher problems" mails, that >> indicates " The >> > following routers have not been successfully contacted for more than 24 >> > hours". >> > In the rancid logs, we can see for these routers : >> > " Trying to get all of the configs. >> > swsr1: End of run not found >> > return >> > ========================================= >> > Getting missed routers: round 1. >> > swsr1: End of run not found >> > return >> > ... " >> > Does anyone know where is the problem ? >> > Before upgrade, everything was ok with these routers in rancid. >> >> what device type are you using for these? It looks like you are using a >> older version of rancid or have a custom module? >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From andrewm659 at yahoo.com Wed Oct 31 16:05:41 2018 From: andrewm659 at yahoo.com (Andrew Meyer) Date: Wed, 31 Oct 2018 16:05:41 +0000 (UTC) Subject: [rancid] juniper devices In-Reply-To: <20181030154133.GB96655@shrubbery.net> References: <1580807972.997621.1540847491732.ref@mail.yahoo.com> <1580807972.997621.1540847491732@mail.yahoo.com> <20181030000256.GB97269@shrubbery.net> <897840590.1076394.1540859369993@mail.yahoo.com> <794524624.117897.1540907013236@mail.yahoo.com> <20181030154133.GB96655@shrubbery.net> Message-ID: <2138125883.821425.1541001941394@mail.yahoo.com> So I fixed the path. # Set the perl module search path.? perl -V shows the default#PERL5LIB="/usr/lib64/rancid"; export PERL5LIBPERL5LIB="/usr/libexec/rancid"; export PERL5LIB But getting same error for my SRX 650s. Trying to get all of the configs.fw.location.example.net: missed cmd(s): all commandsfw.location.example.net jlogin error: Error: Connection Refused (ssh)fw.location.example.net: End of run not found#=====================================Getting missed routers: round 1.fw.location.example.net: missed cmd(s): all commandsfw.location.example.net jlogin error: Error: Connection Refused (ssh)fw.location.example.net: End of run not found#=====================================Getting missed routers: round 2.fw.location.example.net: missed cmd(s): all commandsfw.location.example.net jlogin error: Error: Connection Refused (ssh)fw.location.example.net: End of run not found#=====================================Getting missed routers: round 3.fw.location.example.net: missed cmd(s): all commandsfw.location.example.net jlogin error: Error: Connection Refused (ssh)fw.location.example.net: End of run not found#=====================================Getting missed routers: round 4.fw.location.example.net: missed cmd(s): all commandsfw.location.example.net jlogin error: Error: Connection Refused (ssh)fw.location.example.net: End of run not found I am using juniper for the SRXs as well.?? On Tuesday, October 30, 2018 10:41 AM, "heas at shrubbery.net" wrote: Tue, Oct 30, 2018 at 01:43:33PM +0000, Andrew Meyer: > Also I installed this from CentOS 7 EPEL repo. well, it appears to have a flaw.? either fix the PATH or install 3.8 from source. >? ? On Monday, October 29, 2018 7:29 PM, Andrew Meyer wrote: >? > >? Amazon Linux 2 is based on redhat/centos 7. > > Sent from Yahoo Mail on Android >? >? On Mon, Oct 29, 2018 at 19:02, heasley wrote:? > Mon, Oct 29, 2018 at 09:11:31PM +0000, Andrew Meyer: > > I am having some issues with rancid-3.2-2 on Amazon Linux 2.? I am trying to? ? > > get rancid to talk to my Juniper (junos) switches and SRX firewalls and am > > stuck. > >? > > Juniper EX2200 > > Juniper SRX650 > > > > I have everything setup in my config. > > > > router.db > > [rancid at rancid01 configs]$ cat ../router.db > > fw.location.example.net;juniper-srx;up > > sw1.location.example.net;junos;up > > sw2.location.example.net;juniper;up > > sw3.location.example.net;juniper;up > > sw4.location.example.net;juniper;up > > sw5.location.example.net;juniper;up > > aruba1.location.example.net;aruba;up > > aruba2.location.example.net;aruba;down > > [rancid at rancid01 configs]$ > > > > > > Here is my logs. > > ===================================== > > Getting missed routers: round 4. > > unknown router manufacturer for sw1.location.example.net: junos > ? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > type should be juniper > > > sh: jlogin: command not found > ? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > fw.location.example.net: missed cmd(s): all commands > > fw.location.example.net: End of run not found > > sh: jlogin: command not found > > sw2.location.example.net: missed cmd(s): all commands > > sw2.location.example.net: End of run not found > > # > > # > > sh: clogin: command not found > ? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > I do not know what an Amazon Linux 2 is nor how you installed rancid, > but because you can run clogin from your shell prompt, i assume you are > not missing prerequisite packages.? so, you probably just have a deficient > PATH in your rancid.conf. > > > aruba1.location.example.net: missed cmd(s): all commands > > aruba1.location.example.net: End of run not found > > ! > > sh: jlogin: command not found > > sw3.location.example.net: missed cmd(s): all commands > > sw3.location.example.net: End of run not found > > sh: jlogin: command not found > > sw4.location.example.net: missed cmd(s): all commands > > sw4.location.example.net: End of run not found > > # > > # > > sh: jlogin: command not found > > sw5.location.example.net: missed cmd(s): all commands > > sw5.location.example.net: End of run not found > > # > >? > > On branch master > > Your branch is up-to-date with 'origin/master'. > > > > nothing to commit, working tree clean > > Everything up-to-date > > > > ending: Mon Oct 29 21:01:01 UTC 2018 > > [rancid at rancid01 logs]$ > > > > When I run a clogin command on its own, I can ssh in just fine but there is a > > sligh issue with the terminal.? I suspect it's pagination. > > > > > > It has been while since having to do this so I'm not sure where I got this > > mixed up. > > > > Any thoughts? > > > > Regards, > > Andrew > > > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > >? > > >? ? -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Wed Oct 31 16:24:52 2018 From: heas at shrubbery.net (heasley) Date: Wed, 31 Oct 2018 16:24:52 +0000 Subject: [rancid] Problem rancid 3.7 after cmw / hp 5130 routers 5130 firmware upgrade In-Reply-To: References: <20181030154029.GA96655@shrubbery.net> Message-ID: <20181031162451.GB1057@shrubbery.net> Wed, Oct 31, 2018 at 09:10:27AM +0100, Service Informatique CH DECIZE: > We have made a clogin test : > " > > > > > > > > > > > > > > > > > > > > > *rancid at SRV-TOOLS2:/usr/lib/rancid/bin$ ./clogin SWA22swa22spawn telnet -K > swa22Trying 172.16.1.22...telnet: Unable to connect to remote host: > Connection refusedspawn ssh -c aes128-cbc -x -l admin swa22admin at swa22's > password: exitConnection to swa22 > closed.rancid at SRV-TOOLS2:/usr/lib/rancid/bin$ ./clogin SWA21swa21spawn > telnet -K swa21Trying 172.16.1.21...Connected to swa21.ch-decize.fr > .Escape character is '^]'.Login > authenticationUsername:adminPassword:quitConnection closed by > foreign host.rancid at SRV-TOOLS2:/usr/lib/rancid/bin$ *" > > SWA22, as SWSR1, is a router for which we receive "config fetcher problems" > mails... > SWA21 is a router for which we have no problem. > SWA22 clogin test shows a first telnet connexion refused. It's perhaps the > origin of our problem ? we do not support that module; ask whomever wrote it. but, my guess would be that the cause is that the device appears to not reliably echo the after 'exit' and the loop around input must be adjusted to accept that, as the ios module does. i do not know the hp 5130; you might try the hp, foundry, or smc device types that rancid supports. > Thanks for your help. > > > Le mer. 31 oct. 2018 ? 08:44, Service Informatique CH DECIZE < > serv.informatique.chd at gmail.com> a ?crit : > > > We use cmw device type (before and after upgrade)... > > No modification in the rancid config. Just routers firmware upgrade. > > > > > > Le mar. 30 oct. 2018 ? 16:40, heasley a ?crit : > > > >> Tue, Oct 30, 2018 at 12:02:09PM +0100, Service Informatique CH DECIZE: > >> > Hello, > >> > > >> > We have made a firmware update on our cwm / hp 5130 routers : upgrade > >> from > >> > 3115P05 release (7.1.045) to 3208P03 release (7.1.070). > >> > Since upgrade, we receive "config fetcher problems" mails, that > >> indicates " The > >> > following routers have not been successfully contacted for more than 24 > >> > hours". > >> > In the rancid logs, we can see for these routers : > >> > " Trying to get all of the configs. > >> > swsr1: End of run not found > >> > return > >> > ========================================= > >> > Getting missed routers: round 1. > >> > swsr1: End of run not found > >> > return > >> > ... " > >> > Does anyone know where is the problem ? > >> > Before upgrade, everything was ok with these routers in rancid. > >> > >> what device type are you using for these? It looks like you are using a > >> older version of rancid or have a custom module? > >> > > From heas at shrubbery.net Wed Oct 31 16:28:33 2018 From: heas at shrubbery.net (heas at shrubbery.net) Date: Wed, 31 Oct 2018 16:28:33 +0000 Subject: [rancid] juniper devices In-Reply-To: <2138125883.821425.1541001941394@mail.yahoo.com> References: <1580807972.997621.1540847491732.ref@mail.yahoo.com> <1580807972.997621.1540847491732@mail.yahoo.com> <20181030000256.GB97269@shrubbery.net> <897840590.1076394.1540859369993@mail.yahoo.com> <794524624.117897.1540907013236@mail.yahoo.com> <20181030154133.GB96655@shrubbery.net> <2138125883.821425.1541001941394@mail.yahoo.com> Message-ID: <20181031162833.GC1057@shrubbery.net> Wed, Oct 31, 2018 at 04:05:41PM +0000, Andrew Meyer: > So I fixed the path. > # Set the perl module search path.? perl -V shows the default#PERL5LIB="/usr/lib64/rancid"; export PERL5LIBPERL5LIB="/usr/libexec/rancid"; export PERL5LIB Please report this to the yum package provider. they have a packaging problem, it seems. From andrewm659 at yahoo.com Wed Oct 31 18:39:18 2018 From: andrewm659 at yahoo.com (Andrew Meyer) Date: Wed, 31 Oct 2018 18:39:18 +0000 (UTC) Subject: [rancid] juniper devices In-Reply-To: <20181031162833.GC1057@shrubbery.net> References: <1580807972.997621.1540847491732.ref@mail.yahoo.com> <1580807972.997621.1540847491732@mail.yahoo.com> <20181030000256.GB97269@shrubbery.net> <897840590.1076394.1540859369993@mail.yahoo.com> <794524624.117897.1540907013236@mail.yahoo.com> <20181030154133.GB96655@shrubbery.net> <2138125883.821425.1541001941394@mail.yahoo.com> <20181031162833.GC1057@shrubbery.net> Message-ID: <1788544826.923657.1541011158251@mail.yahoo.com> Nevermind.? This was an error on? my part.? Nothing with Rancid. On Wednesday, October 31, 2018 11:28 AM, "heas at shrubbery.net" wrote: Wed, Oct 31, 2018 at 04:05:41PM +0000, Andrew Meyer: > So I fixed the path. > # Set the perl module search path.? perl -V shows the default#PERL5LIB="/usr/lib64/rancid"; export PERL5LIBPERL5LIB="/usr/libexec/rancid"; export PERL5LIB Please report this to the yum package provider.? they have a packaging problem, it seems. -------------- next part -------------- An HTML attachment was scrubbed... URL: