Shell

Description

This module installs a local shell application. This is a menu-driven rescue utility for your SOP. It runs in a text terminal and is accessible via local console or SSH.

Release notes

Show release notes
Version 1.23.1 - Early deployment
  • Bugfix: Using recovery user to modify admin password was not working - backport (M16945)
  • Bugfix: The password hashes for users of the filemanager were never set properly - backport (M17628)
  • Dependency:
    • SMP >= 4.9.0
    • System Base >= 1.2.1
    • Baseline >= 2
    • Breaks Communication Server < 3.14.0. Please upgrade to at least version 3.14.0 if it is used.
    • Breaks DHCP Server module < 2.5.0. Please upgrade to at least version 2.5.0 if it is used.
    • Breaks KNX Support < 1.1.0. Please upgrade to at least version 1.1.0 if it is used.
    • Breaks NTP Server < 1.9.0. Please upgrade to at least version 1.9.0 if it is used.
    • Breaks Watchdog < 1.5.0. Please upgrade to at least version 1.5.0 if it is used.
    • Breaks Database Server < 2.8.0. Please upgrade to at least version 2.8.0 if it is used.
    • Breaks Sangoma Card Support < 2.14.0. Please upgrade to at least version 2.14.0 if it is used.
    • Breaks SNMP Agent < 3.12.0. Please upgrade to at least version 3.12.0 if it is used.
    • Breaks SOP API < 4.17.0. Please upgrade to at least version 4.17.0 if it is used.
    • Breaks Application Management Server < 3.5.0. Please upgrade to at least version 3.5.0 if it is used.
    • Breaks Fax Server < 2.6.0. Please upgrade to at least version 2.6.0 if it is used.

Version 1.23.0 - Deprecated
  • Feature: Convert plugins to new library model (M14774)
  • Bugfix: Shell plugins were not accessible for escaux user (M13994)
  • Potential update impact level 1 DONE: no critical impact expected. Update can be applied without risk of breaking critical functionality.: You will have to upgrade other modules too. The module documentation lists special upgrade actions for this version (M14774)
  • Deprecated: Login on Fileman was no more possible (M17628)
  • Dependency:
    • SMP >= 4.9.0
    • System Base >= 1.2.1
    • Baseline >= 2
    • Breaks Communication Server < 3.14.0. Please upgrade to at least version 3.14.0 if it is used.
    • Breaks DHCP Server module < 2.5.0. Please upgrade to at least version 2.5.0 if it is used.
    • Breaks KNX Support < 1.1.0. Please upgrade to at least version 1.1.0 if it is used.
    • Breaks NTP Server < 1.9.0. Please upgrade to at least version 1.9.0 if it is used.
    • Breaks Watchdog < 1.5.0. Please upgrade to at least version 1.5.0 if it is used.
    • Breaks Database Server < 2.8.0. Please upgrade to at least version 2.8.0 if it is used.
    • Breaks Sangoma Card Support < 2.14.0. Please upgrade to at least version 2.14.0 if it is used.
    • Breaks SNMP Agent < 3.12.0. Please upgrade to at least version 3.12.0 if it is used.
    • Breaks SOP API < 4.17.0. Please upgrade to at least version 4.17.0 if it is used.
    • Breaks Application Management Server < 3.5.0. Please upgrade to at least version 3.5.0 if it is used.
    • Breaks Fax Server < 2.6.0. Please upgrade to at least version 2.6.0 if it is used.

Version 1.22.1 - Early deployment
  • Bugfix: Shell plugins were not accessible for escaux user (M13994)
  • Bugfix: The module was not installed properly (M14665)
  • Dependency:
    • SMP >= 4.9.0
    • System Base >= 1.2.1
    • Optional: Baseline >= 2 required to capture traffic on all interfaces

Version 1.22.0 - Deprecated
  • Bugfix: Possibly shell injection issues fixed. (M12681)
  • Feature: Added ll, grep and free command. (M12681)
  • Bugfix: Access to unauthorized files prevented. (M12681)
  • Feature: Allow some options for disk_usage, grep, free. (M12681)
  • Feature: Added uptime information to system_info. (M12681)
  • Feature: Allowed access to /tftpboot/* and /etc/crond.d/* files from sopcli (M12681)
  • Bugfix: Add escaux shell to shells list (M13125)
  • Deprecated: Shell plugins were not accessible for escaux user (Backport)(M13994)
  • Dependency:
    • SMP >= 4.9.0
    • System Base >= 1.2.1
    • Optional: Baseline >= 2 required to capture traffic on all interfaces

Version 1.21.1 - Early deployment
  • Bugfix: Not possible to change the password in local admin password module on Baseline 3 (M9008)
  • Bugfix: Removed the ability to shutdown or reboot sop via shortcut command (M11392)
  • Bugfix: Full length of the password is now checked on Baseline 2 and 1 (M11476)
  • Dependency:
    • SMP >= 4.9.0
    • System Base >= 1.2.1
    • Optional: Baseline >= 2 required to capture traffic on all interfaces

Version 1.21.0 - General deployment
  • Improvement: Capture traffic on all interfaces (M11125)
  • Dependency:
    • SMP >= 4.9.0
    • System Base >= 1.2.1
    • Optional: Baseline >= 2 required to capture traffic on all interfaces

Version 1.20.0 - Early deployment
  • Feature: Added diagnostic tools to CLI: system_info ntp_check_sync ntp_resync run_date trace disk_usage (M10394)
  • Dependency:
    • SMP >= 4.9.0
    • System Base >= 1.2.1

Version 1.19.1 - General deployment
  • Improvement: Removed ambiguous version number displayed in the shell interface (M8271)
  • Dependency:
    • SMP >= 4.9.0
    • System Base >= 1.2.1

Version 1.19.0 - General deployment
  • Feature: Added diagnostic tools to CLI: arp cat dpkg_list dpkg_list_escaux dump_to_sftp less ls netstat nslookup ping probe_list probe_run probe_run_all ps pstree ssh telnet top traceroute (M9049)
  • Dependency:
    • SMP >= 4.9.0
    • System Base >= 1.2.1

Version 1.18.0 - General deployment
  • Bugfix: Display correct version number (M8271)
  • Dependency:
    • SMP >= 4.9.0
    • System Base >= 1.2.1

Version 1.17.0 - Early deployment
  • Bugfix: Keyboard was not configured correctly on Baseline 3 with SOPShell (M8075)
  • Bugfix: The feature to configure eth1 could make the Shell unusable on small screens. It was removed. (M8068)
  • Feature: Added keyboard configuration to SOPCli (M8075)
  • Bugfix: Permissions were not correctly set on capture files (M7554)
  • Improvement: Reduce module installation time on high latency networks (M8766)
  • Dependency:
    • SMP >= 4.9.0
    • System Base >= 1.2.1

Version 1.16.0 - General deployment
  • Feature: Added tools to the commandline shell that allow management of the network configuration and the SMP connection. (M7604)
  • Dependency:
    • SMP >= 4.9.0
    • System Base >= 1.2.1

Version 1.15.1 - General deployment
  • Improvement: Enable Asterisk Events logging using Sop Shell (M5926)
  • Improvement: Added the possibility to configure eth1 (M7708)
  • Bugfix: Wrong file permissions on output network captures (M4021)
  • Dependency:
    • SMP >= 4.9.0

Version 1.15.0 - General deployment
  • Feature: Basic command line access on SOP (M7282)
  • Dependency:
    • SMP >= 4.9.0

Version 1.14.6 - Deprecated
  • Bugfix: Packages were not cached between SOP reboots (M7066)
  • Deprecated: This version does not properly limit SCP access (M11014)
  • Dependency:
    • SMP >= 4.9.0

Version 1.14.5 - Deprecated
  • Improvement: Compatibility with the Communication Server module
  • Feature: Added a user recovery in order to change the admin password when this one is forgotten (M2009)
  • Feature: Added possibility to restart ssh (M2959)
  • Bugfix: It was impossible to take a network trace on baseline 2 (M5625)
  • Deprecated: This version does not properly limit SCP access (M11014)
  • Dependency:
    • SMP >= 4.9.0

Version 1.14.4 - Deprecated
  • Bugfix: Test SMP Connection and other functionality not working when logged in as customer (M0005712)
  • Deprecated: This version does not properly limit SCP access (M11014)

Version 1.14.3 - Deprecated
  • Feature: Restore original SSH configuration from the shell (M5073)
  • Improvement: Improve capture traffic (M3737)
  • Deprecated: Customer view not working (M5712)

Version 1.14.2 - Deprecated
  • Bugfix: events logfile was removed when setting the asterisk debug level (M0005181)
  • Deprecated: Customer view not working (M5712)

Version 1.14.1 - Deprecated
  • Bugfix: Allow reboot and shutdown of sop by user customer (M0005030)
  • Deprecated: Customer view not working (M5712)

Version 1.14.0 - Deprecated
  • Feature: New read only file viewer for configuration files. (M0004898)
  • Deprecated: Customer view not working (M5712)

Version 1.13.2 - Deprecated
  • Bugfix: Shell was taking 100% CPU when running on a VSOP console (M0004898)
  • Deprecated: Customer view not working (M5712)

Version 1.13.1 - Deprecated
  • Bugfix: next partition to boot always shows sop1 (M0004691)
  • Deprecated: Customer view not working (M5712)

Version 1.13.0 - Deprecated
  • Feature: multiview depending on user logged in (M0004690)
  • Deprecated: Customer view not working (M5712)

Version 1.12.9 - Deprecated
  • Bugfix: start and stop plugin DHCP server (M0003713)
  • Bugfix: show leases on baseline 2 fixed
  • Deprecated: This version does not properly limit SCP access (M11014)

Version 1.12.4 - Deprecated
  • Improvement: Allow more permissive capture filters.
  • Deprecated: This version does not properly limit SCP access (M11014)

Version 1.12.3 - Deprecated
  • Feature: DHCP diagnostic tool (M0003861)
  • Feature: On baseline 1 : shows alert if default password is still set
  • Deprecated: This version does not properly limit SCP access (M11014)

Version 1.12.2 - Deprecated
  • Feature: Capture network traffic with custom filter and in the background (M0003864)
  • Bugfix: Only list packages actually installed (M0003860)
  • Bugfix: Show DHCP leases not working on dhcpd v3 (M0003863)
  • Deprecated: This version does not properly limit SCP access (M11014)

Version 1.12.1 - Deprecated
  • Limitation: Cannot change keyboard layout and timezone on Baseline 2
  • Deprecated: This version does not properly limit SCP access (M11014)

Version 1.12.0 - Deprecated
  • Feature: Added support for baseline 2.0 (M0003103)
  • Bugfix: ha status not updated unless restart (M0000458)
  • Bugfix: SMP cannot connect to SOP after key regeneration because sshd is still up. It needs to be restarted (M0002140)
  • Deprecated: This version does not properly limit SCP access (M11014)

Version 1.11.0 - Deprecated
  • Bugfix: HA status not updated unless restart (M0000458)
  • Bugfix: SMP cannot connect to SOP after key regeneration because sshd is still up. It needs to be restarted (M0002140)
  • Deprecated: This version does not properly limit SCP access (M11014)

Version 1.10.0 - Deprecated
  • Improvement: BRI plugin removed (moved to the Dialogic Card Support module) (M0001512)
  • Improvement: Allow to change ethernet speed/duplex (using ethtool)
  • Deprecated: This version does not properly limit SCP access (M11014)

Version 1.9.0 - Deprecated
  • Improvement: BRI plugin removed (moved to the Dialogic Card Support module)
  • Bugfix: Don't reconnect ssh after regenerating authentication keys (avoids losing management if used from remote)
  • Deprecated: This version does not properly limit SCP access (M11014)

Version 1.8.0 - Deprecated
  • Fixes bug: accidentally reboot to maintenance partition if no partition selected
  • Separate simple reboot function (from reboot to other partition)
  • New tool: Diagnostics > System > Information
  • New tool: Diagnostics > System > Installed Packages
  • Cosmetic changes and minor bugfixes

Version 1.7.0 - Deprecated
  • Feature: Replace tcpdump by tethereal
  • Feature: Add sop and authentication key management
  • Feature: Show SOPKEY
  • Feature: Add PCI card listing
  • Feature: Add asterisk log settings and viewer
  • Feature: Add asterisk cdr viewer
  • Feature: Add capture traffic by host complete view
  • Feature: Add capture traffic by host review feature
  • Feature: Add capture traffic download through file manager feature
  • Feature: Add pause after any log capture to let review the output
  • Deprecated: This version does not properly limit SCP access (M11014)

Version 1.6.0 - Deprecated
  • Feature: Allows changing standby_ip when using HA
  • Feature: Compatible with debian etch
  • Deprecated: This version does not properly limit SCP access (M11014)

Version 1.5.0 - Deprecated
  • Feature: High-availability plug in support
  • Deprecated: This version does not properly limit SCP access (M11014)

Version 1.4.0 - Deprecated
  • Bugfix: Fixed failure to reboot
  • Deprecated: This version does not properly limit SCP access (M11014)

Version 1.3.0 - Deprecated
  • Deprecated: This version does not properly limit SCP access (M11014)

Version 1.2.0 - Deprecated
  • Deprecated: This version does not properly limit SCP access (M11014)

Version 1.1.0 - Deprecated
  • Feature: Initial version
  • Deprecated: This version does not properly limit SCP access (M11014)

Module configuration interface

create_resource_form: .:/usr/share/escaux/glue/lib:/usr/share/escaux/glue/bin/gen_wiki_documentation/src/lib:/usr/share/escaux/glue/bin/gen_wiki_documentation/src/lib/

No parameters to configure.

Module configuration parameters

(this module has no configurable parameters)

Introduction

The SOP shell enables you to test some important features of your SOP. It enables you to do some minimal configuration, only to restore connexion to the SMP, where the configuration of the SOP should normally be done.

Opening a Shell

You can use this application by:
  • connecting a screen and a keyboard directly to the server
  • using SSH, on windows for example you can use the Putty client.

When you connect, the shell will open automatically. You will be able to see the welcome screen. On top there will be the menu bar.
  • ESC: reset the cursor to the first menu item (System)
  • Navigate via mouse or keybord arrows

Credentials:

  • Three user levels are available:
    • "admin" (all shell functionalities)
    • "customer" (restricted functionalities)
    • "recovery" (allows to reset the admin password)
  • The default password is the same name as the login for the "admin" and "customer" user levels but they can be changed via the module "local admin password" (to be installed via the SMP web interface, higly recommended)
  • For the recovery user level, the password is uniquely generated and is accessible on the SMP in the "Advanced->Server Configuration" page for smpadmin users.

There are 4 main menus.

  • System - This menu contains functions proper to the system.
    • Shutdown
    • Reboot
    • Reboot on other partition
    • Exit Shell
  • Configuration - This menu allows you to make actual changes to the configuration. For example change the IP address or the timezone.
  • Diagnostics - This menu allows you to run tests, check logs and traces, which can lead you to a solution. For example tools like traceroute and ping are available in this menu.
  • Subsystems - This menu lists all the subsystems (services), for each one of them, if implemented, you can start, stop and restart them.

Shell.png

Configuration

In the configuration menu you will be able to :
  • Change password - It will change the password of the 'admin' user, the one you use to access the Shell.
  • Change the timezone and the keyboard layout - For each one of them a wizard will guide you select the correct configuration.
  • Set up you network configuration
    • Manually - This option will bring up a window were you are able to change your IP address, the Netmask, default gateway and the DNS servers.
    • Automatically, using DHCP - This option will try to get your IP address, the Netmask, default gateway and the DNS servers automatically from your DHCP server.
  • Change SMP.
  • Handle your authentication keys.
  • Restore the original SSH Server configuration.

Diagnostics

In the diagnostics menu you will be able to use the following tools :
  • SMP Connection - Allows you to check all the parameters needed to obtain a connection from the SOP to the SMP.
  • System
    • Information
    • List of correctly installed escaux packages
    • CPU/Memory usage (top)
    • Disk usage
    • View the system log (/var/log/messages)
    • View driver messages (dmesg)
  • Network
    • Ping - Insert a host name or a IP address in the displayed field then click on OK, a ping will be done to the specified host.
    • Traceroute - Insert a host name or a IP address in the displayed field then click on OK, a traceroute will be done to the specified host.
    • Status of ethernet connection
    • Routing table - Displays the routing table
    • ARP table - Displays the ARP table
    • Sockets - Displays network connections (both incoming and outgoing)
    • Capture traffic by host - Here you can capture the network traffic, view it real-time on the screen, or save it to a file (you are able to retrieve this file using the file manager), so that you can analyze the traffic using a tool like wireshark. When the "write on file manager" option is used, a binary file "tethereal.pcap" will be written on disk, in the "network_captures" directory, no matter the mode chosen. If "write on disk" is set to "no" and if the "complete" mode is used, the details of the packets received will be printed to screen. With the "brief" mode, only the summary of the packet will be printed to screen.
    • Start Capture Traffic, same as above but you can use your own capture filters, and save the capture to a specific file. You can also make a background capture that will run even if you close the terminal. The files will be available on the file manager in the network_captures directory. When typing the file's name, please do not enter an extension, a "pcap" extension will be added. Note that the default filename for the capture file is "tethereal", it will be used if no filename is provided for both the "foreground + write to file" and the "background" mode. In both cases, the capture file will be available in the file manager.
    • Stop Capture Traffic - Stops all running captures.
    • View Capture Traffic - Displays the content of a capture file. When typing the file's name, please do not enter an extension, a "pcap" extension will be added.
  • Telephony
    • Set debug level of asterisk
    • View the asterisk log
    • View Asterisk Call Data Records
    • Capture SIP traffic
    • Capture TFTP traffic
    • Display the asterisk console
    • Debug asterisk startup - shows the asterisk console log.
  • PCI cards - lists all the recognizes PCI cards.
  • Email
    • Send a test email - Allows you to check if emails are sent correctly.
    • Show mail queue - Allows you to check the unsent mails.
    • Run mail queue - Sends all the unsent mails.

There are 2 main menus.

  • System - This menu contains functions proper to the system.
    • Shutdown
    • Reboot
    • Reboot on other partition
  • Diagnostics - This menu allows you to run tests, check logs and traces, which can lead you to a solution. For example tools like traceroute and ping are available in this menu.

Diagnostics

In the diagnostics menu you will be able to use the following tools :
  • SMP Connection - Allows you to check all the parameters needed to obtain a connection from the SOP to the SMP.
  • System
    • Information
    • List of correctly installed escaux packages
    • CPU/Memory usage (top)
    • Disk usage
  • Network
    • Ping - Insert a host name or a IP address in the displayed field then click on OK, a ping will be done to the specified host.
    • Traceroute - Insert a host name or a IP address in the displayed field then click on OK, a traceroute will be done to the specified host.
    • Status of ethernet connection
    • Interface configuration
    • Routing table - Displays the routing table
    • ARP table - Displays the ARP table
    • Sockets - Displays network connections (both incoming and outgoing)
    • Capture traffic by host - Here you can capture the network traffic, view it real-time on the screen, or save it to a file (you are able to retrieve this file using the file manager), so that you can analyze the traffic using a tool like wireshark.
    • View Capture Traffic - Displays the content of the latest capture file.
  • Telephony
    • Show SIP Peers
    • Capture SIP traffic
    • Capture TFTP traffic
  • PCI cards - lists all the recognizes PCI cards.
  • Email
    • Send a test email - Allows you to check if emails are sent correctly.
    • Show mail queue - Allows you to check the unsent mails.
    • Run mail queue - Sends all the unsent mails.

Upgrading to versions >= 1.23.0 or >= 2.1.0 (for the 2.x branch)

When upgrading to a version >= 1.23.0 or >= 2.1.0, you need to make sure that you also upgrade the versions of the modules that these versions break. In that case, take the following steps:

  • Correctly set the version of each module that needs to be upgraded, including the Shell module.
  • Set these modules to "install".
  • Install modules.
  • The result will be a number of errors. This is normal.
  • Install modules again.
  • There should no longer be the same errors
Copyright © Escaux SA