diff options
author | marcus <marcus@FreeBSD.org> | 2005-04-03 14:58:13 +0800 |
---|---|---|
committer | marcus <marcus@FreeBSD.org> | 2005-04-03 14:58:13 +0800 |
commit | 2eb70cbce50f7060b413765c16585da1c6b6a315 (patch) | |
tree | 950a62d777920825ab50dd63cbcacac3146ab4f1 /net | |
parent | 9af026f389e28254e551d8e4fb2d98b3a354fec4 (diff) | |
download | freebsd-ports-gnome-2eb70cbce50f7060b413765c16585da1c6b6a315.tar.gz freebsd-ports-gnome-2eb70cbce50f7060b413765c16585da1c6b6a315.tar.zst freebsd-ports-gnome-2eb70cbce50f7060b413765c16585da1c6b6a315.zip |
Update to F4.0.4.7. Code changes in this release include:
* Conversion to autofoo
* Man pahe improvements
* MD5 fixes for 64-bit platforms
* generated_password has been renamed to tac_pwd
* A tac_plus.config.5 man page has been added
* User-specific enable password support
Port changes in this release include:
* Default IOS version has been changed from 11.x to 12.x
* tac_plus.sh script has been converted to rcNG
* PORTDOCS is properly respected
* Portlint fixes
Diffstat (limited to 'net')
-rw-r--r-- | net/tac_plus4/Makefile | 62 | ||||
-rw-r--r-- | net/tac_plus4/distinfo | 4 | ||||
-rw-r--r-- | net/tac_plus4/files/extra-patch-ba | 69 | ||||
-rw-r--r-- | net/tac_plus4/files/patch-Makefile.in | 48 | ||||
-rw-r--r-- | net/tac_plus4/files/patch-aa | 88 | ||||
-rw-r--r-- | net/tac_plus4/files/patch-ab | 8 | ||||
-rw-r--r-- | net/tac_plus4/files/patch-ac | 29 | ||||
-rw-r--r-- | net/tac_plus4/files/patch-ae | 11 | ||||
-rw-r--r-- | net/tac_plus4/files/patch-configure | 11 | ||||
-rw-r--r-- | net/tac_plus4/files/patch-md5.h | 11 | ||||
-rw-r--r-- | net/tac_plus4/files/patch-skey_fn.c | 11 | ||||
-rw-r--r-- | net/tac_plus4/files/tac_plus.conf.example | 20 | ||||
-rw-r--r-- | net/tac_plus4/files/tac_plus.sh | 38 | ||||
-rw-r--r-- | net/tac_plus4/pkg-descr | 4 | ||||
-rw-r--r-- | net/tac_plus4/pkg-plist | 10 |
15 files changed, 142 insertions, 282 deletions
diff --git a/net/tac_plus4/Makefile b/net/tac_plus4/Makefile index 7d12d5579999..6e713c1db17c 100644 --- a/net/tac_plus4/Makefile +++ b/net/tac_plus4/Makefile @@ -7,65 +7,65 @@ PORTNAME= tac_plus PORTVERSION= F4.0.4 -PORTREVISION= 3 -CATEGORIES= net -MASTER_SITES= ftp://ftp-eng.cisco.com/pub/tacacs/ -DISTNAME= tac_plus.F4.0.4.alpha -EXTRACT_SUFX= .tar.Z +PORTREVISION= 7 +CATEGORIES= net security +MASTER_SITES= ftp://ftp.shrubbery.net/pub/tac_plus/ +DISTNAME= tacacs+-F4.0.4.7 MAINTAINER= marcus@FreeBSD.org COMMENT= The Cisco remote authentication/authorization/accounting server -ALL_TARGET= tac_plus -MAN1= tac_plus.1 +USE_PERL5_BUILD=yes +GNU_CONFIGURE= yes +USE_RC_SUBR= yes +USE_REINPLACE= yes +CONFIGURE_TARGET=--build=${MACHINE_ARCH}-portbld-freebsd${OSREL} -CONFLICTS= ru-tac+ia-* tac_plus-libradius-* +MAN5= tac_plus.conf.5 +MAN8= tac_plus.8 tac_pwd.8 -# To change the text displayed when users are prompted to enter -# a username, set appropriately TAC_CHANGE_PROMPT variable. -.if defined(TAC_CHANGE_PROMPT) && ${TAC_CHANGE_PROMPT} == YES -EXTRA_PATCHES= ${PATCHDIR}/extra-patch-ba -.endif +CONFLICTS= ru-tac+ia-[0-9]* tac_plus-libradius-[0-9]* +RC_SCRIPTS_SUB= PREFIX=${PREFIX} RC_SUBR=${RC_SUBR} # check expiration dates against 'expire' field of master.passwd file -.if defined(TAC_EXPIRE_MASTER_PASSWD) && ${TAC_EXPIRE_MASTER_PASSWD} == YES +.if defined(TAC_EXPIRE_MASTER_PASSWD) EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-bb .endif # finger output differs for CISCO IOS versions 11 and 12. -# Define version of your IOS (default is 11): -# Example: make TAC_IOS_VERSION=12 +# Define version of your IOS (default is 12): +# Example: make TAC_IOS_VERSION=11 # .if defined(TAC_IOS_VERSION) CFLAGS+= -DTAC_IOS_VERSION=${TAC_IOS_VERSION} .else -CFLAGS+= -DTAC_IOS_VERSION=11 +CFLAGS+= -DTAC_IOS_VERSION=12 .endif .if exists(/usr/include/skey.h) && !defined(WITHOUT_SKEY) -MAKE_ENV+= WITH_SKEY=1 +CONFIGURE_ARGS+= --with-skey +.else +CONFIGURE_ARGS+= --without-skey .endif .if exists(/usr/include/opie.h) && !defined(WITHOUT_OPIE) -MAKE_ENV+= WITH_OPIE=1 +CFLAGS+= -DOPIE +CONFIGURE_ENV+= LIBS="-lopie -lmd" .endif -do-install: - ${INSTALL_PROGRAM} ${WRKSRC}/tac_plus ${PREFIX}/sbin - ${INSTALL_PROGRAM} ${WRKSRC}/generate_passwd ${PREFIX}/bin - ${INSTALL_MAN} ${WRKSRC}/tac_plus.1 ${PREFIX}/man/man1/tac_plus.1 - ${INSTALL_DATA} ${FILESDIR}/tac_plus.conf.example ${PREFIX}/etc/ - @if [ ! -f ${PREFIX}/etc/rc.d/tac_plus.sh ]; then \ - ${ECHO} "Installing ${PREFIX}/etc/rc.d/tac_plus.sh startup file."; \ - ${INSTALL_SCRIPT} -m 751 ${FILESDIR}/tac_plus.sh ${PREFIX}/etc/rc.d/tac_plus.sh; \ - fi +post-patch: + @${SED} ${RC_SCRIPTS_SUB:S/$/!g/:S/^/ -e s!%%/:S/=/%%!/} \ + ${FILESDIR}/tac_plus.sh > ${WRKSRC}/tac_plus.sh + @${REINPLACE_CMD} -e 's|skey_get_algorithm|skeychallenge|g' \ + ${WRKSRC}/configure + +post-install: + ${INSTALL_DATA} ${FILESDIR}/tac_plus.conf.example ${PREFIX}/etc + ${INSTALL_SCRIPT} ${WRKSRC}/tac_plus.sh ${PREFIX}/etc/rc.d/tac_plus.sh .if !defined(NOPORTDOCS) @${MKDIR} ${PREFIX}/share/doc/tac_plus ${INSTALL_DATA} ${WRKSRC}/users_guide ${PREFIX}/share/doc/tac_plus ${INSTALL_SCRIPT} ${WRKSRC}/convert.pl ${PREFIX}/share/doc/tac_plus .endif -post-install: - ${STRIP_CMD} ${PREFIX}/sbin/tac_plus - .include <bsd.port.mk> diff --git a/net/tac_plus4/distinfo b/net/tac_plus4/distinfo index 185b2851be20..110974f6aafd 100644 --- a/net/tac_plus4/distinfo +++ b/net/tac_plus4/distinfo @@ -1,2 +1,2 @@ -MD5 (tac_plus.F4.0.4.alpha.tar.Z) = 7acaa4a78c71c514cf67ca5a77e16c27 -SIZE (tac_plus.F4.0.4.alpha.tar.Z) = 193771 +MD5 (tacacs+-F4.0.4.7.tar.gz) = dd75745b50540b26ae259a706e457860 +SIZE (tacacs+-F4.0.4.7.tar.gz) = 236651 diff --git a/net/tac_plus4/files/extra-patch-ba b/net/tac_plus4/files/extra-patch-ba deleted file mode 100644 index 58d401a07eaf..000000000000 --- a/net/tac_plus4/files/extra-patch-ba +++ /dev/null @@ -1,69 +0,0 @@ -*** authen.c.orig Thu Sep 9 15:21:09 1999 ---- authen.c Thu Sep 9 15:21:28 1999 -*************** -*** 227,235 **** - - datap->status = TAC_PLUS_AUTHEN_STATUS_GETUSER; - if (datap->service == TAC_PLUS_AUTHEN_SVC_LOGIN) { -! prompt = "\nUser Access Verification\n\nUsername: "; - } else { -! prompt = "Username: "; - } - send_authen_reply(TAC_PLUS_AUTHEN_STATUS_GETUSER, /* status */ - prompt, /* msg */ ---- 227,235 ---- - - datap->status = TAC_PLUS_AUTHEN_STATUS_GETUSER; - if (datap->service == TAC_PLUS_AUTHEN_SVC_LOGIN) { -! prompt = "\nUser Access Verification\n\nlogin: "; - } else { -! prompt = "login: "; - } - send_authen_reply(TAC_PLUS_AUTHEN_STATUS_GETUSER, /* status */ - prompt, /* msg */ -*** default_v0_fn.c.orig Thu Sep 9 15:22:52 1999 ---- default_v0_fn.c Thu Sep 9 15:23:09 1999 -*************** -*** 87,95 **** - /* No username. Try requesting one */ - data->status = TAC_PLUS_AUTHEN_STATUS_GETUSER; - if (data->service == TAC_PLUS_AUTHEN_SVC_LOGIN) { -! prompt = "\nUser Access Verification\n\nUsername: "; - } else { -! prompt = "Username: "; - } - data->server_msg = tac_strdup(prompt); - p->state = STATE_AUTHEN_GETUSER; ---- 87,95 ---- - /* No username. Try requesting one */ - data->status = TAC_PLUS_AUTHEN_STATUS_GETUSER; - if (data->service == TAC_PLUS_AUTHEN_SVC_LOGIN) { -! prompt = "\nUser Access Verification\n\nlogin: "; - } else { -! prompt = "login: "; - } - data->server_msg = tac_strdup(prompt); - p->state = STATE_AUTHEN_GETUSER; -*** skey_fn.c.orig Thu Sep 9 15:23:23 1999 ---- skey_fn.c Thu Sep 9 15:23:56 1999 -*************** -*** 116,124 **** - /* No username. Try requesting one */ - data->status = TAC_PLUS_AUTHEN_STATUS_GETUSER; - if (data->service == TAC_PLUS_AUTHEN_SVC_LOGIN) { -! prompt = "\nUser Access Verification\n\nUsername: "; - } else { -! prompt = "Username: "; - } - data->server_msg = tac_strdup(prompt); - p->state = STATE_AUTHEN_GETUSER; ---- 116,124 ---- - /* No username. Try requesting one */ - data->status = TAC_PLUS_AUTHEN_STATUS_GETUSER; - if (data->service == TAC_PLUS_AUTHEN_SVC_LOGIN) { -! prompt = "\nUser Access Verification\n\nlogin: "; - } else { -! prompt = "login: "; - } - data->server_msg = tac_strdup(prompt); - p->state = STATE_AUTHEN_GETUSER; diff --git a/net/tac_plus4/files/patch-Makefile.in b/net/tac_plus4/files/patch-Makefile.in new file mode 100644 index 000000000000..5093a44c2087 --- /dev/null +++ b/net/tac_plus4/files/patch-Makefile.in @@ -0,0 +1,48 @@ +--- Makefile.in.orig Wed May 21 18:22:50 2003 ++++ Makefile.in Sun Apr 3 01:16:29 2005 +@@ -153,7 +153,7 @@ + config.c expire.c programs.c \ + default_fn.c pw.c utils.c \ + default_v0_fn.c hash.c pwlib.c \ +- do_acct.c maxsess.c regexp.c ++ do_acct.c maxsess.c regexp.c opie_fn.c + + tac_plus_LDADD = $(WRAPLIBS) + LDADD = @PROFLIBS@ +@@ -166,7 +166,7 @@ + + + man_gen_MANS = tac_plus.8 tac_plus.conf.5 +-man_nogen_MANS = regexp.3 tac_pwd.8 ++man_nogen_MANS = tac_pwd.8 + + man_MANS = $(man_gen_MANS) $(man_nogen_MANS) + +@@ -200,7 +200,8 @@ + config.$(OBJEXT) expire.$(OBJEXT) programs.$(OBJEXT) \ + default_fn.$(OBJEXT) pw.$(OBJEXT) utils.$(OBJEXT) \ + default_v0_fn.$(OBJEXT) hash.$(OBJEXT) pwlib.$(OBJEXT) \ +- do_acct.$(OBJEXT) maxsess.$(OBJEXT) regexp.$(OBJEXT) ++ do_acct.$(OBJEXT) maxsess.$(OBJEXT) regexp.$(OBJEXT) \ ++ opie_fn.$(OBJEXT) + tac_plus_OBJECTS = $(am_tac_plus_OBJECTS) + tac_plus_DEPENDENCIES = + tac_plus_LDFLAGS = +@@ -227,7 +228,8 @@ + @AMDEP_TRUE@ ./$(DEPDIR)/regexp.Po ./$(DEPDIR)/report.Po \ + @AMDEP_TRUE@ ./$(DEPDIR)/sendauth.Po ./$(DEPDIR)/sendpass.Po \ + @AMDEP_TRUE@ ./$(DEPDIR)/skey_fn.Po ./$(DEPDIR)/tac_plus.Po \ +-@AMDEP_TRUE@ ./$(DEPDIR)/tac_pwd.Po ./$(DEPDIR)/utils.Po ++@AMDEP_TRUE@ ./$(DEPDIR)/tac_pwd.Po ./$(DEPDIR)/utils.Po \ ++@AMDEP_TRUE@ ./$(DEPDIR)/opie_fn.Po + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) + CCLD = $(CC) +@@ -357,6 +359,7 @@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sendauth.Po@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sendpass.Po@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/skey_fn.Po@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/opie_fn.Po@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tac_plus.Po@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tac_pwd.Po@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utils.Po@am__quote@ diff --git a/net/tac_plus4/files/patch-aa b/net/tac_plus4/files/patch-aa deleted file mode 100644 index f8cdce952b66..000000000000 --- a/net/tac_plus4/files/patch-aa +++ /dev/null @@ -1,88 +0,0 @@ ---- Makefile.orig Sun Jun 18 13:26:54 2000 -+++ Makefile Sun Dec 8 15:18:58 2002 -@@ -19,7 +19,7 @@ - # LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - # FOR A PARTICULAR PURPOSE. - --CC = gcc -+# CC = gcc - - # For AIX - # See /usr/lpp/bos/bsdport on your system for details of how to define bsdcc -@@ -33,13 +33,13 @@ - # OS=-DMIPS - - # For Solaris (SUNOS 5.3, 5.4, 5.5, 5.6) uncomment the following two lines --OS=-DSOLARIS --OSLIBS=-lsocket -lnsl -+# OS=-DSOLARIS -+# OSLIBS=-lsocket -lnsl - - # For FreeBSD --# OS=-DFREEBSD -+OS=-DFREEBSD - # You may also need to add: --# OSLIBS=-lcrypt -+OSLIBS=-lcrypt - # NOTE: If you want your password encryption to be compatible with - # e.g. SunOS, you may need to instead use: - # OSLIBS=-ldescrypt -@@ -64,12 +64,19 @@ - # FLAGS = -DTAC_PLUS_USERID=$(USERID) -DTAC_PLUS_GROUPID=$(GROUPID) - - # Definitions for SKEY functionality --# DEFINES = -DSKEY --# LIBS = ../crimelab/skey/src/libskey.a -+.if defined(WITH_SKEY) -+DEFINES = -DSKEY -+LIBS = -lskey -lmd - # INCLUDES = -I../crimelab/skey/src -+.endif -+ -+.if defined(WITH_OPIE) -+DEFINES += -DOPIE -+LIBS += -lopie -lmd -+.endif - - # Debugging flags --DEBUG = -g -+# DEBUG = -g - - # Enforce a limit on maximum sessions per user. See the user's guide - # for more information. -@@ -85,13 +92,13 @@ - # possible), containing its process id. Uncomment and modify the - # following line to change this filename - --# PIDFILE = -DTAC_PLUS_PIDFILE=\"/var/run/tac_plus.pid\" -+PIDFILE = -DTAC_PLUS_PIDFILE=\"/var/run/tac_plus.pid\" - - # - # End of customisable section of Makefile - # - --CFLAGS = $(DEBUG) $(DEFINES) $(INCLUDES) $(FLAGS) $(OS) $(PIDFILE) $(MAXSESS) -+CFLAGS += $(DEBUG) $(DEFINES) $(INCLUDES) $(FLAGS) $(OS) $(PIDFILE) $(MAXSESS) - - HFILES = expire.h parse.h regmagic.h md5.h regexp.h tac_plus.h - -@@ -99,7 +106,7 @@ - do_author.c dump.c encrypt.c expire.c $(MSCHAP_MD4_SRC) md5.c \ - packet.c report.c sendauth.c tac_plus.c utils.c pw.c hash.c \ - parse.c regexp.c programs.c enable.c pwlib.c default_fn.c \ -- skey_fn.c default_v0_fn.c sendpass.c maxsess.c -+ skey_fn.c opie_fn.c default_v0_fn.c sendpass.c maxsess.c - - OBJS = $(SRCS:.c=.o) - -@@ -130,8 +137,8 @@ - -rm -f *.o *~ *.BAK tac_plus generate_passwd - - install: -- cp tac_plus /usr/local/bin -- cp tac_plus.1 /usr/man/manl/tac_plus.1 -+ cp tac_plus $(PREFIX)/sbin -+ cp tac_plus.1 $(PREFIX)/man1/tac_plus.1 - - depend: - makedepend $(CFLAGS) $(SRCS) diff --git a/net/tac_plus4/files/patch-ab b/net/tac_plus4/files/patch-ab index 5745c397efc0..fca2b0bfe5ab 100644 --- a/net/tac_plus4/files/patch-ab +++ b/net/tac_plus4/files/patch-ab @@ -1,13 +1,5 @@ --- tac_plus.h.orig Sun Jun 18 13:26:54 2000 +++ tac_plus.h Sun Dec 8 15:24:27 2002 -@@ -137,6 +137,7 @@ - #ifdef FREEBSD - #define CONST_SYSERRLIST - #define STDLIB_MALLOC -+#define NO_PWAGE - #define VOIDSIG - #define NO_PWAGE - #endif @@ -701,6 +702,7 @@ extern int default_fn(); extern int default_v0_fn(); diff --git a/net/tac_plus4/files/patch-ac b/net/tac_plus4/files/patch-ac deleted file mode 100644 index 2c6827694910..000000000000 --- a/net/tac_plus4/files/patch-ac +++ /dev/null @@ -1,29 +0,0 @@ ---- tac_plus.1.orig Sat Apr 3 08:03:47 1999 -+++ tac_plus.1 Tue Nov 9 21:55:56 1999 -@@ -32,7 +32,7 @@ - authorisation and accounting. - .LP - On startup, tac_plus creates the file --.B /etc/tac_plus.pid , -+.B /var/run/tac_plus.pid , - if possible, containing its process id. - .LP - .SH ARGUMENTS and OPTIONS -@@ -195,7 +195,7 @@ - facility. - .nf - --local6.info /var/adm/messages -+local6.info /var/log/tac_plus.log - - .fi - .LP -@@ -212,7 +212,7 @@ - .B /var/tmp/tac_plus.log - Contains debugging output when -d is in effect. - .TP --.B /etc/tac_plus.pid or /etc/tac_plus.pid.port -+.B /var/run/tac_plus.pid or /var/run/tac_plus.pid.port - contains the process id of the currently running daemon. The port - number is appended to the filename only if the port being used is not - the default one of 49. diff --git a/net/tac_plus4/files/patch-ae b/net/tac_plus4/files/patch-ae deleted file mode 100644 index d4b6b710404a..000000000000 --- a/net/tac_plus4/files/patch-ae +++ /dev/null @@ -1,11 +0,0 @@ ---- do_acct.c.orig Tue Nov 9 22:02:51 1999 -+++ do_acct.c Tue Nov 9 22:03:30 1999 -@@ -158,7 +158,7 @@ - #endif - entry.ut_time = utime; - -- wtmpfd = open(wtmpfile, O_CREAT | O_WRONLY | O_APPEND | O_SYNC, 0666); -+ wtmpfd = open(wtmpfile, O_CREAT | O_WRONLY | O_APPEND, 0666); - if (wtmpfd < 0) { - report(LOG_ERR, "Can't open wtmp file %s -- %s", - wtmpfile, sys_errlist[errno]); diff --git a/net/tac_plus4/files/patch-configure b/net/tac_plus4/files/patch-configure new file mode 100644 index 000000000000..a44c1803dcf8 --- /dev/null +++ b/net/tac_plus4/files/patch-configure @@ -0,0 +1,11 @@ +--- configure.orig Sun Apr 3 01:20:37 2005 ++++ configure Sun Apr 3 01:20:48 2005 +@@ -1758,7 +1758,7 @@ + #CPPFLAGS="$CFLAGS -I/usr/pkg/include"; export CPPFLAGS + #LDFLAGS="$LDFLAGS -L/usr/pkg/lib -Xlinker -rpath -Xlinker /usr/pkg/lib" + #export LDFLAGS +- LIBS="-lcrypt"; export LIBS ++ LIBS="-lcrypt $LIBS"; export LIBS + cat >>confdefs.h <<\_ACEOF + #define FREEBSD 1 + _ACEOF diff --git a/net/tac_plus4/files/patch-md5.h b/net/tac_plus4/files/patch-md5.h deleted file mode 100644 index 948cd3e38a03..000000000000 --- a/net/tac_plus4/files/patch-md5.h +++ /dev/null @@ -1,11 +0,0 @@ ---- md5.h.orig Sat Apr 5 00:06:25 2003 -+++ md5.h Sat Apr 5 00:05:08 2003 -@@ -54,7 +54,7 @@ - #if defined(CISCO_MD5_MODS) - - /* typedef a 32-bit type */ --typedef unsigned long int UINT4; -+typedef unsigned int UINT4; - - /* typedef a generic pointer type */ - typedef unsigned char *POINTER; diff --git a/net/tac_plus4/files/patch-skey_fn.c b/net/tac_plus4/files/patch-skey_fn.c new file mode 100644 index 000000000000..0e31e142fcc3 --- /dev/null +++ b/net/tac_plus4/files/patch-skey_fn.c @@ -0,0 +1,11 @@ +--- skey_fn.c.orig Sun Apr 3 01:41:00 2005 ++++ skey_fn.c Sun Apr 3 01:41:08 2005 +@@ -168,7 +168,7 @@ + return(1); + } + +- if (skeychallenge(&p->skey, name, skeyprompt, 80) == 0) { ++ if (skeychallenge(&p->skey, name, skeyprompt) == 0) { + char buf[256]; + sprintf(buf, "%s\nPassword: ", skeyprompt); + data->server_msg = tac_strdup(buf); diff --git a/net/tac_plus4/files/tac_plus.conf.example b/net/tac_plus4/files/tac_plus.conf.example index 06a5d5b9a308..50774ed39068 100644 --- a/net/tac_plus4/files/tac_plus.conf.example +++ b/net/tac_plus4/files/tac_plus.conf.example @@ -16,15 +16,15 @@ user=fred { member = admin expires = "May 23 2005" - + service = exec { # When Fred starts an exec, his connection access list is 5 acl = 5 - + # We require this autocmd to be done at startup autocmd = "telnet foo" } - + # All commands except telnet 131.108.13.* are denied for Fred cmd = telnet { # Fred can run the following telnet command @@ -32,19 +32,19 @@ user=fred { deny .* } - + service = ppp protocol = ip { - # Fred can run ip over ppp only if he uses one + # Fred can run ip over ppp only if he uses one # of the following mandatory addresses If he supplies no # address, the first one here will be mandated addr=131.108.12.11 addr=131.108.12.12 addr=131.108.12.13 addr=131.108.12.14 - + # Fred's mandatory input access list number is 101 inacl=101 - + # We will suggest an output access list of 102, but Fred may # choose to ignore or override it optional outacl=102 @@ -56,7 +56,7 @@ user=fred { inacl=101 outacl=102 } - + # set a timeout in the lcp layer of ppp service = ppp protocol = lcp { timeout = 10 @@ -69,12 +69,12 @@ user = wilma { # password expiry date member = admin } - + group = admin { # group members who don't have their own password will be looked # up in /etc/passwd login = file /etc/passwd - + # group members who have no expiry date set will use this one expires = "Jan 1 1998" } diff --git a/net/tac_plus4/files/tac_plus.sh b/net/tac_plus4/files/tac_plus.sh index be86c91da222..5710a97a0b73 100644 --- a/net/tac_plus4/files/tac_plus.sh +++ b/net/tac_plus4/files/tac_plus.sh @@ -1,20 +1,26 @@ #!/bin/sh +# +# $FreeBSD$ +# +# PROVIDE: tac_plus +# REQUIRE: DAEMON +# KEYWORD: FreeBSD +# +# Add the following line to /etc/rc.conf to enable the TACACS+ daemon: +# +# tac_plus_enable="YES" +# -if ! PREFIX=$(expr $0 : "\(/.*\)/etc/rc\.d/$(basename $0)\$"); then - echo "$0: Cannot determine the PREFIX" >&2 - exit 1 -fi +tac_plus_enable=${tac_plus_enable-"NO"} +tac_plus_flags=${tac_plus_flags-"-C %%PREFIX%%/etc/tac_plus.conf"} -case "$1" in -start) - [ -x ${PREFIX}/sbin/tac_plus -a -f ${PREFIX}/etc/tac_plus.conf ] && ${PREFIX}/sbin/tac_plus -C ${PREFIX}/etc/tac_plus.conf && echo -n ' tac_plus' - ;; -stop) - killall tac_plus && echo -n ' tac_plus' - ;; -*) - echo "Usage: `basename $0` {start|stop}" >&2 - ;; -esac +. %%RC_SUBR%% -exit 0 +name=tac_plus +rcvar=`set_rcvar` + +command="%%PREFIX%%/bin/tac_plus" +pidfile="/var/run/${name}.pid" + +load_rc_config ${name} +run_rc_command "$1" diff --git a/net/tac_plus4/pkg-descr b/net/tac_plus4/pkg-descr index 3e89967b72af..c874d1102e53 100644 --- a/net/tac_plus4/pkg-descr +++ b/net/tac_plus4/pkg-descr @@ -1,5 +1,5 @@ -tacacs+ s program that allow authorization and authentication via net on -remote access servers. Authnticate users, authorize commands and log +TACACS+ program that allow authorization and authentication via net on +remote access servers. Authnticate users, authorize commands and log accounting information. This new version 4 has improved features and bugfixes over the older 2.x diff --git a/net/tac_plus4/pkg-plist b/net/tac_plus4/pkg-plist index fbd96b8484a3..bb408645e0d6 100644 --- a/net/tac_plus4/pkg-plist +++ b/net/tac_plus4/pkg-plist @@ -1,7 +1,7 @@ -bin/generate_passwd +bin/tac_plus +bin/tac_pwd etc/rc.d/tac_plus.sh etc/tac_plus.conf.example -sbin/tac_plus -share/doc/tac_plus/users_guide -share/doc/tac_plus/convert.pl -@dirrm share/doc/tac_plus +%%PORTDOCS%%%%DOCSDIR%%/convert.pl +%%PORTDOCS%%%%DOCSDIR%%/users_guide +%%PORTDOCS%%@dirrm %%DOCSDIR%% |