I have created a script to be executed when VRRP health checks fail. It worked without issue initially until I noticed I’d get “Set Failed” when I tried to manually insert commands afterwards.
In the VyOS documentation I saw that I must execute the script with the vyattacfg group, but when I put in the safeguard command into a script then use that to execute my primary script it does not seem to work- I must be doing it wrong but I am unsure the best practice way to perform this.
Inside backup.sh (which has executable permissions)
if [ "$(id -g -n)" != 'vyattacfg' ] ; then
exec sg vyattacfg -c /config/scripts/backup-cmd.sh
fi
Inside backup-cmd.sh
#!/bin/vbash
source /opt/vyatta/etc/functions/script-template
conf
set protocols bgp nei 10.18.60.12 shutdown
set protocols bgp nei 10.18.60.15 shutdown
commit
exit
I tried a few different variants of setup, this is where it is currently- has somebody else gotten theirs to work? Thanks!
Thank you for your reply, unfortunately when you use a set command in a transition script in this way it prevents you from being able to manually use set/del commands in the CLI until I reboot the router each time.
It does not seem to effect non-configuration modifying commands, I appreciate your post- I hope it helps people who stumble upon this.
It seems this specific part I am misunderstanding how to properly apply the ‘safeguard’, I feel so close to getting it but not quite. I’ll have to keep tinkering.
This has been fixed, I added a couple lines to my transition script.
Updated backup-cmd.sh
#!/bin/vbash
if [ $(id -gn) != vyattacfg ]; then
exec sg vyattacfg "$0 $*"
fi
source /opt/vyatta/etc/functions/script-template
conf
set protocols bgp nei 10.18.60.12 shutdown
set protocols bgp nei 10.18.60.15 shutdown
commit
exit