OpenPKG CVS Repository http://cvs.openpkg.org/ ____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall Root: /e/openpkg/cvs Email: [EMAIL PROTECTED] Module: openpkg-src openpkg-web openpkg$ Date: 24-Oct-2003 17:36:03 Branch: HEAD Handle: 2003102416360002 Added files: openpkg-re/vcheck vc.tacacs openpkg-src/tacacs fsl.tacacs rc.tacacs tacacs.patch tacacs.patch.radius tacacs.spec Modified files: openpkg-web news.txt Log: new package: tacacs 4.4b2 (TACACS+ Server) Summary: Revision Changes Path 1.1 +11 -0 openpkg-re/vcheck/vc.tacacs 1.1 +16 -0 openpkg-src/tacacs/fsl.tacacs 1.1 +54 -0 openpkg-src/tacacs/rc.tacacs 1.1 +70 -0 openpkg-src/tacacs/tacacs.patch 1.1 +309 -0 openpkg-src/tacacs/tacacs.patch.radius 1.1 +226 -0 openpkg-src/tacacs/tacacs.spec 1.7157 +1 -0 openpkg-web/news.txt ____________________________________________________________________________ patch -p0 <<'@@ .' Index: openpkg-re/vcheck/vc.tacacs ============================================================================ $ cvs diff -u -r0 -r1.1 vc.tacacs --- /dev/null 2003-10-24 17:36:00.000000000 +0200 +++ vc.tacacs 2003-10-24 17:36:01.000000000 +0200 @@ -0,0 +1,11 @@ +config = { +} + +prog tacacs = { + disabled + comment = "rse: no real chance for tracking AFAIK" + version = 4.4beta2 + url = http://www.networkforums.net/modules.php?name=Downloads&d_op=viewdownload&cid=1 + regex = .+ +} + @@ . patch -p0 <<'@@ .' Index: openpkg-src/tacacs/fsl.tacacs ============================================================================ $ cvs diff -u -r0 -r1.1 fsl.tacacs --- /dev/null 2003-10-24 17:36:03.000000000 +0200 +++ fsl.tacacs 2003-10-24 17:36:03.000000000 +0200 @@ -0,0 +1,16 @@ +## +## fsl.tacacs -- OSSP fsl configuration +## + +ident (tac_plus)/.+ q{ + prefix( + prefix="%b %d %H:%M:%S %N <%L> $1[%P]: " + ) + -> { + debug: file( + path="@l_prefix@/var/tacacs/tacacs.log", + perm=0644 + ) + } +}; + @@ . patch -p0 <<'@@ .' Index: openpkg-src/tacacs/rc.tacacs ============================================================================ $ cvs diff -u -r0 -r1.1 rc.tacacs --- /dev/null 2003-10-24 17:36:03.000000000 +0200 +++ rc.tacacs 2003-10-24 17:36:03.000000000 +0200 @@ -0,0 +1,54 @@ [EMAIL PROTECTED]@/lib/openpkg/bash @l_prefix@/etc/rc +## +## rc.tacacs -- Run-Commands +## + +%config + tacacs_enable="$openpkg_rc_def" + tacacs_log_prolog="true" + tacacs_log_epilog="true" + tacacs_log_numfiles="10" + tacacs_log_minsize="1M" + tacacs_log_complevel="9" + +%common + tacacs_pidfile="@l_prefix@/var/tacacs/tac_plus.pid" + tacacsr_signal () { + [ -f $tacacs_pidfile ] && kill -$1 `cat $tacacs_pidfile` + } + +%status -u @l_susr@ -o + tacacs_usable="unknown" + tacacs_active="no" + rcService tacacs enable yes && \ + tacacs_signal 0 && tacacs_active="yes" + echo "tacacs_enable=\"$tacacs_enable\"" + echo "tacacs_usable=\"$tacacs_usable\"" + echo "tacacs_active=\"$tacacs_active\"" + +%start -p 100 -u @l_susr@ + rcService tacacs enable yes || exit 0 + rcService tacacs active yes && exit 0 + @l_prefix@/sbin/tac_plus + +%stop -p 100 -u @l_susr@ + rcService tacacs enable yes || exit 0 + rcService tacacs active no && exit 0 + tacacs_signal TERM + sleep 2 + rm -f $tacacs_pidfile >/dev/null 2>&1 || true + +%restart -p 100 -u @l_susr@ + rcService tacacs enable yes || exit 0 + rcService tacacs active no && exit 0 + rc tacacs stop start + +%daily + rcService tacacs enable yes || exit 0 + shtool rotate -f \ + -n ${tacacs_log_numfiles} -s ${tacacs_log_minsize} -d \ + -z ${tacacs_log_complevel} -m 644 -o @l_susr@ -g @l_mgrp@ \ + -P "${tacacs_log_prolog}" \ + -E "${tacacs_log_epilog} && rc tacacs restart" \ + @l_prefix@/var/tacacs/tacacs.log + @@ . patch -p0 <<'@@ .' Index: openpkg-src/tacacs/tacacs.patch ============================================================================ $ cvs diff -u -r0 -r1.1 tacacs.patch --- /dev/null 2003-10-24 17:36:03.000000000 +0200 +++ tacacs.patch 2003-10-24 17:36:03.000000000 +0200 @@ -0,0 +1,70 @@ +Index: configure +--- configure.orig 2003-09-21 05:00:43.000000000 +0200 ++++ configure 2003-10-24 17:28:20.000000000 +0200 +@@ -1241,7 +1241,7 @@ + + + case $host_os in +- *linux-gnu) ++ *linux*) + cat >> confdefs.h <<\EOF + #define LINUX 1 + EOF +@@ -1257,7 +1257,7 @@ + EOF + + ;; +- *freebsd) ++ *freebsd*) + cat >> confdefs.h <<\EOF + #define FREEBSD 1 + EOF +@@ -2886,8 +2886,8 @@ + fi + + +- ac_safe=`echo "PGSQL_INCLUDE_DIR/libpq-fe.h" | sed 'y%./+-%__p_%'` +-echo $ac_n "checking for PGSQL_INCLUDE_DIR/libpq-fe.h""... $ac_c" 1>&6 ++ ac_safe=`echo "$PGSQL_INCLUDE_DIR/libpq-fe.h" | sed 'y%./+-%__p_%'` ++echo $ac_n "checking for $PGSQL_INCLUDE_DIR/libpq-fe.h""... $ac_c" 1>&6 + echo "configure:2892: checking for PGSQL_INCLUDE_DIR/libpq-fe.h" >&5 + if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +@@ -2895,7 +2895,7 @@ + cat > conftest.$ac_ext <<EOF + #line 2897 "configure" + #include "confdefs.h" +-#include <PGSQL_INCLUDE_DIR/libpq-fe.h> ++#include <$PGSQL_INCLUDE_DIR/libpq-fe.h> + EOF + ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" + { (eval echo configure:2902: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +Index: skey_fn.c +--- skey_fn.c.orig 2002-10-08 22:49:51.000000000 +0200 ++++ skey_fn.c 2003-10-24 17:28:20.000000000 +0200 +@@ -17,6 +17,8 @@ + FITNESS FOR A PARTICULAR PURPOSE. + */ + ++#include "config.h" ++ + #ifdef SKEY + #include "tac_plus.h" + #include "expire.h" +Index: db_pgsql.c +--- db_pgsql.c.orig 2003-09-20 06:05:54.000000000 +0200 ++++ db_pgsql.c 2003-10-24 17:28:20.000000000 +0200 +@@ -1,3 +1,5 @@ ++#include "config.h" ++#include "tac_plus.h" + #if defined(DB_PGSQL) && defined(USE_DB) + + /* +@@ -11,7 +13,6 @@ + + */ + +-#include "tac_plus.h" + #include <stdio.h> + #include <libpq-fe.h> + #include "db.h" @@ . patch -p0 <<'@@ .' Index: openpkg-src/tacacs/tacacs.patch.radius ============================================================================ $ cvs diff -u -r0 -r1.1 tacacs.patch.radius --- /dev/null 2003-10-24 17:36:03.000000000 +0200 +++ tacacs.patch.radius 2003-10-24 17:36:03.000000000 +0200 @@ -0,0 +1,309 @@ +This patch adds RADIUS authentication support, allowing the +TACACS+ server to authenticate against a RADIUS server. It is +derived from an original "TACACS to RADIUS" patch from Martin +Mersberger <[EMAIL PROTECTED]> which can be found under +http://www.portal-to-web.de/tacacs/. It was cleaned up and ported to the +latest TACACS+ 4.4b1 version by Ralf S. Engelschal <[EMAIL PROTECTED]> +for inclusion into the OpenPKG "tacacs" package. + +Index: config.c +--- config.c.orig 2003-04-08 03:37:02.000000000 +0200 ++++ config.c 2003-10-24 17:01:35.000000000 +0200 +@@ -77,6 +77,7 @@ + pam <pam_service> | *** if USE_PAM defined + db <string> | *** if USE_DB defined + ldap <string> | *** if USE_LDAP defined ++ radius <string> | *** if USE_RADIUS defined + nopassword + + *<login_spec> for host and default only allow external lists +@@ -89,6 +90,7 @@ + pam <pam_service> | *** if USE_PAM defined + db <string> | *** if USE_DB defined + ldap <string> | *** if USE_LDAP defined ++ radius <string> | *** if USE_RADIUS defined + login *** use the same method as the login + + *** Added acct_spec 6/12/02 JRM +@@ -964,6 +966,9 @@ + #ifdef USE_PAM + case S_pam: + #endif ++#ifdef USE_RADIUS ++ case S_radius: ++#endif + sym_get(0); + authen_default = tac_strdup(sym_buf); + break; +@@ -1431,6 +1436,9 @@ + #ifdef USE_PAM + case S_pam: + #endif /* USE_PAM */ ++#ifdef USE_RADIUS ++ case S_radius: ++#endif + sym_get(0); + host->login = tac_strdup(sym_buf); + break; +@@ -1494,6 +1502,9 @@ + #ifdef USE_PAM + case S_pam: + #endif /* USE_PAM */ ++#ifdef USE_RADIUS ++ case S_radius: ++#endif + sym_get(0); + host->enable = tac_strdup(sym_buf); + break; +@@ -1743,6 +1754,9 @@ + #ifdef USE_PAM + case S_pam: + #endif /* USE_PAM */ ++#ifdef USE_RADIUS ++ case S_radius: ++#endif + sym_get(0); + user->login = tac_strdup(sym_buf); + break; +@@ -1830,6 +1844,9 @@ + #ifdef USE_PAM + case S_pam: + #endif /* USE_PAM */ ++#ifdef USE_RADIUS ++ case S_radius: ++#endif + sym_get(0); + user->enable = tac_strdup(sym_buf); + break; +Index: parse.c +--- parse.c.orig 2003-03-03 15:30:26.000000000 +0100 ++++ parse.c 2003-10-24 17:03:51.000000000 +0200 +@@ -101,6 +101,9 @@ + #ifdef USE_LDAP + declare ("ldap", S_ldap); + #endif ++#ifdef USE_RADIUS ++ declare("radius", S_radius); ++#endif + declare("member", S_member); + declare("message", S_message); + declare("name", S_name); +@@ -301,5 +304,9 @@ + return("enable_deny"); + case S_unix: + return("unix"); ++#ifdef USE_RADIUS ++ case S_radius: ++ return ("radius"); ++#endif /*USE_PAM */ + } + } +Index: parse.h +--- parse.h.orig 2003-03-03 15:28:07.000000000 +0100 ++++ parse.h 2003-10-24 17:02:26.000000000 +0200 +@@ -108,3 +108,6 @@ + #define S_unix 62 + #define S_motd 63 + #define S_accesslog 64 ++#ifdef USE_RADIUS ++#define S_radius 65 ++#endif +Index: pwlib.c +--- pwlib.c.orig 2003-04-01 00:13:10.000000000 +0200 ++++ pwlib.c 2003-10-24 17:06:25.000000000 +0200 +@@ -37,6 +37,10 @@ + #include "ldap.h" + #endif /* LDAP */ + ++#ifdef USE_RADIUS ++#include "radius.h" ++#endif ++ + /* Generic password verification routines for des, file and cleartext + passwords */ + +@@ -47,7 +51,6 @@ + static int + unix_verify(char *user, char *supplied_passwd, struct authen_data *data); + +- + void + set_expiration_status(exp_date, data) + char *exp_date; +@@ -301,6 +304,17 @@ + + #endif /* USE_PAM */ + ++#ifdef USE_RADIUS ++ case S_radius: ++ if (radius_verify(name, passwd, cfg_login) == 1) { ++ data->status = TAC_PLUS_AUTHEN_STATUS_FAIL; ++ } else { ++ data->status = TAC_PLUS_AUTHEN_STATUS_PASS; ++ exp_date = NULL; /* no expire check for RADIUS */ ++ } ++ break; ++#endif ++ + case S_des: + /* try to verify this des password */ + if (!des_verify(passwd, cfg_login)) { +Index: radius.h +--- radius.h.orig 2003-10-24 16:58:03.000000000 +0200 ++++ radius.h 2003-10-24 16:58:03.000000000 +0200 +@@ -0,0 +1,6 @@ ++#ifndef __RADIUS_H__ ++#define __RADIUS_H__ ++ ++extern radius_verify(char *, char *, char *); ++ ++#endif /* __RADIUS_H__ */ +Index: Makefile.in +--- Makefile.in.orig 2003-04-11 04:30:25.000000000 +0200 ++++ Makefile.in 2003-10-24 17:16:45.000000000 +0200 +@@ -158,7 +158,7 @@ + # $(use_o) has to be BEFORE $(conf_LDADD)! (for library dependencies) + tac_plus_LDADD = $(use_o) $(conf_LDADD) + tac_plus_DEPENDENCIES = $(use_o) +-use = @COND_USE@ ++use = @COND_USE@ radius.c + use_o = $(filter %.o,$(use:.c=.o)) + + cond_USE_DB = db.c db.h db_author.c +@@ -166,6 +166,7 @@ + cond_DB_NULL = db_null.c + cond_DB_PGSQL = db_pgsql.c + cond_USE_LDAP = ldap.c ++cond_USE_RADIUS = radius.c + cond_MAXSESS = maxsess.c + cond_MSCHAP = md4.c md4.h + cond_SKEY = skey_fn.c +@@ -181,6 +182,7 @@ + $(cond_DB_NULL) \ + $(cond_DB_PGSQL) \ + $(cond_USE_LDAP) \ ++ $(cond_USE_RADIUS) \ + $(cond_MAXSESS) \ + $(cond_MSCHAP) \ + $(cond_SKEY) \ +Index: radius.c +--- radius.c.orig 2003-10-24 16:58:03.000000000 +0200 ++++ radius.c 2003-10-24 17:19:49.000000000 +0200 +@@ -0,0 +1,117 @@ ++/* ++ * Verify that this user/password is valid per a RADIUS server database ++ * Return 1 if verified, 0 otherwise. ++ * ++ * Format of connection string: ++ * <radius key server1>,<radius server1>,<radius key server2>,<radius server2>, ++ * ... ,<radius key server9>,<radius server9> ++ * ++ * Author: ++ * Martin Mersberger <[EMAIL PROTECTED]> ++ * http://www.portal-to-web.de/tacacs ++ * ++ * Dependencies: ++ * You need to get the Juniper Networks libradius ++ * (included in FreeBSD >= 4.x) ++ * ++ * License: ++ * tac_radius is free software; you can redistribute it ++ * and/or modify it under the terms of the BSD License ++ */ ++ ++#include "config.h" ++ ++#if defined(USE_RADIUS) ++ ++#include <stdio.h> ++#include <string.h> ++ ++#include "tac_plus.h" ++#include "radius.h" ++ ++#include <sys/types.h> ++#include <sys/socket.h> ++#include <netinet/in.h> ++#include <arpa/inet.h> ++#include "radlib.h" ++ ++int radius_verify(char *user, char *users_passwd, char *str_conn) ++{ ++ struct rad_handle *rh; ++ struct in_addr addr; ++ int res; ++ char *token, *cp; ++ char *server[10]; ++ char *key[10]; ++ int i, j; ++ char l_err[200]; ++ int err; ++ ++ /* open the radius handle */ ++ if ((rh = rad_auth_open()) == NULL ) { ++ report(LOG_ERR,"Can't open rad_open"); ++ return 1; ++ } ++ ++ /* split the line from the config file into pairs with radiusserver and radius key */ ++ cp = strdup(str_conn); ++ i = 0; ++ while ((token = strsep(&cp,",")) != NULL) { ++ if ((i % 2) == 0) { /* 0,2,4,... are the radius keys */ ++ key[i] = (char *)malloc(sizeof(token) + sizeof(char)); /* get some mem */ ++ sprintf(key[i], "%s\0", token); /* add the value gotten into a array */ ++ } else { ++ server[i-1] = (char *)malloc(sizeof(token) + sizeof(char)); /* 1,3,5... are the radius hosts */ ++ sprintf(server[i-1], "%s\0", token); /* malloc and add to array */ ++ } ++ i++; ++ } ++ ++ /* for each server and key pair gotten from the config file, do a rad_add_server */ ++ for (j = 0; j < i; j = j + 2) { ++ report(LOG_INFO, "verify_radius: before ldap_init: radiusserver = %s, radiuskey = %s", server[j],key[j]); ++ if ((rad_add_server(rh,server[j], 0, key[j], 2, 2)) != 0) { ++ report (LOG_ERR, "Error in rad_add_server for %s", server[j]); ++ return (1); ++ } ++ } ++ ++ /* create a radius request for ACCESS */ ++ if ((rad_create_request(rh ,RAD_ACCESS_REQUEST)) != 0) { ++ report (LOG_ERR, "Error in rad_create_request"); ++ return (1); ++ } ++ ++ /* prepare the radius request ++ * 1. make a in_addr from the requesting peer ip address ++ * 2. put in username ++ * 3. put in password ++ * 4. insert the in_addr into the rad_request ++ * 5. set the RAD_CONNECT_INFO to "via tacacs+" ++ */ ++ inet_aton(session.peer, &addr); ++ rad_put_string(rh, RAD_USER_NAME, user); ++ rad_put_string(rh, RAD_USER_PASSWORD, users_passwd); ++ rad_put_addr(rh, RAD_NAS_IP_ADDRESS,addr); ++ rad_put_string(rh, RAD_CONNECT_INFO," via TACACS+ server"); ++ ++ /* some debug messages before sending the radius request */ ++#if 0 ++ report(LOG_INFO, "verify_radius: before rad_send: user = %s, passwd = %s", user, "********"); ++ report(LOG_INFO, "verify_radius: before rad_send: peer %s", session.peer); ++#endif ++ ++ /* send the radius request and hope, that libradius does a good job */ ++ res = rad_send_request(rh); ++ ++ /* is the user authenticated? if yes, return 0, else 1 */ ++ if (res == RAD_ACCESS_ACCEPT ) { ++ report(LOG_INFO, "Request accepted\n"); ++ return 0; ++ } else { ++ report(LOG_INFO, "Request denied %i\n",res); ++ return 1; ++ } ++} ++ ++#endif /* RADIUS */ @@ . patch -p0 <<'@@ .' Index: openpkg-src/tacacs/tacacs.spec ============================================================================ $ cvs diff -u -r0 -r1.1 tacacs.spec --- /dev/null 2003-10-24 17:36:03.000000000 +0200 +++ tacacs.spec 2003-10-24 17:36:03.000000000 +0200 @@ -0,0 +1,226 @@ +## +## tacacs.spec -- OpenPKG RPM Specification +## Copyright (c) 2000-2003 The OpenPKG Project <http://www.openpkg.org/> +## Copyright (c) 2000-2003 Ralf S. Engelschall <[EMAIL PROTECTED]> +## Copyright (c) 2000-2003 Cable & Wireless <http://www.cw.com/> +## +## Permission to use, copy, modify, and distribute this software for +## any purpose with or without fee is hereby granted, provided that +## the above copyright notice and this permission notice appear in all +## copies. +## +## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +## SUCH DAMAGE. +## + +# package version +%define V_dist 4.4beta2 +%define V_opkg 4.4b2 + +# package information +Name: tacacs +Summary: TACACS+ Server +URL: http://www.networkforums.net/ +Vendor: Cisco et al. +Packager: The OpenPKG Project +Distribution: OpenPKG [EVAL] +Group: Network +License: BSD +Version: %{V_opkg} +Release: 20031024 + +# package options +%option with_fsl yes +%option with_pam no +%option with_skey no +%option with_mysql no +%option with_pgsql no +%option with_radius no + +# list of sources +Source0: http://www.networkforums.net/downloads/tac_plus-%{V_dist}.tar.gz +Source1: rc.tacacs +Source2: fsl.tacacs +Patch0: tacacs.patch +Patch1: tacacs.patch.radius + +# build information +Prefix: %{l_prefix} +BuildRoot: %{l_buildroot} +BuildPreReq: OpenPKG, openpkg >= 20030103 +PreReq: OpenPKG, openpkg >= 20030103 +%if "%{with_fsl}" == "yes" +BuildPreReq: fsl >= 1.2.0 +PreReq: fsl >= 1.2.0 +%endif +%if "%{with_pam}" == "yes" +BuildPreReq: PAM +PreReq: PAM +%endif +%if "%{with_skey}" == "yes" +BuildPreReq: skey +PreReq: skey +%endif +%if "%{with_mysql}" == "yes" +BuildPreReq: mysql +PreReq: mysql +%endif +%if "%{with_pgsql}" == "yes" +BuildPreReq: postgresql, openssl +PreReq: postgresql, openssl +%endif +%if "%{with_radius}" == "yes" +BuildPreReq: libradius +PreReq: libradius +%endif +AutoReq: no +AutoReqProv: no + +%description + This is a TACACS+ authentication server, derived from the original + Cisco TACACS+ server implementation. + +%prep + %setup -q -n tac_plus-%{V_dist} + %patch -p0 -P 0 + %patch -p0 -P 1 + +%build + # configure package + export CC="%{l_cc}" + export CFLAGS="%{l_cflags -O}" + export CPPFLAGS="%{l_cppflags}" + export LDFLAGS="%{l_ldflags}" + export LIBS="" +%if "%{with_fsl}" == "yes" + LDFLAGS="$LDFLAGS %{l_fsl_ldflags}" + LIBS="$LIBS %{l_fsl_libs}" +%endif +%if "%{with_pam}" == "yes" + CFLAGS="$CFLAGS -I`%{l_prefix}/etc/rc --query pam_incdir`" + LDFLAGS="$LDFLAGS -L`%{l_prefix}/etc/rc --query pam_libdir`" +%endif +%if "%{with_pgsql}" == "yes" + LIBS="$LIBS -lssl -lcrypto" +%endif +%if "%{with_radius}" == "yes" + CFLAGS="$CFLAGS -DUSE_RADIUS" + LIBS="$LIBS -lradius" +%endif + ./configure \ + --prefix=%{l_prefix} \ +%if "%{with_pam}" == "yes" + --with-pam \ +%else + --without-pam \ +%endif +%if "%{with_skey}" == "yes" + --with-skey=%{l_prefix}/lib/libskey.a \ +%else + --without-skey \ +%endif +%if "%{with_mysql}" == "yes" || "%{with_pgsql}" == "yes" + --with-db \ +%else + --without-db \ +%endif +%if "%{with_mysql}" == "yes" + --with-mysql \ + --with-mysql-prefix=%{l_prefix} \ +%else + --without-mysql \ +%endif +%if "%{with_pgsql}" == "yes" + --with-pgsql \ + --with-pgsql-prefix=%{l_prefix} \ + --with-pgsql-include-dir=%{l_prefix}/include/postgresql \ + --with-pgsql-lib-dir=%{l_prefix}/lib \ +%else + --without-pgsql \ +%endif + --with-tacplus_pid=%{l_prefix}/var/tacacs/tac_plus.pid + + # build package + %{l_make} %{l_mflags -O} + +%install + # install package + rm -rf $RPM_BUILD_ROOT + %{l_make} %{l_mflags} install AM_MAKEFLAGS="DESTDIR=$RPM_BUILD_ROOT" + + # post-adjust installation + mv $RPM_BUILD_ROOT%{l_prefix}/bin/generate_passwd \ + $RPM_BUILD_ROOT%{l_prefix}/bin/tacas_generate_passwd + mv $RPM_BUILD_ROOT%{l_prefix}/etc/tacacs/sample-tac_plus.cfg \ + $RPM_BUILD_ROOT%{l_prefix}/etc/tacacs/tac_plus.cfg + strip $RPM_BUILD_ROOT%{l_prefix}/bin/* >/dev/null 2>&1 || true + +%if "%{with_mysql}" == "yes" || "%{with_pgsql}" == "yes" + # install SQL database schema + %{l_shtool} mkdir -f -p -m 755 \ + $RPM_BUILD_ROOT%{l_prefix}/share/tacacs + %{l_shtool} install -c -m 644 \ + tac_plus.sql $RPM_BUILD_ROOT%{l_prefix}/share/tacacs/ +%endif + + # create pidfile and logfile directory + %{l_shtool} mkdir -f -p -m 755 \ + $RPM_BUILD_ROOT%{l_prefix}/var/tacacs + + # install run-command script + %{l_shtool} mkdir -f -p -m 755 \ + $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d + %{l_shtool} install -c -m 755 %{l_value -s -a} \ + %{SOURCE rc.tacacs} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/ + + # install OSSP fsl configuration + %{l_shtool} mkdir -f -p -m 755 \ + $RPM_BUILD_ROOT%{l_prefix}/etc/fsl + %{l_shtool} install -c -m 644 %{l_value -s -a} \ + %{SOURCE fsl.tacacs} \ + $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/ + + # determine installation files + %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \ + %{l_files_std} \ + '%config %{l_prefix}/etc/tacacs/tac_plus.cfg' \ + '%not %dir %{l_prefix}/etc/fsl' + +%files -f files + +%clean + rm -rf $RPM_BUILD_ROOT + +%post +%if "%{with_pam}" == "yes" + # add PAM configuration entry + if [ $1 -eq 1 ]; then + $RPM_INSTALL_PREFIX/sbin/pamtool --add --smart --name=tac_plus + fi +%endif + # after upgrade, restart service + [ $1 -eq 2 ] || exit 0 + eval `%{l_rc} tacacs status 2>/dev/null` + [ ".$tacacs_active" = .yes ] && %{l_rc} tacacs restart + exit 0 + +%preun + [ $1 -eq 0 ] || exit 0 + # before erase, stop service + %{l_rc} tacacs stop 2>/dev/null +%if "%{with_pam}" == "yes" + # remove PAM configuration entry + $RPM_INSTALL_PREFIX/sbin/pamtool --remove --smart --name=tac_plus +%endif + exit 0 + @@ . patch -p0 <<'@@ .' Index: openpkg-web/news.txt ============================================================================ $ cvs diff -u -r1.7156 -r1.7157 news.txt --- openpkg-web/news.txt 24 Oct 2003 14:33:51 -0000 1.7156 +++ openpkg-web/news.txt 24 Oct 2003 15:36:01 -0000 1.7157 @@ -1,3 +1,4 @@ +24-Oct-2003: New package: P<tacacs-4.4b2-20031024> 24-Oct-2003: Upgraded package: P<ecartis-1.0.0.20030814-20031024> 24-Oct-2003: New package: P<nedit-5.3-20031024> 24-Oct-2003: New package: P<ecartis-1.0.0.20030814-20031024> @@ . ______________________________________________________________________ The OpenPKG Project www.openpkg.org CVS Repository Commit List [EMAIL PROTECTED]