Bash

About Bash

In addition to the Cisco NX-OS CLI, Cisco Nexus 3000 Series switches support access to the Bourne-Again SHell (Bash). Bash interprets commands that you enter or commands that are read from a shell script. Using Bash enables access to the underlying Linux system on the device and to manage the system.

Guidelines and Limitations

The Bash shell has the following guidelines and limitations:

  • When importing Cisco Python modules, do not use Python from the Bash shell. Instead use the more recent Python in NX-OS VSH.

Accessing Bash

In Cisco NX-OS, Bash is accessible from user accounts that are associated with the Cisco NX-OS dev-ops role or the Cisco NX-OS network-admin role.

The following example shows the authority of the dev-ops role and the network-admin role:

switch# show role name dev-ops

Role: dev-ops
  Description: Predefined system role for devops access. This role
  cannot be modified.
  Vlan policy: permit (default)
  Interface policy: permit (default)
  Vrf policy: permit (default)
  -------------------------------------------------------------------
  Rule    Perm    Type        Scope               Entity
  -------------------------------------------------------------------
  4       permit  command                         conf t ; username *
  3       permit  command                         bcm module *
  2       permit  command                         run bash *
  1       permit  command                         python *
switch# show role name network-admin

Role: network-admin
  Description: Predefined network admin role has access to all commands
  on the switch
  -------------------------------------------------------------------
  Rule    Perm    Type        Scope               Entity
  -------------------------------------------------------------------
  1       permit  read-write
switch#


Bash is enabled by running the feature bash-shell command.

The run bash command loads Bash and begins at the home directory for the user.

The following examples show how to enable the Bash shell feature and how to run Bash.

switch# configure terminal
switch(config)# feature bash-shell
switch# run bash
Linux# whoami
admin
Linux# pwd
/bootflash/home/admin
Linux#

Note

You can also execute Bash commands with the run bash <command> command.

The following is an example of the run bash <command> command.

run bash whoami

Escalate Privileges to Root

The privileges of an admin user can escalate their privileges for root access. Root access is required to pass configuration commands to the NX-OS VSH.

The following are guidelines for escalating privileges:

  • admin privilege user (network-admin / vdc-admin) is equivalent of Linux root privilege user in NX-OS

  • Only an authenticated admin user can escalate privileges to root, and password is not required for an authenticated admin privilege user *

  • SSH to the switch using root username through a non-management interface will default to Linux Bash shell-type access for the root user. Type vsh to return to NX-OS shell access.

* From Cisco NX-OS Release 9.2(3) onward, if password prompting is required for some use case even for admin (user with role network-admin) privilege user, enter the system security hardening sudo prompt-password command.

The following example shows how to escalate privileges to root and how to verify the escalation:

switch# run bash
Linux# sudo su root

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

Password:

Linux# whoami
root
Linux# exit
exit



Note

A user account with network administrator privileges that is configured to login with shell-type Bash must still escalate privileges to root when passing configuration commands to VSH.

Run sudo su 'vsh -c "<configuration commands>"' or sudo bash -c 'vsh -c "<configuration commands>"'.

The example below demonstrates with network administrator user MyUser with a default shelltype Bash using sudo to pass configuration commands to the NX-OS:
ssh -l MyUser 1.2.3.4
-bash-4.2$ sudo vsh -c "configure terminal ; interface eth1/2 ; shutdown ; sleep 2 ; show interface eth1/2 brief"

--------------------------------------------------------------------------------
Ethernet      VLAN    Type Mode   Status  Reason                   Speed     Port
Interface                                                                    Ch #
--------------------------------------------------------------------------------
Eth1/2        --      eth  routed down    Administratively down      auto(D) --

The example below demonstrates with network administrator user MyUser with default shelltype Bash entering the NX-OS and then running Bash on the NX-OS:

ssh -l MyUser 1.2.3.4
-bash-4.2$ vsh -h
Cisco NX-OS Software
Copyright (c) 2002-2016, Cisco Systems, Inc. All rights reserved. Nexus 9000v software ("Nexus 9000v Software") and related documentation,
files or other reference materials ("Documentation") are
the proprietary property and confidential information of Cisco
Systems, Inc. ("Cisco") and are protected, without limitation,
pursuant to United States and International copyright and trademark
laws in the applicable jurisdiction which provide civil and criminal
penalties for copying or distribution without Cisco's authorization.

Any use or disclosure, in whole or in part, of the Nexus 9000v Software
or Documentation to any third party for any purposes is expressly
prohibited except as otherwise authorized by Cisco in writing.
The copyrights to certain works contained herein are owned by other
third parties and are used and distributed under license. Some parts
of this software may be covered under the GNU Public License or the
GNU Lesser General Public License. A copy of each such license is
available at
http://www.gnu.org/licenses/gpl.html and
http://www.gnu.org/licenses/lgpl.html
***************************************************************************
*  Nexus 9000v is strictly limited to use for evaluation, demonstration      *
*  and NX-OS education. Any use or disclosure, in whole or in part of     *
*  the Nexus 9000v Software or Documentation to any third party for any      *
*  purposes is expressly prohibited except as otherwise authorized by     *
*  Cisco in writing.                                                      *
***************************************************************************
switch# run bash
bash-4.2$ vsh -c "configure terminal ; interface eth1/2 ; shutdown ; sleep 2 ; show interface eth1/2 brief"

--------------------------------------------------------------------------------
Ethernet      VLAN    Type Mode   Status  Reason                   Speed     Port
Interface                                                                    Ch #
--------------------------------------------------------------------------------
Eth1/2        --      eth  routed down    Administratively down      auto(D) --

Do not use sudo su - or the system will hang.


Examples of Bash Commands

This section contains examples of Bash commands and output.

Displaying System Statistics

The following example shows how to display system statistics:

switch# run bash
Linux# cat /proc/meminfo
MemTotal:      3795100 kB
MemFree:       1472680 kB
Buffers:           136 kB
Cached:        1100116 kB
ShmFS:         1100116 kB
Allowed:        948775 Pages
Free:           368170 Pages
Available:      371677 Pages
SwapCached:          0 kB
Active:        1198872 kB
Inactive:       789764 kB
SwapTotal:           0 kB
SwapFree:            0 kB
Dirty:               0 kB
Writeback:           0 kB
AnonPages:      888272 kB
Mapped:         144044 kB
Slab:           148836 kB
SReclaimable:    13892 kB
SUnreclaim:     134944 kB
PageTables:      28724 kB
NFS_Unstable:        0 kB
Bounce:              0 kB
WritebackTmp:        0 kB
CommitLimit:   1897548 kB
Committed_AS: 19984932 kB
VmallocTotal: 34359738367 kB
VmallocUsed:    215620 kB
VmallocChunk: 34359522555 kB
HugePages_Total:     0
HugePages_Free:      0
HugePages_Rsvd:      0
HugePages_Surp:      0
Hugepagesize:     2048 kB
DirectMap4k:     40960 kB
DirectMap2M:   4190208 kB
Linux#

Running Bash from CLI

The following example shows how to run a bash command from the CLI with the run bash <command> command:

switch# run bash ps -el
F S   UID   PID  PPID  C PRI  NI ADDR SZ WCHAN  TTY          TIME CMD
4 S     0     1     0  0  80   0 -   497 select ?        00:00:08 init
5 S     0     2     0  0  75  -5 -     0 kthrea ?        00:00:00 kthreadd
1 S     0     3     2  0 -40   - -     0 migrat ?        00:00:00 migration/0
1 S     0     4     2  0  75  -5 -     0 ksofti ?        00:00:01 ksoftirqd/0
5 S     0     5     2  0  58   - -     0 watchd ?        00:00:00 watchdog/0
1 S     0     6     2  0 -40   - -     0 migrat ?        00:00:00 migration/1
1 S     0     7     2  0  75  -5 -     0 ksofti ?        00:00:00 ksoftirqd/1
5 S     0     8     2  0  58   - -     0 watchd ?        00:00:00 watchdog/1
1 S     0     9     2  0 -40   - -     0 migrat ?        00:00:00 migration/2
1 S     0    10     2  0  75  -5 -     0 ksofti ?        00:00:00 ksoftirqd/2
5 S     0    11     2  0  58   - -     0 watchd ?        00:00:00 watchdog/2
1 S     0    12     2  0 -40   - -     0 migrat ?        00:00:00 migration/3
1 S     0    13     2  0  75  -5 -     0 ksofti ?        00:00:00 ksoftirqd/3
5 S     0    14     2  0  58   - -     0 watchd ?        00:00:00 watchdog/3

...

4 S     0  8864     1  0  80   0 -  2249 wait   ttyS0    00:00:00 login
4 S  2002 28073  8864  0  80   0 - 69158 select ttyS0    00:00:00 vsh
4 R     0 28264  3782  0  80   0 - 54790 select ?        00:00:00 in.dcos-telnet
4 S     0 28265 28264  0  80   0 -  2247 wait   pts/0    00:00:00 login
4 S  2002 28266 28265  0  80   0 - 69175 wait   pts/0    00:00:00 vsh
1 S  2002 28413 28266  0  80   0 - 69175 wait   pts/0    00:00:00 vsh
0 R  2002 28414 28413  0  80   0 -   887 -      pts/0    00:00:00 ps
switch#

Installing RPMs from Bash

Procedure

  Command or Action Purpose
Step 1

sudo yum installed | grep platform

Displays a list of the NX-OS feature RPMs installed on the switch.

Step 2

sudo yum list available

Displays a list of the available RPMs.

Step 3

sudo yum -y install rpm

Installs an available RPM.

Example

The following is an example of installing the bfd RPM:

bash-4.2$ sudo yum list installed | grep n9000
base-files.n9000                        3.0.14-r74.2                   installed
bfd.lib32_n9000                         1.0.0-r0                       installed
core.lib32_n9000                        1.0.0-r0                       installed
eigrp.lib32_n9000                       1.0.0-r0                       installed
eth.lib32_n9000                         1.0.0-r0                       installed
isis.lib32_n9000                        1.0.0-r0                       installed
lacp.lib32_n9000                        1.0.0-r0                       installed
linecard.lib32_n9000                    1.0.0-r0                       installed
lldp.lib32_n9000                        1.0.0-r0                       installed
ntp.lib32_n9000                         1.0.0-r0                       installed
nxos-ssh.lib32_n9000                    1.0.0-r0                       installed
ospf.lib32_n9000                        1.0.0-r0                       installed
perf-cisco.n9000_gdb                    3.12-r0                        installed
platform.lib32_n9000                    1.0.0-r0                       installed
shadow-securetty.n9000_gdb              4.1.4.3-r1                     installed
snmp.lib32_n9000                        1.0.0-r0                       installed
svi.lib32_n9000                         1.0.0-r0                       installed
sysvinit-inittab.n9000_gdb              2.88dsf-r14                    installed
tacacs.lib32_n9000                      1.0.0-r0                       installed
task-nxos-base.n9000_gdb                1.0-r0                         installed
tor.lib32_n9000                         1.0.0-r0                       installed
vtp.lib32_n9000                         1.0.0-r0                       installed
bash-4.2$ sudo yum list available
bgp.lib32_n9000                         1.0.0-r0
bash-4.2$ sudo yum -y install bfd

Upgrading Feature RPMs

Before you begin

There must be a higher version of the RPM in the yum repository.

Procedure

Command or Action Purpose

sudo yum -y upgrade rpm

Upgrades an installed RPM.

Example

The following is an example of upgrading the bfd RPM:

bash-4.2$ sudo yum -y upgrade bfd

Downgrading a Feature RPM

Procedure

Command or Action Purpose

sudo yum -y downgrade rpm

Downgrades the RPM if any of the dnf repositories has a lower version of the RPM.

Example

The following example shows how to downgrade the bfd RPM:

bash-4.2$ sudo yum -y downgrade bfd

Erasing a Feature RPM


Note

The SNMP RPM and the NTP RPM are protected and cannot be erased.

You can upgrade or downgrade these RPMs. It requires a system reload for the upgrade or downgrade to take effect.

For the list of protected RPMs, see /etc/yum/protected.d/protected_pkgs.conf.


Procedure

Command or Action Purpose

sudo yum -y erase rpm

Erases the RPM.

Example

The following example shows how to erase the bfd RPM:

bash-4.2$ sudo yum -y erase bfd

Support for DME Modularity

Beginning with NX-OS release 9.3(1), the Cisco NX-OS image supports DME modularity, which interoperates with the switch's RPM manager to enable non-intrusive upgrade or downgrade of DME RPMs. Non-intrusive upgrade or downgrade enables installing RPMs without performing a system restart and prevents disturbing other applications that have their configs in the DME database. DME Modularity enables you to apply model changes to the switch without an ISSU or system reload.


Note

After loading the DME RPM, you must restart VSH to enable querying the new MOs.


Installing the DME RPMs

By default, the base DME RPM, which is a mandatory upgradeable RPM package, is installed and active when you upgrade to NX-OS release 9.3(1). The DME RPM is installed in the default install directory for RPM files, which is /rpms.

If you make code or model changes, you will need to install the DME RPM. To install it, use either the NX-OS RPM manager, which uses the install command, or standard RPM tools, such as yum . If you use yum , you will need access to the switch's Bash shell.

Procedure


Step 1

copy path-to-dme-rpm bootflash: [//sup-#][ /path]

Example:

switch-1# copy scp://test@10.1.1.1/dme-2.0.1.0-9.3.1.lib32_n9000.rpm bootflash://  
switch-1#

Copies the DME RPM to bootflash through SCP.

Step 2

Choose any of the following methods to install or upgrade the DME RPM.

To use the NX-OS install command:

  • install add path-to-dme-rpm activate

    Example:
    switch-1#install add dme-2.0.1.0-9.3.1.lib32_n9000.rpm activate
    Adding the patch (/dme-2.0.1.0-9.3.1.lib32_n9000.rpm)
    [####################] 100%
    Install operation 90 completed successfully at Fri Jun  7 07:51:58 2019
    
    Activating the patch (/dme-2.0.1.0-9.3.1.lib32_n9000.rpm)
    [####################] 100%
    Install operation 91 completed successfully at Fri Jun  7 07:52:35 2019
    switch-1#
  • install add path-to-dme-rpm activate upgrade

    Example:
    switch-1#install add dme-2.0.1.0-9.3.1.lib32_n9000.rpm activate upgrade
    Adding the patch (/dme-2.0.1.0-9.3.1.lib32_n9000.rpm)
    [####################] 100%
    Install operation 87 completed successfully at Fri Jun  7 07:18:55 2019
    
    Activating the patch (/dme-2.0.1.0-9.3.1.lib32_n9000.rpm)
    [####################] 100%
    Install operation 88 completed successfully at Fri Jun  7 07:19:35 2019
    switch-1#
  • install add path-to-dme-rpm then install activate path-to-dme-rpm

    Example:
    switch-1#install add bootflash:dme-2.0.1.0-9.3.1.lib32_n9000.rpm
    [####################] 100%
    Install operation 92 completed successfully at Fri Jun  7 09:31:04 2019
    switch-1#install activate dme-2.0.1.0-9.3.1.lib32_n9000.rpm
    [####################] 100%
    Install operation 93 completed successfully at Fri Jun  7 09:31:55 2019
    switch-1#

To use yum install :

  • yum install --add path-to-dme-rpm
    switch-1# yum install --add bootflash:///dme-2.0.10.0-9.3.1.lib32_n9000.rpm
    Loaded plugins: downloadonly, importpubkey, localrpmDB, patchaction, patching,
                  : protect-packages
    [##################  ] 90%Install operation 96 completed successfully at Fri Jun  7 22:58:50 2019.
    
    [####################] 100%
    switch-1# 
  • yum install --no-persist --nocommit path-to-dme-rpm

    This option requires user intervention, as shown below.

    Example:

    switch-1# yum install --no-persist --nocommit dme-2.0.10.0-9.3.1.lib32_n9000
    Loaded plugins: downloadonly, importpubkey, localrpmDB, patchaction, patching,
                  : protect-packages
    groups-repo                                              | 1.1 kB     00:00 ... 
    localdb                                                  |  951 B     00:00 ... 
    localdb/primary                                          | 6.2 kB     00:00 ... 
    localdb                                                                     2/2
    patching                                                 |  951 B     00:00 ... 
    thirdparty                                               |  951 B     00:00 ... 
    wrl-repo                                                 |  951 B     00:00 ... 
    Setting up Install Process
    Resolving Dependencies
    --> Running transaction check
    ---> Package dme.lib32_n9000 0:2.0.1.0-9.3.1 will be updated
    ---> Package dme.lib32_n9000 0:2.0.10.0-9.3.1 will be an update
    --> Finished Dependency Resolution
    
    Dependencies Resolved
    
    ================================================================================
     Package     Arch                Version                  Repository       Size
    ================================================================================
    Updating:
     dme         lib32_n9000         2.0.10.0-9.3.1           localdb          45 M
    
    Transaction Summary
    ================================================================================
    Upgrade       1 Package
    
    Total download size: 45 M
    Is this ok [y/N]: y
    Retrieving key from file:///etc/pki/rpm-gpg/arm-Nexus9k-dev.gpg
    Downloading Packages:
    Running Transaction Check
    Running Transaction Test
    Transaction Test Succeeded
    Running Transaction
    /bootflash/.rpmstore/config/etc/pki/rpm-gpg/arm-Nexus9k-dev.gpg
    System at HA Standby, running transaction on Standby first
      Updating   : dme-2.0.10.0-9.3.1.lib32_n9000                               1/2 
    starting pre-install package version mgmt for dme
    pre-install for dme complete
    ln: failed to create symbolic link /var/run/mgmt/sharedmeta-hash: File exists
    ln: failed to create symbolic link /var/run/mgmt/dme-objstores.conf: File exists
    ln: failed to create symbolic link /var/run/mgmt/samlog.config: File exists
    mgmt/
    mgmt/shmetafiles/
    mgmt/shmetafiles/sharedmeta-ArgMetaData
    mgmt/shmetafiles/sharedmeta-RelsMetaData
    mgmt/shmetafiles/sharedmeta-ClassRelMetaData
    mgmt/shmetafiles/sharedmeta-ChunkMetaData
    mgmt/shmetafiles/sharedmeta-ConstPropMetaData
    mgmt/shmetafiles/sharedmeta-ConstIdMetaData
    mgmt/shmetafiles/sharedmeta-ClassMetaData
    mgmt/shmetafiles/sharedmeta-PropRefsMetaData
    mgmt/shmetafiles/sharedmeta-SvcMetaData
    mgmt/shmetafiles/sharedmeta-ActionContextMetaData
    mgmt/shmetafiles/sharedmeta-ConstDefTypeMetaData
    mgmt/shmetafiles/sharedmeta-ConstArgMetaData
    mgmt/shmetafiles/sharedmeta-ClassNamingMetaData
    mgmt/shmetafiles/sharedmeta-ConstMetaData
    mgmt/shmetafiles/sharedmeta-PropMetaData
    mgmt/shmetafiles/sharedmeta-DnMetaData
      Cleanup    : dme-2.0.1.0-9.3.1.lib32_n9000                                2/2 
    
    Updated:
      dme.lib32_n9000 0:2.0.10.0-9.3.1                                              
    
    Complete!
    switch-1# 

Verifying the Installed RPM

You can verify that the DME RPM is installed by using either the NX-OS show install command or yum list .

Procedure


Choose the method:

  • For NX-OS:

    show install active

    Example:

    switch-1# show install active
    Boot Image:
            NXOS Image: bootflash:///<boot_image.bin>
    
    Active Packages:
            dme-2.0.1.0-9.3.1.lib32_n9000
    switch-1#
  • For yum list , you must log in to the switch's Bash shell (run bash ) before issuing the yum commands.

    yum list --patch-only installed | grep dme

    Example:
    switch-1# yum list --patch-only installed | grep dme
    dme.lib32_n9000                        2.0.1.0-9.3.1                   @localdb 
    

Querying for the RPM in the Local Repo

You can query the on-switch (local) repo to verify that the RPM is present.

Procedure


Step 1

run bash

Example:

switch-1# run bash
bash-4.3$ 

Logs in to the switch's Bash shell.

Step 2

ls /bootflash/.rpmstore/patching/localrepo/dme-2.0.1.0-9.3.1.lib32_n9000.rpm

Example:

bash-4.3$ ls /bootflash/.rpmstore/patching/localrepo/dme-2.0.1.0-9.3.1.lib32_n9000.rpm
inactive_feature_rpms.inf
repodata

bash-4.3$ 

When the base DME RPM is installed, it is in /rpms.


Downgrading Between Versions of DME RPM

You can downgrade from a higher version of DME RPM to a lower version through either the NX-OS install command or yum . By downgrading, you retain the DME Modularity functionality.

The DME RPM is protected, so install deactivate and install remove are not supported.

Procedure


Choose the downgrade method:

For NX-OS:
  • install add path-to-dme-rpm activate downgrade

    Example:

    switch-1# install add bootflash:dme-2.0.1.0-9.3.1.lib32_n9000.rpm activate downgrade
    Adding the patch (/dme-2.0.1.0-9.3.1.lib32_n9000.rpm)
    [####################] 100%
    Install operation 94 completed successfully at Fri Jun  7 22:48:34 2019
    
    Activating the patch (/dme-2.0.1.0-9.3.1.lib32_n9000.rpm)
    [####################] 100%
    Install operation 95 completed successfully at Fri Jun  7 22:49:12 2019
    switch-1# 
  • show install active | include dme

    Example:

    switch-1# show install active | include dme
            dme-2.0.1.0-9.3.1.lib32_n9000
    switch-1#

In this example, the DME RPM was downgraded to version 2.0.1.0-9.3.1.

For yum , you must run commands in Bash shell as root user (run bash sudo su ):

  • In Bash, run yum downgrade dme dme-rpm .

    This option enables you download directly to a lower version of DME RPM in the repository.

    This option option requires user intervention to complete as highlighted in the following command output.

    Example:

    bash-4.3# yum downgrade dme 2.0.1.0-9.3.1
    Loaded plugins: downloadonly, importpubkey, localrpmDB, patchaction, patching,
                  : protect-packages
    Setting up Downgrade Process
    groups-repo                                              | 1.1 kB     00:00 ... 
    localdb                                                  |  951 B     00:00 ... 
    patching                                                 |  951 B     00:00 ... 
    thirdparty                                               |  951 B     00:00 ... 
    wrl-repo                                                 |  951 B     00:00 ... 
    Resolving Dependencies
    --> Running transaction check
    ---> Package dme.lib32_n9000 0:2.0.1.0-9.3.1 will be a downgrade
    ---> Package dme.lib32_n9000 0:2.0.10.0-9.3.1 will be erased
    --> Finished Dependency Resolution
    
    Dependencies Resolved
    ================================================================================
     Package     Arch                Version                  Repository       Size
    ================================================================================
    Downgrading:
     dme         lib32_n9000         2.0.10.0-9.3.1            localdb          45 M
    
    Transaction Summary
    ================================================================================
    Downgrade     1 Package
    
    Total download size: 45 M
    Is this ok [y/N]: y
    Retrieving key from file:///etc/pki/rpm-gpg/arm-Nexus9k-dev.gpg
    Downloading Packages:
    Running Transaction Check
    Running Transaction Test
    Transaction Test Succeeded
    Running Transaction
    /bootflash/.rpmstore/config/etc/pki/rpm-gpg/arm-Nexus9k-dev.gpg
    System at HA Standby, running transaction on Standby first
      Installing : dme-2.0.1.0-9.3.1.lib32_n9000                                1/2 
    starting pre-install package version mgmt for dme
    pre-install for dme complete
    ln: failed to create symbolic link /var/run/mgmt/sharedmeta-hash: File exists
    ln: failed to create symbolic link /var/run/mgmt/dme-objstores.conf: File exists
    ln: failed to create symbolic link /var/run/mgmt/samlog.config: File exists
    mgmt/
    mgmt/shmetafiles/
    mgmt/shmetafiles/sharedmeta-ArgMetaData
    mgmt/shmetafiles/sharedmeta-RelsMetaData
    mgmt/shmetafiles/sharedmeta-ClassRelMetaData
    mgmt/shmetafiles/sharedmeta-ChunkMetaData
    mgmt/shmetafiles/sharedmeta-ConstPropMetaData
    mgmt/shmetafiles/sharedmeta-ConstIdMetaData
    mgmt/shmetafiles/sharedmeta-ClassMetaData
    mgmt/shmetafiles/sharedmeta-PropRefsMetaData
    mgmt/shmetafiles/sharedmeta-SvcMetaData
    mgmt/shmetafiles/sharedmeta-ActionContextMetaData
    mgmt/shmetafiles/sharedmeta-ConstDefTypeMetaData
    mgmt/shmetafiles/sharedmeta-ConstArgMetaData
    mgmt/shmetafiles/sharedmeta-ClassNamingMetaData
    mgmt/shmetafiles/sharedmeta-ConstMetaData
    mgmt/shmetafiles/sharedmeta-PropMetaData
    mgmt/shmetafiles/sharedmeta-DnMetaData
      Cleanup    : dme-2.0.10.0-9.3.1.lib32_n9000                               2/2 
    
    Removed:
      dme.lib32_n9000 0:2.0.10.0-9.3.1                                              
    
    Installed:
      dme.lib32_n9000 0:2.0.1.0-9.3.1                                               
    
    Complete!
    
    

    Downgrades from one version of DME RPM to a lower version. In this example, version 2.0.10.0-9.3.1 is downgraded to version 2.0.1.0-9.3.1.

  • yum list --patch-only installed | grep dme

    Example:
    bash-4.3# yum list --patch-only installed | grep dme
    dme.lib32_n9000                        2.0.1.0-9.3.1                @groups-repo
    bash-4.3# 

    Displays the installed version of DME RPM.


Downgrading to the Base RPM

You can downgrade from a higher version of the DME RPM to the base DME RPM by either installing the base DME RPM through the NX-OS install command or using yum downgrade .

Procedure


Choose the downgrade method:

For NX-OS:
  • install activate dme-rpm

    Example:

    switch-1# install activate dme-2.0.0.0-9.2.1.lib32_n9000.rpm
    [####################] 100%
    Install operation 89 completed successfully at Fri Jun  7 07:21:45 2019
    switch-1#
  • show install active | dme

    Example:

    switch-1# show install active | include dme
            dme-2.0.0.0-9.2.1.lib32_n9000
    switch-1#

For yum , you must run commands in Bash shell as root user (run bash sudo su ):

  • In Bash, run yum downgrade dme dme-rpm .

    This option enables downgrading directly to the base DME RPM.

    This option requires user intervention to complete as highlighted in the following command output.

    Example:

    bash-4.3# yum downgrade dme-2.0.0.0-9.3.1.lib32_n9000
    Loaded plugins: downloadonly, importpubkey, localrpmDB, patchaction, patching,
                  : protect-packages
    Setting up Downgrade Process
    groups-repo                                              | 1.1 kB     00:00 ... 
    localdb                                                  |  951 B     00:00 ... 
    patching                                                 |  951 B     00:00 ... 
    thirdparty                                               |  951 B     00:00 ... 
    wrl-repo                                                 |  951 B     00:00 ... 
    Resolving Dependencies
    --> Running transaction check
    ---> Package dme.lib32_n9000 0:2.0.0.0-9.3.1 will be a downgrade
    ---> Package dme.lib32_n9000 0:2.0.10.0-9.3.1 will be erased
    --> Finished Dependency Resolution
    
    Dependencies Resolved
    
    ================================================================================
    Package    Arch               Version                 Repository          Size
    ================================================================================
    Downgrading:
    dme        lib32_n9000        2.0.0.0-9.3.1           groups-repo         44 M
    
    Transaction Summary
    ================================================================================
    Downgrade     1 Package
    
    Total download size: 44 M
    Is this ok [y/N]: y
    Downloading Packages:
    Running Transaction Check
    Running Transaction Test
    Transaction Test Succeeded
    Running Transaction
      Installing : dme-2.0.0.0-9.3.1.lib32_n9000                                1/2 
    starting pre-install package version mgmt for dme
    pre-install for dme complete
    mgmt/
    mgmt/shmetafiles/
    mgmt/shmetafiles/sharedmeta-ChunkMetaData
    mgmt/shmetafiles/sharedmeta-ClassMetaData
    mgmt/shmetafiles/sharedmeta-ArgMetaData
    mgmt/shmetafiles/sharedmeta-ConstMetaData
    mgmt/shmetafiles/sharedmeta-ConstIdMetaData
    mgmt/shmetafiles/sharedmeta-ConstDefTypeMetaData
    mgmt/shmetafiles/sharedmeta-ConstPropMetaData
    mgmt/shmetafiles/sharedmeta-ConstArgMetaData
    mgmt/shmetafiles/sharedmeta-ClassRelMetaData
    mgmt/shmetafiles/sharedmeta-DnMetaData
    mgmt/shmetafiles/sharedmeta-PropRefsMetaData
    mgmt/shmetafiles/sharedmeta-PropMetaData
    mgmt/shmetafiles/sharedmeta-RelsMetaData
    mgmt/shmetafiles/sharedmeta-ActionContextMetaData
    mgmt/shmetafiles/sharedmeta-SvcMetaData
    mgmt/shmetafiles/sharedmeta-ClassNamingMetaData
      Cleanup    : dme-2.0.10.0-9.3.1.lib32_n9000                               2/2 
    
    Removed:
      dme.lib32_n9000 0:2.0.10.0-9.3.1                                              
    
    Installed:
      dme.lib32_n9000 0:2.0.0.0-9.3.1                                               
    
    Complete!
    bash-4.3# 

    Installs the base DME RPM.

  • yum list --patch-only installed | grep dme

    Example:
    bash-4.3# yum list --patch-only installed | grep dme
    dme.lib32_n9000                        2.0.0.0-9.3.1                @groups-repo
    bash-4.3# 

    Displays the installed base DME RPM.


Persistently Daemonizing an SDK- or ISO-built Third Party Process

Your application should have a startup Bash script that gets installed in /etc/init.d/application_name. This startup Bash script should have the following general format (for more information on this format, see http://linux.die.net/man/8/chkconfig).

#!/bin/bash
#
# <application_name> Short description of your application
#
# chkconfig: 2345 15 85
# description: Short description of your application
#
### BEGIN INIT INFO
# Provides: <application_name>
# Required-Start: $local_fs $remote_fs $network $named
# Required-Stop: $local_fs $remote_fs $network
# Description: Short description of your application
### END INIT INFO
# See how we were called.
case "$1" in
start)
# Put your startup commands here
# Set RETVAL to 0 for success, non-0 for failure
;;
stop)
# Put your stop commands here
# Set RETVAL to 0 for success, non-0 for failure
;;
status)
# Put your status commands here
# Set RETVAL to 0 for success, non-0 for failure
;;
restart|force-reload|reload)
# Put your restart commands here
# Set RETVAL to 0 for success, non-0 for failure
;;
*)
echo $"Usage: $prog {start|stop|status|restart|force-reload}"
RETVAL=2
esac
 
exit $RETVAL

Persistently Starting Your Application from the Native Bash Shell

Procedure


Step 1

Install your application startup Bash script that you created into /etc/init.d/application_name

Step 2

Start your application with /etc/init.d/application_name start

Step 3

Enter chkconfig --add application_name

Step 4

Enter chkconfig --level 3 application_name on

Run level 3 is the standard multi-user run level, and the level at which the switch normally runs.

Step 5

Verify that your application is scheduled to run on level 3 by running chkconfig --list application_name and confirm that level 3 is set to on

Step 6

Verify that your application is listed in /etc/rc3.d. You should see something like this, where there is an 'S' followed by a number, followed by your application name (tcollector in this example), and a link to your Bash startup script in ../init.d/application_name


bash-4.2# ls -l /etc/rc3.d/tcollector

lrwxrwxrwx 1 root root 20 Sep 25 22:56 /etc/rc3.d/S15tcollector -> ../init.d/tcollector

bash-4.2#

Copy Through Kstack

In Cisco NX-OS release 9.3(1) and later, file copy operations have the option of running through a different network stack by using the use-kstack option. Copying files through use-kstack enables faster copy times. This option can be beneficial when copying files from remote servers that are multiple hops from the switch. The use-kstack option work with copying files from, and to, the switch though standard file copy features, such as scp and sftp.


Note

The use-kstack option does not work when the switch is running the FIPS mode feature. If the switch has FIPS mode that is enabled, the copy operation is still successful, but through the default copy method.

To copy through use-kstack , append the argument to the end of an NX-OS copy command. Some examples:

switch-1# copy scp://test@10.1.1.1/image.bin . vrf management use-kstack 
switch-1#
switch-1# copy scp://test@10.1.1.1/image.bin bootflash:// vrf management use-kstack 
switch-1#
switch-1# copy scp://test@10.1.1.1/image.bin . use-kstack 
switch-1#
switch-1# copy scp://test@10.1.1.1/image.bin bootflash:// vrf default use-kstack 
switch-1#

The use-kstack option is supported for all NX-OS copy commands and file systems. The option is OpenSSL (Secure Copy) certified.

An Example Application in the Native Bash Shell

The following example demonstrates an application in the Native Bash Shell:

bash-4.2# cat /etc/init.d/hello.sh
#!/bin/bash
 
PIDFILE=/tmp/hello.pid
OUTPUTFILE=/tmp/hello
 
echo $$ > $PIDFILE
rm -f $OUTPUTFILE
while true
do
    echo $(date) >> $OUTPUTFILE
    echo 'Hello World' >> $OUTPUTFILE
    sleep 10
done
bash-4.2#
bash-4.2#
bash-4.2# cat /etc/init.d/hello
#!/bin/bash
#
# hello Trivial "hello world" example Third Party App
#
# chkconfig: 2345 15 85
# description: Trivial example Third Party App
#
### BEGIN INIT INFO
# Provides: hello
# Required-Start: $local_fs $remote_fs $network $named
# Required-Stop: $local_fs $remote_fs $network
# Description: Trivial example Third Party App
### END INIT INFO
 
PIDFILE=/tmp/hello.pid
 
# See how we were called.
case "$1" in
start)
    /etc/init.d/hello.sh &
    RETVAL=$?
;;
stop)
    kill -9 `cat $PIDFILE`
    RETVAL=$?
;;
status)
    ps -p `cat $PIDFILE`
    RETVAL=$?
;;
restart|force-reload|reload)
    kill -9 `cat $PIDFILE`
    /etc/init.d/hello.sh &
    RETVAL=$?
;;
*)
echo $"Usage: $prog {start|stop|status|restart|force-reload}"
RETVAL=2
esac
 
exit $RETVAL
bash-4.2#
bash-4.2# chkconfig --add hello
bash-4.2# chkconfig --level 3 hello on
bash-4.2# chkconfig --list hello
hello           0:off   1:off   2:on    3:on    4:on    5:on    6:off
bash-4.2# ls -al /etc/rc3.d/*hello*
lrwxrwxrwx 1 root root 15 Sep 27 18:00 /etc/rc3.d/S15hello -> ../init.d/hello
bash-4.2#
bash-4.2# reboot

After reload

bash-4.2# ps -ef | grep hello
root      8790     1  0 18:03 ?        00:00:00 /bin/bash /etc/init.d/hello.sh
root      8973  8775  0 18:04 ttyS0    00:00:00 grep hello
bash-4.2#
bash-4.2# ls -al /tmp/hello*
-rw-rw-rw- 1 root root 205 Sep 27 18:04 /tmp/hello
-rw-rw-rw- 1 root root   5 Sep 27 18:03 /tmp/hello.pid
bash-4.2# cat /tmp/hello.pid
8790
bash-4.2# cat /tmp/hello
Sun Sep 27 18:03:49 UTC 2015
Hello World
Sun Sep 27 18:03:59 UTC 2015
Hello World
Sun Sep 27 18:04:09 UTC 2015
Hello World
Sun Sep 27 18:04:19 UTC 2015
Hello World
Sun Sep 27 18:04:29 UTC 2015
Hello World
Sun Sep 27 18:04:39 UTC 2015
Hello World
bash-4.2#