Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 13 Aug 2019 18:49:10 +0000 (UTC)
From:      Kurt Jaeger <pi@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r508845 - in head/net: . tacacs tacacs/files
Message-ID:  <201908131849.x7DInAvs030377@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: pi
Date: Tue Aug 13 18:49:10 2019
New Revision: 508845
URL: https://svnweb.freebsd.org/changeset/ports/508845

Log:
  New port: net/tacacs
  
  tac_plus is a TACACS+ daemon. It provides Cisco Systems routers and
  access servers with authentication, authorisation and accounting services.
  
  This version is a major rewrite of the original Cisco source code.
  Key features include:
  - NAS specific host keys, prompts, enable passwords
  - NAS- and ACL-dependent group memberships
  - Flexible external backends for user profiles (e.g. via PERL scripts or C;
    LDAP (including ActiveDirectory), RADIUS and others are included )
  - Connection multiplexing (multiple concurrent NAS clients per process)
  - Session multiplexing
  - Scalable, no limit on users, clients or servers
  - CLI context aware. At the time of writing this, no other TACACS+ daemon is.
  - Both IPv4 and IPv6 are fully supported.
  - Compliant to latest TACACS+ protocol specification (draft 1.78)
  
  WWW: http://www.pro-bono-publico.de/projects/tac_plus.html
  
  PR:		239755
  Submitted by:	akuz84@gmail.com

Added:
  head/net/tacacs/
  head/net/tacacs/Makefile   (contents, props changed)
  head/net/tacacs/distinfo   (contents, props changed)
  head/net/tacacs/files/
  head/net/tacacs/files/tac_plus.in   (contents, props changed)
  head/net/tacacs/pkg-descr   (contents, props changed)
  head/net/tacacs/pkg-message   (contents, props changed)
  head/net/tacacs/pkg-plist   (contents, props changed)
Modified:
  head/net/Makefile

Modified: head/net/Makefile
==============================================================================
--- head/net/Makefile	Tue Aug 13 18:25:33 2019	(r508844)
+++ head/net/Makefile	Tue Aug 13 18:49:10 2019	(r508845)
@@ -1407,6 +1407,7 @@
     SUBDIR += syncthing
     SUBDIR += tableutil
     SUBDIR += tac_plus4
+    SUBDIR += tacacs
     SUBDIR += tapidbus
     SUBDIR += tayga
     SUBDIR += tclsoap

Added: head/net/tacacs/Makefile
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/tacacs/Makefile	Tue Aug 13 18:49:10 2019	(r508845)
@@ -0,0 +1,65 @@
+# $FreeBSD$
+
+PORTNAME=	tacacs
+PORTVERSION=	201906100936
+CATEGORIES=	net
+MASTER_SITES=	http://www.pro-bono-publico.de/projects/src/
+
+MAINTAINER=	akuz84@gmail.com
+COMMENT=	This is a TACACS+ daemon from pro-bono
+
+LICENSE=	BSD3CLAUSE
+
+USES=		gmake perl5 ssl shebangfix
+
+WRKSRC=		${WRKDIR}/PROJECTS
+
+CONFLICTS=	tac_plus4
+
+HAS_CONFIGURE=	yes
+
+CONFIGURE_ARGS=	--with-ssl \
+		--with-zlib \
+		--libdir=${LOCALBASE}/lib \
+		--installroot=${STAGEDIR} mavis spawnd mavisd tac_plus
+
+USE_LDCONFIG=			yes
+
+OPTIONS_DEFINE=			CURL FREERADIUS SCTP PCRE
+OPTIONS_DEFAULT=		SCTP
+
+MAKE_JOBS_UNSAFE=yes
+
+SCTP_DESC=			SCTP support
+SCTP_CONFIGURE_WITH=		sctp
+
+PCRE_DESC=			PCRE support
+PCRE_LIB_DEPENDS=		libpcre.so:devel/pcre
+PCRE_CONFIGURE_ON=		--with-pcre-lib=${LOCALBASE}/lib
+PCRE_CONFIGURE_OFF=
+
+CURL_DESC=			Curl support
+CURL_LIB_DEPENDS=		libcurl.so:ftp/curl
+CURL_CONFIGURE_ON=		--with-curl-lib=${LOCALBASE}/lib
+CURL_CONFIGURE_OFF=
+
+FREERADIUS_DESC=		Freeradius support
+FREERADIUS_LIB_DEPENDS=		libfreeradius-radius.so:net/freeradius3
+FREERADIUS_CONFIGURE_ON=	--with-pcre-lib=${LOCALBASE}/lib
+FREERADIUS_CONFIGURE_OFF=
+
+USERS=		tacacs
+GROUPS=		tacacs
+
+WRKSRC=		${WRKDIR}/PROJECTS
+
+SHEBANG_FILES=	tac_plus/sample/tac_plus.cfg
+
+USE_RC_SUBR?=	tac_plus
+
+post-build:
+	@${REINPLACE_CMD} -e '1d' ${WRKSRC}/tac_plus/sample/tac_plus.cfg
+
+post-install:
+
+.include <bsd.port.mk>

Added: head/net/tacacs/distinfo
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/tacacs/distinfo	Tue Aug 13 18:49:10 2019	(r508845)
@@ -0,0 +1,3 @@
+TIMESTAMP = 1563548166
+SHA256 (tacacs-201906100936.tar.gz) = 5d0d6a12b84ec40d4b53e798076fcef338eecc8495e459146966dc34d0ea2d3b
+SIZE (tacacs-201906100936.tar.gz) = 3107300

Added: head/net/tacacs/files/tac_plus.in
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/tacacs/files/tac_plus.in	Tue Aug 13 18:49:10 2019	(r508845)
@@ -0,0 +1,83 @@
+#!/bin/sh
+#
+# PROVIDE: tac_plus
+# REQUIRE: DAEMON
+#
+# Add the following line to /etc/rc.conf to enable the TACACS+ daemon:
+#
+# tac_plus_enable (bool):    Set to "NO" by default
+#    Set it to "YES" to enable tac_plus
+# tac_plus_flags (str):      Set to "" by default
+#    Extra flags to be passed to start command
+# tac_plus_configfile (str): Set to "/usr/local/etc/tac_plus.conf" by default
+#    Allows you to specify a different config file for
+#    the tac_plus daemon
+
+. /etc/rc.subr
+
+name=tac_plus
+rcvar=tac_plus_enable
+
+command="/usr/local/sbin/tac_plus"
+pidfile="/var/run/${name}.pid"
+tac_plus_enable=${tac_plus_enable:-"NO"}
+tac_plus_flags=${tac_plus_flags:-"-b"}
+tac_plus_configfile=${tac_plus_configfile:-"/usr/local/etc/tac_plus.conf"}
+
+load_rc_config ${name}
+
+if [ -n "$2" ]; then
+    profile="$2"
+    if [ "x${tac_plus_profiles}" != "x" ]; then
+	eval tac_plus_configfile="\${tac_plus_${profile}_configfile:-}"
+	if [ "x${tac_plus_configfile}" = "x" ]; then
+	    echo "You must define a configuration file (tac_plus_${profile}_configfile)"
+	    exit 1
+	fi
+	required_files="${tac_plus_configfile}"
+	eval tac_plus_enable="\${tac_plus_${profile}_enable:-${tac_plus_enable}}"
+	eval tac_plus_flags="\${tac_plus_${profile}_flags:-${tac_plus_flags}}"
+	eval tac_plus_port="\${tac_plus_${profile}_port:-}"
+	eval tac_plus_ip="\${tac_plus_${profile}_ip:-}"
+    else
+	echo "$0: extra argument ignored"
+    fi
+else
+    if [ "x${tac_plus_profiles}" != "x" -a "x$1" != "x" ]; then
+	for profile in ${tac_plus_profiles}; do
+	    eval _enable="\${tac_plus_${profile}_enable}"
+	    case "x${_enable:-${tac_plus_enable}}" in
+		x|x[Nn][Oo]|x[Nn][Oo][Nn][Ee])
+			continue
+			;;
+		x[Yy][Ee][Ss])
+
+			;;
+		*)
+			if test -z "$_enable"; then
+			    _var=tac_plus_enable
+			else
+			    _var=tac_plus_"${profile}"_enable
+			fi
+			echo "Bad value "\
+				"'${_enable:-${tac_plus_enable}}' "\
+				"for ${_var}.  "\
+				"Profile ${profile} skipped."
+			continue
+	    esac
+	    echo "====> tac_plus profile: ${profile}"
+	    /usr/local/etc/rc.d/tac_plus $1 ${profile}
+	    retcode="$?"
+	    if [ "0${retcode}" -ne 0 ]; then
+	        failed="${profile} (${retcode}) ${failed:-}"
+	    else
+	        success="${profile} ${success:-}"
+	    fi
+	done
+	exit 0
+    fi
+fi
+
+tac_plus_flags="${tac_plus_flags} -p ${pidfile} ${tac_plus_configfile}"
+
+run_rc_command "$1"

Added: head/net/tacacs/pkg-descr
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/tacacs/pkg-descr	Tue Aug 13 18:49:10 2019	(r508845)
@@ -0,0 +1,17 @@
+tac_plus is a TACACS+ daemon. It provides Cisco Systems routers and
+access servers with authentication, authorisation and accounting services.
+
+This version is a major rewrite of the original Cisco source code.
+Key features include:
+- NAS specific host keys, prompts, enable passwords
+- NAS- and ACL-dependent group memberships
+- Flexible external backends for user profiles (e.g. via PERL scripts or C;
+ LDAP (including ActiveDirectory), RADIUS and others are included )
+- Connection multiplexing (multiple concurrent NAS clients per process)
+- Session multiplexing
+- Scalable, no limit on users, clients or servers
+- CLI context aware. At the time of writing this, no other TACACS+ daemon is.
+- Both IPv4 and IPv6 are fully supported.
+- Compliant to latest TACACS+ protocol specification (draft 1.78)
+
+WWW: http://www.pro-bono-publico.de/projects/tac_plus.html

Added: head/net/tacacs/pkg-message
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/tacacs/pkg-message	Tue Aug 13 18:49:10 2019	(r508845)
@@ -0,0 +1,13 @@
+To run tac_plus at startup, add the following line to rc.conf:
+
+	tac_plus_enable="YES"
+
+Extra options can be foud in the startup script.
+
+The code written by Marc Huber is distributed under the following license:
+Copyright (C) 1999-2015 Marc Huber (<Marc.Huber@web.de>). All rights reserved.
+Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
+- Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
+- Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
+- The end-user documentation included with the redistribution, if any, must include the following acknowledgment:
+	This product includes software developed by Marc Huber (<Marc.Huber@web.de>).

Added: head/net/tacacs/pkg-plist
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/tacacs/pkg-plist	Tue Aug 13 18:49:10 2019	(r508845)
@@ -0,0 +1,129 @@
+@dir etc/mavis
+@dir etc/mavis/sample
+@dir lib/mavis
+@dir lib/mavis/extra
+@dir share/mavis
+@dir share/mavis/railroad
+@dir share/mavis/railroad/mavis
+@dir share/mavis/railroad/tac_plus
+@dir share/mavis/railroad/spawnd
+@dir share/mavis/railroad/mavisd
+etc/mavis/sample/tac_plus.cfg
+bin/mavistest
+lib/libmavis.so.0.1
+lib/libmavis.so.0
+lib/libmavis.so
+lib/mavis/libmavis_userdb.so
+lib/mavis/libmavis_remote.so
+lib/mavis/libmavis_system.so
+lib/mavis/mavis_tacplus_ldap.pl
+lib/mavis/mavis_tacplus_ldap_authonly.pl
+lib/mavis/Mavis.pm
+lib/mavis/mavis_tacplus_sms.pl
+lib/mavis/mavis_tacplus_radius.pl
+lib/mavis/mavis_tacplus_opie.pl
+lib/mavis/libmavis_asciiftp.so
+lib/mavis/libmavis_pam.so
+lib/mavis/libmavis_auth.so
+lib/mavis/libmavis_tee.so
+lib/mavis/libmavis_groups.so
+lib/mavis/libmavis_external.so
+lib/mavis/libmavis_anonftp.so
+lib/mavis/extra/tacacs.schema
+lib/mavis/extra/tacacs_schema.ldif
+lib/mavis/extra/tacacs.schema-fedora-ds
+lib/mavis/libmavis_null.so
+lib/mavis/libmavis_limit.so
+lib/mavis/mavis_tacplus_shadow.pl
+lib/mavis/libmavis_cache.so
+lib/mavis/mavis_ldap_authonly.pl
+lib/mavis/libmavis_log.so
+lib/mavis/mavis_tacplus_ads.pl
+lib/mavis/mavis_tacplus_passwd.pl
+lib/mavis/mavis_ftp_passwd.pl
+sbin/mavisd
+sbin/spawnd
+sbin/tac_plus
+sbin/pammavis
+share/mavis/ftpd.txt
+share/mavis/tac_plus.pdf
+share/mavis/tac_plus.html
+share/mavis/railroad/mavis/TimespecDecl.gif
+share/mavis/railroad/mavis/AuthConf.gif
+share/mavis/railroad/mavis/LimitConf.gif
+share/mavis/railroad/mavis/ASCIIftpConf.gif
+share/mavis/railroad/mavis/UserDBConf.gif
+share/mavis/railroad/mavis/CIDR.gif
+share/mavis/railroad/mavis/CacheConf.gif
+share/mavis/railroad/mavis/PAMConf.gif
+share/mavis/railroad/mavis/SystemConf.gif
+share/mavis/railroad/mavis/AnonftpConf.gif
+share/mavis/railroad/mavis/MavisScript.gif
+share/mavis/railroad/mavis/MavisDecl.gif
+share/mavis/railroad/mavis/MavisAction.gif
+share/mavis/railroad/mavis/ExternalConf.gif
+share/mavis/railroad/mavis/TeeConf.gif
+share/mavis/railroad/mavis/MavisCond.gif
+share/mavis/railroad/mavis/RemoteConf.gif
+share/mavis/railroad/tac_plus/GroupAttr.gif
+share/mavis/railroad/tac_plus/TacAction.gif
+share/mavis/railroad/tac_plus/ShellCommandDecl.gif
+share/mavis/railroad/tac_plus/TacScript.gif
+share/mavis/railroad/tac_plus/PasswordExpr.gif
+share/mavis/railroad/tac_plus/PasswordExprHash.gif
+share/mavis/railroad/tac_plus/TacCond.gif
+share/mavis/railroad/tac_plus/GroupOnlyAttr.gif
+share/mavis/railroad/tac_plus/Acl.gif
+share/mavis/railroad/tac_plus/ACLDecl.gif
+share/mavis/railroad/tac_plus/TimespecDecl.gif
+share/mavis/railroad/tac_plus/GroupDecl.gif
+share/mavis/railroad/tac_plus/Debug.gif
+share/mavis/railroad/tac_plus/ACLExpr.gif
+share/mavis/railroad/tac_plus/UserMessage.gif
+share/mavis/railroad/tac_plus/AVPair.gif
+share/mavis/railroad/tac_plus/GlobalDecl.gif
+share/mavis/railroad/tac_plus/ProtoDefault.gif
+share/mavis/railroad/tac_plus/ServiceDecl.gif
+share/mavis/railroad/tac_plus/ShellDecl.gif
+share/mavis/railroad/tac_plus/HostAttr.gif
+share/mavis/railroad/tac_plus/UserAttr.gif
+share/mavis/railroad/tac_plus/CmdDefault.gif
+share/mavis/railroad/tac_plus/RealmAttr.gif
+share/mavis/railroad/tac_plus/UserDecl.gif
+share/mavis/railroad/tac_plus/AttrDefault.gif
+share/mavis/railroad/tac_plus/RealmAttrAuthen.gif
+share/mavis/railroad/tac_plus/EnableExpr.gif
+share/mavis/railroad/tac_plus/RealmDecl.gif
+share/mavis/railroad/tac_plus/CIDR.gif
+share/mavis/railroad/tac_plus/ShellAttr.gif
+share/mavis/railroad/tac_plus/ServiceAttr.gif
+share/mavis/railroad/tac_plus/ProtoDecl.gif
+share/mavis/railroad/tac_plus/TacplusConfig.gif
+share/mavis/railroad/tac_plus/HostDecl.gif
+share/mavis/railroad/spawnd/AclDecl.gif
+share/mavis/railroad/spawnd/Debug.gif
+share/mavis/railroad/spawnd/MiscDecl.gif
+share/mavis/railroad/spawnd/ChildDecl.gif
+share/mavis/railroad/spawnd/ListenDecl.gif
+share/mavis/railroad/spawnd/Config.gif
+share/mavis/railroad/spawnd/SpawndConfig.gif
+share/mavis/railroad/spawnd/CIDR.gif
+share/mavis/railroad/spawnd/SyslogDecl.gif
+share/mavis/railroad/mavisd/SyslogDecl.gif
+share/mavis/railroad/mavisd/CIDR.gif
+share/mavis/railroad/mavisd/Config.gif
+share/mavis/spawnd.pdf
+share/mavis/tcprelay.html
+share/mavis/spawnd.html
+share/mavis/tcprelay.pdf
+share/mavis/mavis.html
+share/mavis/ftpd.html
+share/mavis/mavisd.txt
+share/mavis/mavis.pdf
+share/mavis/tac_plus.txt
+share/mavis/ftpd.pdf
+share/mavis/spawnd.txt
+share/mavis/tcprelay.txt
+share/mavis/mavisd.html
+share/mavis/mavisd.pdf
+share/mavis/mavis.txt



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201908131849.x7DInAvs030377>