[tac_plus] Problem with creating Multiple groups for a single user. (creating composite groups)

Alan McKinnon alan.mckinnon at gmail.com
Thu Apr 3 06:10:24 UTC 2014 

On 02/04/2014 20:23, Mohan Reddy wrote:
> Alan,
> As mentioned by you I used Dan's python script but I did receive a parsing
> error . Below is the error details and config details,
> 
> 2014-04-02 10:44:04,978 [CRITICAL]: Can't open/parse config file:
> '/usr/bin/do_auth.ini'


Does /usr/bin/do_auth.ini really exist?
What are the ownerships and permissions of that file?
As which user does tac_plus run?




> 2014-04-02 10:54:53,545 [CRITICAL]: Can't open/parse config file:
> '/usr/bin/do_auth.ini'
> 2014-04-02 10:59:28,184 [CRITICAL]: Can't open/parse config file:
> '/usr/bin/do_auth.ini'
> 
> 
> --------------------------------------------------------------------------
> -------------------------
> Configuration in Tacacs_conf file
> --------------------------------------------------------------------------
> -----------------------------
> user = test1 {
>         member = doauthaccess
> }
> 
> group = doauthaccess {
>     default service = permit
> 
>     service = exec {
>         priv-lvl = 15
>     }
> 
>     after authorization "/usr/bin/python /usr/bin/do_auth.py -i $address
> -u $user -d $name -l /usr/bin/log.txt -f /usr/bin/do_auth.ini"
> }
> 
> --------------------------------------------------------------------------
> -------------------------
> Configuration in do_auth.ini file
> --------------------------------------------------------------------------
> -----------------------------
> 
> [users]
> default =
> noprivs
> jathan =
> vdxgroup
> dans =
> vdxgroup
> test1 =
> readonly1
> 
> [readonly1]
> host_allow =
> .*
> device_permit =
> .*
> command_permit =
> .*
> 
> --------------------------------------------------------------
> 
> May I know what might be the issue.
> 
> Thanks,
> Mohan
> _______________________________________________
> tac_plus mailing list
> tac_plus at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/tac_plus
> 
> 


-- 
Alan McKinnon
alan.mckinnon at gmail.com

More information about the tac_plus mailing list