Bash Command Wrapper

Problem this snippet solves:

As you know, aliases have always been a powerful and essential tool to any administrator. Beginning in v11.1, administrators can create "global aliases" which all users can access. Before, aliases were only available to the user who created them. For now, we can start using them by pointing them to built-in commands to allow your users to run those commands from any context and prevent the need for running the full command path, ex. needing to type "run /util ping" if your not specifically in the "/util" context.

How to use this snippet:

ex.

root@bigip1(Active)(/Common)(tmos)# create cli alias shared ping { command "run /util ping" }

root@bigip1(Active)(/Common)(tmos)# list cli alias

cli alias shared ping {
    command "run /util ping"
}
cli alias shared ping6 {
    command "run /util ping6"
}
cli alias shared tcpdump {
    command "run /util tcpdump"
}
...

Voila, another "Operator" user:

test-operator@bigip1(Active)(/Common)(tmos)# ping 10.60.65.1
PING 10.60.65.1 (10.60.65.1) 56(84) bytes of data.
64 bytes from 10.60.65.1: icmp_seq=1 ttl=64 time=0.303 ms

--- 10.60.65.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.303/0.303/0.303/0.000 ms

Future versions (with ID377568 - Add global aliases for useful utilities and enable by default) will have built-in global aliases for the default utilities provided /util but for now, this makes running those basic commands a little easier for your users and more like other devices they may be used to working on.

Notes:

They will still only work for those users who have permissions to those particular commands of course.

Do not make aliases for built-in commands like save, load, etc. as aliases don't process arguments. To process arguments you will need a script like below.

Or use them to create commands to customize the output you would commonly like to focus on:

root@bigip1(Active)(/Common)(tmos)# create cli alias shared showtmm { command "show /sys tmm-traffic | grep -E 'Sys|--|Conn' | grep -v -E 'Mem|Red'" }
root@bigip1(Active)(/Common)(tmos)# showtmm
----------------------------------------------
Sys::TMM: 0.0
----------------------------------------------
  Current Connections            9           9
  Maximum Connections           12          12
  Total Connections          89.8K       89.8K

In addition, by pointing to a tmsh script, global aliases also allow an adminstrator to extend the utilitilties provided by default in tmsh /util. For instance, you love tmsh but there are always those bash commands you can't live without.

ex. First create a tmsh script as a bash wrapper:

root@bigip1(Active)(/Common)(tmos)# list cli script bash_cmd
cli script /Common/bash_cmd {
proc script::run {} {

    if { [ catch { exec /bin/bash -c [lrange $tmsh::argv 1 end] >&@ stdout } result ] } {
        puts "bash command returned error. exiting."
    }

}
}

Then create global aliases to common bash commands:

cli alias shared scp {
    command "run /cli script bash_cmd scp"
}
cli alias shared ls {
    command "run /cli script bash_cmd ls"
}
cli alias shared less {
    command "run /cli script bash_cmd less"
}

Now all other users, who have bash permissions of course, can use all your favorite commands.

test-admin-user@bigip1(Active)(/Common)(tmos)# ls -lash /var/tmp/*my-capture*.pcap
12K -rw-r--r-- 1 root webusers 4.6K Dec 29 16:33 /var/tmp/my-capture-2.pcap
12K -rw------- 1 root root     4.4K Nov 14 21:37 /var/tmp/my-capture.pcap

You can even use that script to create an all purpose wrapper alias which you can use to access any bash command (i.e. you can simply type "shell" before any bash command and don't really need to create an alias for each individual command). 

cli alias shared shell {
    command "run /cli script bash_cmd"
}

ex.

 
test-admin-user@bigip1(Active)(/Common)(tmos)# shell scp /var/tmp/my-capture.pcap user1@10.60.65.1:/var/tmp/
user1@10.60.65.1's password:
my-capture.pcap                     100% 4505     4.4KB/s   00:00

test-admin-user@bigip1(Active)(/Common)(tmos)# shell ls -lash /var/tmp/*my-capture*.pcap | sed 's/capture/tmsh/'
12K -rw-r--r-- 1 root webusers 4.6K Dec 29 16:33 /var/tmp/my-tmsh-2.pcap
12K -rw------- 1 root root     4.4K Nov 14 21:37 /var/tmp/my-tmsh.pcap

For commands you commonly use, it might be worth still creating specific aliases for them to avoid the exta typing.

However, to prevent all interopolation issues when stringing together longer one-liners, you would really need the simple alias like below:

cli alias shared shell_script {
    command "run /util bash -c"
}

And surround the command string in double quotes.

ex.

test-admin-user@bigip1(Active)(/Common)(tmos)# shell_script "for i in {1..5}; do top -cbn 1 | awk '{print $5,$6,$7,$9,$12}' | egrep -i '/usr/bin/tmm' | sed 's/tmm/tmsh is fun/' ; done"
512m 120m 119m 5.5 /usr/bin/tmsh is fun
512m 120m 119m 5.8 /usr/bin/tmsh is fun
512m 120m 119m 5.9 /usr/bin/tmsh is fun
512m 120m 119m 9.9 /usr/bin/tmsh is fun
512m 120m 119m 8.9 /usr/bin/tmsh is fun

This allows you to string together more complex commands like awk which have their own interpolation.

Now power users don't really need to exit out to bash as much!

Note: I tend to use both the "shell" and "shell_script" aliases quite frequently so you may chose to keep both around.

TECH TIP

Your TMSH preferences are located here:

root@bigip1(Active)(/Common)(tmos.cli.preference)# list all-properties
cli preference {
    alias-path { /Common }
    app-service none
    confirm-edit enabled
    display-threshold 100
    editor vi
    history-date-time disabled
    history-file-size 10000
    history-size 500
    keymap default
    list-all-properties disabled
    pager enabled
    partition Common
    prompt { host user status current-folder }
    show-aliases enabled
    stat-units default
    table-indent-width 2
    tcl-syntax-highlighting disabled
    video enabled
    warn bell
}
root@bigip1(Active)(/Common)(tmos.cli.preference)# modify tcl-syntax-highlighting enabled
root@bigip1(Active)(/Common)(tmos.cli.preference)# modify history-size 1000
root@bigip1(Active)(/Common)(tmos.cli.preference)# modify history-file-size 20000


root@bigip1(Active)(/Common)(tmos.cli.preference)# list
cli preference {
    alias-path { /Common }
    editor nano
    history-file-size 20000
    history-size 1000
    prompt { host user status current-folder }
    tcl-syntax-highlighting enabled
}

Which is located in /config/bigip_user.conf tagged with "user root".

cli preference {
    alias-path { /Common }
    history-file-size 20000
    history-size 1000
    prompt { host user status current-folder }
    tcl-syntax-highlighting enabled
    user root
}

Code :

# see above
Published Mar 10, 2015
Version 1.0
TMSH
No CommentsBe the first to comment