Date: Tue, 13 Aug 2019 18:49:10 +0000 (UTC) From: Kurt Jaeger <pi@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r508845 - in head/net: . tacacs tacacs/files Message-ID: <201908131849.x7DInAvs030377@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: pi Date: Tue Aug 13 18:49:10 2019 New Revision: 508845 URL: https://svnweb.freebsd.org/changeset/ports/508845 Log: New port: net/tacacs tac_plus is a TACACS+ daemon. It provides Cisco Systems routers and access servers with authentication, authorisation and accounting services. This version is a major rewrite of the original Cisco source code. Key features include: - NAS specific host keys, prompts, enable passwords - NAS- and ACL-dependent group memberships - Flexible external backends for user profiles (e.g. via PERL scripts or C; LDAP (including ActiveDirectory), RADIUS and others are included ) - Connection multiplexing (multiple concurrent NAS clients per process) - Session multiplexing - Scalable, no limit on users, clients or servers - CLI context aware. At the time of writing this, no other TACACS+ daemon is. - Both IPv4 and IPv6 are fully supported. - Compliant to latest TACACS+ protocol specification (draft 1.78) WWW: http://www.pro-bono-publico.de/projects/tac_plus.html PR: 239755 Submitted by: akuz84@gmail.com Added: head/net/tacacs/ head/net/tacacs/Makefile (contents, props changed) head/net/tacacs/distinfo (contents, props changed) head/net/tacacs/files/ head/net/tacacs/files/tac_plus.in (contents, props changed) head/net/tacacs/pkg-descr (contents, props changed) head/net/tacacs/pkg-message (contents, props changed) head/net/tacacs/pkg-plist (contents, props changed) Modified: head/net/Makefile Modified: head/net/Makefile ============================================================================== --- head/net/Makefile Tue Aug 13 18:25:33 2019 (r508844) +++ head/net/Makefile Tue Aug 13 18:49:10 2019 (r508845) @@ -1407,6 +1407,7 @@ SUBDIR += syncthing SUBDIR += tableutil SUBDIR += tac_plus4 + SUBDIR += tacacs SUBDIR += tapidbus SUBDIR += tayga SUBDIR += tclsoap Added: head/net/tacacs/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/tacacs/Makefile Tue Aug 13 18:49:10 2019 (r508845) @@ -0,0 +1,65 @@ +# $FreeBSD$ + +PORTNAME= tacacs +PORTVERSION= 201906100936 +CATEGORIES= net +MASTER_SITES= http://www.pro-bono-publico.de/projects/src/ + +MAINTAINER= akuz84@gmail.com +COMMENT= This is a TACACS+ daemon from pro-bono + +LICENSE= BSD3CLAUSE + +USES= gmake perl5 ssl shebangfix + +WRKSRC= ${WRKDIR}/PROJECTS + +CONFLICTS= tac_plus4 + +HAS_CONFIGURE= yes + +CONFIGURE_ARGS= --with-ssl \ + --with-zlib \ + --libdir=${LOCALBASE}/lib \ + --installroot=${STAGEDIR} mavis spawnd mavisd tac_plus + +USE_LDCONFIG= yes + +OPTIONS_DEFINE= CURL FREERADIUS SCTP PCRE +OPTIONS_DEFAULT= SCTP + +MAKE_JOBS_UNSAFE=yes + +SCTP_DESC= SCTP support +SCTP_CONFIGURE_WITH= sctp + +PCRE_DESC= PCRE support +PCRE_LIB_DEPENDS= libpcre.so:devel/pcre +PCRE_CONFIGURE_ON= --with-pcre-lib=${LOCALBASE}/lib +PCRE_CONFIGURE_OFF= + +CURL_DESC= Curl support +CURL_LIB_DEPENDS= libcurl.so:ftp/curl +CURL_CONFIGURE_ON= --with-curl-lib=${LOCALBASE}/lib +CURL_CONFIGURE_OFF= + +FREERADIUS_DESC= Freeradius support +FREERADIUS_LIB_DEPENDS= libfreeradius-radius.so:net/freeradius3 +FREERADIUS_CONFIGURE_ON= --with-pcre-lib=${LOCALBASE}/lib +FREERADIUS_CONFIGURE_OFF= + +USERS= tacacs +GROUPS= tacacs + +WRKSRC= ${WRKDIR}/PROJECTS + +SHEBANG_FILES= tac_plus/sample/tac_plus.cfg + +USE_RC_SUBR?= tac_plus + +post-build: + @${REINPLACE_CMD} -e '1d' ${WRKSRC}/tac_plus/sample/tac_plus.cfg + +post-install: + +.include <bsd.port.mk> Added: head/net/tacacs/distinfo ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/tacacs/distinfo Tue Aug 13 18:49:10 2019 (r508845) @@ -0,0 +1,3 @@ +TIMESTAMP = 1563548166 +SHA256 (tacacs-201906100936.tar.gz) = 5d0d6a12b84ec40d4b53e798076fcef338eecc8495e459146966dc34d0ea2d3b +SIZE (tacacs-201906100936.tar.gz) = 3107300 Added: head/net/tacacs/files/tac_plus.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/tacacs/files/tac_plus.in Tue Aug 13 18:49:10 2019 (r508845) @@ -0,0 +1,83 @@ +#!/bin/sh +# +# PROVIDE: tac_plus +# REQUIRE: DAEMON +# +# Add the following line to /etc/rc.conf to enable the TACACS+ daemon: +# +# tac_plus_enable (bool): Set to "NO" by default +# Set it to "YES" to enable tac_plus +# tac_plus_flags (str): Set to "" by default +# Extra flags to be passed to start command +# tac_plus_configfile (str): Set to "/usr/local/etc/tac_plus.conf" by default +# Allows you to specify a different config file for +# the tac_plus daemon + +. /etc/rc.subr + +name=tac_plus +rcvar=tac_plus_enable + +command="/usr/local/sbin/tac_plus" +pidfile="/var/run/${name}.pid" +tac_plus_enable=${tac_plus_enable:-"NO"} +tac_plus_flags=${tac_plus_flags:-"-b"} +tac_plus_configfile=${tac_plus_configfile:-"/usr/local/etc/tac_plus.conf"} + +load_rc_config ${name} + +if [ -n "$2" ]; then + profile="$2" + if [ "x${tac_plus_profiles}" != "x" ]; then + eval tac_plus_configfile="\${tac_plus_${profile}_configfile:-}" + if [ "x${tac_plus_configfile}" = "x" ]; then + echo "You must define a configuration file (tac_plus_${profile}_configfile)" + exit 1 + fi + required_files="${tac_plus_configfile}" + eval tac_plus_enable="\${tac_plus_${profile}_enable:-${tac_plus_enable}}" + eval tac_plus_flags="\${tac_plus_${profile}_flags:-${tac_plus_flags}}" + eval tac_plus_port="\${tac_plus_${profile}_port:-}" + eval tac_plus_ip="\${tac_plus_${profile}_ip:-}" + else + echo "$0: extra argument ignored" + fi +else + if [ "x${tac_plus_profiles}" != "x" -a "x$1" != "x" ]; then + for profile in ${tac_plus_profiles}; do + eval _enable="\${tac_plus_${profile}_enable}" + case "x${_enable:-${tac_plus_enable}}" in + x|x[Nn][Oo]|x[Nn][Oo][Nn][Ee]) + continue + ;; + x[Yy][Ee][Ss]) + + ;; + *) + if test -z "$_enable"; then + _var=tac_plus_enable + else + _var=tac_plus_"${profile}"_enable + fi + echo "Bad value "\ + "'${_enable:-${tac_plus_enable}}' "\ + "for ${_var}. "\ + "Profile ${profile} skipped." + continue + esac + echo "====> tac_plus profile: ${profile}" + /usr/local/etc/rc.d/tac_plus $1 ${profile} + retcode="$?" + if [ "0${retcode}" -ne 0 ]; then + failed="${profile} (${retcode}) ${failed:-}" + else + success="${profile} ${success:-}" + fi + done + exit 0 + fi +fi + +tac_plus_flags="${tac_plus_flags} -p ${pidfile} ${tac_plus_configfile}" + +run_rc_command "$1" Added: head/net/tacacs/pkg-descr ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/tacacs/pkg-descr Tue Aug 13 18:49:10 2019 (r508845) @@ -0,0 +1,17 @@ +tac_plus is a TACACS+ daemon. It provides Cisco Systems routers and +access servers with authentication, authorisation and accounting services. + +This version is a major rewrite of the original Cisco source code. +Key features include: +- NAS specific host keys, prompts, enable passwords +- NAS- and ACL-dependent group memberships +- Flexible external backends for user profiles (e.g. via PERL scripts or C; + LDAP (including ActiveDirectory), RADIUS and others are included ) +- Connection multiplexing (multiple concurrent NAS clients per process) +- Session multiplexing +- Scalable, no limit on users, clients or servers +- CLI context aware. At the time of writing this, no other TACACS+ daemon is. +- Both IPv4 and IPv6 are fully supported. +- Compliant to latest TACACS+ protocol specification (draft 1.78) + +WWW: http://www.pro-bono-publico.de/projects/tac_plus.html Added: head/net/tacacs/pkg-message ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/tacacs/pkg-message Tue Aug 13 18:49:10 2019 (r508845) @@ -0,0 +1,13 @@ +To run tac_plus at startup, add the following line to rc.conf: + + tac_plus_enable="YES" + +Extra options can be foud in the startup script. + +The code written by Marc Huber is distributed under the following license: +Copyright (C) 1999-2015 Marc Huber (<Marc.Huber@web.de>). All rights reserved. +Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: +- Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. +- Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. +- The end-user documentation included with the redistribution, if any, must include the following acknowledgment: + This product includes software developed by Marc Huber (<Marc.Huber@web.de>). Added: head/net/tacacs/pkg-plist ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/tacacs/pkg-plist Tue Aug 13 18:49:10 2019 (r508845) @@ -0,0 +1,129 @@ +@dir etc/mavis +@dir etc/mavis/sample +@dir lib/mavis +@dir lib/mavis/extra +@dir share/mavis +@dir share/mavis/railroad +@dir share/mavis/railroad/mavis +@dir share/mavis/railroad/tac_plus +@dir share/mavis/railroad/spawnd +@dir share/mavis/railroad/mavisd +etc/mavis/sample/tac_plus.cfg +bin/mavistest +lib/libmavis.so.0.1 +lib/libmavis.so.0 +lib/libmavis.so +lib/mavis/libmavis_userdb.so +lib/mavis/libmavis_remote.so +lib/mavis/libmavis_system.so +lib/mavis/mavis_tacplus_ldap.pl +lib/mavis/mavis_tacplus_ldap_authonly.pl +lib/mavis/Mavis.pm +lib/mavis/mavis_tacplus_sms.pl +lib/mavis/mavis_tacplus_radius.pl +lib/mavis/mavis_tacplus_opie.pl +lib/mavis/libmavis_asciiftp.so +lib/mavis/libmavis_pam.so +lib/mavis/libmavis_auth.so +lib/mavis/libmavis_tee.so +lib/mavis/libmavis_groups.so +lib/mavis/libmavis_external.so +lib/mavis/libmavis_anonftp.so +lib/mavis/extra/tacacs.schema +lib/mavis/extra/tacacs_schema.ldif +lib/mavis/extra/tacacs.schema-fedora-ds +lib/mavis/libmavis_null.so +lib/mavis/libmavis_limit.so +lib/mavis/mavis_tacplus_shadow.pl +lib/mavis/libmavis_cache.so +lib/mavis/mavis_ldap_authonly.pl +lib/mavis/libmavis_log.so +lib/mavis/mavis_tacplus_ads.pl +lib/mavis/mavis_tacplus_passwd.pl +lib/mavis/mavis_ftp_passwd.pl +sbin/mavisd +sbin/spawnd +sbin/tac_plus +sbin/pammavis +share/mavis/ftpd.txt +share/mavis/tac_plus.pdf +share/mavis/tac_plus.html +share/mavis/railroad/mavis/TimespecDecl.gif +share/mavis/railroad/mavis/AuthConf.gif +share/mavis/railroad/mavis/LimitConf.gif +share/mavis/railroad/mavis/ASCIIftpConf.gif +share/mavis/railroad/mavis/UserDBConf.gif +share/mavis/railroad/mavis/CIDR.gif +share/mavis/railroad/mavis/CacheConf.gif +share/mavis/railroad/mavis/PAMConf.gif +share/mavis/railroad/mavis/SystemConf.gif +share/mavis/railroad/mavis/AnonftpConf.gif +share/mavis/railroad/mavis/MavisScript.gif +share/mavis/railroad/mavis/MavisDecl.gif +share/mavis/railroad/mavis/MavisAction.gif +share/mavis/railroad/mavis/ExternalConf.gif +share/mavis/railroad/mavis/TeeConf.gif +share/mavis/railroad/mavis/MavisCond.gif +share/mavis/railroad/mavis/RemoteConf.gif +share/mavis/railroad/tac_plus/GroupAttr.gif +share/mavis/railroad/tac_plus/TacAction.gif +share/mavis/railroad/tac_plus/ShellCommandDecl.gif +share/mavis/railroad/tac_plus/TacScript.gif +share/mavis/railroad/tac_plus/PasswordExpr.gif +share/mavis/railroad/tac_plus/PasswordExprHash.gif +share/mavis/railroad/tac_plus/TacCond.gif +share/mavis/railroad/tac_plus/GroupOnlyAttr.gif +share/mavis/railroad/tac_plus/Acl.gif +share/mavis/railroad/tac_plus/ACLDecl.gif +share/mavis/railroad/tac_plus/TimespecDecl.gif +share/mavis/railroad/tac_plus/GroupDecl.gif +share/mavis/railroad/tac_plus/Debug.gif +share/mavis/railroad/tac_plus/ACLExpr.gif +share/mavis/railroad/tac_plus/UserMessage.gif +share/mavis/railroad/tac_plus/AVPair.gif +share/mavis/railroad/tac_plus/GlobalDecl.gif +share/mavis/railroad/tac_plus/ProtoDefault.gif +share/mavis/railroad/tac_plus/ServiceDecl.gif +share/mavis/railroad/tac_plus/ShellDecl.gif +share/mavis/railroad/tac_plus/HostAttr.gif +share/mavis/railroad/tac_plus/UserAttr.gif +share/mavis/railroad/tac_plus/CmdDefault.gif +share/mavis/railroad/tac_plus/RealmAttr.gif +share/mavis/railroad/tac_plus/UserDecl.gif +share/mavis/railroad/tac_plus/AttrDefault.gif +share/mavis/railroad/tac_plus/RealmAttrAuthen.gif +share/mavis/railroad/tac_plus/EnableExpr.gif +share/mavis/railroad/tac_plus/RealmDecl.gif +share/mavis/railroad/tac_plus/CIDR.gif +share/mavis/railroad/tac_plus/ShellAttr.gif +share/mavis/railroad/tac_plus/ServiceAttr.gif +share/mavis/railroad/tac_plus/ProtoDecl.gif +share/mavis/railroad/tac_plus/TacplusConfig.gif +share/mavis/railroad/tac_plus/HostDecl.gif +share/mavis/railroad/spawnd/AclDecl.gif +share/mavis/railroad/spawnd/Debug.gif +share/mavis/railroad/spawnd/MiscDecl.gif +share/mavis/railroad/spawnd/ChildDecl.gif +share/mavis/railroad/spawnd/ListenDecl.gif +share/mavis/railroad/spawnd/Config.gif +share/mavis/railroad/spawnd/SpawndConfig.gif +share/mavis/railroad/spawnd/CIDR.gif +share/mavis/railroad/spawnd/SyslogDecl.gif +share/mavis/railroad/mavisd/SyslogDecl.gif +share/mavis/railroad/mavisd/CIDR.gif +share/mavis/railroad/mavisd/Config.gif +share/mavis/spawnd.pdf +share/mavis/tcprelay.html +share/mavis/spawnd.html +share/mavis/tcprelay.pdf +share/mavis/mavis.html +share/mavis/ftpd.html +share/mavis/mavisd.txt +share/mavis/mavis.pdf +share/mavis/tac_plus.txt +share/mavis/ftpd.pdf +share/mavis/spawnd.txt +share/mavis/tcprelay.txt +share/mavis/mavisd.html +share/mavis/mavisd.pdf +share/mavis/mavis.txt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201908131849.x7DInAvs030377>