Hello Naim,
You might need to do some changes to your perl code and bind the
Expect object to a TTY - similar to this (my TTYs needed to have
height and width to be able to pass them to the remote end for proper
formatting):
my $session = new Expect;
$logger->debug("setting /dev/tty60 window size to 80x24:");
`/bin/stty -F /dev/tty60 columns 80 rows 24`;
open TTY0, "/dev/tty60" or die "Can't open /dev/tty60: $!";
$session->slave->clone_winsize_from(\*TTY0);
$session->spawn("telnet", "$ip") or die "Unable to connect";
You should change the permissions on /dev/tty60 so that it is world
read/writable.
Maybe you can adapt the example above to pass a real TTY to your Expect object.
You shouldn't need shell for your www user to be able to do this.
Good luck,
Adrian
On Tue, May 3, 2011 at 10:18 AM, Naim Shafiev <shaf...@gmail.com> wrote:
> I have a trouble - the nfsen plugin runs with very reduced privileges.
> for example in my plugin i make the ssh v2 connection to cisco,but it
> due the limited run privs. give me a error - Plugin: Error while
> running plugin 'xxx': Cannot open a pty at
> /usr/local/lib/perl5/site_perl/5.10.1/Net/SSH/Expect.pm line 120
>
> Note: I need this to load command to cisco 2800 router (Version
> 12.4(13r)T, RELEASE SOFTWARE (fc1) )
>
> OS Freebsd 8.2
>
> nfsen config's file part ( is standart from port):
>
> # BASEDIR unrelated vars:
> #
> # Run nfcapd as this user
> # This may be a different or the same uid than your web server.
> # Note: This user must be in group $WWWGROUP, otherwise nfcapd
> # is not able to write data files!
> $USER = "www";
>
> # user and group of the web server process
> # All netflow processing will be done with this user
> $WWWUSER = "www";
> $WWWGROUP = "www";
>
> The running code is:
>
> my $ssh = Net::SSH::Expect->new(
> host => $host,
> password => $pass,
> user => $user,
> no_terminal => 1 #i also used the raw_pty ,no effect
> );
>
> my $s = $ssh->login();
>
> $ssh->exec("configure terminal");
> # $s = $ssh->read_line();
> syslog('info', " '$s' $s ");
> $ssh->exec("no ip access-list extended POLICY"); #line 120
> $ssh->exec("ip access-list extended POLICY");
>
>
> Questions:
> 1.How i can fix this error?
> 2.I don't want to run nfsen under root , but how i can enlarge the www
> user privileges,to avoid this situation (i also done some fix: adding
> the shell for www user,adding home directories(to place the user ssh
> files) ) ?
>
> ------------------------------------------------------------------------------
> WhatsUp Gold - Download Free Network Management Software
> The most intuitive, comprehensive, and cost-effective network
> management toolset available today. Delivers lowest initial
> acquisition cost and overall TCO of any competing solution.
> http://p.sf.net/sfu/whatsupgold-sd
> _______________________________________________
> Nfsen-discuss mailing list
> Nfsen-discuss@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
>
------------------------------------------------------------------------------
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network
management toolset available today. Delivers lowest initial
acquisition cost and overall TCO of any competing solution.
http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________
Nfsen-discuss mailing list
Nfsen-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
