aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMasafumi Max NAKANE <max@FreeBSD.org>1997-09-17 04:51:47 +0000
committerMasafumi Max NAKANE <max@FreeBSD.org>1997-09-17 04:51:47 +0000
commit12da0f136383c99bfb84ec7d401fc9d5be5aaef1 (patch)
treed0a88b4850a31815ae1b491a318e227859339198
parent9294836028be9f8f7d95ecb8f7699d192805f497 (diff)
downloadports-12da0f136383c99bfb84ec7d401fc9d5be5aaef1.tar.gz
ports-12da0f136383c99bfb84ec7d401fc9d5be5aaef1.zip
Notes
-rw-r--r--net/tac_plus4/Makefile18
-rw-r--r--net/tac_plus4/files/extra-patch-ba69
-rw-r--r--net/tac_plus4/files/tac_plus.conf.example76
-rw-r--r--net/tac_plus4/pkg-comment2
-rw-r--r--net/tac_plus4/pkg-descr11
-rw-r--r--net/tac_plus4/pkg-plist2
6 files changed, 166 insertions, 12 deletions
diff --git a/net/tac_plus4/Makefile b/net/tac_plus4/Makefile
index ecb051ca9631..8031028b52f5 100644
--- a/net/tac_plus4/Makefile
+++ b/net/tac_plus4/Makefile
@@ -17,18 +17,23 @@ MAINTAINER= igor@zynaps.ru
EXTRACT_BEFORE_ARGS= -C ${WRKDIR} -xf
ALL_TARGET= tac_plus
MAN8= tac_plus.8
+EXTRA_PATCH= patch-ba
-post-patch:
- @${MV} -f ${WRKSRC}/tac_plus.1 ${WRKSRC}/tac_plus.8
+# To change the text displayed when users are prompted to enter
+# a username, set appropriately TAC_CHANGE_PROMPT variable.
+.if defined(TAC_CHANGE_PROMPT) && ${TAC_CHANGE_PROMPT} == YES
+pre-patch:
+ @${CP} ${FILESDIR}/${EXTRA_PATCH} ${PATCHDIR}
+.endif
do-install:
${INSTALL_PROGRAM} ${WRKSRC}/tac_plus ${PREFIX}/sbin
- ${INSTALL_MAN} ${WRKSRC}/tac_plus.8 ${PREFIX}/man/man8
- ${INSTALL_DATA} ${FILESDIR}/tacacs.conf.example ${PREFIX}/etc/
+ ${INSTALL_MAN} ${WRKSRC}/tac_plus.1 ${PREFIX}/man/man8/tac_plus.8
+ ${INSTALL_DATA} ${FILESDIR}/tac_plus.conf.example ${PREFIX}/etc/
@if [ ! -f ${PREFIX}/etc/rc.d/tac_plus.sh ]; then \
${ECHO} "Installing ${PREFIX}/etc/rc.d/tac_plus.sh startup file."; \
echo "#!/bin/sh" > ${PREFIX}/etc/rc.d/tac_plus.sh; \
- echo "[ -x ${PREFIX}/sbin/tac_plus -a -f ${PREFIX}/etc/tac_plus.conf ] && ${PREFIX}/sbin/tac_plus -C ${PREFIX}/etc/tacacs.conf && echo -n ' tac_plus'" >> ${PREFIX}/etc/rc.d/tac_plus.sh; \
+ echo "[ -x ${PREFIX}/sbin/tac_plus -a -f ${PREFIX}/etc/tac_plus.conf ] && ${PREFIX}/sbin/tac_plus -C ${PREFIX}/etc/tac_plus.conf && echo -n ' tac_plus'" >> ${PREFIX}/etc/rc.d/tac_plus.sh; \
chmod 751 ${PREFIX}/etc/rc.d/tac_plus.sh; \
fi
.if !defined(NOPORTDOCS)
@@ -36,4 +41,7 @@ do-install:
${INSTALL_DATA} ${WRKSRC}/users_guide ${PREFIX}/share/doc/tac_plus
.endif
+pre-clean:
+ @${RM} -f ${PATCHDIR}/${EXTRA_PATCH}
+
.include <bsd.port.mk>
diff --git a/net/tac_plus4/files/extra-patch-ba b/net/tac_plus4/files/extra-patch-ba
new file mode 100644
index 000000000000..9cb5ff36426d
--- /dev/null
+++ b/net/tac_plus4/files/extra-patch-ba
@@ -0,0 +1,69 @@
+*** authen.c.orig Sat Jul 29 02:49:15 1995
+--- authen.c Wed Jul 16 15:00:40 1997
+***************
+*** 209,217 ****
+
+ datap->status = TAC_PLUS_AUTHEN_STATUS_GETUSER;
+ if (datap->service == TAC_PLUS_AUTHEN_SVC_LOGIN) {
+! prompt = "\nUser Access Verification\n\nUsername: ";
+ } else {
+! prompt = "Username: ";
+ }
+ send_authen_reply(TAC_PLUS_AUTHEN_STATUS_GETUSER, /* status */
+ prompt, /* msg */
+--- 209,217 ----
+
+ datap->status = TAC_PLUS_AUTHEN_STATUS_GETUSER;
+ if (datap->service == TAC_PLUS_AUTHEN_SVC_LOGIN) {
+! prompt = "\nUser Access Verification\n\nlogin: ";
+ } else {
+! prompt = "login: ";
+ }
+ send_authen_reply(TAC_PLUS_AUTHEN_STATUS_GETUSER, /* status */
+ prompt, /* msg */
+*** default_fn.c.orig Sat Jul 29 02:49:18 1995
+--- default_fn.c Wed Jul 16 15:00:52 1997
+***************
+*** 76,84 ****
+ /* No username. Try requesting one */
+ data->status = TAC_PLUS_AUTHEN_STATUS_GETUSER;
+ if (data->service == TAC_PLUS_AUTHEN_SVC_LOGIN) {
+! prompt = "\nUser Access Verification\n\nUsername: ";
+ } else {
+! prompt = "Username: ";
+ }
+ data->server_msg = tac_strdup(prompt);
+ p->state = STATE_AUTHEN_GETUSER;
+--- 76,84 ----
+ /* No username. Try requesting one */
+ data->status = TAC_PLUS_AUTHEN_STATUS_GETUSER;
+ if (data->service == TAC_PLUS_AUTHEN_SVC_LOGIN) {
+! prompt = "\nUser Access Verification\n\nlogin: ";
+ } else {
+! prompt = "login: ";
+ }
+ data->server_msg = tac_strdup(prompt);
+ p->state = STATE_AUTHEN_GETUSER;
+*** skey_fn.c.orig Wed Jul 16 14:38:34 1997
+--- skey_fn.c Wed Jul 16 15:01:01 1997
+***************
+*** 104,112 ****
+ /* No username. Try requesting one */
+ data->status = TAC_PLUS_AUTHEN_STATUS_GETUSER;
+ if (data->service == TAC_PLUS_AUTHEN_SVC_LOGIN) {
+! prompt = "\nUser Access Verification\n\nUsername: ";
+ } else {
+! prompt = "Username: ";
+ }
+ data->server_msg = tac_strdup(prompt);
+ p->state = STATE_AUTHEN_GETUSER;
+--- 104,112 ----
+ /* No username. Try requesting one */
+ data->status = TAC_PLUS_AUTHEN_STATUS_GETUSER;
+ if (data->service == TAC_PLUS_AUTHEN_SVC_LOGIN) {
+! prompt = "\nUser Access Verification\n\nlogin: ";
+ } else {
+! prompt = "login: ";
+ }
+ data->server_msg = tac_strdup(prompt);
+ p->state = STATE_AUTHEN_GETUSER;
diff --git a/net/tac_plus4/files/tac_plus.conf.example b/net/tac_plus4/files/tac_plus.conf.example
new file mode 100644
index 000000000000..0d7b273210a6
--- /dev/null
+++ b/net/tac_plus4/files/tac_plus.conf.example
@@ -0,0 +1,76 @@
+# /usr/local/etc/tac_plus.conf
+
+user=fred {
+ name = "Fred Flintstone"
+ login = des mEX027bHtzTlQ
+
+ # Remember that authorization is also recursive over groups, in
+ # the same way that password lookups are recursive. Thus, if you
+ # place a user in a group, the daemon will look in the group for
+ # authorization parameters if it cannot find them in the user
+ # declaration.
+ member = admin
+
+ expires = "May 23 2005"
+
+ service = exec {
+ # When Fred starts an exec, his connection access list is 5
+ acl = 5
+
+ # We require this autocmd to be done at startup
+ autocmd = "telnet foo"
+ }
+
+ # All commands except telnet 131.108.13.* are denied for Fred
+ cmd = telnet {
+ # Fred can run the following telnet command
+ permit 131\.108\.13\.[0-9]+
+
+ deny .*
+ }
+
+ service = ppp protocol = ip {
+ # Fred can run ip over ppp only if he uses one
+ # of the following mandatory addresses If he supplies no
+ # address, the first one here will be mandated
+ addr=131.108.12.11
+ addr=131.108.12.12
+ addr=131.108.12.13
+ addr=131.108.12.14
+
+ # Fred's mandatory input access list number is 101
+ inacl=101
+
+ # We will suggest an output access list of 102, but Fred may
+ # choose to ignore or override it
+ optional outacl=102
+ }
+
+ service = slip {
+ # Fred can run slip. When he does, he will have to use
+ # these mandatory access lists
+ inacl=101
+ outacl=102
+ }
+
+ # set a timeout in the lcp layer of ppp
+ service = ppp protocol = lcp {
+ timeout = 10
+ }
+}
+
+user = wilma {
+ # Wilma has no password of her own, but she's a group member so
+ # she'll use the group password if there is one. Same for her
+ # password expiry date
+ member = admin
+}
+
+group = admin {
+ # group members who don't have their own password will be looked
+ # up in /etc/passwd
+ login = file /etc/passwd
+
+ # group members who have no expiry date set will use this one
+ expires = "Jan 1 1998"
+}
diff --git a/net/tac_plus4/pkg-comment b/net/tac_plus4/pkg-comment
index b7f8aec88b4e..b7c8d4530c34 100644
--- a/net/tac_plus4/pkg-comment
+++ b/net/tac_plus4/pkg-comment
@@ -1 +1 @@
-a remote authentication/authorization/accounting server
+A remote authentication/authorization/accounting server.
diff --git a/net/tac_plus4/pkg-descr b/net/tac_plus4/pkg-descr
index e82d355ed9f1..c0db6131ed2e 100644
--- a/net/tac_plus4/pkg-descr
+++ b/net/tac_plus4/pkg-descr
@@ -1,8 +1,9 @@
-tac_plus provides Cisco systems routers and access servers
-with authentication, authorisation and accounting services.
-
-A configuration file controls the details of authentication,
-authorisation and accounting.
+tacacs+ services network requests for authentication
+and authorization, verifies identities, grants or denies
+authorizations, and logs accounting records.
+
+Details are described at:
+http://www.cisco.com/warp/public/146/187.html
-- Igor
igor@zynaps.ru
diff --git a/net/tac_plus4/pkg-plist b/net/tac_plus4/pkg-plist
index 0c3a00efa67d..631a77599691 100644
--- a/net/tac_plus4/pkg-plist
+++ b/net/tac_plus4/pkg-plist
@@ -1,6 +1,6 @@
sbin/tac_plus
etc/rc.d/tac_plus.sh
-etc/tacacs.conf.example
+etc/tac_plus.conf.example
man/man8/tac_plus.8.gz
share/doc/tac_plus/users_guide
@dirrm share/doc/tac_plus