Post by Richard SavagePost by heasleyThe other thing I?ve noticed is that other folks also had passwords
seem to be continually changing and causing alerts. I have never noted
this in my clusters????????yet.
-- Yes I see this all the time, every time a backup is run. I need to
be able to backup a full config on other devices, (cisco, juicer) so
can't disable the grabbing of password data in rancid as this would stop
it being backed up for all cisco and juniper hardware. Not sure of any
way to achieve this at the moment.
what if a <group>/rancid.conf were supported that could over-ride
configuration
of the global rancid.conf?
Yes either a group or a hardware type would be good. Some way of
excluding the password from certain hosts would be great. :)
Rich
there might be fuzz w/ pre-3.0a.
Index: bin/control_rancid.in
===================================================================
--- bin/control_rancid.in (revision 2713)
+++ bin/control_rancid.in (working copy)
@@ -45,11 +45,12 @@
# print a usage message to stderr
pr_usage() {
- echo "usage: $0 [-V] [-r device_name] [-m mail rcpt] group" >&2;
+ echo "usage: $0 [-V] [-f group_config_file] [-r device_name] [-m mail rcpt] group" >&2;
}
# command-line options
# -V print version string
+# -f <group config file name>
# -m <mail recipients>
# -r <device name>
alt_mailrcpt=0
@@ -61,6 +62,16 @@
echo "@PACKAGE@ @VERSION@"
exit 0
;;
+ -f)
+ shift
+ # next arg is the alternate config file name
+ ENVFILE="$1"
+ if [ -z $ENVFILE ]; then
+ pr_usage
+ exit 1
+ fi
+ shift
+ ;;
-m)
shift
# next arg is the mail recipient
@@ -105,6 +116,12 @@
fi
DIR=$BASEDIR/$GROUP
TMP=${TMPDIR:=/tmp}/rancid.$GROUP.$$
+if [ -z "$ENVFILE" ] ; then
+ ENVFILE="$DIR/rancid.conf"
+fi
+if [ -e "$ENVFILE" ] ; then
+ . $ENVFILE
+fi
trap 'rm -fr $TMP;' 1 2 15
# disable noclobber
@@ -167,6 +184,14 @@
fi
fi
+# check if there is a rancid.conf and if it needs to be added to the RCS
+if [ -e rancid.conf ] ; then
+ LN=`$RCSSYS ls rancid.conf | wc -l`
+ if [ $LN -eq 0 ] ; then
+ $RCSSYS add rancid.conf
+ fi
+fi
+
# do cvs update of router.db in case anyone has fiddled.
$RCSSYS update router.db > $TMP 2>&1
grep "^C" $TMP > /dev/null
Index: CHANGES
===================================================================
--- CHANGES (revision 2713)
+++ CHANGES (working copy)
@@ -1,4 +1,7 @@
3.0a3
+ control_rancid: add group-specific rancid.conf file & supporting -f
+ option
+
nxrancid: filter snmp communities, tacacs keys and neighbor pwds - Alan
McKinnon
Index: man/control_rancid.1
===================================================================
--- man/control_rancid.1 (revision 2713)
+++ man/control_rancid.1 (working copy)
@@ -1,11 +1,14 @@
.\"
.hys 50
-.TH "control_rancid" "1" "5 October 2006"
+.TH "control_rancid" "1" "15 July 2013"
.SH NAME
control_rancid \- run rancid for devices of a group
.SH SYNOPSIS
.B control_rancid
[\fB\-V\fR] [\c
+.BI \-f\ \c
+group_config_file]\ \c
+[\c
.BI \-m\ \c
mail_rcpt]\ \c
[\c
@@ -28,6 +31,18 @@
.B \-V
Prints package name and version strings.
.TP
+.B \-f group_config_file
+Specify a rancid.conf specific to the given group. The global rancid.conf
+file is read by rancid-run, which calls
+.B control_rancid
+for each group, and
+.B control_rancid
+reads the group-specific rancid.conf, thereby overriding the global file.
+.sp
+The group-specific rancid.conf may not exist.
+.sp
+Default: <BASEDIR>/<group>/rancid.conf
+.TP
.B \-m mail_rcpt
Specify the recipient of diff mail, which is normally rancid-<group>. The
argument may be a single address, multiple comma separated addresses, or