oxidized
oxidized copied to clipboard
ytti
F5 module doesnt work if default shell is tmsh
starting somewhere within the 11.x train a user that is not defined locally on an F5 cannot be set to login with a bash shell. So, users that are defined in radius / tacacs / ldap etc. end up at a tmos prompt.
when in the tmos shell, it's not possible to issue tmsh or standard unix commands. There are alternate commands that can be used, but a simpler solution is to drop to a bash shell if you detect that you are already at a tmos prompt.
an example tmos prompt...
rancid@(lb1a)(cfg-sync In Sync)(Standby)(/Common)(tmos)#
an example bash prompt...
[rancid@lb1a:Standby:In Sync]
when at a tmos prompt, it's possible to drop to a bash prompt by executing "run /util bash" this is a supported command by F5. Issuing "exit" from the bash prompt will bring you back to the tmos prompt. Issuing "quit" from the tmos prompt will log the user out.
Is it possible to add some code to oxidized/lib/oxidized/model/tmos.rb to detect the current prompt and change mode if needed?
We don't have ability to show what prompt matched now, it seems it might be useful and probably isn't that hard to add.
However in this case, can't we just have in post_login run /utll bashand in pre_logout èxit and quit
For uses who do get bash shell, the run won't do anything but complain, and additional 'quit' will not be heard, as user is already out.
I am having the same issue, and added the code for post_login and pre_logout commands, however these either do not run, and I am assuming this would be due to the statement "exec true", or they are run, then fail, and do not get logged. below is the code that I added:
cfg :ssh, :telnet do
exec true # don't run shell, run each command in exec channel
post_login do
send "run /util bash\n"
end
pre_logout 'exit'
pre_logout 'quit'
end
I tried it several ways using the various ways the code in other models shows it being done for instance, with a "post_login do" "send blah" and "end" block for both post_login and pre_logout, without the block using the one line syntax, using new line characters, and then not using new line characters, and these changes do not seem to effect the execution.
Hi ja-johns, you probably figured this out already, but the issue with commenting out "exec true" and running the code snippet above is that the module is expecting a different prompt, and will fail with a "not matching configured prompt" error. As a work-around (assuming you can't create a user that logs in directly with a bash shell), you can append the following prompt definition at the top of your tmos.rb file:
prompt /^([\w.@-][\S\s]+[#>]?)$/
This should allow Oxidized to pass "run /util bash" and pass the commands to the bash prompt.
Hi friends. I know that this topic have a lot of time, but i've need make this solution works too. So, searching for a mode to do, I've think if maybe we can send a tmsh command "inside" a bash but inside the tmsh (default terminal). Yes, crazy idea.
But it works. Just edit the "tmos.rb" file, puting the follow command before each "tmsh" command: run /util bash -c An example line: 'run /util bash -c "tmsh -q show sys version"' or e.g. in the "tmos.rb" file we have: cmd('run /util bash -c "tmsh -q show sys version"') { |cfg| comment cfg }
It works great and fill my needance.
Cheers.
