diff options
| author | Bruno Pena <brunompena@gmail.com> | 2019-04-13 10:57:59 +0200 |
|---|---|---|
| committer | Bruno Pena <brunompena@gmail.com> | 2019-04-13 23:58:55 +0200 |
| commit | 47f248d15512ab8d870576ef4e20d040aa08dbf0 (patch) | |
| tree | 0774fc04781d99f792529717322733f21b762dbc /net/tac_plus/files | |
| parent | c36e8c6ea2d5ac47491c9edc16c749b3b6d0fce1 (diff) | |
tac_plus: New package (TACACS+ daemon)
Signed-off-by: Bruno Pena <brunompena@gmail.com>
tac_plus: Updated to the latest commit from upstream. Updated URL to reference Facebook's GitHub repository. Tweaked Makefile to include the date on the source package filename.
Signed-off-by: Bruno Pena <brunompena@gmail.com>
Diffstat (limited to 'net/tac_plus/files')
| -rw-r--r-- | net/tac_plus/files/tac_plus.conf | 58 | ||||
| -rwxr-xr-x | net/tac_plus/files/tac_plus.init | 12 |
2 files changed, 70 insertions, 0 deletions
diff --git a/net/tac_plus/files/tac_plus.conf b/net/tac_plus/files/tac_plus.conf new file mode 100644 index 000000000..5b9ce6cde --- /dev/null +++ b/net/tac_plus/files/tac_plus.conf @@ -0,0 +1,58 @@ +# +# An example tac_plus configuration. You should change this +# before using it. +# + +# Define where to log accounting data, this is the default. +accounting file = /var/log/tac_plus.acct + +# This is the key that clients have to use to access Tacacs+ +key = testing123 + +# Use /etc/passwd file to do authentication +#default authentication = file /etc/passwd + +# You can use feature like per host key with different enable passwords +#host = 127.0.0.1 { +# key = test +# type = cisco +# enable = <des|cleartext> enablepass +# prompt = "Welcome XXX ISP Access Router \n\nUsername:" +#} + +# We also can define local users and specify a file where data is stored. +# That file may be filled using tac_pwd +#user = test1 { +# name = "Test User" +# member = staff +# login = file /etc/tacacs/tacacs_passwords +#} + +# We can also specify rules valid per group of users. +#group = group1 { +# cmd = conf { +# deny +# } +#} + +# Another example : forbid configure command for some hosts +# for a define range of clients +#group = group1 { +# login = file /etc/passwd +# service = ppp +# protocol = ip { +# addr = 10.10.0.0/24 +# } +# cmd = conf { +# deny .* +# } +#} + +user = DEFAULT { + login = file /etc/passwd + service = ppp protocol = ip {} +} + +# Much more features are availables, like ACL, more service compatibilities, +# commands authorization, scripting authorization. +# See the man page for those features. diff --git a/net/tac_plus/files/tac_plus.init b/net/tac_plus/files/tac_plus.init new file mode 100755 index 000000000..42cae8c09 --- /dev/null +++ b/net/tac_plus/files/tac_plus.init @@ -0,0 +1,12 @@ +#!/bin/sh /etc/rc.common + +START=99 + +USE_PROCD=1 +PROG=/usr/sbin/tac_plus + +start_service() { + procd_open_instance + procd_set_param command "$PROG" -G -C /etc/tac_plus.conf + procd_close_instance +} |