The execution of EHS or CRON scripts depends on the CLI engine associated with the configuration mode. The EHS or CRON script execution engine is based on the primary CLI engine set by the configure system management-interface cli cli-engine CLI command.
For example, if cli-engine is configured to classic-cli, the script executes in the classic CLI infrastructure and disregards the configuration mode, even if it is model-driven.
The following is the default behavior of the EHS or CRON scripts, depending on the configuration mode.
classic CLI configuration mode
EHS or CRON scripts execute in the classic CLI environment and an error occurs if any model-driven CLI commands exist. Python applications are not supported and the system returns an error.
Model-Driven configuration mode
EHS or CRON scripts execute in the MD-CLI environment and an error occurs if any classic CLI commands exist. Python applications are fully supported and use the SRĀ OS model-driven interfaces and the pySROS libraries to obtain and manipulate state and configuration data, as well as pySROS API calls to execute MD-CLI commands.
mixed configuration mode
EHS or CRON scripts execute in the classic CLI environment and an error occurs if any Model-Driven CLI commands exist. Python applications are not supported and the system returns an error.
EHS or CRON scripts that contain MD-CLI commands can be used in the MD-CLI as follows:
scripts can be configured
scripts can be created, edited, and results read through FTP
scripts can be triggered and executed
scripts generate an error if there are any non MD-CLI commands or .if or .set syntax in the script
User authorization for EHS or CRON scripts and Python applications can be configured in either the classic CLI or the MD-CLI as follows:
classic CLI
config>system>security>cli-script>authorization>event-handler>cli-user user-name
MD-CLI
configure system security cli-script authorization event-handler cli-user user-name
When a user is not specified, an EHS or CRON script bypasses authorization and can execute all commands.
In all configuration modes, a script policy can be disabled (using the configure system script-control script-policy policy-name admin-state disable MD-CLI command or the configure system script-control script-policy policy-name shutdown classic CLI command) even if history exists. When the script policy is disabled, the following applies.
Newly triggered EHS or CRON scripts or Python applications are not allowed to execute or queue.
In-progress EHS or CRON scripts or Python applications are allowed to continue.
Already queued EHS or CRON scripts or Python applications are allowed to execute.
By default, a script policy is configured to allow an EHS or CRON script to override datastore locks from any model-driven interface (MD-CLI, NETCONF, and so on) in mixed and model-driven modes. A script policy can be configured to not allow EHS or CRON scripts to override datastore locks (using the configure system script-control script-policy policy-name lock-override false MD-CLI command or the configure system script-control script-policy policy-name no lock-override classic CLI command).