From f8c4f00abcbe991d1717e348b6f19daed2cc399e Mon Sep 17 00:00:00 2001 From: sada Date: Mon, 17 Sep 2001 19:38:26 +0000 Subject: New port: russian/tac+ia tacacs+ is program that allow authorization and authentication via net on remote access servers. Authnticate users, authorize commands and log accounting information. PR: ports/26642 Submitted by: Anton Voronin --- russian/tac+ia/Makefile | 62 ++++++++++++++++++++++++++++++++++++++ russian/tac+ia/distinfo | 1 + russian/tac+ia/files/patch-aa | 22 ++++++++++++++ russian/tac+ia/files/patch-maxsess | 12 ++++++++ russian/tac+ia/files/tac_plus.sh | 23 ++++++++++++++ russian/tac+ia/pkg-comment | 1 + russian/tac+ia/pkg-descr | 18 +++++++++++ russian/tac+ia/pkg-plist | 27 +++++++++++++++++ 8 files changed, 166 insertions(+) create mode 100644 russian/tac+ia/Makefile create mode 100644 russian/tac+ia/distinfo create mode 100644 russian/tac+ia/files/patch-aa create mode 100644 russian/tac+ia/files/patch-maxsess create mode 100644 russian/tac+ia/files/tac_plus.sh create mode 100644 russian/tac+ia/pkg-comment create mode 100644 russian/tac+ia/pkg-descr create mode 100644 russian/tac+ia/pkg-plist (limited to 'russian/tac+ia') diff --git a/russian/tac+ia/Makefile b/russian/tac+ia/Makefile new file mode 100644 index 000000000000..18b3a878ddfe --- /dev/null +++ b/russian/tac+ia/Makefile @@ -0,0 +1,62 @@ +# New ports collection makefile for: tas +# Date created: 11 Jan 2001 +# Whom: Anton Voronin +# +# $FreeBSD$ +# + +PORTNAME= tac+ia +PORTVERSION= 0.96p9.3 +CATEGORIES= russian net +MASTER_SITES= ftp://ftp.vsu.ru/pub/hardware/cisco/tacacs/ +DISTNAME= tac+ia-0.96pre9.3 + +MAINTAINER= anton@urc.ac.ru + +WRKSRC= ${WRKDIR}/tac+ia-0.96pre9.3 + +MANCOMPRESSED= no +MAN1= macct.1 parrot.1 +MAN8= tac_plus.8 + +HAS_CONFIGURE= yes + +# Default prefix for config files +CONFIGURE_ARGS+= --enable-confpath=${PREFIX}/etc/tac_plus +# Default prefix for pid files +CONFIGURE_ARGS+= --enable-runpath=/var/run +# Default prefix for log files +CONFIGURE_ARGS+= --enable-logpath=/var/log/tac_plus +# +CONFIGURE_ARGS+= --enable-ttysfile=${PREFIX}/etc/tac_plus/ttys +# This file tac+ will use for accounting records. +# Can be redefined in config file ('accounting file' directive) +CONFIGURE_ARGS+= --enable-acctfile=/var/log/tac_plus/tac_plus.acct +# If you want to block access for users, which not exist in base +CONFIGURE_ARGS+= --enable-db-strict +# +CONFIGURE_ARGS+= --enable-aliasesfile=${PREFIX}/etc/tac_plus/aliases +# register NAS users on SIGUSR1 +CONFIGURE_ARGS+= --enable-regnas +# Support for ACL +CONFIGURE_ARGS+= --enable-acl +# +CONFIGURE_ARGS+= --disable-deny +CONFIGURE_ARGS+= --disable-cron + +post-build: + @mv ${WRKSRC}/tac_plus/tac_plus.1 ${WRKSRC}/tac_plus/tac_plus.8 + +post-install: + @if [ ! -f ${PREFIX}/etc/rc.d/tac_plus.sh ]; then \ + ${ECHO} "Installing ${PREFIX}/etc/rc.d/tac_plus.sh startup file."; \ + ${INSTALL_SCRIPT} -m 751 ${FILESDIR}/tac_plus.sh ${PREFIX}/etc/rc.d/tac_plus.sh; \ + fi + ${INSTALL_SCRIPT} -m 644 ${WRKSRC}/lib/libutil/ttys ${PREFIX}/etc/tac_plus/ttys.example + ${INSTALL_SCRIPT} -m 644 ${WRKSRC}/tac_plus/aliases ${PREFIX}/etc/tac_plus/aliases.example + ${INSTALL_SCRIPT} -m 644 ${WRKSRC}/tac_plus/tac_plus.conf ${PREFIX}/etc/tac_plus/tac_plus.conf.example + -@mkdir -p ${PREFIX}/share/doc/tac_plus + ${INSTALL_SCRIPT} -m 644 ${WRKSRC}/tac_plus/users_guide ${PREFIX}/share/doc/tac_plus/users_guide + ${INSTALL_SCRIPT} -m 644 ${WRKSRC}/README ${PREFIX}/share/doc/tac_plus/README + +.include diff --git a/russian/tac+ia/distinfo b/russian/tac+ia/distinfo new file mode 100644 index 000000000000..ae1b9cd62550 --- /dev/null +++ b/russian/tac+ia/distinfo @@ -0,0 +1 @@ +MD5 (tac+ia-0.96pre9.3.tar.gz) = be29256121479cc7e4a576684aa2ff42 diff --git a/russian/tac+ia/files/patch-aa b/russian/tac+ia/files/patch-aa new file mode 100644 index 000000000000..4f1059fd7608 --- /dev/null +++ b/russian/tac+ia/files/patch-aa @@ -0,0 +1,22 @@ +--- tac_plus/Makefile.in.orig Tue Sep 5 16:39:12 2000 ++++ tac_plus/Makefile.in Fri Apr 13 12:41:54 2001 +@@ -42,7 +42,7 @@ + OBJS = $(SRC:.c=.o) + SRCS = $(SRC:%=$(srcdir)/%) + +-all: tac_plus generate_passwd tdb @DYN@dynipd ++all: tac_plus generate_passwd @DYN@tdb dynipd + + dynipd: dynipd.o sockread.o allow.o + $(CC) -o dynipd $(LDFLAGS) dynipd.o sockread.o allow.o @LIBDB@ @LIBNSL@ @LIBSOCKET@ @LIBBIND@ +@@ -81,8 +81,8 @@ + + install: + $(INSTALL_PROGRAM) tac_plus $(sbindir) +- $(INSTALL_DATA) $(srcdir)/tac_plus.1 $(mandir)/man1 +- $(INSTALL_PROGRAM) tdb $(sbindir) ++ $(INSTALL_DATA) $(srcdir)/tac_plus.8 $(mandir)/man8 ++@DYN@ $(INSTALL_PROGRAM) tdb $(sbindir) + @DYN@ $(INSTALL_PROGRAM) dynipd $(sbindir) + + depend-gcc: diff --git a/russian/tac+ia/files/patch-maxsess b/russian/tac+ia/files/patch-maxsess new file mode 100644 index 000000000000..3fc89123c92e --- /dev/null +++ b/russian/tac+ia/files/patch-maxsess @@ -0,0 +1,12 @@ +--- tac_plus/maxsess.c.orig Mon Sep 25 16:41:35 2000 ++++ tac_plus/maxsess.c Tue Apr 17 01:29:41 2001 +@@ -741,7 +741,8 @@ + } + + /* If it's really too high, don't authorize more services */ +- if (sess >= maxsess) { ++/* if (sess >= maxsess) { */ ++ if (sess > maxsess) { /* NAS reports the current attempt as an opened session too */ + char buf[80]; + + sprintf(buf, diff --git a/russian/tac+ia/files/tac_plus.sh b/russian/tac+ia/files/tac_plus.sh new file mode 100644 index 000000000000..a7465a4b1f51 --- /dev/null +++ b/russian/tac+ia/files/tac_plus.sh @@ -0,0 +1,23 @@ +#!/bin/sh + +if ! PREFIX=$(expr $0 : "\(/.*\)/etc/rc\.d/$(basename $0)\$"); then + echo "$0: Cannot determine the PREFIX" >&2 + exit 1 +fi + +case "$1" in +start) + [ -x ${PREFIX}/sbin/tac_plus -a -f ${PREFIX}/etc/tac_plus/tac_plus.conf ] && ${PREFIX}/sbin/tac_plus -L \ + && [ -x ${PREFIX}/sbin/acctd ] && ${PREFIX}/sbin/acctd \ + && echo -n ' tac_plus' + ;; +stop) + killall tac_plus acctd && echo -n ' tac_plus' + echo + ;; +*) + echo "Usage: `basename $0` {start|stop}" >&2 + ;; +esac + +exit 0 diff --git a/russian/tac+ia/pkg-comment b/russian/tac+ia/pkg-comment new file mode 100644 index 000000000000..0bda61c24dc2 --- /dev/null +++ b/russian/tac+ia/pkg-comment @@ -0,0 +1 @@ +The Cisco remote aaa server (inet-admins edition) diff --git a/russian/tac+ia/pkg-descr b/russian/tac+ia/pkg-descr new file mode 100644 index 000000000000..a9b19c566bc1 --- /dev/null +++ b/russian/tac+ia/pkg-descr @@ -0,0 +1,18 @@ +tacacs+ is program that allow authorization and authentication via net on +remote access servers. Authnticate users, authorize commands and log +accounting information. + +tac+ia is improved tacacs server based on tac_plus package. + +Additional features: +- improved configuration syntax +- acls +- time limits +- more variable substitutions in configuration file +- allow/deny lists +- tty lists +- host and port aliasing +- time intervals +- dynamic ip-address assignment +- passing uucp connections to uucico without rlogind authentication +and many other... diff --git a/russian/tac+ia/pkg-plist b/russian/tac+ia/pkg-plist new file mode 100644 index 000000000000..fe0ce2c0f99b --- /dev/null +++ b/russian/tac+ia/pkg-plist @@ -0,0 +1,27 @@ +etc/rc.d/tac_plus.sh +etc/tac_plus/tac_plus.conf.example +etc/tac_plus/ttys.example +etc/tac_plus/aliases.example +sbin/acctd +sbin/killuser +sbin/lasttac +sbin/logtac +sbin/macct +sbin/tac_plus +sbin/unlogtac +sbin/whotac +share/doc/tac_plus/README +share/doc/tac_plus/users_guide +@dirrm etc/tac_plus +@dirrm share/doc/tac_plus +@cwd /var/adm +@exec mkdir /var/adm/tac_plus +@exec mkdir /var/adm/tac_plus/deny +@exec mkdir /var/adm/tac_plus/allow +@exec mkdir /var/adm/tac_plus/parrot +@dirrm tac_plus/deny +@dirrm tac_plus/allow +@dirrm tac_plus/parrot +@dirrm tac_plus +@cwd /var/log +@unexec rmdir %D/tac_plus 2>/dev/null || true -- cgit