packages: tacacs/tacacs.cfg (NEW), tacacs/tacacs.init (NEW), tacacs/tacacs....

mguevara mguevara at pld-linux.org
Tue Mar 30 15:03:27 CEST 2010 

Author: mguevara                     Date: Tue Mar 30 13:03:27 2010 GMT
Module: packages                      Tag: HEAD
---- Log message:
- tacacs+ daemon from shrubbery.net

---- Files affected:
packages/tacacs:
   tacacs.cfg (NONE -> 1.1)  (NEW), tacacs.init (NONE -> 1.1)  (NEW), tacacs.pam (NONE -> 1.1)  (NEW), tacacs.rotate (NONE -> 1.1)  (NEW), tacacs.spec (NONE -> 1.1)  (NEW), tacacs.sysconfig (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: packages/tacacs/tacacs.cfg
diff -u /dev/null packages/tacacs/tacacs.cfg:1.1
--- /dev/null	Tue Mar 30 15:03:27 2010
+++ packages/tacacs/tacacs.cfg	Tue Mar 30 15:03:21 2010
@@ -0,0 +1,56 @@
+# Created by Devrim SERAL(devrim at gazi.edu.tr)
+# It's very simple configuration file
+# Please read user_guide and tacacs+ FAQ to more information to do more
+# complex tacacs+ configuration files.
+#
+
+key = put_you_key_here
+
+# Use /etc/passwd file to do authentication
+
+default authentication = file /etc/passwd
+
+# Now tacacs+ also use default PAM authentication
+#default authentication = pam tac_plus
+
+#If you like to use DB authentication
+#default authentication = db "db_type://db_user:db_pass@db_hostname/db_name/db_table?name_field&pass_field
+# db_type: mysql or null
+# db_user: Database connect username
+# db_pass: Database connection password
+# db_hostname : Database hostname
+# db_name : Database name
+# db_table : authentication table name
+# name_field and pass_field: Username and password field name at the db_table
+ 
+# Accounting records log file
+
+accounting file = /var/log/tac_acc.log
+
+# Would you like to store accounting records in database..
+# db_accounting = "db_type://db_user:db_pass@db_hostname/db_name/db_table"
+# Same as above.. 
+
+#All services are alowed..
+
+user = DEFAULT {
+    service = ppp protocol = ip {}
+}
+
+# Yes we have more features like per host key 
+#host = 127.0.0.1 {
+#        key = test 
+#        type = cisco
+#	 enable = <des|cleartext> enablepass
+#	 prompt = "Welcome XXX ISP Access Router \n\nUsername:"
+#}
+#user = test {
+#    name = Test User 
+#    pap = cleartext test
+#    member = staff
+#}
+#
+#group = staff {
+#    time = "Wd1800-1817|!Wd1819-2000"
+#}
+

================================================================
Index: packages/tacacs/tacacs.init
diff -u /dev/null packages/tacacs/tacacs.init:1.1
--- /dev/null	Tue Mar 30 15:03:27 2010
+++ packages/tacacs/tacacs.init	Tue Mar 30 15:03:21 2010
@@ -0,0 +1,91 @@
+#!/bin/sh
+#
+# tacacs	This shell script takes care of starting and stopping
+#		tacacs (TACACS+ daemon).
+#
+# chkconfig:	235 80 20
+# description:	tacacs is TACACS+ daemon.
+# processname:	tac_plus
+# config:	/etc/tacacs/tacacs.cfg
+# pidfile:	/var/run/tacacs.pid
+
+# Source function library
+. /etc/rc.d/init.d/functions
+
+# Source networking config
+. /etc/sysconfig/network
+
+# Get service config
+[ -f /etc/sysconfig/tacacs ] && . /etc/sysconfig/tacacs
+
+# Check that networking is up.
+if is_yes "${NETWORKING}"; then
+	if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status ]; then
+		msg_network_down tacacs
+		exit 1
+	fi
+else
+	exit 0
+fi
+
+tacacs_config="/etc/tacacs/tacacs.cfg"
+
+[ -f $tacacs_config ] || exit 0
+
+if [ -z $TACACS_PORT ]; then
+    TACACS_PORT=49
+fi
+
+if [ -z $TACACS_DEBUG_LEVEL ]; then
+    TACACS_DEBUG_LEVEL=0
+fi
+
+# See how we were called.
+case "$1" in
+  start)
+	if [ ! -f /var/lock/subsys/tacacs ]; then
+		msg_starting TACACS+
+		daemon tac_plus -C $tacacs_config  -d $TACACS_DEBUG_LEVEL -p $TACACS_PORT
+		RETVAL=$?
+		[ $RETVAL -eq 0 ] && touch /var/lock/subsys/tacacs
+	else
+		msg_already_running TACACS+
+	fi
+	;;
+  stop)
+	if [ -f /var/lock/subsys/tacacs ]; then
+		msg_stopping TACACS+
+		killproc tac_plus
+		rm -f /var/lock/subsys/tacacs
+	else
+		msg_not_running TACACS+
+	fi
+	;;
+  status)
+	status tac_plus
+	exit $?
+	;;
+  restart)
+	$0 stop
+	$0 start
+	;;
+
+  reload)
+	if [ -f /var/lock/subsys/tacacs ]; then
+		msg_reloading TACACS+
+		killproc --pidfile /var/run/tac_plus.pid -SIGUSR1 tac_plus
+	else
+		msg_not_running TACACS+
+	fi
+	exit $?
+	;;
+  test)
+	echo "TACACS+ config being testing"
+	/usr/bin/tac_plus -P -C $tacacs_config -p $TACACS_PORT
+	;;
+  *)
+	echo "Usage: %s {start|stop|status|restart|reload|test}"
+	exit 1
+esac
+
+exit 0

================================================================
Index: packages/tacacs/tacacs.pam
diff -u /dev/null packages/tacacs/tacacs.pam:1.1
--- /dev/null	Tue Mar 30 15:03:27 2010
+++ packages/tacacs/tacacs.pam	Tue Mar 30 15:03:21 2010
@@ -0,0 +1,3 @@
+#%PAM-1.0
+auth		include		system-auth
+account		include		system-auth

================================================================
Index: packages/tacacs/tacacs.rotate
diff -u /dev/null packages/tacacs/tacacs.rotate:1.1
--- /dev/null	Tue Mar 30 15:03:27 2010
+++ packages/tacacs/tacacs.rotate	Tue Mar 30 15:03:21 2010
@@ -0,0 +1,21 @@
+# This is tac_plus logrotate config file
+# For more info please refer logrotate man page
+/var/log/tac_plus.log {
+	size 3M
+	missingok
+	errors root at localhost
+	compress
+	postrotate
+		/usr/bin/killall -HUP tac_plus 2> /dev/null || true
+	endscript
+}
+
+/var/log/tac_acc.log {
+        size 5M
+	missingok
+        errors root at localhost
+	nocompress	
+	postrotate
+                /usr/bin/killall -HUP tac_plus 2> /dev/null || true
+        endscript
+}

================================================================
Index: packages/tacacs/tacacs.spec
diff -u /dev/null packages/tacacs/tacacs.spec:1.1
--- /dev/null	Tue Mar 30 15:03:27 2010
+++ packages/tacacs/tacacs.spec	Tue Mar 30 15:03:21 2010
@@ -0,0 +1,106 @@
+# $Revision$, $Date$
+
+%bcond_with     skey		# with S/KEY support
+
+Summary:	TACACS+ Daemon
+Summary(pl.UTF-8):	Demon TACACS+
+Name:		tacacs
+Version:	F4.0.4.19
+Release:	1
+Epoch:		0
+License:	BSD-like, GPL
+Group:		Networking/Daemons
+Source0:	ftp://ftp.shrubbery.net/pub/%{name}/tacacs+-%{version}.tar.gz 
+# Source0-md5:	4979127f60f1a83c55e8a7cec285a797
+Source1:	%{name}.cfg
+Source2:	%{name}.init
+Source3:	%{name}.pam
+Source6:	%{name}.rotate
+Source8:	%{name}.sysconfig
+URL:		http://www.shrubbery.net/tac_plus/
+BuildRequires:	autoconf
+BuildRequires:	automake
+BuildRequires:	libwrap-devel
+BuildRequires:	openldap-devel >= 2.4.6
+BuildRequires:	pam-devel
+BuildRequires:	rpmbuild(macros) >= 1.268
+%if %{with skey}
+BuildRequires:	skey-static
+%endif
+Requires(post,preun):	/sbin/chkconfig
+Requires(pre):	fileutils
+Requires:	rc-scripts
+BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+%define		__make		/usr/bin/make -j1
+
+%description
+TACACS+ daemon using with Cisco's NASs (or other vendors) for AAA
+(Authentication, Authorization and Accounting) propose.
+
+%description -l pl.UTF-8
+Demon TACACS+ używany wraz z NAS-ami Cisco (lub innych producentów) do
+celów uwierzytelniania, autoryzacji i rozliczania (AAA -
+Authentication, Authorization and Accounting).
+
+%prep
+%setup -q -n %{name}+-%{version}
+
+%build
+%configure 
+
+%{__make} \
+	%{?with_skey:DEFINES="-DSKEY" LIBS="/usr/lib/libskey.a" INCLUDES="-I/usr/include/security/"}
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+%{__make} install \
+	DESTDIR=$RPM_BUILD_ROOT
+
+install -d $RPM_BUILD_ROOT{%{_sysconfdir}/tacacs,/etc/{logrotate.d,pam.d,rc.d/init.d,sysconfig}}
+install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/tacacs
+install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/tacacs
+install %{SOURCE3} $RPM_BUILD_ROOT/etc/pam.d/tac_plus
+install %{SOURCE6} $RPM_BUILD_ROOT/etc/logrotate.d/tacacs
+install %{SOURCE8} $RPM_BUILD_ROOT/etc/sysconfig/tacacs
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%post
+/sbin/chkconfig --add tacacs
+%service tacacs restart
+
+%preun
+if [ "$1" = "0" ]; then
+	%service tacacs stop
+	/sbin/chkconfig --del tacacs
+fi
+
+%files
+%defattr(644,root,root,755)
+%doc users_guide CHANGES
+%attr(755,root,root) %{_bindir}/*
+%dir %{_sysconfdir}/tacacs
+%dir %{_datadir}/tacacs+
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/tacacs/tacacs.cfg
+%config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/tacacs
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/tac_plus
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/tacacs
+%attr(754,root,root) /etc/rc.d/init.d/tacacs
+%{_mandir}/man?/*
+%{_includedir}/tacacs.h
+%{_libdir}/*
+%{_datadir}/tacacs+/*
+
+
+%define date	%(echo `LC_ALL="C" date +"%a %b %d %Y"`)
+%changelog
+* %{date} PLD Team <feedback at pld-linux.org>
+All persons listed below can be reached at <cvs_login>@pld-linux.org
+
+$Log$
+Revision 1.1  2010/03/30 13:03:21  mguevara
+- tacacs+ daemon from shrubbery.net
+

================================================================
Index: packages/tacacs/tacacs.sysconfig
diff -u /dev/null packages/tacacs/tacacs.sysconfig:1.1
--- /dev/null	Tue Mar 30 15:03:27 2010
+++ packages/tacacs/tacacs.sysconfig	Tue Mar 30 15:03:21 2010
@@ -0,0 +1,7 @@
+# Customized settings for tacacs+
+
+# Define nice level for tacacs+
+SERVICE_RUN_NICE_LEVEL="+5"
+
+TACACS_DEBUG_LEVEL=0
+TACACS_PORT=49
================================================================

More information about the pld-cvs-commit mailing list