[tac_plus] TACACS return an error message when reading tac_plus.conf

Kiss Gabor (Bitman) kissg at ssg.ki.iif.hu
Tue Mar 13 15:40:16 UTC 2012


Dear Rhaymell,

> As we go through the process of migration, we stumbled on a problem, we
> encountered an error when compiling the tac_plus.conf file, a file that is
> use on our production network. Below is the error code.
> 
> return Error: Unrecognised keyword return for acl on line 26
> 
> the actual line is: return = .*
> 
> so we did tried to comment all lines that has return = .* code, after wards
> next error code was on the line "login = PAM" code in which our tacacs will
> authenticate on our NIS server, by uncommenting the line we will lose the
> authentication and will break the architecture of our network.

AFAIK 'return' is a non standard keyword. It can used only if
you applied my multiple group membership patch.
See http://www.shrubbery.net/pipermail/tac_plus/2007-August/000125.html

Your current server is probably contains this enhancement
but you are upgrading to the regular version.

Cheers

Gabor


More information about the tac_plus mailing list