From e1bf5516bbb00de5689a1091a6e21b1fc45a7340 Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Tue, 3 Oct 2023 09:23:20 +0200 Subject: init: T5577: clear mandatory and optional RADIUS/TACACS PAM settings This complements commit 5181ab60bb ("RADIUS: T5577: Added 'mandatory' and 'optional' modes for RADIUS") and commit 1c804685d0 ("TACACS: T5577: Added 'mandatory' and 'optional' modes for TACACS+"). As those new services should also be cleaned during system boot. --- src/init/vyos-router | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/init') diff --git a/src/init/vyos-router b/src/init/vyos-router index 3db06b368..3445da2cf 100755 --- a/src/init/vyos-router +++ b/src/init/vyos-router @@ -256,9 +256,9 @@ netgroup: nis EOF # restore PAM back to virgin state (no radius/tacacs services) - pam-auth-update --package --remove radius + pam-auth-update --disable radius-mandatory radius-optional rm -f /etc/pam_radius_auth.conf - pam-auth-update --package --remove tacplus + pam-auth-update --disable tacplus-mandatory tacplus-optional rm -f /etc/tacplus_nss.conf /etc/tacplus_servers # Certain configuration files are re-generated by the configuration -- cgit v1.2.3