Browse Source

tac_plus: New package (TACACS+ daemon)

Signed-off-by: Bruno Pena <brunompena@gmail.com>

tac_plus: Updated to the latest commit from upstream. Updated URL to reference Facebook's GitHub repository. Tweaked Makefile to include the date on the source package filename.

Signed-off-by: Bruno Pena <brunompena@gmail.com>
lilik-openwrt-22.03
Bruno Pena 6 years ago
parent
commit
47f248d155
4 changed files with 136 additions and 0 deletions
  1. +51
    -0
      net/tac_plus/Makefile
  2. +58
    -0
      net/tac_plus/files/tac_plus.conf
  3. +12
    -0
      net/tac_plus/files/tac_plus.init
  4. +15
    -0
      net/tac_plus/patches/010-configure-remove-libnsl.patch

+ 51
- 0
net/tac_plus/Makefile View File

@ -0,0 +1,51 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=tac_plus
PKG_VERSION:=4.0.4.28
PKG_REV:=259251e6f1c2d5c98081a43c6f66d9eb2989cfd8
PKG_RELEASE:=1
PKG_SOURCE_VERSION:=$(PKG_REV)
PKG_SOURCE_DATE:=2019.02.11
PKG_SOURCE_URL:=https://codeload.github.com/facebook/tac_plus/tar.gz/$(PKG_SOURCE_VERSION)?
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_DATE)-$(PKG_SOURCE_VERSION).tar.gz
PKG_HASH:=3c37d6a8acf66cac4a95558bf3e29686ef3be505a1638e2ef788a7ece41d1b01
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
PKG_BUILD_SUBDIR:=tacacs-F$(PKG_VERSION)
include $(INCLUDE_DIR)/package.mk
PKG_UNPACK:=$(HOST_TAR) -C $(PKG_BUILD_DIR) --strip-components=1 -xzf $(DL_DIR)/$(PKG_SOURCE)
MAKE_PATH:=$(PKG_BUILD_SUBDIR)
CONFIGURE_PATH:=$(PKG_BUILD_SUBDIR)
CONFIGURE_ARGS += \
--disable-shared \
--without-libwrap
define Package/tac_plus
SECTION:=net
CATEGORY:=Network
TITLE:=TACACS+ daemon
URL:=https://github.com/facebook/tac_plus/
endef
define Package/tac_plus/description
TACACS+ is a protocol (not TACACS or XTACACS) for authentication,
authorization and accounting (AAA) services for routers and network devices.
endef
define Package/tac_plus/conffiles
/etc/tac_plus.conf
endef
define Package/tac_plus/install
$(INSTALL_DIR) $(1)/etc/init.d $(1)/usr/sbin
$(INSTALL_CONF) ./files/tac_plus.conf $(1)/etc/tac_plus.conf
$(INSTALL_BIN) ./files/tac_plus.init $(1)/etc/init.d/tac_plus
$(INSTALL_BIN) $(PKG_BUILD_DIR)/$(PKG_BUILD_SUBDIR)/tac_plus $(1)/usr/sbin/
endef
$(eval $(call BuildPackage,tac_plus))

+ 58
- 0
net/tac_plus/files/tac_plus.conf View File

@ -0,0 +1,58 @@
#
# An example tac_plus configuration. You should change this
# before using it.
#
# Define where to log accounting data, this is the default.
accounting file = /var/log/tac_plus.acct
# This is the key that clients have to use to access Tacacs+
key = testing123
# Use /etc/passwd file to do authentication
#default authentication = file /etc/passwd
# You can use feature like per host key with different enable passwords
#host = 127.0.0.1 {
# key = test
# type = cisco
# enable = <des|cleartext> enablepass
# prompt = "Welcome XXX ISP Access Router \n\nUsername:"
#}
# We also can define local users and specify a file where data is stored.
# That file may be filled using tac_pwd
#user = test1 {
# name = "Test User"
# member = staff
# login = file /etc/tacacs/tacacs_passwords
#}
# We can also specify rules valid per group of users.
#group = group1 {
# cmd = conf {
# deny
# }
#}
# Another example : forbid configure command for some hosts
# for a define range of clients
#group = group1 {
# login = file /etc/passwd
# service = ppp
# protocol = ip {
# addr = 10.10.0.0/24
# }
# cmd = conf {
# deny .*
# }
#}
user = DEFAULT {
login = file /etc/passwd
service = ppp protocol = ip {}
}
# Much more features are availables, like ACL, more service compatibilities,
# commands authorization, scripting authorization.
# See the man page for those features.

+ 12
- 0
net/tac_plus/files/tac_plus.init View File

@ -0,0 +1,12 @@
#!/bin/sh /etc/rc.common
START=99
USE_PROCD=1
PROG=/usr/sbin/tac_plus
start_service() {
procd_open_instance
procd_set_param command "$PROG" -G -C /etc/tac_plus.conf
procd_close_instance
}

+ 15
- 0
net/tac_plus/patches/010-configure-remove-libnsl.patch View File

@ -0,0 +1,15 @@
--- a/tacacs-F4.0.4.28/configure 2015-01-06 22:55:35.000000000 +0100
+++ b/tacacs-F4.0.4.28/configure 2019-01-31 14:44:28.679272504 +0100
@@ -3285,11 +3285,9 @@
;;
*linux* )
# XXX: not sure if /usr/local is necessary.
- # XXX: linux libwrap needs -lnsl. configure should check for
- # existence of libnsl instead of hard-coding
CPPFLAGS="$CFLAGS -I/usr/local/include"; export CPPFLAGS
LDFLAGS="$LDFLAGS -L/usr/local/lib -L/lib"; export LDFLAGS
- LIBS="-lnsl -lcrypt $LIBS"; export LIBS
+ LIBS="-lcrypt $LIBS"; export LIBS
$as_echo "#define LINUX 1" >>confdefs.h

Loading…
Cancel
Save