[tac_plus] Please help with tac_plus

Mon May 16 19:41:36 UTC 2022

Hey, thanks for the response 🙂

I have already tried deleting the line and retyping to weed out any odd characters, but no luck.

This is the cat output:

[root at g000063 ejohnson]# cat -n /etc/rc.d/init.d/tac_plus
     1  #!/bin/bash
     2  #
     3  # description: Cisco's tacacs+ access, authorization, and accounting server.
     4  # chkconfig: 345 15 85
     5  #
     6  ### BEGIN INIT INFO
     7  # Provides: tacacs tacacs+ tac_plus
     8  # Required-Start: $network
     9  # Required-Stop: $network
    10  # Default-Start: 3 4 5
    11  # Short-Description: TACACS+ server based on Cisco source release
    12  # Description: Starts and stops tac_plus TACACS+ server
    13  ### END INIT INFO
    14
    15  # Source function library.
    16  . /etc/rc.d/init.d/functions
    17
    18  # Source networking configuration.
    19  . /etc/sysconfig/network
    20
    21  # Check that networking is up.
    22  [ ${NETWORKING} = "no" ] && exit 0
    23
    24  CONFIG=/etc/tac_plus.conf
    25
    26  [ -f $CONFIG ] || exit 1
    27
    28  [ -r /etc/sysconfig/tac_plus ] && . /etc/sysconfig/tac_plus
    29
    30  # See how we were called.
    31  case "$1" in
    32    start)
    33          # Start daemons.
    34          echo -n "Starting tacacs+: "
    35          daemon /usr/bin/tac_plus -C $CONFIG ${LOGFILE:+-l $LOGFILE}  ${WHOLOG:+-w $WHOLOG} ${DEBUG_LEVEL:+-d $DEBUG_LEVEL}
    36          RETVAL=$?
    37          echo
    38          [ $RETVAL == 0 ] && touch /var/lock/subsys/tac_plus
    39          ;;
    40    stop)
    41          # Stop daemons.
    42          echo -n "Shutting down tacacs+: "
    43          killproc tac_plus
    44          RETVAL=$?
    45          echo
    46          [ $RETVAL == 0 ] && rm -f /var/lock/subsys/tac_plus
    47          ;;
    48    status)
    49          status tac_plus
    50          exit $?
    51          ;;
    52    restart)
    53          $0 stop
    54          $0 start
    55          exit $?
    56          ;;
    57    reload)
    58          kill -USR1 `cat /var/run/tac_plus.pid`
    59          ;;
    60    *)
    61          echo "Usage: tacacs {start|stop|status|restart|reload}"
    62          exit 1
    63  esac
    64  exit $RETVAL
[root at g000063 ejohnson]#

Elliot Johnson - Infrastructure Manager - Group IT
Hayley Group Limited
Shelah Road, Halesowen, West Midlands, B63 3PG, England
[Tel] +44 (0)121 585 5334 | [Email] elliot.johnson at hayley-group.co.uk<mailto:elliot.johnson at hayley-group.co.uk>
________________________________
From: Philip Prindeville <philipp_subx at redfish-solutions.com>
Sent: 16 May 2022 20:16
To: heasley <heas at shrubbery.net>
Cc: Elliot Johnson <elliot.johnson at hayley-group.co.uk>; tac_plus at shrubbery.net <tac_plus at shrubbery.net>
Subject: Re: [tac_plus] Please help with tac_plus

> On May 16, 2022, at 12:42 PM, heasley <heas at shrubbery.net> wrote:
>
> Mon, May 16, 2022 at 05:27:09PM +0000, Elliot Johnson:
>> Hello,
>>
>> We are trying to run tac_plus version F4.0.4.26 on a CentOS 7 box.
>>
>> We have a config with a group section like this:
>>
>> group = netadmin {
>>    default service = permit
>>    acl             = hgl
>>    service         = exec {
>>                        priv-lvl = 15
>>                      }
>> }
>>
>> When we start the tac_plus process, we get this reported by systemd:
>>
>> May 16 18:23:06 g000063 tac_plus[19305]: /etc/rc.d/init.d/tac_plus: line 22: [: =: unary operator expected
>>
>> Line 22 is "default service = permit"
>>
>> What is the syntax we should use for this config entry? All the online guides only suggest what we have already put.
>
> Your syntax looks correct.  I expect that you either have unprintable
> characters on line 22 or there is an error on a preceding line that is
> trickling down to line 22.
>

Is it the config file it's complaining about, or the init.d script?  Can you include "cat -n /etc/rc.d/init.d/tac_plus"?

Company No: 1257303 VAT No: GB 292 0546 04 The information contained in this e-mail is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If you are not the intended recipient of this e-mail, the use of this information or any disclosure, copying or distribution is strictly prohibited and may be unlawful. If you received this e-mail in error, please contact the sender immediately and delete the material from any computer. The views expressed in this e-mail may not necessarily be the views of Hayley Group Limited and should not be taken as authority to carry out any instruction contained within.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20220516/8d88198a/attachment.htm>