[tac_plus] Re: question about tac_plus
Ian Batterbee
ibatterb at gmail.com
Thu Oct 30 00:58:07 UTC 2008
Ahhh, thanks, I seem to be missing that man page, although the one for
tac_plus itself exists. The Makefile only installs tac_plus.1. The version
we have running is F4.0.4.alpha - perhaps that's my problem.. although I
believe we have to use this version as it was modified some time ago to
kludge an issue the company had with some device back then.
Thanks also for the 'after authorization' suggestion - I take it that if the
script returns 1 to tac_plus tac_plus will fail the authorization request ?
On Thu, Oct 30, 2008 at 1:39 PM, Jesse Zbikowski <embeddedlinuxguy at gmail.com
> wrote:
> On Tue, Oct 28, 2008 at 8:18 PM, Ian Batterbee <ibatterb at gmail.com> wrote:
> > I'm still a bit confused about the configuration
> > file syntax. Is there a reference for it somewhere I can read ?
>
> Please see "man 5 tac_plus.conf". Here is some example server side
> configuration. You will have to process the A/V pairs on the client
> to make use of the custom "usergroup" attribute.
>
> # tac_plus.conf
> user = tryme {
> pap = cleartext tryme
> service=ppp protocol=users {}
> after authorization "/usr/local/tac/postauth $user"
> }
>
> # /usr/local/tac/postauth
>
> #!/usr/bin/perl
> my $user = shift @ARGV;
> while (<STDIN>) {
> print; # pass A/V pairs from tac_plus
> }
> if ($user eq 'tryme') {
> print "usergroup=administrator\n"; # new A/V pair
> exit 2; # send A/V pairs to client
> } else {
> exit 1; # fail
> }
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/tac_plus/attachments/20081030/f4235f11/attachment.html
More information about the tac_plus
mailing list