cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

One Time Scripts on Gaia Embedded

I would like to know, if CP is planning to provide same features "Script repository/One time scripts" available for GAIA gateway also on Gaia embedded applianicies. Currently you cannot rung any script from SmartConsole against Gaia embedded appliances, which is a little bit surprise to me. Is it on road map to add support or not?

12 Replies
Admin
Admin

Re: One Time Scripts on Gaia Embedded

I'm moving this to the https://community.checkpoint.com/community/infinity-general/smb-smp?sr=search&searchId=ff929676-e356...‌ space. 

I suspect (though do not know for sure) the reason this isn't supported on the SMB appliances is because they do not have cprid, which is used for this purpose.

0 Kudos

Re: One Time Scripts on Gaia Embedded

Cprid works also on Gaia Embedded, i've used it for restoring admin access to box, after stucked firmware upgrade proces..

0 Kudos
Admin
Admin

Re: One Time Scripts on Gaia Embedded

Ah, there's no separate cprid process.

Missed that Smiley Happy

0 Kudos

Re: One Time Scripts on Gaia Embedded

Would be great is somebody from CP could give some feedback on it Smiley Happy

0 Kudos

Re: One Time Scripts on Gaia Embedded

Although it might be more simple to use one time scripts from Dashboard on SMB, there is a littele more complicated way to achieve the same using e.g. a GAiA device, see Perform scheduled scripted tasks on SMB devices.

On the other hand, you always can use WinSCP and CLI to run the script directly on the SMB device...

0 Kudos

Re: One Time Scripts on Gaia Embedded

I know this won't replace what you need at all, but in case you don't know these features from SMB appliances:

You can use ZeroTouch to completely automate the deployment procedure.

With Reach My Device you can easily access the gateway even behind a NAT.

You lose in some places, but gain in others.

0 Kudos

Re: One Time Scripts on Gaia Embedded

Does One time script feature for Gaia OS, use CPRID, yes or no? I would bet that it use it. If yes, i don't see reason why same cannot be enabled for Gaia embedded.

0 Kudos
Admin
Admin

Re: One Time Scripts on Gaia Embedded

Unless cprid on Gaia Embedded doesn't support executing arbitrary commands (which is possible). 

Either way, it's not currently available from SmartConsole. 

0 Kudos

Re: One Time Scripts on Gaia Embedded

We found that cprid_util will work with centrally managed GAiA Embedded devices when taking care of environment variables, e.g.:

$CPDIR/bin/cprid_util -server <IP of SMB> -verbose rexec -rcmd /bin/bash -c "LOGNAME=admin bashUser on"

Without LOGNAME=admin, this will give the error: Current user cannot be determined

0 Kudos

Re: One Time Scripts on Gaia Embedded

$CPDIR/bin/cprid_util -server <IP of SMB> -verbose rexec -rcmd bash -c "more /etc/passwd"
this one works perfectly fine from management server, never had to specify anything with login

0 Kudos

Re: One Time Scripts on Gaia Embedded

Yes, see also sk119633 ! It seems that only "bashUser" needs this environment variable set. Also compare my last comments in Activate bashUser via script on a Embedded Gaia device?

0 Kudos

Re: One Time Scripts on Gaia Embedded

though cprid util is very powerfull, back in the Edge days, there was a script page in the FW object where you could just enter a command that would be executed locally on the Edge device.

This was probably executed by a early cprid equivalent, but I think TS might be looking for something like this?

Regards, Maarten