[rancid] backup problems with new element type

heasley heas at shrubbery.net
Thu May 2 05:55:25 UTC 2013 

Wed, May 01, 2013 at 01:11:50PM -0700, Tim Eberhard:
> I think I figured it out. The user account had a .cloginrc file in the home
> directory. I also found a .cloginrc file within the rancid directory. Looks
> like it was using the .clogin file in the rancid directory. I hadn't known
> about that and I had been making my changes to the .clogin in the home
> directory of the user.
> 
> Interesting behavior I didn't see documented anywhere.

there is no such default behavior.  a cloginrc can include another, or
an environment variable can be set to another path, but it does not read
multiple nor other that of users' by default.

> Thanks for your help!
> -Tim
> 
> 
> On Wed, May 1, 2013 at 12:13 PM, Hughes, Doug <
> Douglas.Hughes at deshawresearch.com> wrote:
> 
> >  Hrm.. that is odd. I?d turn on debugging with panlogin and see what it?s
> > actually trying to send. It sure does seem like it?s either a bad password
> > or a failure to match the password prompt in some way.****
> >
> > ** **
> >
> > ** **
> >
> > *From:* rancid-discuss-bounces at shrubbery.net [mailto:
> > rancid-discuss-bounces at shrubbery.net] *On Behalf Of *Tim Eberhard
> > *Sent:* Wednesday, May 01, 2013 12:25 PM
> > *To:* rancid-discuss at shrubbery.net
> > *Subject:* [rancid] backup problems with new element type****
> >
> > ** **
> >
> > Rancid folks,****
> >
> > ** **
> >
> > I've hit a wall and I was hoping you all might be able to provide some
> > insight. ****
> >
> > ** **
> >
> > In an attempt to get some palo alto firewalls added to rancid for config
> > backup I'm having issues with rancid properly logging in.****
> >
> > ** **
> >
> > From the logs I see this for all the firewalls:****
> >
> > #****
> >
> > firewall1 panlogin error: Error: Check your passwd for firewall1****
> >
> > firewall1: missed cmd(s): show config running,set cli pager off,set cli
> > configuration-output-format set,set cli scripting-mode on,show system info
> > ****
> >
> > firewall1: End of run not found****
> >
> > #****
> >
> > ** **
> >
> > If I run it via CLI (sudo su - ranciduser before running it..) it
> > completes correctly. Both are using the exact same clogin file as this
> > works for a lot of routers and other firewalls. It's just specifically the
> > palo alto firewalls that are failing.  Suggestions on what to check or how
> > to debug this behavior? ****
> >
> > ** **
> >
> > ** **
> >
> > #****
> >
> > [ranciduser at tools ~]$ /usr/local/rancid/bin/panrancid -d firewall1****
> >
> > executing panlogin -t 90 -c"set cli scripting-mode on;set cli pager
> > off;set cli configuration-output-format set;show system info;show config
> > running" firewall1****
> >
> > line: firewall1****
> >
> > line: spawn ssh -c 3des -x -l ranciduser firewall1****
> >
> > line: Password:****
> >
> > line: Last login: Wed May  1 12:12:57 2013 from tools.removed.com****
> >
> > line: ranciduser at fw1(passive)>****
> >
> > line: ranciduser at fw1(passive)>****
> >
> > line: ranciduser at fw1(passive)> set ranciduser at fw1(passive)> set cli
> > ranciduser at fw1(passive)> set cli scripting-mode ranciduser at fw1(passive)>
> > set cli scripting-mode on****
> >
> > PROMPT MATCH: ranciduser at fw1\(passive\)[#>]****
> >
> > HIT COMMAND:ranciduser at fw1(passive)> set ranciduser at fw1(passive)> set cli
> > ranciduser at fw1(passive)> set cli scripting-mode ranciduser at fw1(passive)>
> > set cli scripting-mode on****
> >
> > COMMAND is: set cli scripting-mode on|EatCommand****
> >
> > HIT COMMAND:ranciduser at fw1(passive)> set cli pager off****
> >
> > COMMAND is: set cli pager off|EatCommand****
> >
> > HIT COMMAND:ranciduser at fw1(passive)> set cli configuration-output-format
> > set****
> >
> > COMMAND is: set cli configuration-output-format set|EatCommand****
> >
> > HIT COMMAND:ranciduser at fw1(passive)> show system info****
> >
> > COMMAND is: show system info|ShowInfo****
> >
> >     In ShowInfo:: ranciduser at fw1(passive)> show system info****
> >
> > HIT COMMAND:ranciduser at fw1(passive)> show config running****
> >
> > COMMAND is: show config running|ShowConfig****
> >
> >     In ShowConfig: ranciduser at fw1(passive)> show config running****
> >
> > line:****
> >
> > exiting****
> >
> > #****
> >
> > ** **
> >
> > ** **
> >
> > Thanks for your help!****
> >
> > -Tim****
> >

> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

More information about the Rancid-discuss mailing list