[tac_plus] managing accounts

Asif Iqbal vadud3 at gmail.com
Thu May 22 18:41:29 UTC 2014 

On Thu, May 22, 2014 at 12:48 PM, Asif Iqbal <vadud3 at gmail.com> wrote:

>
>
>
> On Thu, May 22, 2014 at 12:27 PM, heasley <heas at shrubbery.net> wrote:
>
>> Thu, May 22, 2014 at 12:26:10PM -0400, Asif Iqbal:
>> > Any one has tool to manage user accounts on tac_plus.conf?
>> >
>> > Looking for adding/deleting multiple users.
>> >
>> > Adding/Modifying/Deleting them manually with an editor is painful.
>>
>> why not do it in a database/elsewhere and export it to the config file?
>>
>
> I would go with mysql then.
>
> Most of them are like below.
> user = vtt2440 {
>     login = PAM
>     member = opsdb
> }
>
> So creating a schema and inserting these data would be pretty simple
>
> CREATE TABLE Users (
>         user varchar(20) primary key,
>         login varchar(20),
>         member varchar(20)
> );
>
> INSERT INTO Users (`user`, `login`,`member`) VALUES ("vtt2440","PAM",
> "opsdb");
>
> But I will need some help with parsing this into a txt file and then just
> LOAD DATA INFILE
> would save lot of time with ~2000 users.
>
>
> However, how would I manage stanza like this? Should I just move those
> cmds inside group
> definition?
>
> user =  ssarepts {
>         login = file /etc/tacacs-passwd
>         cmd = terminal {
>                 permit "length"
>                 deny .*
>         }
>         cmd = show {
>                 permit "interfaces|policy-map interface"
>                 deny .*
>         }
>     cmd = exit {
>         permit .*
>     }
> }
>
> So looks like really need help with parsing these and normalize to rows,
> before I can insert them into database.
>
> Thanks for any help with parsing.
>


So, so far I managed to parse most of the users

 import re
 f = open ('tac_plus.conf','rb').read()

 regex =
re.compile('\s?\w*\s*=\s*(\w*)\s{\s+\w*\s*=\s*(\w*)\s+\w*\s*=\s*(\w*)\s+}',re.DOTALL|re.MULTILINE)

 users = regex.findall(f)

 for f in users:
    print f

So this gets me 1532 users out of 1760 users. I still need to improve the
regex and could use some help.

Thanks



>
> --
> Asif Iqbal
> PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
> A: Because it messes up the order in which people normally read text.
> Q: Why is top-posting such a bad thing?
>
>


-- 
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20140522/decbfebc/attachment.html>

More information about the tac_plus mailing list