[tac_plus] Re: Possible Bug in tacacs+-F4.0.4.10
john heasley
heas at shrubbery.net
Fri Dec 1 23:11:41 UTC 2006
Fri, Dec 01, 2006 at 04:03:56PM -0700, Vermilion, Lance:
> John,
>
> I didn't see anything like that in my local syslog local or remote
> syslog.
it would occur at HUP-time, not start-up. you really did not get a
message? and you have 'logging = whatever' in your config (daemon
facility is the default)?
> In regards to the permissions on tac_plus.conf I was thinking of
> something like this.
>
> if [ -r /etc/tacacs/tac_plus.conf ]
> then
> echo "Houston we have touchdown"
> else
> echo " Houston we have a PROBLEM"
> fi
That is not sufficient, afaik. tac_plus has to be started as root so
that it can open port 49; root shouldn't have problem reading the config
regardless of it's mode.
You'd have to create a child process as the tac_plus user and then do
this check.
> I have added it to my tac_plus init file, which is attached if you want
> to redistribute it with the package since there isn't one at the moment.
> That I see.
Someone else creates the linux (and any other o/s) package.
More information about the tac_plus
mailing list