[tac_plus] Re: Possible Bug in tacacs+-F4.0.4.10
john heasley
heas at shrubbery.net
Fri Dec 1 22:44:24 UTC 2006
Fri, Dec 01, 2006 at 03:22:38PM -0700, Vermilion, Lance:
> John,
>
> You are a life saver. Thank you. I didn't think to look at that. That
> fixed me. Is there a way to add a check like that in the code? Make sure
> the user has perms to that file and if not error on it?
You should have seen two log messages in your syslog; like this:
if ((cf = fopen(cfile, "r")) == NULL) {
report(LOG_ERR, "read_config: fopen() error for file %s %s, exiting",
cfile, strerror(errno));
return(1);
}
and another "failure" msg from the signal handler (which technically is
not async safe, but ...).
or do you mean checking the access during initial configuration parsing?
I suppose that the daemon really does not need to exit if it can't read
the config, but that seems the path of least suprise ["hey, why is that
user still active" - some months after it was removed].
More information about the tac_plus
mailing list