User Account
nv show system aaa
Shows a list of the user accounts configured on the switch.
Version History
Introduced in Cumulus Linux 5.4.0
Example
cumulus@switch:~$ nv show system aaa
operational applied
---------------------- --------------- --------------------------
tacacs
enable off off
radius
enable off off
accounting
state disabled
ldap
vrf mgmt
bind-dn
base-dn ou=users,dc=example,dc=com
referrals off
scope sub
port 389
timeout-bind 5
timeout-search 5
version 3
[hostname]
ssl
mode none
port 636
cert-verify enabled
ca-list default
tls-ciphers all
crl-check none
[authentication-order] 1
[user] Debian-snmp
[user] _apt
[user] _lldpd
[user] backup
[user] bin
[user] cumulus cumulus
[user] daemon
[user] dnsmasq
[user] frr
...
nv show system aaa authentication-order
Shows the authentication order for the user accounts configured on the switch.
Version History
Introduced in Cumulus Linux 5.4.0
Example
cumulus@switch:~$ nv show system aaa authentication-order
Index Method
----- ------
1 tacacs
2 local
nv show system aaa authentication-order <priority-id>
Shows information about the authentication order.
Command Syntax
| Syntax | Description |
|---|---|
<priority-id> | The priority ID. |
Version History
Introduced in Cumulus Linux 5.4.0
Example
cumulus@switch:~$ nv show system aaa authentication-order 5
nv show system aaa role
Shows the roles configured on the switch and the groups to which they belong.
Version History
Introduced in Cumulus Linux 5.4.0
Example
cumulus@switch:~$ nv show system aaa role
Role groups
------------ ------------
nvue-admin nvapply
nvue-monitor nvshow
system-admin sudo,nvapply
nv show system aaa role <role-id>
Shows the permissions allowed for the specified role.
Command Syntax
| Syntax | Description |
|---|---|
<role-id> | The role ID. |
Version History
Introduced in Cumulus Linux 5.4.0
Example
cumulus@switch:~$ nv show system aaa role nvue-monitor
operational applied
------ ----------- -------
groups nvshow
nv show system aaa user
Shows the user accounts configured on the switch and their roles.
Version History
Introduced in Cumulus Linux 5.4.0
Example
cumulus@switch:~$ nv show system aaa user
Username Full-name Role enable Summary
---------------- -------------------------------------------- ------- ------ -------
_apt Unknown system
_lldpd Unknown system
backup backup Unknown system
bin bin Unknown system
cumulus cumulus,,, Unknown on
daemon daemon Unknown system
dnsmasq dnsmasq,,, Unknown system
frr Frr routing suite,,, Unknown system
games games Unknown system
gnats Gnats Bug-Reporting System (admin) Unknown system
irc ircd Unknown system
...
nv show system aaa user <user-id>
Shows information about a specific user account, such as the role and full name.
Command Syntax
| Syntax | Description |
|---|---|
<user-id> | The user account. |
Version History
Introduced in Cumulus Linux 5.4.0
Example
cumulus@switch:~$ nv show system aaa user cumulus
operational applied
--------------- ------------ ------------
state enabled enabled
role system-admin system-admin
full-name cumulus,,, cumulus,,,
hashed-password * *
nv show system aaa user <user-id> spiffe-id
Shows all SPIFFE IDs for the specified user.
Command Syntax
| Syntax | Description |
|---|---|
<user-id> | The user account. |
Version History
Introduced in Cumulus Linux 5.12.0
Example
cumulus@switch:~$ nv show system aaa user cumulus spiffe-id
No Data
nv show system aaa user <user-id> ssh
Shows SSH information about the specified user account.
Command Syntax
| Syntax | Description |
|---|---|
<user-id> | The user account. |
Version History
Introduced in Cumulus Linux 5.4.0
Example
cumulus@switch:~$ nv show system aaa user admin2 ssh
nv show system aaa user <user-id> ssh authorized-key
Shows the SSH authorized key for the specified user account.
Command Syntax
| Syntax | Description |
|---|---|
<user-id> | The user account. |
Version History
Introduced in Cumulus Linux 5.4.0
Example
cumulus@switch:~$ nv show system aaa user admin2 ssh authorized-key
nv show system aaa user <user-id> ssh authorized-key <ssh-authorized-key-id>
Shows information about a specific SSH authorized key for the specified user account.
Command Syntax
| Syntax | Description |
|---|---|
<user-id> | The user account. |
<ssh-authorized-key-id> | The SSH authorized key ID. |
Version History
Introduced in Cumulus Linux 5.4.0
Example
cumulus@switch:~$ nv show system aaa user admin2 ssh authorized-key prod_key key 1234
nv show system aaa class
Shows all the classes configured on the switch. A class is similar in concept to a Linux group. Creating and managing classes is the simplest way to configure multiple users simultaneously, especially when configuring permissions.
A class consists of:
- Command paths, which Cumulus Linux bases on the objects in the NVUE declarative model and, which are the same as URI paths; for example; you can use the
/vrf/command path to allow or deny a user access to all VRFs, or/system/natto allow or deny a user access to NAT configuration. Use the tab key to see available command paths (nv set system aaa class <class-name> command-path / <<press tab>>). - Permissions for the command paths: (
ro) to run show commands, (rw) to run set, unset, and apply commands, (act) to run action commands, or (all) to run all commands. The default permission setting isall.
Version History
Introduced in Cumulus Linux 5.7.0
Example
cumulus@switch:~$ nv show system aaa class
Class Name Command Path Permission Action
---------- ------------------ ---------- ------
class1 /interface/ all allow
/interface/*/acl/ ro
/interface/*/ptp/ ro
class2 /system/ ro allow
/vrf/ rw
class3 /interface/*/evpn/ rw deny
/interface/*/qos/ rw
nvapply / all allow
nvshow / ro allow
sudo / all allow
nv show system aaa class <class-id>
Shows the configuration and state of the command paths for a specific class.
Command Syntax
| Syntax | Description |
|---|---|
<class-id> | The name of the class. |
Version History
Introduced in Cumulus Linux 5.7.0
Example
cumulus@switch:~$ nv show system aaa class class3
applied
-------------- ------------------
action deny
[command-path] /interface/*/evpn/
[command-path] /interface/*/qos/
nv show system aaa class <class-id> command-path
Shows the command paths configured for the specified class.
Command Syntax
| Syntax | Description |
|---|---|
<class-id> | The name of the class. |
Version History
Introduced in Cumulus Linux 5.7.0
Example
cumulus@switch:~$ nv show system aaa class class1 command-path
nv show system aaa class <class-id> command-path <command-path-id>
Shows the configuration for a command path for the specified class.
Command Syntax
| Syntax | Description |
|---|---|
<class-id> | The name of the class. |
<command-path-id> | The command path. |
Version History
Introduced in Cumulus Linux 5.7.0
Example
cumulus@switch:~$ nv show system aaa class class1 command-path /vrf/
nv show system aaa role <role-id> class
Shows the classes assigned to the specified user role.
Command Syntax
| Syntax | Description |
|---|---|
<role-id> | The name of the role. |
Version History
Introduced in Cumulus Linux 5.7.0
Example
cumulus@switch:~$ nv show system aaa role role1 class
nv show system aaa role <role-id> class <class-id>
Shows configuration of a specific class assigned to the specified role.
Command Syntax
| Syntax | Description |
|---|---|
<role-id> | The name of the role. |
<class-id> | The name of the class. |
Version History
Introduced in Cumulus Linux 5.7.0
Example
cumulus@switch:~$ nv show system aaa role role1 class class1