Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

"no log commands" not accepted #18219

Open
2 tasks done
Slaizer007 opened this issue Feb 21, 2025 · 2 comments
Open
2 tasks done

"no log commands" not accepted #18219

Slaizer007 opened this issue Feb 21, 2025 · 2 comments
Labels
triage Needs further investigation

Comments

@Slaizer007
Copy link

Description

Issue Summary:
When configuring FRR with no log commands in the running configuration, command history is still being recorded in /root/.history_frr. However, when executing show running-config, the log commands directive is not present, indicating that the configuration should be applied.

Version

FRRouting 10.0.1 (server1) on Linux(6.8.0-51-generic).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
configured with:
    '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-option-checking' '--disable-silent-rules' '--libdir=${prefix}/lib/x86_64-linux-gnu' '--libexecdir=${prefix}/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--sbindir=/usr/lib/frr' '--with-vtysh-pager=/usr/bin/pager' '--libdir=/usr/lib/x86_64-linux-gnu/frr' '--with-moduledir=/usr/lib/x86_64-linux-gnu/frr/modules' '--disable-dependency-tracking' '--enable-rpki' '--disable-scripting' '--disable-pim6d' '--with-libpam' '--enable-doc' '--enable-doc-html' '--enable-snmp' '--enable-fpm' '--disable-protobuf' '--disable-zeromq' '--enable-ospfapi' '--enable-bgp-vnc' '--enable-multipath=256' '--enable-user=frr' '--enable-group=frr' '--enable-vty-group=frrvty' '--enable-configfile-mask=0640' '--enable-logfile-mask=0640' 'build_alias=x86_64-linux-gnu' 'LIBS= -latomic' 'PYTHON=python3'

How to reproduce

vtysh -> config -> "no log commands" -> exit -> write memory -> exit -> restart frr service -> commands still get logged into .history_frr

Expected behavior

Setting no log commands in FRR should prevent commands executed in vtysh from being logged in /root/.history_frr.

Actual behavior

Despite setting no log commands, commands entered in vtysh continue to be logged in /root/.history_frr. The only reliable workaround so far is to explicitly set: Environment="VTYSH_HISTFILE=/dev/null" in the FRR systemd unit file.

Additional context

No response

Checklist

  • I have searched the open issues for this bug.
  • I have not included sensitive information in this report.
@Slaizer007 Slaizer007 added the triage Needs further investigation label Feb 21, 2025
@donaldsharp
Copy link
Member

There was a decision made to not allow command logging to be turned off once it is turned on. This was to allow operators to prevent anyone from disabling logging to do something untracked.

@Slaizer007
Copy link
Author

@donaldsharp Thank you for the quick response.
We are a bit confused what "once it is turned on" means.
When we remove the log commands line from the /etc/frr/frr.conf file and restart frr we still can't disable the logging.
At which point can we disable it "from the very start"?

Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
triage Needs further investigation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@donaldsharp @Slaizer007