From ab9634da79286d2f04f40011331f2feee208e513 Mon Sep 17 00:00:00 2001 From: Dave Olson Date: Thu, 23 Jun 2016 13:39:25 -0700 Subject: Provide getpwnam_r entry point to lookup mapped TACACS+ users Initial version with NSS lookups for tacacs users using mapping Works with modified libpam-tacplus to authenticate TACACS+ users without local passwd entries, mapping them to tacacs0..15 based on TACACS privilege level. When the /etc/tacplus_servers tacacs config file is mode 600 (normally the case since it has the server "secret" key), lookups will only work for tacacs users that are logged in, via the local mapping. For root, getpwnam lookups will work for any TACACS user known to the servers. Most syslog's enabled only if debug is set in the config file. --- debian/rules | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100755 debian/rules (limited to 'debian/rules') diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..b37d726 --- /dev/null +++ b/debian/rules @@ -0,0 +1,20 @@ +#!/usr/bin/make -f +# See debhelper(7) (uncomment to enable) +# output every command that modifies files on the build system. +DH_VERBOSE = 1 + +# see EXAMPLES in dpkg-buildflags(1) and read /usr/share/dpkg/* +DPKG_EXPORT_BUILDFLAGS = 1 +include /usr/share/dpkg/default.mk + +# see FEATURE AREAS in dpkg-buildflags(1) +export DEB_BUILD_MAINT_OPTIONS = hardening=+all + +# main packaging script based on dh7 syntax +%: + dh $@ --with autotools-dev + +# this library installs into /lib, not /usr/lib; I don't see any other +# way to do this, although there must be a way... +override_dh_auto_configure: + dh_auto_configure -- --prefix="" -- cgit v1.2.3