Hello Everyone:

I’m trying to make some configuration changes with a script, using the


And it works good, until I get to some configuration changes the standard VyOS way using the “Configure” command. I always get:

Set failed


Configuration path: … is not valid

Has anyone encountered this? I would greatly appreciate any info…


Hello llgomezg

Please tell me more detail.

Here is example.

It seems work well.


/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper begin
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set system host-name foo
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper commit
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper end

Hiroyuki Sato


Hello Hiroysato:

Thanks for your interest in my problem. Here’s what I’m trying to do, I run a script that downloads the spam networks from spamhaus.org, and I incorporate them in a network group in my VyOS configuration. Here’s the sample code:

# ---------------------------------
  if [ -n "$1" ]; then
    strCmd="$strVyOSCmd ${@:1}"
    return 1
# ---------------------------------
wget -q $strUrl -O - | grep ^[0-9] | sed 's/;.*//' >> $strTmpFile

fnExecVyOSConfig "begin"
fnExecVyOSConfig "delete firewall group network-group $strVyOSNwName"
while read -r strLine
  fnExecVyOSConfig "set firewall group network-group $strVyOSNwName network $strLine"
  let intCount++
done < $strTmpFile
fnExecVyOSConfig "commit"
fnExecVyOSConfig "save
fnExecVyOSConfig "end"
rm -rf $strTmpFile >/dev/null 2>&1

This script is scheduled to run with crontab every day at 3:00 am.
I was trying some options and found out that when the crontab is scheduled for the root user, using[quote]sudo crontab -e[/quote] I get the errors, but when I schedule the script to run with the vyos user, I don’t get errors, So I guess it most be user or group related, even though the ‘root’ is in the VyattaCfg group.

The other thing that I’m missing is when I try to use the following command:/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set firewall group network-group ngSpamHaus-Ntws description "This is a description"
The command fails stating only:

Again, thanks for your interest…


Hello llgomezg

Do you want execute ‘set …’ command from cron?, right?
If so, Please check my example bellow URL.
post #2


Maybe you should execute this script as vyos user not root,

And also maybe you can use ‘set system task-schedler’

        task <name>
            crontab-spec <UNIX cron time spec>
                arguments <arguments string>
                path <path to executable>


Hello Hiroysato:

Thank you very much for your suggestions, It’s nice to learn something new about VyOS, as I did not know about the

    task <name>

I believe it’s great to have that inside the VyOS Configuration. I will give it a try later, and let you know how it all went.

Many Thanks Again,



Finally Nailed-it:

If you enclose the vyatta-cfg-cmd-wrapper parameters inside double quotes, it doesn’t work as expected because it recognizes all the parameters as a single big string, and the vyatta-cfg-cmd-wrapper scripts parses each parameter at a time, that’s why it sometimes gives an error. The correct way for calling the vyatta-cfg-cmd-wrapper inside another script is:

$strNGDesc="This is a Network Group Description"

$strVyOSCmd begin
$strVyOSCmd set firewall group network $strNGName network
$strVyOSCmd set firewall group network $strNGName description "$strNGDesc"
$strVyOSCmd commit
$strVyOSCmd end

Using the vyatta-cfg-cmd-wrapper command just as you would in the VyOS Configuration mode.
Also the script should not be run by any other user.

Thanks to all…


llgomezg – I’m actually running into a similar problem while trying to run a script that leverages the ‘vyatta-cfg-cmd-wrapper’. I was interested in this thread but was hoping you can clarify something for me.

You say “Also the script should not be run by any other user.” – What does that mean exactly? Was it able to run as the root user or did you have to run it as the vyos user?



Hello Dups:

Exactly, the script should be run by the vyos user, not escalated to the root user for the script to work.

To clarify, when I run my script using:

sudo ./script-name

I get the error, but when I run the script without the sudo command, it works perfectly.

Hope this clarifies the point.


That’s perfect! Thank you for the clarification!