[tac_plus] Re: Possible Bug in tacacs+-F4.0.4.10
Vermilion, Lance
Lance.Vermilion at bestwestern.com
Fri Dec 1 23:50:10 UTC 2006
John,
Comments inline.
Lance Vermilion
Communications System Engineer
Best Western International, Inc. | The World's Largest Hotel Chain(r)
20400 N. 29th Avenue
Phoenix, Arizona 85027
--Contact Info--
Office: 623.780.6637
Mobile: 602.354.6365
eMail: lance.vermilion at bestwestern.com
-----Original Message-----
From: john heasley [mailto:heas at shrubbery.net]
Sent: Friday, December 01, 2006 4:12 PM
To: Vermilion, Lance
Cc: tac_plus at shrubbery.net
Subject: Re: [tac_plus] Possible Bug in tacacs+-F4.0.4.10
Fri, Dec 01, 2006 at 04:03:56PM -0700, Vermilion, Lance:
> John,
>
> I didn't see anything like that in my local syslog local or remote
> syslog.
it would occur at HUP-time, not start-up. you really did not get a
message? and you have 'logging = whatever' in your config (daemon
facility is the default)?
[Vermilion, Lance]
My logging was default. But my syslog.conf didn't' have anything for
daemon. :(
> In regards to the permissions on tac_plus.conf I was thinking of
> something like this.
>
> if [ -r /etc/tacacs/tac_plus.conf ]
> then
> echo "Houston we have touchdown"
> else
> echo " Houston we have a PROBLEM"
> fi
That is not sufficient, afaik. tac_plus has to be started as root so
that it can open port 49; root shouldn't have problem reading the config
regardless of it's mode.
You'd have to create a child process as the tac_plus user and then do
this check.
> I have added it to my tac_plus init file, which is attached if you
want
> to redistribute it with the package since there isn't one at the
moment.
> That I see.
Someone else creates the linux (and any other o/s) package.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Vermilion, Lance.vcf
Type: text/x-vcard
Size: 275 bytes
Desc: Vermilion, Lance.vcf
Url : http://www.shrubbery.net/pipermail/tac_plus/attachments/20061201/ea41de67/attachment.vcf
More information about the tac_plus
mailing list