{"id":776,"date":"2011-08-15T11:20:27","date_gmt":"2011-08-15T16:20:27","guid":{"rendered":"http:\/\/it.thelibrarie.com\/weblog\/?p=776"},"modified":"2013-05-21T08:15:39","modified_gmt":"2013-05-21T13:15:39","slug":"rancid-ubuntu-10-04","status":"publish","type":"post","link":"https:\/\/it.thelibrarie.com\/weblog\/2011\/08\/rancid-ubuntu-10-04\/","title":{"rendered":"Rancid Ubuntu 10.04"},"content":{"rendered":"<p>Rancid stands for <strong>R<\/strong>eally <strong>A<\/strong>wesome <strong>N<\/strong>ew <strong>C<\/strong>isco conf<strong>I<\/strong>g <strong>D<\/strong>iffer.  It&#8217;s produced by Shrubbery Networks (<a href=\"http:\/\/www.shrubbery.net\/rancid\/\" target=\"_blank\">http:\/\/www.shrubbery.net\/rancid\/<\/a>).  Basically it&#8217;s sole purpose is to make backups of your networking gear.  And it can email you of any changes as well.  This documentation is a work in progress &#8211; I had attempted to setup a rancid server one other time, but ran out of courage shortly after the beginning.  And I&#8217;m compiling based on a few other internet sources.<\/p>\n<p>Started with a 10.04.3 LTS server with LAMP\/Mail(postfix) installed.  x86 for those who care.  For those who don&#8217;t care, it&#8217;s still on an x86 system.<\/p>\n<p>I started installation, like all of my other projects, by switching to root:<\/p>\n<blockquote><p><code>su<\/code><\/p><\/blockquote>\n<p>I also created the rancid user with a password:<\/p>\n<blockquote><p><code>adduser rancid<\/code><\/p><\/blockquote>\n<p>Install the Rancid Base:<\/p>\n<blockquote><p><code>apt-get install rancid<\/code><br \/>\n<code>y<\/code>\n<\/p><\/blockquote>\n<p>Edit the Rancid Configuration by adding groups:<\/p>\n<blockquote><p><code>nano \/etc\/rancid\/rancid.conf<\/code><br \/>\n<code>LIST_OF_GROUPS=\"Group1 Group2 ... Group18\"<\/code><br \/>\nSave and Quit<\/p><\/blockquote>\n<p>Edit the Mail Aliases:<\/p>\n<blockquote><p><code>nano \/etc\/aliases<\/code><br \/>\n<code>rancid-Group1:   root<\/code><br \/>\n<code>rancid-admin-Group1:   root<\/code><br \/>\n<code>rancid-Group18:   root<\/code><br \/>\n<code>rancid-admin-Group18:   root<\/code><br \/>\nSave and Quit<\/p><\/blockquote>\n<p>Restart Your Mail Services:<\/p>\n<blockquote><p><code>\/etc\/init.d\/postfix restart<\/code><\/p><\/blockquote>\n<p>Run rancid CVS Groups:<\/p>\n<blockquote><p><code>sudo su -c \/var\/lib\/rancid\/bin\/rancid-cvs -s \/bin\/bash -l rancid<\/code><br \/>\nYou should now see a few new directories created in \/var\/lib\/rancid:<br \/>\n\/Group1<br \/>\n\/Group2<br \/>\n&#8230;<br \/>\n\/Group18<\/p><\/blockquote>\n<p>We want to edit the configuration files in each of these groups to reflect the devices.  We&#8217;ll start with \/Group1:<\/p>\n<blockquote><p><code>cd \/var\/lib\/rancid\/Group1<\/code><br \/>\n<code>nano router.db<\/code><br \/>\n<code>IPADDRESS_OR_HOSTNAME:brand:up_or_down<\/code><br \/>\nIf you select down, rancid will not actively check this device.<br \/>\nExample:<br \/>\n10.10.0.1:cisco:up<br \/>\n10.15.0.1:cisco:up<br \/>\n10.20.0.20:cisco:up<\/p><\/blockquote>\n<p>At one time, whilst setting this up for the first time, I thought that you could only have one login\/enable for the entire system.  I found that quite &#8220;uncool&#8221;.  Luckily for everyone reading this, I found out that I was incorrect with my assumption.  It&#8217;s actually quite easy now that I look back on the configuration.<\/p>\n<p>Create A Password File:<\/p>\n<blockquote><p>The installation of rancid on ubuntu will attempt to create a user called &#8220;rancid&#8221; with a home directory of \/var\/lib\/rancid, but a login point of \/dev\/null.  But, since we already created the &#8220;rancid&#8221; user, we must create a cloginrc file to house the passwords for your cisco gear in this user&#8217;s home directory.  <u>If you run this as root, it&#8217;ll be in \/root\/.clogin.rc<\/u><br \/>\n<code>nano \/home\/rancid\/.cloginrc<\/code><br \/>\n<code>add method * telnet<\/code><br \/>\n<code>add password IPADDRESS_OR_HOSTNAME LOGINPASSWORD ENABLEPASSWORD<\/code><br \/>\n<code>add password OTHERIP_OR_HOSTNAME LOGINPASSWORD ENABLEPASSWORD<\/code><br \/>\nSave and exit<\/p><\/blockquote>\n<p>For SSH:<\/p>\n<blockquote><p><code>add autoenable * 1<\/code><br \/>\n<code>add method IPADDRESS ssh<\/code><br \/>\n<code>add user IPADDRESS USERNAME<\/code><br \/>\n<code>add userpassword IPADDRESS PASSWORD<br \/>\n<code>add password IPADDRESS PASSWORD ENABLEPASSWORD<\/code><\/p><\/blockquote>\n<p>Change permissions of the password file (isn't necessary now that I created the user to begin with):<\/p>\n<blockquote><p><code>chmod 640 \/var\/lib\/rancid\/.cloginrc<\/code><br \/>\n<code>chown rancid \/home\/rancid\/cloginrc<\/code><\/p><\/blockquote>\n<p>Run the rancid server:<\/p>\n<blockquote><p><code>sudo su -c \/var\/lib\/rancid\/bin\/rancid-run -s \/bin\/bash -l rancid<\/code><\/p><\/blockquote>\n<p>View the Log Files:<\/p>\n<blockquote><p><code>nano \/var\/log\/rancid\/GROUPNAME.DATE.TIME<\/code><br \/>\n<a href=\"http:\/\/it.thelibrarie.com\/weblog\/wp-content\/uploads\/2011\/08\/rancid.png\" target=\"_blank\"><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/it.thelibrarie.com\/weblog\/wp-content\/uploads\/2011\/08\/rancid-150x150.png\" alt=\"\" title=\"rancid\" width=\"150\" height=\"150\" class=\"alignnone size-thumbnail wp-image-777\" \/><\/a>\n<\/p><\/blockquote>\n<p>Where Are The Configuration Files?<\/p>\n<blockquote><p><code>\/var\/lib\/rancid\/CVS\/GROUPNAME\/configs\/IP_OR_HOSTNAME,v<\/code><\/p><\/blockquote>\n<p>Too Much Information:<\/p>\n<blockquote><p>If you feel like you only want to have the configuration files and not the proc info\/mem info etc, just edit the following file:<br \/>\n<code>nano \/var\/lib\/rancid\/bin\/rancid<\/code><br \/>\nSearch for \"# Mail\"<br \/>\nComment out lines you no longer wish to document<br \/>\nSave and Quit\n<\/p><\/blockquote>\n<p>Add the Web GUI:<\/p>\n<blockquote><p><code>apt-get install cvsweb<\/code><br \/>\n<code>nano \/etc\/cvsweb\/cvsweb.conf<\/code><br \/>\nFind \"@CVSrepositories\"<br \/>\nAdd:<br \/>\n<code>'rancid'  => ['Rancid', '\/var\/lib\/rancid\/CVS'],<\/code><br \/>\nSave and Quit<br \/>\nRestart apache<br \/>\n<code>apache2ctl restart<\/code><br \/>\n<code>sudo ~rancid\/bin\/rancid-run<\/code> (or, if in as root, <code>rancid-run<\/code>)<br \/>\nYou can now open a web browser to http:\/\/IPOFSERVER\/cgi-bin\/cvsweb<\/p><\/blockquote>\n<p>EMail testing<br \/>\nI am having a few issues with email aliases - you're supposed to be able to utilize \"rancid-NAMEOFDEVICE: real email\" or the like for it to forward.  I was getting NDRs as it was trying to send locally.  So I temporarily changed the NDR to all send to the email address I wanted to send anyway.<\/p>\n<p>Cron job<br \/>\nI cron this for every 10 minutes - but it takes longer and longer to check all the devices on the network when I keep adding more and more to the configuration.  <\/p>\n<p>Sample Configuration (\/home\/rancid\/.cloginrc):<\/p>\n<blockquote><p>add method 10.15.1.245 telnet<br \/>\nadd method 10.15.1.246 telnet<br \/>\nadd method 10.11.0.2 ssh<br \/>\nadd user 10.11.0.2 rancid<br \/>\nadd userpassword 10.5.0.2 P@SSw0rd<br \/>\nadd password 10.15.1.246 P@55 3n@bL3<br \/>\nadd password 10.15.1.245 P@55 3n@bL3<br \/>\nadd password 10.11.0.2 P@SSw0rd 3n@bL3<\/p><\/blockquote>\n<p>***EDIT***<br \/>\nSometimes I'm a little slow when it comes to problems with workarounds - I mean, why fix something when it's only halfway broken?<br \/>\nI forgot that when you edit the \/etc\/aliases file that you have to run the command newaliases to update the \/etc\/aliases.db file.  Otherwise you'll see \"warning: database \/etc\/aliases.db is older than source file \/etc\/aliases\" in your \/var\/log\/mail.info file.  And away we go!<\/p>\n<p>***EDIT 2***<br \/>\nIf you put in hostnames instead of IP addresses (preferred method as it makes it easier to find in the list later), it's recommended to add static address aliases instead of relying on DNS.<br \/>\nnano \/etc\/hosts<br \/>\nIPADDRESSOFDEVICE NAMEOFDEVICE NAMEOFDEVICE.DOMAIN.TLD<br \/>\nPing the name of the device and verify you have resolution.<\/p>\n<p>Also, I found that rancid HATES capital letters.  Recommended that everything be lowercase.  ESPECIALLY in your .clogin file!!!  I found this out with tail -45 \/var\/log\/rancid\/LATESTFILEHERE<\/p>\n<p>And, if you follow my above installation procedure, you will find the main page loads without any icons.  I sorted this out by the following:<br \/>\n<code>mkdir \/var\/www\/icons<\/code><br \/>\n<code>nano \/etc\/apache\/sites-enabled\/000-default<\/code><br \/>\nFind Alias \/doc\/ \"\/usr\/share\/doc\/\"<br \/>\nAdd the following below it<br \/>\n<code>Alias \/cvsweb\/icons\/ \"\/var\/www\/icons\/\"<\/code><br \/>\nSave and quit<br \/>\n<code>apache2ctl restart<\/code><br \/>\nLoad the dir.gif, back.gif, and text.gif files of your choosing into the \/var\/www\/icons directory<br \/>\n<div id='gallery-1' class='gallery galleryid-776 gallery-columns-3 gallery-size-thumbnail'><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='https:\/\/it.thelibrarie.com\/weblog\/2011\/08\/rancid-ubuntu-10-04\/rancid\/'><img loading=\"lazy\" decoding=\"async\" width=\"150\" height=\"150\" src=\"https:\/\/it.thelibrarie.com\/weblog\/wp-content\/uploads\/2011\/08\/rancid-150x150.png\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" \/><\/a>\n\t\t\t<\/div><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='https:\/\/it.thelibrarie.com\/weblog\/2011\/08\/rancid-ubuntu-10-04\/dir\/'><img loading=\"lazy\" decoding=\"async\" width=\"16\" height=\"16\" src=\"https:\/\/it.thelibrarie.com\/weblog\/wp-content\/uploads\/2011\/08\/dir.gif\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" \/><\/a>\n\t\t\t<\/div><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='https:\/\/it.thelibrarie.com\/weblog\/2011\/08\/rancid-ubuntu-10-04\/text\/'><img loading=\"lazy\" decoding=\"async\" width=\"16\" height=\"16\" src=\"https:\/\/it.thelibrarie.com\/weblog\/wp-content\/uploads\/2011\/08\/text.gif\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" \/><\/a>\n\t\t\t<\/div><\/figure><figure class='gallery-item'>\n\t\t\t<div class='gallery-icon landscape'>\n\t\t\t\t<a href='https:\/\/it.thelibrarie.com\/weblog\/2011\/08\/rancid-ubuntu-10-04\/back\/'><img loading=\"lazy\" decoding=\"async\" width=\"16\" height=\"16\" src=\"https:\/\/it.thelibrarie.com\/weblog\/wp-content\/uploads\/2011\/08\/back.gif\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" \/><\/a>\n\t\t\t<\/div><\/figure>\n\t\t<\/div>\n<\/p>\n<p>***EDIT 3***<br \/>\nI set this to cron every hour and email changes - it kept emailing the same router.db retrieving version 1.21 over and over - every hour.<br \/>\nI checked the logs (\/var\/lib\/rancid\/logs\/NEWESTDATE) and found:<\/p>\n<blockquote><p>cvs commit: Up-to-date check failed for `configs\/IPADDRESS'<\/p><\/blockquote>\n<p>Just go to<br \/>\n<code>cd \/var\/lib\/rancid\/NAMEOFGROUP\/configs<\/code><br \/>\nand run<br \/>\n<code>cvs update<\/code><br \/>\nRerun rancid and verify<br \/>\n<code>rancid-run<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Rancid stands for Really Awesome New Cisco confIg Differ. It&#8217;s produced by Shrubbery Networks (http:\/\/www.shrubbery.net\/rancid\/). Basically it&#8217;s sole purpose is to make backups of your networking gear. And it can email you of any changes as well. This documentation is a work in progress &#8211; I had attempted to setup a rancid server one other &hellip; <a href=\"https:\/\/it.thelibrarie.com\/weblog\/2011\/08\/rancid-ubuntu-10-04\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Rancid Ubuntu 10.04<\/span> <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7,4],"tags":[],"class_list":["post-776","post","type-post","status-publish","format-standard","hentry","category-linux","category-networking"],"_links":{"self":[{"href":"https:\/\/it.thelibrarie.com\/weblog\/wp-json\/wp\/v2\/posts\/776","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/it.thelibrarie.com\/weblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/it.thelibrarie.com\/weblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/it.thelibrarie.com\/weblog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/it.thelibrarie.com\/weblog\/wp-json\/wp\/v2\/comments?post=776"}],"version-history":[{"count":12,"href":"https:\/\/it.thelibrarie.com\/weblog\/wp-json\/wp\/v2\/posts\/776\/revisions"}],"predecessor-version":[{"id":1084,"href":"https:\/\/it.thelibrarie.com\/weblog\/wp-json\/wp\/v2\/posts\/776\/revisions\/1084"}],"wp:attachment":[{"href":"https:\/\/it.thelibrarie.com\/weblog\/wp-json\/wp\/v2\/media?parent=776"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/it.thelibrarie.com\/weblog\/wp-json\/wp\/v2\/categories?post=776"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/it.thelibrarie.com\/weblog\/wp-json\/wp\/v2\/tags?post=776"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}