[tac_plus] Please help?

[Chris Phillips]

Hi there,

I've just setup your TACACS server for the first time and I am either 
running into a bug or outdated documentation/man pages.  I am really 
sorry for emailing you, but there isn't a whole lot in your mailing list 
or in Google about my issue.

Here is my config:

key = xxxxxxxxxxxxx
accounting file = /home/tacacs/accounting.log
#default authorization = permit

user = chris {
         login = des xxxxxxxxxxxxx
         enable = des xxxxxxxxxxxxx
         default authorization = permit
#       cmd = show {
#               permit .*
#       }
#       cmd = configure {
#               permit .*
#       }
#       cmd = aaa {
#               permit .*
#       }
#       cmd = write {
#               permit .*
#       }
#       cmd = enable {
#               permit .*
#       }
#       cmd = .* {
#               permit .*
#       }
}

user = bob {
         login = cleartext 123
}

My problem is that this breaks the tac_plus daemon.  I get the following 
error: "Error: Unrecognised keyword default for user on line 8"

This line is the "default authorization = permit" which the man page 
suggests works.  Am I reading this wrong?  When I uncomment the "cmd =" 
statements, those commands work fine, as does everything else I have 
tried thus far, with the exception of the default authorization statement.

My goal here is to permit authorization for all commands for the user 
chris or even on a global level; both are acceptable.  I can then 
implicitly specify the commands I want to permit for say, the user bob.

Thank you in advance for your reply, and many many thank yous for 
writing this, and other (RANCID), GREAT services.

-CP