Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. RANCID>
  3. Users
Newbie install question
brett at fj
Sep 4, 2001, 9:04 PM
Post #1 of 6 (2546 views)
Permalink
Warning: newbie question.

I've just intalled rancid-2.1.0 on our Solaris 8, with tcl-8.3.1, tk-8.3.1,
expect-5.32, and cvs 1.11

After following the instructions, I'm now receiving;

[root at mel1:/usr/local/rancid/logs]$ cat core.20010905.150101
starting: Wed Sep 5 15:01:01 EST 2001

Trying to get all of the configs.
All routers sucessfully completed.

cvs diff: in directory .:
cvs [diff aborted]: there is no version here; run 'cvs checkout' first
cvs [commit aborted]: cannot commit files as 'root'

ending: Wed Sep 5 15:01:12 EST 2001

Obviously I need to run the scripts as other than root, but knowing nothing
about cvd, I'm wondering what the cvs checkout stuff is?

Regards,
Brett
Newbie install question [ In reply to ]
afort at staff
Sep 4, 2001, 9:33 PM
Post #2 of 6 (2437 views)
Permalink
>[root at mel1:/usr/local/rancid/logs]$ cat core.20010905.150101
>starting: Wed Sep 5 15:01:01 EST 2001
>
>Trying to get all of the configs.
>All routers sucessfully completed.
>
>cvs diff: in directory .:
>cvs [diff aborted]: there is no version here; run 'cvs checkout' first
>cvs [commit aborted]: cannot commit files as 'root'
>
>ending: Wed Sep 5 15:01:12 EST 2001
>
>Obviously I need to run the scripts as other than root, but
>knowing nothing
>about cvd, I'm wondering what the cvs checkout stuff is?

Brett, it looks like you possibly didn't run
/usr/local/rancid/bin/create_cvs once you'd set up the groups you want (such
as 'core') in the /usr/local/rancid/bin/env file (LIST_OF_GROUPS variable).
create_cvs can handle if your directories have already been manually created
(e.g., you manually created /usr/local/rancid/core/), but the recommended
method is to just add to the LIST_OF_GROUPS, then run create_cvs.

The way I setup permissions was to create a rancid user (and group), then
set the permissions as (from memory):

chgrp -r rancid /usr/local/rancid/
chmod g+ws /usr/local/rancid/

Then put your admins in the rancid group.

The rancid user has its own ~/.cloginrc naturally, and this user is the one
which 'cleans up' after the admins who forget to 'do-diffs' after they make
changes, i.e., from cron (we do it once an hour, if you run less regularly
than that, be aware of the value of OLDTIME in the /usr/local/rancid/bin/env
should be greater than the number of hours between your 'rancid' cronjobs.

If you're still stuck, try going through the quickstart guide again, I found
it made much more sense the second time...

-afort
Newbie install question [ In reply to ]
heas at shrubbery
Sep 5, 2001, 12:44 AM
Post #3 of 6 (2447 views)
Permalink
Wed, Sep 05, 2001 at 03:33:47PM +1000, Andrew Fort:
> >[root at mel1:/usr/local/rancid/logs]$ cat core.20010905.150101
> >starting: Wed Sep 5 15:01:01 EST 2001
> >
> >Trying to get all of the configs.
> >All routers sucessfully completed.
> >
> >cvs diff: in directory .:
> >cvs [diff aborted]: there is no version here; run 'cvs checkout' first
> >cvs [commit aborted]: cannot commit files as 'root'
> >
> >ending: Wed Sep 5 15:01:12 EST 2001
> >
> >Obviously I need to run the scripts as other than root, but
> >knowing nothing
> >about cvd, I'm wondering what the cvs checkout stuff is?
>
> Brett, it looks like you possibly didn't run
> /usr/local/rancid/bin/create_cvs once you'd set up the groups you want (such
> as 'core') in the /usr/local/rancid/bin/env file (LIST_OF_GROUPS variable).
> create_cvs can handle if your directories have already been manually created
> (e.g., you manually created /usr/local/rancid/core/), but the recommended
> method is to just add to the LIST_OF_GROUPS, then run create_cvs.
>
> The way I setup permissions was to create a rancid user (and group), then
> set the permissions as (from memory):
>
> chgrp -r rancid /usr/local/rancid/
> chmod g+ws /usr/local/rancid/
>
> Then put your admins in the rancid group.
>
> The rancid user has its own ~/.cloginrc naturally, and this user is the one
> which 'cleans up' after the admins who forget to 'do-diffs' after they make
> changes, i.e., from cron (we do it once an hour, if you run less regularly
> than that, be aware of the value of OLDTIME in the /usr/local/rancid/bin/env
> should be greater than the number of hours between your 'rancid' cronjobs.

thats a good point! thanks, i'll be sure to add a note.

> If you're still stuck, try going through the quickstart guide again, I found
> it made much more sense the second time...

hmm, if thats the case (as it seems so), please tell us how we might improve
the install instructions. thanks. also, see the rancid_intro man page.

> -afort
Newbie install question [ In reply to ]
brett at fj
Sep 5, 2001, 12:55 AM
Post #4 of 6 (2444 views)
Permalink
I worked it out. create_cvs does NOT cope with manually creating the
directory. I've adopted Andrew's user stuff which works like a dream, and
now I finally have notification when somone makes changes to our Cisco's (no
more finding out 2 weeks later that something's been messed with and
broken).

Regards,
Brett

----- Original Message -----
From: "john heasley" <heas@shrubbery.net>
To: "Andrew Fort" <afort at staff.webcentral.com.au>
Cc: "'Brett O'Hara'" <brett at fj.com.au>; <rancid-discuss at shrubbery.net>
Sent: Wednesday, September 05, 2001 6:44 PM
Subject: Re: Newbie install question


> Wed, Sep 05, 2001 at 03:33:47PM +1000, Andrew Fort:
> > >[root at mel1:/usr/local/rancid/logs]$ cat core.20010905.150101
> > >starting: Wed Sep 5 15:01:01 EST 2001
> > >
> > >Trying to get all of the configs.
> > >All routers sucessfully completed.
> > >
> > >cvs diff: in directory .:
> > >cvs [diff aborted]: there is no version here; run 'cvs checkout' first
> > >cvs [commit aborted]: cannot commit files as 'root'
> > >
> > >ending: Wed Sep 5 15:01:12 EST 2001
> > >
> > >Obviously I need to run the scripts as other than root, but
> > >knowing nothing
> > >about cvd, I'm wondering what the cvs checkout stuff is?
> >
> > Brett, it looks like you possibly didn't run
> > /usr/local/rancid/bin/create_cvs once you'd set up the groups you want
(such
> > as 'core') in the /usr/local/rancid/bin/env file (LIST_OF_GROUPS
variable).
> > create_cvs can handle if your directories have already been manually
created
> > (e.g., you manually created /usr/local/rancid/core/), but the
recommended
> > method is to just add to the LIST_OF_GROUPS, then run create_cvs.
> >
> > The way I setup permissions was to create a rancid user (and group),
then
> > set the permissions as (from memory):
> >
> > chgrp -r rancid /usr/local/rancid/
> > chmod g+ws /usr/local/rancid/
> >
> > Then put your admins in the rancid group.
> >
> > The rancid user has its own ~/.cloginrc naturally, and this user is the
one
> > which 'cleans up' after the admins who forget to 'do-diffs' after they
make
> > changes, i.e., from cron (we do it once an hour, if you run less
regularly
> > than that, be aware of the value of OLDTIME in the
/usr/local/rancid/bin/env
> > should be greater than the number of hours between your 'rancid'
cronjobs.
>
> thats a good point! thanks, i'll be sure to add a note.
>
> > If you're still stuck, try going through the quickstart guide again, I
found
> > it made much more sense the second time...
>
> hmm, if thats the case (as it seems so), please tell us how we might
improve
> the install instructions. thanks. also, see the rancid_intro man page.
>
> > -afort
>
Newbie install question [ In reply to ]
afort at staff
Sep 5, 2001, 4:00 AM
Post #5 of 6 (2451 views)
Permalink
Brett o'hara wrote;

>I worked it out. create_cvs does NOT cope with manually creating the
>directory. I've adopted Andrew's user stuff which works like
>a dream, and
>now I finally have notification when somone makes changes to
>our Cisco's (no
>more finding out 2 weeks later that something's been messed with and
>broken).

The limitation here is that 'rancid' made the changes (or whichever user is
doing the cronjob). tracking down whom to execute the lart(8) on requires
other logs, so be sure to keep TACACS+/RADIUS accounting logs so you can
track down those 'cleaner' admins who have that awful habit of 'cleaning up'
router configs :)

On this point, I've been considering hacking in a 'RANCID-APPARENTLY-BY:'
tag (at the top of the diff) which would grab the username from the 'Last
modified by' stuff (at the top of the output of 'wr term'/'sh run' on IOS),
where it's valid, so the stored config actually tells you who last updated
it (well, apparently :). Upon examining the code, it looks like someone
tried to do this, but commented the code out; perahps due to inconsistencies
in the formatting of these two lines between different IOS versions (or the
lack of this data on other platforms).. can anyone shed some light on this?
anyone else reckon this feature wouldn't suck? after all, there's no use
cluttering up the config files with yet more cruft if it's only me who wants
it :)

-afort
Newbie install question [ In reply to ]
afort at staff
Sep 5, 2001, 4:03 AM
Post #6 of 6 (2440 views)
Permalink
>> The rancid user has its own ~/.cloginrc naturally, and this
>user is the one
>> which 'cleans up' after the admins who forget to 'do-diffs'
>after they make
>> changes, i.e., from cron (we do it once an hour, if you run
>less regularly
>> than that, be aware of the value of OLDTIME in the
>/usr/local/rancid/bin/env
>> should be greater than the number of hours between your
>'rancid' cronjobs.
>
>thats a good point! thanks, i'll be sure to add a note.
>

John, if you're referring to 'check OLDTIME if you're running
less-than-regular cronjobs', there's already a note in the README for that
(under section 9).

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal