New port: russian/tac+ia

tacacs+ is program that allow authorization and authentication via net on
remote access servers. Authnticate users, authorize commands and log
accounting information.

PR:		ports/26642
Submitted by:	Anton Voronin <anton@urc.ac.ru>

russian/Makefile

@@ -16,6 +16,7 @@
     SUBDIR += pgp.language
     SUBDIR += pine.language
     SUBDIR += pscyr
+    SUBDIR += tac+ia
     SUBDIR += rispell
     SUBDIR += rus-ispell
     SUBDIR += wmcyrx

russian/tac+ia/Makefile

@@ -0,0 +1,62 @@
+# New ports collection makefile for:   tas
+# Date created:        11 Jan 2001
+# Whom:                Anton Voronin <anton@urc.ac.ru>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	tac+ia
+PORTVERSION=	0.96p9.3
+CATEGORIES=	russian net
+MASTER_SITES=	ftp://ftp.vsu.ru/pub/hardware/cisco/tacacs/
+DISTNAME=	tac+ia-0.96pre9.3
+
+MAINTAINER=	anton@urc.ac.ru
+
+WRKSRC=		${WRKDIR}/tac+ia-0.96pre9.3
+
+MANCOMPRESSED=	no
+MAN1=		macct.1 parrot.1
+MAN8=		tac_plus.8
+
+HAS_CONFIGURE=	yes
+
+# Default prefix for config files
+CONFIGURE_ARGS+=	--enable-confpath=${PREFIX}/etc/tac_plus
+# Default prefix for pid files
+CONFIGURE_ARGS+=	--enable-runpath=/var/run
+# Default prefix for log files
+CONFIGURE_ARGS+=	--enable-logpath=/var/log/tac_plus
+#
+CONFIGURE_ARGS+=	--enable-ttysfile=${PREFIX}/etc/tac_plus/ttys
+# This file tac+ will use for accounting records.
+# Can be redefined in config file ('accounting file' directive)
+CONFIGURE_ARGS+=	--enable-acctfile=/var/log/tac_plus/tac_plus.acct
+# If you want to block access for users, which not exist in base
+CONFIGURE_ARGS+=	--enable-db-strict
+#
+CONFIGURE_ARGS+=	--enable-aliasesfile=${PREFIX}/etc/tac_plus/aliases
+# register NAS users on SIGUSR1
+CONFIGURE_ARGS+=	--enable-regnas
+# Support for ACL
+CONFIGURE_ARGS+=	--enable-acl
+#
+CONFIGURE_ARGS+=	--disable-deny
+CONFIGURE_ARGS+=	--disable-cron
+
+post-build:
+	@mv ${WRKSRC}/tac_plus/tac_plus.1 ${WRKSRC}/tac_plus/tac_plus.8
+
+post-install:
+	@if [ ! -f ${PREFIX}/etc/rc.d/tac_plus.sh ]; then \
+		${ECHO} "Installing ${PREFIX}/etc/rc.d/tac_plus.sh startup file."; \
+		${INSTALL_SCRIPT} -m 751 ${FILESDIR}/tac_plus.sh ${PREFIX}/etc/rc.d/tac_plus.sh; \
+	fi
+	${INSTALL_SCRIPT} -m 644 ${WRKSRC}/lib/libutil/ttys ${PREFIX}/etc/tac_plus/ttys.example
+	${INSTALL_SCRIPT} -m 644 ${WRKSRC}/tac_plus/aliases ${PREFIX}/etc/tac_plus/aliases.example
+	${INSTALL_SCRIPT} -m 644 ${WRKSRC}/tac_plus/tac_plus.conf ${PREFIX}/etc/tac_plus/tac_plus.conf.example
+	-@mkdir -p ${PREFIX}/share/doc/tac_plus
+	${INSTALL_SCRIPT} -m 644 ${WRKSRC}/tac_plus/users_guide ${PREFIX}/share/doc/tac_plus/users_guide
+	${INSTALL_SCRIPT} -m 644 ${WRKSRC}/README ${PREFIX}/share/doc/tac_plus/README
+
+.include <bsd.port.mk>

russian/tac+ia/distinfo

@@ -0,0 +1 @@
+MD5 (tac+ia-0.96pre9.3.tar.gz) = be29256121479cc7e4a576684aa2ff42

russian/tac+ia/files/patch-aa

@@ -0,0 +1,22 @@
+--- tac_plus/Makefile.in.orig	Tue Sep  5 16:39:12 2000
++++ tac_plus/Makefile.in	Fri Apr 13 12:41:54 2001
+@@ -42,7 +42,7 @@
+ OBJS = $(SRC:.c=.o)
+ SRCS = $(SRC:%=$(srcdir)/%)
+ 
+-all:	tac_plus generate_passwd tdb @DYN@dynipd
++all:	tac_plus generate_passwd @DYN@tdb dynipd
+ 
+ dynipd: dynipd.o sockread.o allow.o
+ 	$(CC) -o dynipd $(LDFLAGS) dynipd.o sockread.o allow.o @LIBDB@ @LIBNSL@ @LIBSOCKET@ @LIBBIND@
+@@ -81,8 +81,8 @@
+ 
+ install:
+ 	$(INSTALL_PROGRAM) tac_plus $(sbindir)
+-	$(INSTALL_DATA) $(srcdir)/tac_plus.1 $(mandir)/man1
+-	$(INSTALL_PROGRAM) tdb $(sbindir)
++	$(INSTALL_DATA) $(srcdir)/tac_plus.8 $(mandir)/man8
++@DYN@	$(INSTALL_PROGRAM) tdb $(sbindir)
+ @DYN@	$(INSTALL_PROGRAM) dynipd $(sbindir)
+ 
+ depend-gcc:

russian/tac+ia/files/patch-maxsess

@@ -0,0 +1,12 @@
+--- tac_plus/maxsess.c.orig	Mon Sep 25 16:41:35 2000
++++ tac_plus/maxsess.c	Tue Apr 17 01:29:41 2001
+@@ -741,7 +741,8 @@
+     }
+ 
+     /* If it's really too high, don't authorize more services */
+-    if (sess >= maxsess) {
++/*    if (sess >= maxsess) { */
++    if (sess > maxsess) {	/* NAS reports the current attempt as an opened session too */
+ 	char buf[80];
+ 
+ 	sprintf(buf,

russian/tac+ia/files/tac_plus.sh

@@ -0,0 +1,23 @@
+#!/bin/sh
+
+if ! PREFIX=$(expr $0 : "\(/.*\)/etc/rc\.d/$(basename $0)\$"); then
+    echo "$0: Cannot determine the PREFIX" >&2
+    exit 1
+fi
+
+case "$1" in
+start)
+	[ -x ${PREFIX}/sbin/tac_plus -a -f ${PREFIX}/etc/tac_plus/tac_plus.conf ] && ${PREFIX}/sbin/tac_plus -L \
+	&& [ -x ${PREFIX}/sbin/acctd ] && ${PREFIX}/sbin/acctd \
+	&& echo -n ' tac_plus'
+	;;
+stop)
+	killall tac_plus acctd && echo -n ' tac_plus'
+	echo
+	;;
+*)
+	echo "Usage: `basename $0` {start|stop}" >&2
+	;;
+esac
+
+exit 0

russian/tac+ia/pkg-comment

@@ -0,0 +1 @@
+The Cisco remote aaa server (inet-admins edition)

russian/tac+ia/pkg-descr

@@ -0,0 +1,18 @@
+tacacs+ is program that allow authorization and authentication via net on
+remote access servers. Authnticate users, authorize commands and log 
+accounting information.
+
+tac+ia is improved tacacs server based on tac_plus package.
+
+Additional features:
+- improved configuration syntax
+- acls
+- time limits
+- more variable substitutions in configuration file
+- allow/deny lists
+- tty lists
+- host and port aliasing
+- time intervals
+- dynamic ip-address assignment
+- passing uucp connections to uucico without rlogind authentication
+and many other...

russian/tac+ia/pkg-plist

@@ -0,0 +1,27 @@
+etc/rc.d/tac_plus.sh
+etc/tac_plus/tac_plus.conf.example
+etc/tac_plus/ttys.example
+etc/tac_plus/aliases.example
+sbin/acctd
+sbin/killuser
+sbin/lasttac
+sbin/logtac
+sbin/macct
+sbin/tac_plus
+sbin/unlogtac
+sbin/whotac
+share/doc/tac_plus/README
+share/doc/tac_plus/users_guide
+@dirrm etc/tac_plus
+@dirrm share/doc/tac_plus
+@cwd /var/adm
+@exec mkdir /var/adm/tac_plus
+@exec mkdir /var/adm/tac_plus/deny
+@exec mkdir /var/adm/tac_plus/allow
+@exec mkdir /var/adm/tac_plus/parrot
+@dirrm tac_plus/deny
+@dirrm tac_plus/allow
+@dirrm tac_plus/parrot
+@dirrm tac_plus
+@cwd /var/log
+@unexec rmdir %D/tac_plus 2>/dev/null || true