[c-nsp] Rancid permissions
Emille Blanc
emille at abccomm.com
Tue Jan 20 22:32:32 EST 2015
In our experience, RANCID requires privilege level 15.
The following from our tacacs conf works on IOS v15 devices. I'm sure
you could do it just as easily with a parser view or some such.
----
user = rancid {
# default service = permit
name = "RANCID daemon"
login = (some password)
# RANCID requires priv 15 to do it's thing
service = exec {
priv-lvl = 15
}
# RANCID only uses these commands
cmd = admin { permit .* }
cmd = dir { permit .* }
cmd = more { permit .* }
cmd = show { permit .* }
# This is redundant on all (our) devices
#cmd = write { permit term }
}
-----Original Message-----
From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of
Gavin Henry
Sent: January-20-15 2:55 PM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] Rancid permissions
Hi all,
Does anyone have a link to the permissions needs to get the full
config for IOS 15?
Thanks.
--
Kind Regards,
Gavin Henry.
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list