Config Backup plugin help
Moderators: Developers, Moderators
Re: Config Backup plugin help
Could it be permissions? per the plugin page I set "server_args" = "-c -s /home/configs/backups" but instead of "/home/configs/backups" I pointed it at a mount point I made so the backups would be on a different drive than the OS.
https://docs.cacti.net/plugin:routerconfigs
The line "and give the apache server and the tftp server permissions to access it" wasn't totally clear, which user should have permissions? ATM it's just root but with 777.
https://docs.cacti.net/plugin:routerconfigs
The line "and give the apache server and the tftp server permissions to access it" wasn't totally clear, which user should have permissions? ATM it's just root but with 777.
Re: Config Backup plugin help
777 grants everyone full write access. Did you read through the TFTP link I posted earlier that goes through how to setup TFTP? You might have to change things slightly if that isn't your exact OS but it should give you the pointers. Also, you may want to check whatever logs the TFTP server writes to as it might be complaining itself.
Cacti Developer & Release Manager
The Cacti Group
Director
BV IT Solutions Ltd
+--------------------------------------------------------------------------+
Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation
The Cacti Group
Director
BV IT Solutions Ltd
+--------------------------------------------------------------------------+
Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation
Re: Config Backup plugin help
Looked at your link some more and noticed some parts that the install hadn't added, so I made a few changes and now it's copying.
Though instead of editing the selinux config file I just did setenforce 0 and then found the context for TFTP and updated the fcontext DB with a line to put that context on my mountpoint recursively.
Though oddly the config that was copied shows the owner as "nobody"
Though instead of editing the selinux config file I just did setenforce 0 and then found the context for TFTP and updated the fcontext DB with a line to put that context on my mountpoint recursively.
Though oddly the config that was copied shows the owner as "nobody"
Re: Config Backup plugin help
Ok so now the TFTP part seems to be working, but when Cacti tries to do a backup it still fails.
Under Configuration->settings->Router Backups
I have the TFTP directory under TFTP Backup Directory Path
And I have another directory under Archive Directory Path
Under Configuration->settings->Router Backups
I have the TFTP directory under TFTP Backup Directory Path
And I have another directory under Archive Directory Path
Re: Config Backup plugin help
Now that you have access to the TFTP folder, enable the debug option in settings and do a manual backup. You can do this through the GUI or using:
sudo -u <website user> php <cacti>/plugins/routerconfigs/router_download.php -h <id> -d
sudo -u <website user> php <cacti>/plugins/routerconfigs/router_download.php -h <id> -d
Cacti Developer & Release Manager
The Cacti Group
Director
BV IT Solutions Ltd
+--------------------------------------------------------------------------+
Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation
The Cacti Group
Director
BV IT Solutions Ltd
+--------------------------------------------------------------------------+
Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation
Re: Config Backup plugin help
Where will the debug log be?
Also which one of the settings should be used to enable debug? Just to be sure.
Also which one of the settings should be used to enable debug? Just to be sure.
Re: Config Backup plugin help
Ok I think I found the right things and found these two lines.
2018/May/03 07:28:44 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Follow the installation instructions in the official manual at http://www.php.net/manual/en/ssh2.installation.php
2018/May/03 07:28:44 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: PHP doesn't have the ssh2 module installed
2018/May/03 07:28:44 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Follow the installation instructions in the official manual at http://www.php.net/manual/en/ssh2.installation.php
2018/May/03 07:28:44 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: PHP doesn't have the ssh2 module installed
Re: Config Backup plugin help
So after doing the following as per http://www.php.net/manual/en/ssh2.installation.php
yum install libssh2.x86_64 php-pecl-ssh2.x86_64
systemctl restart httpd
Now it has this error. (I've removed the IP, username, and edited the device name in this post.)
2018/May/03 07:42:43 - RCONFIG NOTICE: Failed to download for LAN
2018/May/03 07:42:43 - RCONFIG ERROR: Failed to Connect to Device 'LAN' using connection type: ssh
2018/May/03 07:42:43 - DBCALL DEVEL: SQL Exec: "UPDATE plugin_routerconfigs_devices SET lasterror = ? WHERE id = ?"
2018/May/03 07:42:43 - RCONFIG 10.250.114.1 (SSH) -> WARNING: Unable to open ssh network connection
2018/May/03 07:42:43 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Setting sleep time to 125000 microsecond(s)
2018/May/03 07:42:43 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Setting timeout to 30 second(s)
2018/May/03 07:42:43 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Creating SSH(Server: (IP), User: (USERNAME), Password: (17 chars), Enablepw: (Not Set), Devicetype: {"id":"1","name":"Cisco IOS","username":"username:","password":"password:","copytftp":"copy run tftp","version":"show version","confirm":"y","sleep":null,"timeout":null,"forceconfirm":"","checkendinconfig":"on"}
2018/May/03 07:42:43 - RCONFIG (IP) -> DEBUG: Attempting to connect via SSH
yum install libssh2.x86_64 php-pecl-ssh2.x86_64
systemctl restart httpd
Now it has this error. (I've removed the IP, username, and edited the device name in this post.)
2018/May/03 07:42:43 - RCONFIG NOTICE: Failed to download for LAN
2018/May/03 07:42:43 - RCONFIG ERROR: Failed to Connect to Device 'LAN' using connection type: ssh
2018/May/03 07:42:43 - DBCALL DEVEL: SQL Exec: "UPDATE plugin_routerconfigs_devices SET lasterror = ? WHERE id = ?"
2018/May/03 07:42:43 - RCONFIG 10.250.114.1 (SSH) -> WARNING: Unable to open ssh network connection
2018/May/03 07:42:43 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Setting sleep time to 125000 microsecond(s)
2018/May/03 07:42:43 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Setting timeout to 30 second(s)
2018/May/03 07:42:43 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Creating SSH(Server: (IP), User: (USERNAME), Password: (17 chars), Enablepw: (Not Set), Devicetype: {"id":"1","name":"Cisco IOS","username":"username:","password":"password:","copytftp":"copy run tftp","version":"show version","confirm":"y","sleep":null,"timeout":null,"forceconfirm":"","checkendinconfig":"on"}
2018/May/03 07:42:43 - RCONFIG (IP) -> DEBUG: Attempting to connect via SSH
Re: Config Backup plugin help
And you can manually SSH onto the device?
Cacti Developer & Release Manager
The Cacti Group
Director
BV IT Solutions Ltd
+--------------------------------------------------------------------------+
Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation
The Cacti Group
Director
BV IT Solutions Ltd
+--------------------------------------------------------------------------+
Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation
Re: Config Backup plugin help
yes I can manually SSH from the Cacti server to the device.
I just tried "setenforce 0" and running another backup and it looks like it got more info, Cacti says failed, but it looks like it managed to SSH and copy to tftp.
I just tried "setenforce 0" and running another backup and it looks like it got more info, Cacti says failed, but it looks like it managed to SSH and copy to tftp.
Re: Config Backup plugin help
Ok I gathered what I think are all the entries specific to the backup attempt, and did the same edits I mentioned before.
2018/May/03 08:06:03 - RCONFIG STATS: Time:35.79 Downloaded:0 Failed:1
2018/May/03 08:06:03 - RCONFIG DEBUG: 1 devices failed to backup.
2018/May/03 08:06:03 - RCONFIG DEBUG: 0 devices backed up successfully.
2018/May/03 08:06:03 - RCONFIG WARNING: 0 Devices Backed Up, 1 Devices Failed, 0 Disabled (ignored) in 36 seconds
2018/May/03 08:06:03 - RCONFIG NOTICE: Failed to download for LAN
2018/May/03 08:06:03 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Timeout of 30 seconds has been reached
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: --> exit
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: checking end in config
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Attempting to open file at /u01/Config-Backups/LAN
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Checking for valid incoming file at /u01/Config-Backups/LAN
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Result: (0)
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Line: LAN#
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Line: 24639 bytes copied in 3.880 secs (6350 bytes/sec)
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Line: !!
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Line: LAN
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Found Prompt (Enabled)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: --> LAN
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> NOTICE: Sending Filename (Destination): LAN
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Question found
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Result: (0)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Line: Destination filename [LAN-confg]?
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Line: (IP)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Found Prompt (Question)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: --> (IP)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> NOTICE: Sending Server: (IP)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Question found
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Result: (0)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Line: Address or name of remote host []?
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Line: copy run tftp
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Found Prompt (Question)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: --> copy run tftp
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> Process is now enabled
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Attempt 1 of 10 to find prompt
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Found Prompt (Enabled)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: -->
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> NOTICE: Ensuring process is enabled
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Connected via ssh
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: okay: logged in...
2018/May/03 08:05:27 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Setting sleep time to 125000 microsecond(s)
2018/May/03 08:05:27 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Setting timeout to 30 second(s)
2018/May/03 08:05:27 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Creating SSH(Server: (Dev-IP), User: (USER), Password: (17 chars), Enablepw: (Not Set), Devicetype: {"id":"1","name":"Cisco IOS","username":"username:","password":"password:","copytftp":"copy run tftp","version":"show version","confirm":"y","sleep":null,"timeout":null,"forceconfirm":"","checkendinconfig":"on"}
2018/May/03 08:05:27 - RCONFIG 10.250.114.1 -> DEBUG: Attempting to connect via SSH
2018/May/03 08:06:03 - RCONFIG STATS: Time:35.79 Downloaded:0 Failed:1
2018/May/03 08:06:03 - RCONFIG DEBUG: 1 devices failed to backup.
2018/May/03 08:06:03 - RCONFIG DEBUG: 0 devices backed up successfully.
2018/May/03 08:06:03 - RCONFIG WARNING: 0 Devices Backed Up, 1 Devices Failed, 0 Disabled (ignored) in 36 seconds
2018/May/03 08:06:03 - RCONFIG NOTICE: Failed to download for LAN
2018/May/03 08:06:03 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Timeout of 30 seconds has been reached
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: --> exit
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: checking end in config
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Attempting to open file at /u01/Config-Backups/LAN
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Checking for valid incoming file at /u01/Config-Backups/LAN
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Result: (0)
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Line: LAN#
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Line: 24639 bytes copied in 3.880 secs (6350 bytes/sec)
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Line: !!
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Line: LAN
2018/May/03 08:05:33 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Found Prompt (Enabled)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: --> LAN
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> NOTICE: Sending Filename (Destination): LAN
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Question found
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Result: (0)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Line: Destination filename [LAN-confg]?
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Line: (IP)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Found Prompt (Question)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: --> (IP)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> NOTICE: Sending Server: (IP)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Question found
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Result: (0)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Line: Address or name of remote host []?
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Line: copy run tftp
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Found Prompt (Question)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: --> copy run tftp
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> Process is now enabled
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Attempt 1 of 10 to find prompt
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Found Prompt (Enabled)
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: -->
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> NOTICE: Ensuring process is enabled
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Connected via ssh
2018/May/03 08:05:29 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: okay: logged in...
2018/May/03 08:05:27 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Setting sleep time to 125000 microsecond(s)
2018/May/03 08:05:27 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Setting timeout to 30 second(s)
2018/May/03 08:05:27 - RCONFIG 10.250.114.1 (SSH) -> DEBUG: Creating SSH(Server: (Dev-IP), User: (USER), Password: (17 chars), Enablepw: (Not Set), Devicetype: {"id":"1","name":"Cisco IOS","username":"username:","password":"password:","copytftp":"copy run tftp","version":"show version","confirm":"y","sleep":null,"timeout":null,"forceconfirm":"","checkendinconfig":"on"}
2018/May/03 08:05:27 - RCONFIG 10.250.114.1 -> DEBUG: Attempting to connect via SSH
Re: Config Backup plugin help
So for the SeLinux part of the issue I found this.
https://stackoverflow.com/questions/245 ... ide-apache
So i did
"getsebool -a | grep httpd_can_network_connect"
Which showed it was currently set to off so as the post in the link suggested I then did
"setsebool -P httpd_can_network_connect=1"
Now SeLinux is able to remain enforcing and it gets to the longer set of log messages.
BTW after it "fails" I do see that it was successful at copying the config to the TFTP server.
https://stackoverflow.com/questions/245 ... ide-apache
So i did
"getsebool -a | grep httpd_can_network_connect"
Which showed it was currently set to off so as the post in the link suggested I then did
"setsebool -P httpd_can_network_connect=1"
Now SeLinux is able to remain enforcing and it gets to the longer set of log messages.
BTW after it "fails" I do see that it was successful at copying the config to the TFTP server.
Re: Config Backup plugin help
It looks like your device is not reporting that the connection is closed after issuing the exit. Thus we can't be sure that we have properly exited the router. I suppose we could add an option to say whether to issue an exit or to simply close the connection.
Can you open an issue requesting that option on Github and i'll get it done tomorrow?
https://github.com/cacti/plugin_routerconfigs/issues
Can you open an issue requesting that option on Github and i'll get it done tomorrow?
https://github.com/cacti/plugin_routerconfigs/issues
Cacti Developer & Release Manager
The Cacti Group
Director
BV IT Solutions Ltd
+--------------------------------------------------------------------------+
Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation
The Cacti Group
Director
BV IT Solutions Ltd
+--------------------------------------------------------------------------+
Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation
Re: Config Backup plugin help
And I was bored so I've implemented a quick solution for you already
Cacti Developer & Release Manager
The Cacti Group
Director
BV IT Solutions Ltd
+--------------------------------------------------------------------------+
Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation
The Cacti Group
Director
BV IT Solutions Ltd
+--------------------------------------------------------------------------+
Cacti Resources:
Cacti Website (including releases)
Cacti Issues
Cacti Development Releases
Cacti Development Documentation
Who is online
Users browsing this forum: No registered users and 0 guests