I have a trouble - the nfsen plugin runs with very reduced privileges.
for example in my plugin i make the ssh v2 connection to cisco,but it
due the limited run privs. give me a error - Plugin: Error while
running plugin 'xxx': Cannot open a pty at
/usr/local/lib/perl5/site_perl/5.10.1/Net/SSH/Expect.pm line 120
Note: I need this to load command to cisco 2800 router (Version
12.4(13r)T, RELEASE SOFTWARE (fc1) )
OS Freebsd 8.2
nfsen config's file part ( is standart from port):
# BASEDIR unrelated vars:
#
# Run nfcapd as this user
# This may be a different or the same uid than your web server.
# Note: This user must be in group $WWWGROUP, otherwise nfcapd
# is not able to write data files!
$USER = "www";
# user and group of the web server process
# All netflow processing will be done with this user
$WWWUSER = "www";
$WWWGROUP = "www";
The running code is:
my $ssh = Net::SSH::Expect->new(
host => $host,
password => $pass,
user => $user,
no_terminal => 1 #i also used the raw_pty ,no effect
);
my $s = $ssh->login();
$ssh->exec("configure terminal");
# $s = $ssh->read_line();
syslog('info', " '$s' $s ");
$ssh->exec("no ip access-list extended POLICY"); #line 120
$ssh->exec("ip access-list extended POLICY");
Questions:
1.How i can fix this error?
2.I don't want to run nfsen under root , but how i can enlarge the www
user privileges,to avoid this situation (i also done some fix: adding
the shell for www user,adding home directories(to place the user ssh
files) ) ?
------------------------------------------------------------------------------
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network
management toolset available today. Delivers lowest initial
acquisition cost and overall TCO of any competing solution.
http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________
Nfsen-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
