Browse Source
tac_plus: New package (TACACS+ daemon)
Signed-off-by: Bruno Pena <brunompena@gmail.com> tac_plus: Updated to the latest commit from upstream. Updated URL to reference Facebook's GitHub repository. Tweaked Makefile to include the date on the source package filename. Signed-off-by: Bruno Pena <brunompena@gmail.com>lilik-openwrt-22.03
Bruno Pena
5 years ago
4 changed files with 136 additions and 0 deletions
Split View
Diff Options
-
+51 -0net/tac_plus/Makefile
-
+58 -0net/tac_plus/files/tac_plus.conf
-
+12 -0net/tac_plus/files/tac_plus.init
-
+15 -0net/tac_plus/patches/010-configure-remove-libnsl.patch
+ 51
- 0
net/tac_plus/Makefile
View File
| @ -0,0 +1,51 @@ | |||
| include $(TOPDIR)/rules.mk | |||
| PKG_NAME:=tac_plus | |||
| PKG_VERSION:=4.0.4.28 | |||
| PKG_REV:=259251e6f1c2d5c98081a43c6f66d9eb2989cfd8 | |||
| PKG_RELEASE:=1 | |||
| PKG_SOURCE_VERSION:=$(PKG_REV) | |||
| PKG_SOURCE_DATE:=2019.02.11 | |||
| PKG_SOURCE_URL:=https://codeload.github.com/facebook/tac_plus/tar.gz/$(PKG_SOURCE_VERSION)? | |||
| PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_DATE)-$(PKG_SOURCE_VERSION).tar.gz | |||
| PKG_HASH:=3c37d6a8acf66cac4a95558bf3e29686ef3be505a1638e2ef788a7ece41d1b01 | |||
| PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) | |||
| PKG_BUILD_SUBDIR:=tacacs-F$(PKG_VERSION) | |||
| include $(INCLUDE_DIR)/package.mk | |||
| PKG_UNPACK:=$(HOST_TAR) -C $(PKG_BUILD_DIR) --strip-components=1 -xzf $(DL_DIR)/$(PKG_SOURCE) | |||
| MAKE_PATH:=$(PKG_BUILD_SUBDIR) | |||
| CONFIGURE_PATH:=$(PKG_BUILD_SUBDIR) | |||
| CONFIGURE_ARGS += \ | |||
| --disable-shared \ | |||
| --without-libwrap | |||
| define Package/tac_plus | |||
| SECTION:=net | |||
| CATEGORY:=Network | |||
| TITLE:=TACACS+ daemon | |||
| URL:=https://github.com/facebook/tac_plus/ | |||
| endef | |||
| define Package/tac_plus/description | |||
| TACACS+ is a protocol (not TACACS or XTACACS) for authentication, | |||
| authorization and accounting (AAA) services for routers and network devices. | |||
| endef | |||
| define Package/tac_plus/conffiles | |||
| /etc/tac_plus.conf | |||
| endef | |||
| define Package/tac_plus/install | |||
| $(INSTALL_DIR) $(1)/etc/init.d $(1)/usr/sbin | |||
| $(INSTALL_CONF) ./files/tac_plus.conf $(1)/etc/tac_plus.conf | |||
| $(INSTALL_BIN) ./files/tac_plus.init $(1)/etc/init.d/tac_plus | |||
| $(INSTALL_BIN) $(PKG_BUILD_DIR)/$(PKG_BUILD_SUBDIR)/tac_plus $(1)/usr/sbin/ | |||
| endef | |||
| $(eval $(call BuildPackage,tac_plus)) | |||
+ 58
- 0
net/tac_plus/files/tac_plus.conf
View File
| @ -0,0 +1,58 @@ | |||
| # | |||
| # An example tac_plus configuration. You should change this | |||
| # before using it. | |||
| # | |||
| # Define where to log accounting data, this is the default. | |||
| accounting file = /var/log/tac_plus.acct | |||
| # This is the key that clients have to use to access Tacacs+ | |||
| key = testing123 | |||
| # Use /etc/passwd file to do authentication | |||
| #default authentication = file /etc/passwd | |||
| # You can use feature like per host key with different enable passwords | |||
| #host = 127.0.0.1 { | |||
| # key = test | |||
| # type = cisco | |||
| # enable = <des|cleartext> enablepass | |||
| # prompt = "Welcome XXX ISP Access Router \n\nUsername:" | |||
| #} | |||
| # We also can define local users and specify a file where data is stored. | |||
| # That file may be filled using tac_pwd | |||
| #user = test1 { | |||
| # name = "Test User" | |||
| # member = staff | |||
| # login = file /etc/tacacs/tacacs_passwords | |||
| #} | |||
| # We can also specify rules valid per group of users. | |||
| #group = group1 { | |||
| # cmd = conf { | |||
| # deny | |||
| # } | |||
| #} | |||
| # Another example : forbid configure command for some hosts | |||
| # for a define range of clients | |||
| #group = group1 { | |||
| # login = file /etc/passwd | |||
| # service = ppp | |||
| # protocol = ip { | |||
| # addr = 10.10.0.0/24 | |||
| # } | |||
| # cmd = conf { | |||
| # deny .* | |||
| # } | |||
| #} | |||
| user = DEFAULT { | |||
| login = file /etc/passwd | |||
| service = ppp protocol = ip {} | |||
| } | |||
| # Much more features are availables, like ACL, more service compatibilities, | |||
| # commands authorization, scripting authorization. | |||
| # See the man page for those features. | |||
+ 12
- 0
net/tac_plus/files/tac_plus.init
View File
| @ -0,0 +1,12 @@ | |||
| #!/bin/sh /etc/rc.common | |||
| START=99 | |||
| USE_PROCD=1 | |||
| PROG=/usr/sbin/tac_plus | |||
| start_service() { | |||
| procd_open_instance | |||
| procd_set_param command "$PROG" -G -C /etc/tac_plus.conf | |||
| procd_close_instance | |||
| } | |||
+ 15
- 0
net/tac_plus/patches/010-configure-remove-libnsl.patch
View File
| @ -0,0 +1,15 @@ | |||
| --- a/tacacs-F4.0.4.28/configure 2015-01-06 22:55:35.000000000 +0100 | |||
| +++ b/tacacs-F4.0.4.28/configure 2019-01-31 14:44:28.679272504 +0100 | |||
| @@ -3285,11 +3285,9 @@ | |||
| ;; | |||
| *linux* ) | |||
| # XXX: not sure if /usr/local is necessary. | |||
| - # XXX: linux libwrap needs -lnsl. configure should check for | |||
| - # existence of libnsl instead of hard-coding | |||
| CPPFLAGS="$CFLAGS -I/usr/local/include"; export CPPFLAGS | |||
| LDFLAGS="$LDFLAGS -L/usr/local/lib -L/lib"; export LDFLAGS | |||
| - LIBS="-lnsl -lcrypt $LIBS"; export LIBS | |||
| + LIBS="-lcrypt $LIBS"; export LIBS | |||
| $as_echo "#define LINUX 1" >>confdefs.h | |||