Simone Felici | 19 Jan 15:37 2015
Picon

Re: [rancid] ERROR: sh: cisco: command not found


Hello,

Il 17/01/2015 17:42, heasley ha scritto:
> Sat, Jan 17, 2015 at 10:23:53AM +0100, Simone Felici:
>>
>> Hello to all!
>>
>> I'm having an issue with rancid. sometimes I get this errors in the logs:
>
> what version of rancid on what o/s?
>

rancid 2.3.6 on CentOS 5.8 (server and slaves)

>> sh: cisco: command not found
>> sh: cisco: command not found
>> sh: cisco: command not found
>> sh: cisco: command not found
>> (...)
>>
>> Then the script doesn't process all the list of devices!
>> If I execute manually the last device rancid has processed as well as the device immediate after, I
>> have no errors. The list is long and it uses another server to collect these configurations via ssh
>
> how long?  does it exceed the command-line length allowed by your o/s?
> perhaps a quoting error?

Are they not processed one per time?
the routers.all contains 672 entries, routers.up -> 572.
(Continue reading)

Simone Felici | 17 Jan 10:23 2015
Picon

[rancid] ERROR: sh: cisco: command not found


Hello to all!

I'm having an issue with rancid. sometimes I get this errors in the logs:

sh: cisco: command not found
sh: cisco: command not found
sh: cisco: command not found
sh: cisco: command not found
(...)

Then the script doesn't process all the list of devices!
If I execute manually the last device rancid has processed as well as the device immediate after, I 
have no errors. The list is long and it uses another server to collect these configurations via ssh 
(usercmd, usercmd_chat). Could it be a timeout issue on the remote server used to contact the 
device? Or what is happen? How can I debug?

The script ends in the log with:

Transmitting file data ..................................
Committed revision 21106.
+ rm -f /tmp/.customer_cpe.run.lock

Also seems it ends to process the list, but isn't true, because the list in routers.up is longer.

Thanks a lot!

Simon
_______________________________________________
Rancid-discuss mailing list
(Continue reading)

Santi | 16 Jan 12:08 2015

[rancid] Issue rancid with Avaya's device

Hi,

I have one big problem with rancid. I don't get the backup of my switch. 

This switch is: Ethernet Routing Switch 4548GT-PWR HW:12 FW:5.3.0.3 
SW:v5.7.0.008 BN:08 (c) Avaya Networks


I have two files, these are: bnrancid and bnlogin

this is the configuration by bnlogin, it's:

#! /usr/bin/expect --
##
## $Id: blogin.in,v 1.50 2009/04/16 21:22:57 heas Exp $
##
## <at> PACKAGE <at> <at> VERSION <at>
## Copyright (c) 1997-2009 by Terrapin Communications, Inc.
## All rights reserved.
##
## This code is derived from software contributed to and maintained by
## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan,
## Pete Whiting, Austin Schutz, and Andrew Fort.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted provided that the following conditions
## are met:
## 1. Redistributions of source code must retain the above copyright
##    notice, this list of conditions and the following disclaimer.
## 2. Redistributions in binary form must reproduce the above copyright
##    notice, this list of conditions and the following disclaimer in the
##    documentation and/or other materials provided with the distribution.
## 3. All advertising materials mentioning features or use of this software
##    must display the following acknowledgement:
##        This product includes software developed by Terrapin Communications,
##        Inc. and its contributors for RANCID.
## 4. Neither the name of Terrapin Communications, Inc. nor the names of its
##    contributors may be used to endorse or promote products derived from
##    this software without specific prior written permission.
## 5. It is requested that non-binding fixes and modifications be contributed
##    back to Terrapin Communications, Inc.
##
## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS
## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
## PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS
## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
## POSSIBILITY OF SUCH DAMAGE.
#
#  The expect login scripts were based on Erik Sherk's gwtn, by permission.
#
# blogin - Bay Networks(Nortel) login
#
# Unlike the Cisco's, there is no enable function on the Bay's.  Instead
# there are seperate User and Manager accounts.  A 'system' command exists,
# which I am told does nothing.
#
# The "bcc>" prompt changes to "box#", not "bcc#" after the config command.
#
 
# Usage line
set usage "Usage: $argv0 \[-dSV\] \[-autoenable\] \[-noenable\] \[-c command\] \
\[-Evar=x\] \[-e enable-password\] \[-f cloginrc-file\] \[-p user-password\] \
\[-s script-file\] \[-t timeout\] \[-u username\] \
\[-v vty-password\] \[-w enable-username\] \[-x command-file\] \
\[-y ssh_cypher_type\] router \[router...\]\n"
 
# env(CLOGIN) may contain:
#       x == do not set xterm banner or name
 
# Password file
set password_file $env(HOME)/.cloginrc
# Default is to login to the router
set do_command 0
set do_script 0
# The default is to automatically enable
set avenable 0
# The default is that you login non-enabled (tacacs can have you login already
# enabled)
set avautoenable 0
# The default is to look in the password file to find the passwords.  This
# tracks if we receive them on the command line.
set do_passwd 1
set do_enapasswd 0
# Save config, if prompted
set do_saveconfig 0
 
# Find the user in the ENV, or use the unix userid.
if {[ info exists env(CISCO_USER) ]} {
    set default_user $env(CISCO_USER)
} elseif {[ info exists env(USER) ]} {
    set default_user $env(USER)
} elseif {[ info exists env(LOGNAME) ]} {
    set default_user $env(LOGNAME)
} else {
    # This uses "id" which I think is portable.  At least it has existed
    # (without options) on all machines/OSes I've been on recently -
    # unlike whoami or id -nu.
    if [ catch {exec id} reason ] {
        send_error "\nError: could not exec id: $reason\n"
        exit 1
    }
    regexp {\(([^)]*)} "$reason" junk default_user
}
if {[ info exists env(CLOGINRC) ]} {
    set password_file $env(CLOGINRC)
}
 
# Sometimes routers take awhile to answer (the default is 10 sec)
set timeout 45
 
# Process the command line
for {set i 0} {$i < $argc} {incr i} {
    set arg [lindex $argv $i]
 
    switch  -glob -- $arg {
        # Expect debug mode
        -d* {
            exp_internal 1
        # Username
        } -u* {
            if {! [  regexp .\[uU\](.+) $arg ignore user]} {
                incr i
                set username [ lindex $argv $i ]
            }
        # VTY Password
        } -p* {
            if {! [  regexp .\[pP\](.+) $arg ignore userpasswd]} {
                incr i
                set userpasswd [ lindex $argv $i ]
            }
            set do_passwd 0
        # VTY Password
        } -v* {
            if {! [  regexp .\[vV\](.+) $arg ignore passwd]} {
                incr i
                set passwd [ lindex $argv $i ]
            }
            set do_passwd 0
        # Version string
        } -V* {
            send_user " <at> PACKAGE <at> <at> VERSION <at> \n"
            exit 0
        # Enable Username
        } -w* {
            if {! [  regexp .\[wW\](.+) $arg ignore enauser]} {
                incr i
                set enausername [ lindex $argv $i ]
            }
        # Environment variable to pass to -s scripts
        } -E* {
            if {[ regexp .\[E\](.+)=(.+) $arg ignore varname varvalue]} {
                set E$varname $varvalue
            } else {
                send_user "\nError: invalid format for -E in $arg\n"
                exit 1
            }
        # Enable Password
        } -e* {
            if {! [  regexp .\[eE\](.+) $arg ignore enapasswd]} {
                incr i
                set enapasswd [ lindex $argv $i ]
            }
            set do_enapasswd 0
        # Command to run.
        } -c* {
            if {! [  regexp .\[cC\](.+) $arg ignore command]} {
                incr i
                set command [ lindex $argv $i ]
            }
            set do_command 1
        # Expect script to run.
        } -s* {
            if {! [  regexp .\[sS\](.+) $arg ignore sfile]} {
                incr i
                set sfile [ lindex $argv $i ]
            }
            if { ! [ file readable $sfile ] } {
                send_user "\nError: Can't read $sfile\n"
                exit 1
            }
            set do_script 1
        # save config on exit
        } -S* {
            set do_saveconfig 1
        # 'ssh -c' cypher type
        } -y* {
            if {! [  regexp .\[eE\](.+) $arg ignore cypher]} {
                incr i
                set cypher [ lindex $argv $i ]
            }
        # alternate cloginrc file
        } -f* {
            if {! [ regexp .\[fF\](.+) $arg ignore password_file]} {
                incr i
                set password_file [ lindex $argv $i ]
            }
        # Timeout
        } -t* {
            if {! [ regexp .\[tT\](.+) $arg ignore timeout]} {
                incr i
                set timeout [ lindex $argv $i ]
            }
        # Command file
        } -x* {
            if {! [  regexp .\[xX\](.+) $arg ignore cmd_file]} {
                incr i
                set cmd_file [ lindex $argv $i ]
            }
            set cmd_fd [open $cmd_file r]
            set cmd_text [read $cmd_fd]
            close $cmd_fd
            set command [join [split $cmd_text \n] \;]
            set do_command 1
        # Do we enable?
        } -noenable {
            set avenable 0
        # Does tacacs automatically enable us?
        } -autoenable {
            set avautoenable 1
            set avenable 0
        } -* {
            send_user "\nError: Unknown argument! $arg\n"
            send_user $usage
            exit 1
        } default {
            break
        }
    }
}
# Process routers...no routers listed is an error.
if { $i == $argc } {
    send_user "\nError: $usage"
}
 
# Only be quiet if we are running a script (it can log its output
# on its own)
if { $do_script } {
    log_user 0
} else {
    log_user 1
}
 
#
# Done configuration/variable setting.  Now run with it...
#
 
# Sets Xterm title if interactive...if its an xterm and the user cares
proc label { host } {
    global env
    # if CLOGIN has an 'x' in it, don't set the xterm name/banner
    if [info exists env(CLOGIN)] {
        if {[string first "x" $env(CLOGIN)] != -1} { return }
    }
    # take host from ENV(TERM)
    if [info exists env(TERM)] {
        if [regexp \^(xterm|vs) $env(TERM) ignore ] {
            send_user "\033]1;[lindex [split $host "."] 0]\a"
            send_user "\033]2;$host\a"
        }
    }
}
 
# This is a helper function to make the password file easier to
# maintain.  Using this the password file has the form:
# add password sl*      pete cow
# add password at*      steve
# add password *        hanky-pie
proc add {var args} { global int_$var ; lappend int_$var $args}
proc include {args} {
    global env
    regsub -all "(^{|}$)" $args {} args
    if { [ regexp "^/" $args ignore ] == 0 } {
        set args $env(HOME)/$args
    }
    source_password_file $args
}
 
proc find {var router} {
    upvar int_$var list
    if { [info exists list] } {
        foreach line $list {
            if { [string match [lindex $line 0] $router ] } {
                return [lrange $line 1 end]
            }
        }
    }
    return {}
}
 
# Loads the password file.  Note that as this file is tcl, and that
# it is sourced, the user better know what to put in there, as it
# could install more than just password info...  I will assume however,
# that a "bad guy" could just as easy put such code in the clogin
# script, so I will leave .cloginrc as just an extention of that script
proc source_password_file { password_file } {
    global env
    if { ! [file exists $password_file] } {
        send_user "\nError: password file ($password_file) does not exist\n"
        exit 1
    }
    file stat $password_file fileinfo
    if { [expr ($fileinfo(mode) & 007)] != 0000 } {
        send_user "\nError: $password_file must not be world readable/writable\n"
        exit 1
    }
    if [ catch {source $password_file} reason ] {
        send_user "\nError: $reason\n"
        exit 1
    }
}
 
# Log into the router.
# returns: 0 on success, 1 on failure
proc login { router user userpswd passwd enapasswd prompt cmethod cyphertype } {
    global spawn_id in_proc do_command do_script
    global u_prompt p_prompt e_prompt sshcmd
    set in_proc 1
 
    # try each of the connection methods in $cmethod until one is successful
    set progs [llength $cmethod]
    foreach prog [lrange $cmethod 0 end] {
        incr progs -1
        if [string match "telnet*" $prog] {
            regexp {telnet(:([^[:space:]]+))*} $prog command suffix port
            if {"$port" == ""} {
                set retval [ catch {spawn telnet $router} reason ]
            } else {
                set retval [ catch {spawn telnet $router $port} reason ]
            }
            if { $retval } {
                send_user "\nError: telnet failed: $reason\n"
                return 1
            }
        } elseif ![string compare $prog "ssh"] {
            if [ catch {spawn $sshcmd -c $cyphertype -x -l $user $router} reason ] {
                send_user "\nError: $sshcmd failed: $reason\n"
                return 1
            }
        } elseif ![string compare $prog "rsh"] {
            send_error "\nError: unsupported method: rsh\n"
            if { $progs == 0 } {
                return 1
            }
            continue;
        } else {
            send_user "\nError: unknown connection method: $prog\n"
            return 1
        }
        sleep 0.3
 
        # This helps cleanup each expect clause.
        expect_after {
            timeout {
                send_user "\nError: TIMEOUT reached\n"
                catch {close}; catch {wait};
                if { $in_proc} {
                    return 1
                } else {
                    continue
                }
            } eof {
                send_user "\nError: EOF received\n"
                catch {close}; catch {wait};
                if { $in_proc} {
                    return 1
                } else {
                    continue
                }
            }
        }
 
    # Here we get a little tricky.  There are several possibilities:
    # the router can ask for a username and passwd and then
    # talk to the TACACS server to authenticate you, or if the
    # TACACS server is not working, then it will use the enable
    # passwd.  Or, the router might not have TACACS turned on,
    # then it will just send the passwd.
    # if telnet fails with connection refused, try ssh
    expect {
        -re "(Connection refused|Secure connection \[^\n\r]+ refused|Connection closed by)" {
            catch {close}; catch {wait};
            if !$progs {
                send_user "\nError: Connection Refused ($prog)\n"; return 1
            }
        }
        eof { send_user "\nError: Couldn't login\n"; wait; return 1
        } -nocase "unknown host\r" {
            catch {close}; catch {wait};
            send_user "\nError: Unknown host\n"; wait; return 1
        } "Host is unreachable" {
            catch {close}; catch {wait};
            send_user "\nError: Host Unreachable!\n"; wait; return 1
        } "No address associated with name" {
            catch {close}; catch {wait};
            send_user "\nError: Unknown host\n"; wait; return 1
        }
        -re "(Host key not found |The authenticity of host .* be established).*\(yes\/no\)\?" {
            send "yes\r"
            send_user "\nHost $router added to the list of known hosts.\n"
            exp_continue }
        -re "HOST IDENTIFICATION HAS CHANGED.* \(yes\/no\)\?" {
            send "no\r"
            send_user "\nError: The host key for $router has changed.  Update the SSH known_hosts file accordingly.\n"
            return 1
        }
        -re "Offending key for .* \(yes\/no\)\?" {
            send "no\r"
            send_user "\nError: host key mismatch for $router.  Update the SSH known_hosts file accordingly.\n"
            return 1
        }
        -re "Ctrl-Y" { send -- "\031"
            expect {
               -re "$u_prompt" { send -- "$user\r" ; send -- "$userpswd\r" }
               -re "#"   { set in_proc 0; return 0 }
        }
           # exp_continue
        }
        -re "$u_prompt" { send -- "$user\r"
            expect {
                eof                     { send_user "\nError: Couldn't login\n"; wait; return 1 }
                "Login invalid"         { send_user "\nError: Invalid login\n";
                                          catch {close}; catch {wait};
                                          return 1 }
                -re "$p_prompt"         { send -- "$userpswd\r" }
                "$prompt"               { set in_proc 0; return 0 }
            }
            exp_continue
        }
        -re "$p_prompt" {
            if $in_proc { exp_continue }
            if ![string compare $prog "ssh"] {
                send -- "$userpswd\r"
            } else {
                send -- "$passwd\r"
            }
            expect {
                eof             { send_user "\nError: Couldn't login\n"; wait; return 1 }
                -re "$e_prompt" { send -- "$enapasswd\r" }
                "$prompt"       { set in_proc 0; return 0 }
            }
            exp_continue
        }
        #"$prompt"       { break; }
        denied          { send_user "\nError: Check your passwd for $router\n"
                          catch {close}; catch {wait}; return 1
                        }
        "% Bad passwords" {send_user "\nError: Check your passwd for $router\n"; return 1 }
    }
}
    set in_proc 0
    return 0
}
 
# Enable
proc do_enable { enauser enapasswd } {
    global prompt in_proc
    global u_prompt e_prompt
    set in_proc 1
 
    send "enable\r"
    expect {
        -re "$u_prompt" { send -- "$enauser\r"; exp_continue}
        -re "$e_prompt" { send -- "$enapasswd\r"; exp_continue}
        "#"             { set prompt "#" }
        "(enable)"      { set prompt "> (enable) " }
        denied          { send_user "\nError: Check your Enable passwd\n"
                          return 1
                        }
        "% Bad passwords" {
                          send_user "\nError: Check your Enable passwd\n"
                          return 1
                        }
    }
    # We set the prompt variable (above) so script files don't need
    # to know what it is.
    set in_proc 0
    return 0
}
 
# Run commands given on the command line.
proc run_commands { prompt command } {
    global in_proc
    set in_proc 1
    
    regsub -all "\[)(]" $prompt {\\&} reprompt
 
    set commands [split $command \;]
    set num_commands [llength $commands]
    for {set i 0} {$i < $num_commands} { incr i} {
        send -- "[subst -nocommands [lindex $commands $i]]\r"
        send "exit\r"
        expect {
            -re "^\[^\n\r *]*$reprompt"         {}
            -re "^\[^\n\r]*$reprompt."          { exp_continue }
            -re "\[\n\r]+"                      { exp_continue }
            -re "Main Menu"                     { send "L" }
        }
    }
    expect {
        "\n"                                    { exp_continue }
        timeout                                 { catch {close}; catch {wait};
                                                  return 0
                                                }
    }
    set in_proc 0
}
 
#
# For each router... (this is main loop)
#
source_password_file $password_file
set in_proc 0
set exitval 0
foreach router [lrange $argv $i end] {
    set router [string tolower $router]
    send_user "$router\n"
 
    # Figure out prompt.
    # Since autoenable is off by default, if we have it defined, it
    # was done on the command line. If it is not specifically set on the
    # command line, check the password file.
    if $avautoenable {
        set autoenable 1
        set enable 0
        set prompt "#"
    } else {
        set ae [find autoenable $router]
        if { "$ae" == "1" } {
            set autoenable 1
            set enable 0
            set prompt "#"
        } else {
            set autoenable 0
            set enable $avenable
            set prompt ">"
        }
    }
 
    # look for noenable option in .cloginrc
    if { [find noenable $router] != "" } {
        set enable 0
    }
 
    # Figure out passwords
    if { $do_passwd || $do_enapasswd } {
      set pswd [find password $router]
      if { [llength $pswd] == 0 } {
        send_user "\nError - no password for $router in $password_file.\n"
        continue
      }
      if { $do_enapasswd && $autoenable == 0 && [llength $pswd] < 2 } {
        send_user "\nError - no enable password for $router in $password_file.\n"
        continue
      }
      set passwd [join [lindex $pswd 0] ""]
      set enapasswd [join [lindex $pswd 1] ""]
    } else {
        set passwd $userpasswd
        set enapasswd $enapasswd
    }
 
    # Figure out username
    if {[info exists username]} {
      # command line username
      set ruser $username
    } else {
      set ruser [join [find user $router] ""]
      if { "$ruser" == "" } { set ruser $default_user }
    }
 
    # Figure out username's password (if different from the vty password)
    if {[info exists userpasswd]} {
      # command line username
      set userpswd $userpasswd
    } else {
      set userpswd [join [find userpassword $router] ""]
      if { "$userpswd" == "" } { set userpswd $passwd }
    }
 
    # Figure out enable username
    if {[info exists enausername]} {
      # command line enausername
      set enauser $enausername
    } else {
      set enauser [join [find enauser $router] ""]
      if { "$enauser" == "" } { set enauser $ruser }
    }
 
    # Figure out prompts
    set u_prompt [find userprompt $router]
    if { "$u_prompt" == "" } {
        set u_prompt "(Username|login|user name):"
    } else {
        set u_prompt [join [lindex $u_prompt 0] ""]
    }
    set p_prompt [find passprompt $router]
    if { "$p_prompt" == "" } {
         set p_prompt "(\[Pp]assword|passwd):"
        } else {
        set p_prompt [join [lindex $p_prompt 0] ""]
    }
    set e_prompt [find enableprompt $router]
    if { "$e_prompt" == "" } {
        set e_prompt "\[Pp]assword:"
    } else {
        set e_prompt [join [lindex $e_prompt 0] ""]
    }
 
    # Figure out cypher type
    if {[info exists cypher]} {
      # command line cypher type
      set cyphertype $cypher
    } else {
      set cyphertype [find cyphertype $router]
      if { "$cyphertype" == "" } { set cyphertype "3des" }
    }
 
    # Figure out connection method
    set cmethod [find method $router]
    if { "$cmethod" == "" } { set cmethod {{telnet}} }
 
    # Figure out the SSH executable name
    set sshcmd [find sshcmd $router]
    if { "$sshcmd" == "" } { set sshcmd {ssh} }
 
    # Login to the router
    if {[login $router $ruser $userpswd $passwd $enapasswd $prompt $cmethod $cyphertype]} {
        incr exitval
        continue
    }
    if { $enable } {
        if {[do_enable $enauser $enapasswd]} {
            if { $do_command || $do_script } {
                incr exitval
                catch {close}; catch {wait};
                continue
            }
        }
    }
 
    if { $do_command } {
        if {[run_commands $prompt $command]} {
            incr exitval
            continue
        }
    } elseif { $do_script } {
        expect $prompt  {}
        source $sfile
        catch {close};
    } else {
        label $router
        log_user 1
        interact
    }
 
    # End of for each router
    catch {wait};
    sleep 0.3
}
exit $exitval




I set this command:

./bnlogin -f /var/lib/rancid/.cloginrc -c "show sys-info" ip_my_host

And its the result, you can see it here:

4548GT-PWR#show sys-info
"
"
"
"
"
show parameters of system
"
"
"
"

4548GT-PWR#exit
Connection closed by foreign host.

Error: EOF received


Why I have this messages? I don't know it...



Can you help me, please?



Regards!
Santi
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Jitendra | 12 Jan 01:44 2015
Picon

Re: [rancid] Dell Switch Rancid 3.1

Hello All,

I have recently updated Rancid from 2.3.8 to 3.1 in the hopes to be able use rancid to get our only Dell Switch configs. It is a dell networking n4032 10Gb switch.

When I use SMC or Dell config, it fails to past the initial login. I am assuming it is basically not picking up the User: command prompt?

This is what I get when I do a debug mode for hlogin.

parent: waiting for sync byte
parent: telling child to go ahead
parent: now unsynchronized from child
spawn: returns {7080}
Gate keeper glob pattern for '(Connection refused|Secure connection [^
]+ refused|Connection closed by)' is ''. Not usable, disabling the performance booster.
Gate keeper glob pattern for '(Host key not found |The authenticity of host .* be established).* \(yes/no\)\?' is ''. Not usable, disabling the performance booster.
Gate keeper glob pattern for 'HOST IDENTIFICATION HAS CHANGED.* \(yes/no\)\?' is 'HOST IDENTIFICATION HAS CHANGED* (yes/no)\?'. Activating booster.
Gate keeper glob pattern for 'HOST IDENTIFICATION HAS CHANGED[^
]+' is 'HOST IDENTIFICATION HAS CHANGED*'. Activating booster.
Gate keeper glob pattern for 'Offending key for .* \(yes/no\)\?' is 'Offending key for * (yes/no)\?'. Activating booster.
Gate keeper glob pattern for 'Enter passphrase.*: ' is 'Enter passphrase*: '. Activating booster.
Gate keeper glob pattern for '([Uu]sername|[Ll]ogin|user name|Login Name):' is ''. Not usable, disabling the performance booster.
Gate keeper glob pattern for '([Pp]assword|passwd):' is ''. Not usable, disabling the performance booster.
expect: does "" (spawn_id exp6) match glob pattern "Press any key to continue"? no
"Enter switch number to connect to or <CR>:"? no
"(Connection refused|Secure connection [^\n\r]+ refused|Connection closed by)"? (No Gate, RE only) gate=yes re=no
"Host is unreachable"? no
"No address associated with name"? no
"(Host key not found |The authenticity of host .* be established).* \(yes/no\)\?"? (No Gate, RE only) gate=yes re=no
"HOST IDENTIFICATION HAS CHANGED.* \(yes/no\)\?"? Gate "HOST IDENTIFICATION HAS CHANGED* (yes/no)\?"? gate=no
"HOST IDENTIFICATION HAS CHANGED[^\n\r]+"? Gate "HOST IDENTIFICATION HAS CHANGED*"? gate=no
"Offending key for .* \(yes/no\)\?"? Gate "Offending key for * (yes/no)\?"? gate=no
expect: does "" (spawn_id exp6) match glob pattern "unknown host\r"? no
expect: does "" (spawn_id exp6) match regular expression "Enter passphrase.*: "? Gate "Enter passphrase*: "? gate=no
"([Uu]sername|[Ll]ogin|user name|Login Name):"? (No Gate, RE only) gate=yes re=no
"([Pp]assword|passwd):"? (No Gate, RE only) gate=yes re=no
"#"? no
"denied"? no
"% Bad passwords"? no

Any ideas as to how to fix this? Funny thing is .clogin works fine...though dllogin and hlogin refuse to. As far as what I can see, the perl script for hlogin is mostly identical when fetching for statements.?

Regards,
Jit
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
heasley | 10 Jan 00:47 2015
Picon

Re: [rancid] MikroTik missed cmd(s): system package print detail without-paging

Fri, Jan 09, 2015 at 08:37:51PM +0000, heasley:
> Fri, Jan 09, 2015 at 05:51:52PM +0000, IT-Info:
> > After patching bin/mtlogin, there seems to be improvement.  The devices that were experiencing the
error are now being backed up properly.
> > 
> > The logs show many of these messages, though.  Is this normal?
> > are you disconnected or in a batch, at, or cron script?stty: impossible in this context
> 
> that is coming from expect...though i do not understand why.  catch should
> have prevented it.  what version of expect is this?
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss <at> shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss

Please try this alternative patch:

Index: bin/mtlogin.in
===================================================================
--- bin/mtlogin.in	(revision 3012)
+++ bin/mtlogin.in	(working copy)
 <at>  <at>  -457,6 +457,15  <at>  <at> 
 source_password_file $password_file
 set in_proc 0
 set exitval 0
+# http://www.shrubbery.net/pipermail/rancid-discuss/2015-January/007984.html
+# if we have dont have a tty, we need some additional terminal settings
+if [catch {open /dev/tty w} ttyid] {
+    # no tty, ie: cron
+    set spawnopts "-nottycopy"
+    set stty_init "cols 132"
+} else {
+    catch {close ttyid} reason
+}
 foreach router [lrange $argv $i end] {
     set router [string tolower $router]
     send_user "$router\n"
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

Steven Saner | 9 Jan 22:15 2015
Picon

[rancid] mtrancid patch

I had an issue with rancid 3.1 (and earlier versions too) tracking
several Mikrotik routers. I'm not sure if this issue affects all
Mikrotik models, but in my case I am using the following:

> system resource print
             uptime: 8w2d22h47m48s
            version: 5.21
        free-memory: 992624KiB
       total-memory: 1555212KiB
                cpu: e500v2
          cpu-count: 2
      cpu-frequency: 1066MHz
           cpu-load: 16%
     free-hdd-space: 68928KiB
    total-hdd-space: 110092KiB
  architecture-name: powerpc
         board-name: RB1100AHx2
           platform: MikroTik

In the config export there is the following:

/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128
default-profile=\
    default enabled=no keepalive-timeout=60 mac-address=FE:EB:E4:50:DC:E8 \
    max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no

This is an interface associated with the OpenVPN server, which I am not
using. The thing is, the mac-address attribute seems to be a generated
value and it changes (how often or why, I'm not sure). As a result every
time rancid would run, it would log a config change because this value
was different.

I implemented a quick and dirty patch to mtrancid to simply ignore the
set auth= line inside of the ovpn-server interface so that the config
would not change each run.

Has someone else run in to this? Did they solve the problem in a
different way? It might be better to make this ignore just the
mac-address attribute, rather than the entire config line, but it didn't
matter to me as I'm not using that interface.

Here is my patch:

--- a/bin/mtrancid.in
+++ b/bin/mtrancid.in
 <at>  <at>  -236,10 +236,12  <at>  <at>  sub SystemLicensePrint {
 sub Export {
        print STDERR "    In Export: $_" if ($debug);
        my $buffer = "";
+       my $ovpn   = 0;

        while (<INPUT>) {
                tr/\015//d;
                if (/$prompt/) { $found_end=1; $clean_run=1; return 0};
+               if (/interface ovpn-server server/) { $ovpn = 1; }
                next if(/^(\s*|\s*$cmd\s*)$/);
                next if(/^#/);
                return(1) if /(bad command name )/;
 <at>  <at>  -259,7 +261,11  <at>  <at>  sub Export {
                        # Fix quoted strings
                        $buffer =~ s/(\S+)="(\S+)"/$1=$2/g;

-                       ProcessHistory("","","","$buffer");
+                       if ($ovpn && $buffer =~ m/\s*set auth/) {
+                               $ovpn = 0;
+                       } else {
+                               ProcessHistory("","","","$buffer");
+                       }
                        $buffer = "";
                }
        }

--

-- 
--------------------------------------------------------------------------
Steven Saner <ssaner <at> hubris.net>                      Voice:  316-858-3000
Director of Network Operations                          Fax:  316-858-3001
Hubris Communications                                http://www.hubris.net
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

Jitendra | 9 Jan 02:12 2015
Picon

[rancid] DRancid on ubuntu 14.04

 

Hello All,

 

Have rancid installed on ubuntu 14.04 and have dropped in the dlogin and drancid additions to the /var/lib/rancid/bin. I have also fixed the path for dlogin at the top of the file. However, drancid is having a bunch of issues.

the .new file is not being writting into the /var/log/rancid folder; instead it is attempting to write to the /var/lib/rancid/bin to which the rancid user has no rights; only root does. Secondly, dlogin can not be found.

Im stumped. Any help would be appreciated.

 

Jit 

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
heasley | 7 Jan 22:37 2015
Picon

Re: [rancid] MikroTik missed cmd(s): system package print detail without-paging

Wed, Jan 07, 2015 at 07:28:09PM +0000, IT-Info:
> I've got an issue specifically with MikroTik devices.  When RANCID runs, it skips a bunch of MikroTik
devices with this type of error:
> mikrotik01: missed cmd(s): system package print detail without-paging
> 
> If I log in and run rancid-run manually, sometimes it will work and sometimes it won't, but it never works
from cron.  These MikroTik devices are those that have been replaced due to failure or other reason.  I
delete the key in .ssh/known_keys, the new key is added upon next run, but then this error appears.  Since
we've replaced many MikroTiks over the past 6 months, the list of MikroTik devices with this issue is
growing - I've got about 20 now.
> 
> I upgraded RANCID from 2.3.8 to 3.1, but that didn't help the issue.  I'm aware of the issue detailed at
http://www.shrubbery.net/pipermail/rancid-discuss/2013-August/007010.html.  This issue is
similar, but I don't know the solution and I can replicate it after physically replacing a MikroTik device.
> 
> I can manually run the command that RANICID errors on without any issues, so it doesn't appear to be a
timeout issue:
> $ bin/mtlogin -c "system package print detail without-paging" mikrotik01

Would you try this patch?  please lmk if it fixes the problem.  if it doesnt,
perhaps you can give me remote access to one.

Index: mtlogin.in
===================================================================
--- mtlogin.in	(revision 3005)
+++ mtlogin.in	(working copy)
 <at>  <at>  -457,6 +457,14  <at>  <at> 
 source_password_file $password_file
 set in_proc 0
 set exitval 0
+# if we have dont have a tty, we need some additional terminal settings
+if [catch {stty -echo} reason] {
+    # no tty, ie: cron
+    set spawnopts "-nottycopy"
+    set stty_init "cols 132"
+} else {
+    catch {stty echo} reason
+}
 foreach router [lrange $argv $i end] {
     set router [string tolower $router]
     send_user "$router\n"

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

IT-Info | 7 Jan 20:28 2015

[rancid] MikroTik missed cmd(s): system package print detail without-paging

Hello,

 

I’ve got an issue specifically with MikroTik devices.  When RANCID runs, it skips a bunch of MikroTik devices with this type of error:

mikrotik01: missed cmd(s): system package print detail without-paging

 

If I log in and run rancid-run manually, sometimes it will work and sometimes it won’t, but it never works from cron.  These MikroTik devices are those that have been replaced due to failure or other reason.  I delete the key in .ssh/known_keys, the new key is added upon next run, but then this error appears.  Since we’ve replaced many MikroTiks over the past 6 months, the list of MikroTik devices with this issue is growing – I’ve got about 20 now.

 

I upgraded RANCID from 2.3.8 to 3.1, but that didn’t help the issue.  I’m aware of the issue detailed at http://www.shrubbery.net/pipermail/rancid-discuss/2013-August/007010.html.  This issue is similar, but I don’t know the solution and I can replicate it after physically replacing a MikroTik device.

 

I can manually run the command that RANICID errors on without any issues, so it doesn’t appear to be a timeout issue:

$ bin/mtlogin -c "system package print detail without-paging" mikrotik01

 

Has anyone seen this issue or have any advice for me?  It’s frustrating that when a MikroTik is replaced, it’s no longer able to be backed up in RANCID due to this error.  Otherwise, RANCID works great, especially with our Juniper and Cisco devices.

 

Thanks in advance!

Brian

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Michael Newton | 7 Jan 00:40 2015

[rancid] Aruba devices in 3.1

Hi all; we are looking at getting a RANCID infrastructure in place and have been pleasantly surprised by how easy everything has been so far. Had my first backups of our HP equipment within a few hours of getting started.

But we also have a number of Aruba devices, and I can find no information on adding custom device types in this latest 3.1 version of the software. I have downloaded the Aruba scripts from ftp://ftp.shrubbery.net/pub/rancid/contrib/ but these were designed for 2.3 and suggest editing rancid-fe. Instead what I ended up with, after much guesswork, is this:

$ cat /etc/rancid/rancid.types.conf
aruba;script;rancid -t aruba
aruba;login;arubalogin
aruba;module;rancid
aruba;inloop;rancid::inloop
aruba;command;rancid::RunCommand;no paging
aruba;command;rancid::RunCommand;show running-config

$ su -lc "rancid -dt aruba aruba.example.com" rancid
loadtype: device type aruba
loadtype: found device type aruba in /etc/rancid/rancid.types.conf
executing arubalogin -t 90 -c ”no paging;show running-config” aruba.example.com
aruba.example.com: missed cmd(s): all commands
aruba.example.com: End of run not found
aruba.example.com: End of run not found


Executing the displayed arubalogin command alone seems to work fine after a couple of small edits, and spits out the config. Why is rancid not recognizing it? Have I missed a step somewhere? Thanks for any pointers!

Mike
Attachment (smime.p7s): application/pkcs7-signature, 7100 bytes
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Scott Brynen | 30 Dec 23:23 2014

[rancid] Contributions to Rancid

How do you submit updates to Shrubbery/Rancid and get them in the distro?  I sent an email ages (1+ yr ago)
offering up my ironport module for rancid and never heard anything back.  

I know a few people here are using my module, but what the official way back into the source tree?

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss <at> shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss


Gmane