Discussion:
[rancid] [p@tristero.se: Re: 3.2 rancid-run not working with PAN devices]
Matt Almgren
2015-07-30 15:23:16 UTC
Permalink
Hi Pavel,

I do have that package in the lib/rancid directory:

<head>
##
## $Id: panos.pm.in 3019 2015-01-11 05:54:59Z heas $
##
## rancid 3.2

But I also see a package ios.
Trying to get all of the configs.
sjc-fw01-sec.endor.lan: missed cmd(s): all commands
sjc-fw01-sec.endor.lan: End of run not found
Still running this manually, it works:

bin/panlogin -t 90 -c"show system info" sjc-fw01-sec

Any other tips? Thank you very much.

— Matt





From: Pavel Korovin <***@tristero.se<mailto:***@tristero.se>>
Date: Thursday, July 30, 2015 at 5:28 AM
To: Matt Almgren <***@surveymonkey.com<mailto:***@surveymonkey.com>>
Subject: [***@tristero.se<mailto:***@tristero.se>: Re: [rancid] 3.2 rancid-run not working with PAN devices]

On 07/29, Matt Almgren wrote:
I noticed on some forums that there was a pan rancid file, but I don’t have on in the 3.2 install. I see in some notes that it was converted to a module, so I assume it’s not needed.
Any ideas?

Make sure you have

package panos;

and not

package ios;

in lib/rancid/panos.pm (in my case it's /usr/local/lib/rancid/panos.pm).

Patch file: ftp://ftp.shrubbery.net/pub/rancid/rancid-3.2.p5.gz

--
With best regards,
Pavel Korovin
Matt Almgren
2015-07-30 17:55:06 UTC
Permalink
I’m sorry, I totally misunderstood that the first time you said it. I thought you were talking about the directory listing.

I wished that fixed the issue, but that didn’t help. But I did find the problem.

By looking at the process list and running the command manually:

/usr/bin/expect -- /home/rancid/bin/panlogin -t 90 -c "set cli scripting-mode on;set cli pager off;show system info;show config running" sjc-fw01-sec.endor.lan

The “set cli xxx” command was failing. Seems the rancid user in the PAN was set to “Admin read-only” and the “set” commands were failing, causing the config dump to wait for page break. Once I changed the account type to Device Admin, it works great now!! Now I think I need to tweak TAC+ to limit what that rancid user can do in the CLI.

I’m sure having the other fixes in there helped as well, but the above was probably the biggest reason why the config wasn’t getting saved.

Thanks for all your help!! Adding the list back in here in case others have similar issues.

— Matt





From: Pavel Korovin <***@tristero.se<mailto:***@tristero.se>>
Date: Thursday, July 30, 2015 at 9:23 AM
To: Matt Almgren <***@surveymonkey.com<mailto:***@surveymonkey.com>>
Subject: Re: [***@tristero.se<mailto:***@tristero.se>: Re: [rancid] 3.2 rancid-run not working with PAN devices]

Matt, please replace the string "package ios;" with "package panos;" and it will be fixed.

On July 30, 2015 7:00:58 PM GMT+03:00, Matt Almgren <***@surveymonkey.com<mailto:***@surveymonkey.com>> wrote:
***@sjc-nettools02:~/lib/rancid$ head -n 20 panos.pm
package ios;
##
## $Id: panos.pm.in 3019 2015-01-11 05:54:59Z heas $
##
## rancid 3.2
## Copyright (c) 1997-2015 by Terrapin Communications, Inc.
## All rights reserved.
##
## This code is derived from software contributed to and maintained by
## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan,
## Pete Whiting, Austin Schutz, and Andrew Fort.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted provided that the following conditions
## are met:
## 1. Redistributions of source code must retain the above copyright
## notice, this list of conditions and the following disclaimer.
## 2. Redistributions in binary form must reproduce the above copyright
## notice, this list of conditions and the following disclaimer in the
## documentation and/or other materials provided with the distribution.
***@sjc-nettools02:~/lib/rancid$




From: Pavel Korovin <***@tristero.se<mailto:***@tristero.se>>
Date: Thursday, July 30, 2015 at 8:59 AM
To: Matt Almgren <***@surveymonkey.com<mailto:***@surveymonkey.com>>
Subject: Re: [***@tristero.se<mailto:***@tristero.se>: Re: [rancid] 3.2 rancid-run not working with PAN devices]

head -n 20 panos.pm<http://panos.pm>

--
With best regards,
Pavel Korovin

Loading...