[tac_plus] Basic tac_plus compilation procedure and simple configuration file
Lam Bennie
bennie.lam at gmail.com
Wed Sep 11 09:04:31 UTC 2013
Can you share the basic tac_plus compilation procedure and simple
configuration file (with /etc/passwd
for authentication) on RHEL 5.9 for reference? Thanks in advance!
As my previous enquiry, my case was suspected to be "a buggy tacacs
implementation on that hardware".
My case was that my network devices (including Cisco LAN switch) frequently
report TACACS+ service is UP
and then DOWN (30+ times per hour). tac_plus (version F4.0.4.26) is
operating on 2 separate HP servers
(HP ProLiant DL320 G5P operating on Red Hat Enterprise Linux 5.9, Kernel:
2.6.18-348.3.1.el5PAE i686).
Both HP servers are with same setup for resilience but both are with the
same tac_plus problem.
Actually, I made basic tac_plus compilation without modifying any tac_plus
source files and run tac_plus
with simple configuration as following.
a) compilation procedure:
# ./configure
# make
# make install
b) configuration file:
>>>
[root at my-server tacp]# more tac_plus.conf
key = <my-key>
default authentication = file /etc/passwd
accounting file = /var/tacp/log/access.log
user = DEFAULT {
default service = permit
cmd = configure {
deny .*
}
cmd = admin {
deny .*
}
}
user = admin1 {
member = admin-group
}
user = admin2 {
member = admin-group
}
group = admin-group {
default service = permit
}
>>>
c) command to run tac_plus:
# /usr/local/bin/tac_plus -C /var/tacp/tac_plus.conf
# ps -ef | grep tac
root 22144 1 0 17:32 pts/2 00:00:00 /usr/local/bin/tac_plus -C
/var/tacp/tac_plus.conf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20130911/7e69da4a/attachment.html>
More information about the tac_plus
mailing list