Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
gineesh
New Contributor

Created on ‎06-09-2022 03:12 AM

Execute commands without yes/no confirmation

Dear experts, 


any options to execute the command without confirmation?

eg:

 

 

FG01 # execute reboot
This operation will reboot the system !
Do you want to continue? (y/n)

 

 


How to pass the `yes` to the command line itself instead of interactive input?


Thanks in advance.

Labels:
2882
0 Kudos
6 REPLIES 6
Markus_M
Staff
Staff

Created on ‎06-09-2022 05:00 AM

Hi Gineesh,

 

what is the reason for this? Automated reboot via SSH script?

 

Best regards,

 

Markus

2850
0 Kudos
gineesh
New Contributor
In response to Markus_M

Created on ‎06-09-2022 05:09 AM

yes, for programmatic operations which are not possible using API's.
Like image update, reboot etc.

We are trying API as well in parallel.

2848
0 Kudos
pminarik
Staff
Staff
In response to gineesh

Created on ‎06-10-2022 12:00 AM Edited on ‎06-10-2022 12:01 AM

For the sake of completeness, REST API does support reboot and upgrade operations:

 

POST /api/v2/monitor/system/os/reboot
{"event-log-message": "optional comment"}
POST /api/v2/monitor/system/firmware/upgrade
{"source": "upload,
"file_content": "base-64-encoding-of-the-firmware-image"}

 

Or since you mentioned ansible:

https://docs.ansible.com/ansible/latest/collections/fortinet/fortios/fortios_monitor_module.html

Relevant "selectors":

- reboot.system.os

- upgrade.system.firmware

[ corrections always welcome ]
2816
gineesh
New Contributor
In response to pminarik

Created on ‎06-10-2022 12:11 AM

HI @pminarik 

Thank you for sharing those. Yes, those are valid but our issue was with direct upload to TFTP as well. I could not find the API section (not sure I missed) to backup to tftp using API or software upgrade from TFTP server.

Reg. fortios_monitor module, I am still working on that as there is a bug (?) with the selector. 
selector: 'system_config_backup'

When I execute it, module complains that the system_config_backupis not a valid option !!!

I will raise an issue in the repo anyway as I prefer the module way of doing it rather than passing raw commands to the fortios devices :)

Thank you again

 

2814
0 Kudos
Markus_M
Staff
Staff

Created on ‎06-09-2022 05:35 AM

Not being a bash expert, but I use something like this to simulate input on the FortiGate shell:

#!/bin/sh
FGTVAR="/root/scripts/fortigate.var"

FSSH="ssh admin@192.168.200.1"

 

echo "config vdom" >> $FGTVAR
echo "edit root" >> $FGTVAR
etc...
echo "end" >> $FGTVAR
echo "exit" >> $FGTVAR
sleep 1
$FSSH < $FGTVAR
exit 0

 

You might be able to adapt it as such:

#!/bin/sh
FGTVAR="/root/scripts/fortigate.var"

FSSH="ssh admin@192.168.200.1"


echo "exec reboot" >> $FGTVAR
echo "y" >> $FGTVAR
sleep 1
$FSSH < $FGTVAR
exit 0

 

Best regards,

 

Markus

2845
0 Kudos
gineesh
New Contributor
In response to Markus_M

Created on ‎06-09-2022 06:56 PM

Thanks a lot @Markus_M 
I was trying last night and found a "Y" on next line is working now ! (I tried this several times last night and it was not working. strange !)

See my Ansible code now

- name: FortiGate Update Software
  raw: |
        execute restore image tftp {{ fortios_image_filename }} {{ tftp_server }}  
        Y
  register: update_status
  ignore_errors: yes


Thank you so much for advising with that shell and trigger some spark :)


 

 

2823
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.