[c-nsp] privilege exec ... unexpected behaviour
"Rolf Hanßen"
nsp at rhanssen.de
Tue Jul 9 09:02:49 EDT 2013
Hello,
Following Setup:
I created a User with no privileges and want to allow some commands. I
configured:
privilege exec level 0 show bgp ipv6 unicast
privilege exec level 0 show bgp ipv4 unicast
privilege exec level 0 show ip bgp
privilege exec level 0 show ip route
All commands were accepted by the cli.
I then access the device with the limited user.
Those commands work fine:
show ip route 1.2.3.4
show ip bgp 1.2.3.4
But the "sh bgp ..." commands fail:
Router>show bgp ?
all All address families
ipv4 Address family
ipv6 Address family
l2vpn Address family
nsap Address family
rtfilter Address family
vpnv4 Address family
vpnv6 Address family
Router>show bgp ipv4 ?
% Unrecognized command
Router>show bgp ipv4
The Config file also does not list the commands.
Router#sh running-config | inc privilege exec
privilege exec level 0 show bgp
privilege exec level 0 show ipv6 route
privilege exec level 0 show ipv6
privilege exec level 0 show ip bgp
privilege exec level 0 show ip route
privilege exec level 0 show ip
privilege exec level 0 show
Is there some additional config needed or is it some kind of
restriction/limitation ?
Hardware is Sup2T
Software is 15.0(1)SY2
kind regards
Rolf
More information about the cisco-nsp
mailing list