[rancid] rancid 2.3.6: clogin with multiple devices fails... ($autologin not defined)

Jon Peatfield J.S.Peatfield at damtp.cam.ac.uk
Mon Jun 13 21:58:33 UTC 2011

I originally thought that this might be a config error on my part but 
currently for me with rancid 2.3.6 I can happily run:

   clogin -c 'some-command' router1


   clogin -c 'some-command' router2

but not:

   clogin -c 'some-command' router1 router2

(or router1 router1 for that matter)

When I try I get an error from the tcl about autoenable not being a 
variable.  Here is an example failure:

$ clogin -c 'who' bl23-12.private bl23-13.private
spawn telnet bl23-12.private
Connected to bl23-12.private.
Escape character is '^]'.

User Access Verification

Username: cisco
bl23-12#terminal length 0
     Line       User       Host(s)              Idle       Location
*  1 vty 0     cisco      idle                 00:00:00   <SNIP>

   Interface      User        Mode                     Idle     Peer 

Connection closed by foreign host.
can't read "autoenable": no such variable
     while executing
"if { $enable && $do_enapasswd && $autoenable == 0 && [llength $pswd] < 2 
} {
         send_user -- "\nError: no enable password for $router in 
     ("foreach" body line 28)
     invoked from within
"foreach router [lrange $argv $i end] {
     set router [string tolower $router]
     # attempt at platform switching.
     set platform ""
     send_user ..."
     (file "/usr/bin/clogin" line 743)

it always fails on the second host, so it isn't just that the config for 
the second router is wrong.  Adding an explicit 'add autoenable ... {0}' 
does not seem to help...

On our HP procurve devices we do use autoenable (defined in the .cloginrc) 
and for those hlogin works as expected...  In fact apart from some errors 
from the 'no-page' command I can use hlogin -c '...' against multiple 
cisco devices without getting similar errors (at least for trivial 

Looking at the (unpatched I hope) clogin.in file from the 2.3.6 tar I see 
that at about line 770 is the offending code:

       if { $enable && $do_enapasswd && $autoenable == 0 && [llength $pswd] < 2 } {
 	send_user -- "\nError: no enable password for $router in $password_file.\n"

but I can't see anything which ever sets autoenable in this file...  What 
really puzzled me is that the error only happens on the second router...

A bit of debugging shows that on the first loop $enable is 0 so it never 
tests beyond it - even though it will be about to use enable, and when it 
finds a > prompt it sets enable to 1 so the next time round the test check 
$do_enapasswd (true) and $autoenable (no defined) and we get an error.

So a little further up (about line 742 - the top of the loop) we have:

set enable 0
foreach router [lrange $argv $i end] {
     set router [string tolower $router]

Changing that to:

foreach router [lrange $argv $i end] {
     set enable 0
     set router [string tolower $router]

so that enable is initially set to 0 for each router, appears to cure the 
problem for me, but it may have unexpected side effects and surely 
$autoenable isn't the right thing to be testing is it?

Maybe this test is left over from an earlier version of the code.  I note 
that in hlogin.in the loop over the routers is quite different and does 
set autologin for each device in the loop.

At the moment I can just use a shell script to loop over each device and 
so avoid listing multiple hosts on the clogin command, but I was very 
surprised by it not doing what I expected - since I'd used an almost 
identical command with hlogin a few days earlier.

| "Computers are different from telephones.  Computers do not ring." |
|       -- A. Tanenbaum, "Computer Networks", p. 32                  |
| Jon Peatfield, _Computer_ Officer, DAMTP,  University of Cambridge |
| Mail:  jp107 at damtp.cam.ac.uk     Web:  http://www.damtp.cam.ac.uk/ |

More information about the Rancid-discuss mailing list