[tac_plus] tacacs+ F5.0.0a patches
heasley
heas at shrubbery.net
Sun Apr 29 15:23:08 UTC 2018
Thu, Apr 26, 2018 at 10:26:43AM -0400, Cory Cartwright:
> Yes, the patch and the consequently the uid/gid downgrade is working.
>
> I have been able to add the logging an source IP in pwlib.c via
> session.peerip. however I would also like to get the rem_addr_len from the
> START packet body, and having trouble understanding how to bring in the
> value to pwlib.c.
please be more specific about the where in the code you are trying to do
that. also, not that rem_addr may not be supplied by the client; it is
"best effort" and sometimes is not relevant.
> thanks!
>
> On Wed, Apr 25, 2018 at 6:54 AM, heasley <heas at shrubbery.net> wrote:
>
> > Tue, Apr 24, 2018 at 11:47:58AM -0400, Cory Cartwright:
> > > I know this post (
> > > http://www.shrubbery.net/pipermail/tac_plus/2014-December/001530.html)
> > is
> > > old, but what is the current level of maintenance, is there a current
> > > maintainer? I am currently using tacacs-F4.0.4.28, and building with
> > > non-root TACPLUS_USERID/GROUPID but I ran across the ..post and like the
> > > idea of not having to rebuild for different systems, or statically
> > > configure uid/gid.
> >
> > does the patch work? it could be back-ported.
> >
> > > I’m also working on adding AUTH logging for PAM radius authentication,
> > as I
> > > can’t seem to find a good or proper place to do it directly from
> > > PAM_radius.so.
> >
> > do you mean that you want to use radius to perform the tacacs auth?
> >
More information about the tac_plus
mailing list