Junos Automation (Scripting)
Highlighted
Junos Automation (Scripting)

ZTP on Junos using python script (Operation not permitted)

‎01-13-2020 05:33 PM

Hi,

 

We have the following setup:

Hardware platform: QFX5100-48S-6Q

Junos version: 18.1R3.3

 

ZTP is triggered on the switch by running “request system zeroize” and then selecting “yes” to “Erase all data, including configuration and log files?” at the CLI. After the switch reboots, Interface “vme.0” gets a DHCP lease and the ztp script is downloaded to “/var/db/scripts/op”. Switch attempts to run the script, but fails with the following message in “/var/log/script_output”: “/usr/sbin/image_load: /usr/bin/python: Operation not permitted”.

 

In order to allow a python script to be run on the box, additional configurations are required as follows:

  • Set script language
      • [edit system scripts]
      • user@host# set language python
    • Enable unsigned script to be run
      • [edit system scripts op]
      • user@host# set file ztp.py

 

These steps will have to be performed manually by a user and cannot be handled by the ZTP script itself. Alternatively, a bootstrap script is required to make the necessary configurations to enable the python ZTP script to run.

 

Is there a way to allow a python script to run as a part of ZTP without additional configurations performed either manually or through a bootstrap script ?

1 REPLY 1
Highlighted
Junos Automation (Scripting)

Re: ZTP on Junos using python script (Operation not permitted)

‎01-14-2020 01:42 AM

Hi Naman

If you are directly fetching a script via ZTP process then you must have "#!/usr/bin/python" in the python script start.

Also for the script to be fetched properly it should have some proper configuration (like setting root-authentication) as part of the script for loading on the box at the time of ZTP process.