Provide getpwnam_r entry point to lookup mapped TACACS+ users

Initial version with NSS lookups for tacacs users using mapping
Works with modified libpam-tacplus to authenticate TACACS+ users
without local passwd entries, mapping them to tacacs0..15 based on
TACACS privilege level.

When the /etc/tacplus_servers tacacs config file is mode 600 (normally
the case since it has the server "secret" key), lookups will only work
for tacacs users that are logged in, via the local mapping.  For root,
getpwnam lookups will work for any TACACS user known to the servers.

Most syslog's enabled only if debug is set in the config file.

1 files changed, 28 insertions, 0 deletions

diff --git a/nss_tacplus.h b/nss_tacplus.h
new file mode 100644
index 0000000..57c985f
--- /dev/null
+++ b/nss_tacplus.h
@@ -0,0 +1,28 @@
+/*
+ * Copyright (C) 2014, 2015, 2016 Cumulus Networks, Inc
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program - see the file COPYING.
+ *
+ * Author: olson@cumulusnetworks.com>
+ */
+
+#ifndef NSS_TACPLUS_H
+#define NSS_TACPLUS_H
+
+/* current release version; should match the NSS modules version */
+#define NSS_TPLUS_VMAJ 2
+#define NSS_TPLUS_VMIN 0
+#define NSS_TPLUS_VPATCH 0
+
+#endif  /* NSS_TACPLUS_H */