[tac_plus] sha512 and new specfile
Sten Spans
sten at blinkenlights.nl
Wed Feb 11 09:04:34 UTC 2015
We've been using the tac_plus/tacacs+ package for a while now,
and would like to contribute back some small improvements that
we've been using.
- switch tac_pwd to sha512 hashes by default
- an updated specfile with a few cleanups
--
Sten Spans
"There is a crack in everything, that's how the light gets in."
Leonard Cohen - Anthem
-------------- next part --------------
Summary: TACACS+ Daemon
Name: tacacs+
Group: Networking/Servers
Version: F4.0.4.27a
Release: 2%{?dist}
License: Cisco
Packager: Bruce Carleton <bruce.carleton at jasperwireless.com>
Vendor: Cisco
Source: %{name}-%{version}.tar.gz
Patch0: %{name}-sha512.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
BuildRequires: gcc, bison, flex, m4, pam-devel, tcp_wrappers-devel
Requires: pam
%description
%prep
%setup
%patch0 -p1
%{__cat} <<'EOF' >tac_plus.sysvinit
#!/bin/bash
#
# /etc/rc.d/init.d/tac_plus
#
# chkconfig: 2345 86 14
# description: TACACS+ Daemon
# Define variables
TACPLUS_PID=/var/run/tac_plus.pid
TACPLUS_EXE=/usr/sbin/tac_plus
TACPLUS_ARG=""
TACPLUS_CNF=/etc/tac_plus.conf
# Source function library.
. /etc/rc.d/init.d/functions
case "$1" in
start)
# Check to see if tac_plus is running.
if [[ -f ${TACPLUS_PID} || -f /var/lock/subsys/tac_plus ]]; then
echo "tac_plus may already be running. Check for existing tac_plus processes."
exit 1
fi
echo -n "Starting tac_plus:"
$TACPLUS_EXE $TACPLUS_ARG -C $TACPLUS_CNF && success || failure
echo
touch /var/lock/subsys/tac_plus
;;
stop)
if [[ -f ${TACPLUS_PID} && -f /var/lock/subsys/tac_plus ]]; then
echo -n "Stopping tac_plus:"
killproc -p ${TACPLUS_PID}
echo
rm -f /var/lock/subsys/tac_plus
rm -f ${TACPLUS_PID}
else
echo "tac_plus does not appear to be running."
fi
;;
status)
if [[ -f ${TACPLUS_PID} && -f /var/lock/subsys/tac_plus ]]; then
echo "tac_plus pid is `cat ${TACPLUS_PID}`"
else
echo "tac_plus does not appear to be running."
fi
;;
restart)
$0 stop; $0 start
;;
reload)
echo -n "Reloading tac_plus..."
if [[ -f ${TACPLUS_PID} && -f /var/lock/subsys/tac_plus ]]; then
kill -HUP `cat ${TACPLUS_PID}`
RETVAL=$?
fi
if [ $RETVAL -ne 0 ]; then
failure
else
success
fi
echo
;;
*)
echo "Usage: $0 {start|stop|status|reload|restart}"
exit 1
;;
esac
EOF
%build
%configure --enable-acls --enable-uenable
%{__make}
%install
%{__rm} -rf %{buildroot}
%makeinstall
%{__install} -Dp -m0755 tac_plus.sysvinit %{buildroot}%{_initrddir}/tac_plus
%{__mkdir} %{buildroot}%{_sbindir}
%{__mv} %{buildroot}%{_bindir}/tac_plus %{buildroot}%{_sbindir}
### Clean up buildroot
%{__rm} -f %{buildroot}%{_infodir}/dir
%post
%preun
%clean
%{__rm} -rf %{buildroot}
%files
%{_includedir}/tacacs.h
%{_bindir}/tac_pwd
%{_sbindir}/tac_plus
%{_datadir}/tacacs+/users_guide
%{_datadir}/tacacs+/tac_convert
%{_datadir}/tacacs+/do_auth.py
%{_datadir}/tacacs+/do_auth.pyc
%{_datadir}/tacacs+/do_auth.pyo
%{_mandir}/man5/tac_plus.conf.5.gz
%{_mandir}/man8/tac_pwd.8.gz
%{_mandir}/man8/tac_plus.8.gz
%{_libdir}/libtacacs.so.1.0.0
%{_libdir}/libtacacs.so.1
%{_libdir}/libtacacs.so
%{_libdir}/libtacacs.a
%{_libdir}/libtacacs.la
%attr(0755,root,root) %{_initrddir}/tac_plus
%changelog
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tacacs+-sha512.patch
Type: text/x-diff
Size: 2918 bytes
Desc:
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20150211/748c6e29/attachment.patch>
More information about the tac_plus
mailing list