#!/bin/bash
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper begin
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set system host-name foo
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper commit
/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper end
Thanks for your interest in my problem. Here’s what I’m trying to do, I run a script that downloads the spam networks from spamhaus.org, and I incorporate them in a network group in my VyOS configuration. Here’s the sample code:
#!/bin/sh
strUrl="http://www.spamhaus.org/drop/drop.txt"
strVyOSCmd="/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper"
strTmpFile="/tmp/.spamhauslist.$$"
strVyOSNwName="ngSpamHaus-Ntws"
# ---------------------------------
fnExecVyOSConfig()
{
if [ -n "$1" ]; then
strCmd="$strVyOSCmd ${@:1}"
$strCmd
else
return 1
fi
}
# ---------------------------------
wget -q $strUrl -O - | grep ^[0-9] | sed 's/;.*//' >> $strTmpFile
fnExecVyOSConfig "begin"
fnExecVyOSConfig "delete firewall group network-group $strVyOSNwName"
intCount=0
while read -r strLine
do
fnExecVyOSConfig "set firewall group network-group $strVyOSNwName network $strLine"
let intCount++
done < $strTmpFile
fnExecVyOSConfig "commit"
fnExecVyOSConfig "save
fnExecVyOSConfig "end"
rm -rf $strTmpFile >/dev/null 2>&1
This script is scheduled to run with crontab every day at 3:00 am.
I was trying some options and found out that when the crontab is scheduled for the root user, using[quote]sudo crontab -e[/quote] I get the errors, but when I schedule the script to run with the vyos user, I don’t get errors, So I guess it most be user or group related, even though the ‘root’ is in the VyattaCfg group.
The other thing that I’m missing is when I try to use the following command:/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set firewall group network-group ngSpamHaus-Ntws description "This is a description"
The command fails stating only:
If you enclose the vyatta-cfg-cmd-wrapper parameters inside double quotes, it doesn’t work as expected because it recognizes all the parameters as a single big string, and the vyatta-cfg-cmd-wrapper scripts parses each parameter at a time, that’s why it sometimes gives an error. The correct way for calling the vyatta-cfg-cmd-wrapper inside another script is:
$strVyOSCmd="/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper"
$strNGDesc="This is a Network Group Description"
$strNGName="ngNetworkGroupName"
$strVyOSCmd begin
$strVyOSCmd set firewall group network $strNGName network 128.128.128.0/24
$strVyOSCmd set firewall group network $strNGName description "$strNGDesc"
$strVyOSCmd commit
$strVyOSCmd end
Using the vyatta-cfg-cmd-wrapper command just as you would in the VyOS Configuration mode.
Also the script should not be run by any other user.
llgomezg – I’m actually running into a similar problem while trying to run a script that leverages the ‘vyatta-cfg-cmd-wrapper’. I was interested in this thread but was hoping you can clarify something for me.
You say “Also the script should not be run by any other user.” – What does that mean exactly? Was it able to run as the root user or did you have to run it as the vyos user?