Solved: system install blank cli

ryan-hitch · ‎01-03-2018

I am doing my first nso system install for a production environment. After software installation (ncs 4.5.2), I add a user to the ncsadmin group, however when I login to ncs_cli the only option is "exit". What am I doing wrong here? I have not had this issue with local installs for development. I hate having to ask simple questions like this, but I just can't seem to find anything in the documentation.

Here are the steps that I have followed:

[user@nso ~]$ sudo sh nso-4.5.2.linux.x86_64.install.bin --system-install

[user@nso ~]$ sudo groupadd ncsadmin

[user@nso ~]$ sudo usermod -a -G ncsadmin user

[user@nso ~]$ source /opt/ncs/ncs-4.5.2/ncsrc

[user@nso ~]$ sudo systemctl start ncs

[user@nso ~]$ ncs_cli

user connected from 192.168.0.172 using ssh on nso.auto.lab

user@ncs> ?

Possible completions:

exit - Exit the management session

user@ncs>

lmanor · ‎01-03-2018

Ryan,

I see the same behavior when following your approach above.

It seems that the new group added 'ncsadmin' does not get recognized by NSO within the current shell (groups in current shell does not get updated with new group), see ncs audit.log output.

If you log into a new shell then the groups gets update to include 'ncsadmin' and NSO will also see the new group applied to user1:

[user1@CentOS7-1 ~]$ sudo usermod -a -G ncsadmin user1

[user1@CentOS7-1 ~]$ groups

user1

[user1@CentOS7-1 ~]$ groups user1

user1 : user1 ncsadmin

[user1@CentOS7-1 ~]$ sudo systemctl restart ncs

[user1@CentOS7-1 ~]$ ncs_cli

user1 connected from 127.0.0.1 using console on CentOS7-1

user1@ncs> ?

Possible completions:

exit - Exit the management session

user1@ncs>

user1@ncs> exit

==> /var/log/ncs/audit.log <==

<INFO> 3-Jan-2018::16:17:57.350 CentOS7-1 ncs[9708]: audit user: user1/47 assigned to groups: user1

==> Log into a new shell:

[user1@CentOS7-1 ~]$ su user1

Password:

[user1@CentOS7-1 ~]$ groups user1

user1 : user1 ncsadmin

[user1@CentOS7-1 ~]$ groups

user1 ncsadmin

[user1@CentOS7-1 ~]$ ncs_cli

user1 connected from 127.0.0.1 using console on CentOS7-1

user1@ncs> ?

Possible completions:

clear - Clear parameter

compare - Compare running configuration to another configuration or a file

configure - Manipulate software configuration information

describe - Display transparent command information

exit - Exit the management session

file - Perform file operations

help - Provide help information

id - Show user id information

monitor - Real-time debugging

ping - Ping a host

ping6 - Ping an ipv6 host

quit - Exit the management session

request - Make system-level requests

script - Script actions

set - Set CLI properties

set-path - Set relative show path

show - Show information about the system

source - File to source

switch - Change CLI style

top - Exit to top level and optionally run command

traceroute - Trace the route to a remote host

up - Exit one level of configuration

user1@ncs>

==> /var/log/ncs/audit.log <==

<INFO> 3-Jan-2018::16:20:24.552 CentOS7-1 ncs[9708]: audit user: user1/48 assigned to groups: ncsadmin,user1

-Larry

View solution in original post

ryan-hitch · ‎01-03-2018

Argh. A reboot appears to have cleared this up, not sure why that would matter as I had stopped and started the ncs service repeatedly.

lmanor · ‎01-03-2018

Ryan,

I see the same behavior when following your approach above.

It seems that the new group added 'ncsadmin' does not get recognized by NSO within the current shell (groups in current shell does not get updated with new group), see ncs audit.log output.

If you log into a new shell then the groups gets update to include 'ncsadmin' and NSO will also see the new group applied to user1:

[user1@CentOS7-1 ~]$ sudo usermod -a -G ncsadmin user1

[user1@CentOS7-1 ~]$ groups

user1

[user1@CentOS7-1 ~]$ groups user1

user1 : user1 ncsadmin

[user1@CentOS7-1 ~]$ sudo systemctl restart ncs

[user1@CentOS7-1 ~]$ ncs_cli

user1 connected from 127.0.0.1 using console on CentOS7-1

user1@ncs> ?

Possible completions:

exit - Exit the management session

user1@ncs>

user1@ncs> exit

==> /var/log/ncs/audit.log <==

<INFO> 3-Jan-2018::16:17:57.350 CentOS7-1 ncs[9708]: audit user: user1/47 assigned to groups: user1

==> Log into a new shell:

[user1@CentOS7-1 ~]$ su user1

Password:

[user1@CentOS7-1 ~]$ groups user1

user1 : user1 ncsadmin

[user1@CentOS7-1 ~]$ groups

user1 ncsadmin

[user1@CentOS7-1 ~]$ ncs_cli

user1 connected from 127.0.0.1 using console on CentOS7-1

user1@ncs> ?

Possible completions:

clear - Clear parameter

compare - Compare running configuration to another configuration or a file

configure - Manipulate software configuration information

describe - Display transparent command information

exit - Exit the management session

file - Perform file operations

help - Provide help information

id - Show user id information

monitor - Real-time debugging

ping - Ping a host

ping6 - Ping an ipv6 host

quit - Exit the management session

request - Make system-level requests

script - Script actions

set - Set CLI properties

set-path - Set relative show path

show - Show information about the system

source - File to source

switch - Change CLI style

top - Exit to top level and optionally run command

traceroute - Trace the route to a remote host

up - Exit one level of configuration

user1@ncs>

==> /var/log/ncs/audit.log <==

<INFO> 3-Jan-2018::16:20:24.552 CentOS7-1 ncs[9708]: audit user: user1/48 assigned to groups: ncsadmin,user1

-Larry