"Using tacacs I found that ckfinger() function from maxsess.c module
returns wrong count of current sessions for users with "maxsess"
parameter established in tac_plus.conf. It happens if Cisco access
server works with IOS v 12.x.
On the other hand ckfinger() works well with IOS v 11.x
Here are patches for both maxsess.c and port's Makefile to fix
this problem (but it is just workaround, ckfinger() should be
fully rewritten)."
From me:
changed variable name by prepending string "TAC_", so that tacacs+
ports variables follow an unique scheme.
Please note: this doesn't compile with the new TAC_IOS_VERSION variable
if you have CFLAGS redefined in /etc/make.conf as:
CFLAGS=-pipe -O (or whatever)
You have to use
CFLAGS+=-pipe -O (or whatever)
Mailed to -developers. Am really not sure, what's the culprit here.
Fact is, that a part of CFLAGS get lost when compiling the port,
if you redefine CFLAGS in /etc/make.conf without the "+" sign ...
I personally removed my CFLAGS define in /etc/make.conf as it
defaults to -pipe -O, which is fine for me.
Submitted by: Sergey E. Levov (serg@informika.ru)
"The tac_plus user guide says that when passwd(5) file is used for user
authentication, the expiry date checks against shell field of password file.
Maybe it is OK for custom passwd files, but not for system password file.
Here is a little patch below which allow the tacacs daemon check
the expiration dates against 'expire' field of FreeBSD's master.passwd file.
It is very useful for me, and may be useful for other FreeBSD&tacacs users."
Submitted by: Sergey Levov <serg@informika.ru>
options `start' and `stop' now (unless I have forgotten any). This allows
us to call the scripts from /etc/rc.shutdown with the correct option.
The (42 or so) ports that already DTRT before are unchanged.
Taken from tasic@planka.carrier.kiev.ua
+ some modifications by me
(style, patch additions to compile cleanly, pkg/*)
added convert utility to port/package to enable people
to do migrations, if needed, see the docu for details.
PR: 13716
Submitted by: tasic@planka.carrier.kiev.ua
Port was o.k. to get tacacs up and running using a Cisco router and
I really missed it.
- Added me as maintainer of the port
- Moved sources to my homepage download area
- Compressed sources using bzip2
- Removed some not needed variables in Makefile
- Committed with new nd5 checksum
tac_plus provides Cisco systems routers and access servers
with authentication, authorisation and accounting services.
A configuration file controls the details of authentication,
authorisation and accounting.
PR: 2869
Submitted by: Igor Vinokurov<igor@zynaps.ru>
Note: Although there is no terms and conditions on redistribution found,
the author says there is no restriction. (This is stated in more
recent alpha version.) The only concern is the U.S. Export restriction,
but Cisco has been granted with the right to export their software,
according to the author. And also I haven't been able to find any
implementation that may violate the export control in the source code,
either. So, I import this without any RESTRICTED or NO_CDROM defined.