diff options
| author | Christian Breunig <christian@breunig.cc> | 2023-11-21 10:08:03 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-11-21 10:08:03 +0100 |
| commit | 916adfaf0774df0731522bf3cbd886d794735c50 (patch) | |
| tree | b043c0e29103c814467239ea8d729c6ecc4d6d49 /interface-definitions | |
| parent | cec47950a5d30944c0063723d3967cd17502d6b1 (diff) | |
| parent | e1bf5516bbb00de5689a1091a6e21b1fc45a7340 (diff) | |
| download | vyos-1x-916adfaf0774df0731522bf3cbd886d794735c50.tar.gz vyos-1x-916adfaf0774df0731522bf3cbd886d794735c50.zip | |
Merge pull request #2512 from zdc/T5577-sagitta
PAM: T5577: Backported PAM settings from circinus
Diffstat (limited to 'interface-definitions')
| -rw-r--r-- | interface-definitions/include/radius-server-ipv4-ipv6.xml.i | 20 | ||||
| -rw-r--r-- | interface-definitions/system-login.xml.in | 20 |
2 files changed, 40 insertions, 0 deletions
diff --git a/interface-definitions/include/radius-server-ipv4-ipv6.xml.i b/interface-definitions/include/radius-server-ipv4-ipv6.xml.i index ac0950ae8..e454b9025 100644 --- a/interface-definitions/include/radius-server-ipv4-ipv6.xml.i +++ b/interface-definitions/include/radius-server-ipv4-ipv6.xml.i @@ -26,6 +26,26 @@ </children> </tagNode> #include <include/source-address-ipv4-ipv6-multi.xml.i> + <leafNode name="security-mode"> + <properties> + <help>Security mode for RADIUS authentication</help> + <completionHelp> + <list>mandatory optional</list> + </completionHelp> + <valueHelp> + <format>mandatory</format> + <description>Deny access immediately if RADIUS answers with Access-Reject</description> + </valueHelp> + <valueHelp> + <format>optional</format> + <description>Pass to the next authentication method if RADIUS answers with Access-Reject</description> + </valueHelp> + <constraint> + <regex>(mandatory|optional)</regex> + </constraint> + </properties> + <defaultValue>optional</defaultValue> + </leafNode> </children> </node> <!-- include end --> diff --git a/interface-definitions/system-login.xml.in b/interface-definitions/system-login.xml.in index a0eda9045..be0145b4f 100644 --- a/interface-definitions/system-login.xml.in +++ b/interface-definitions/system-login.xml.in @@ -244,6 +244,26 @@ </leafNode> </children> </tagNode> + <leafNode name="security-mode"> + <properties> + <help>Security mode for TACACS+ authentication</help> + <completionHelp> + <list>mandatory optional</list> + </completionHelp> + <valueHelp> + <format>mandatory</format> + <description>Deny access immediately if TACACS+ answers with REJECT</description> + </valueHelp> + <valueHelp> + <format>optional</format> + <description>Pass to the next authentication method if TACACS+ answers with REJECT</description> + </valueHelp> + <constraint> + <regex>(mandatory|optional)</regex> + </constraint> + </properties> + <defaultValue>optional</defaultValue> + </leafNode> #include <include/source-address-ipv4.xml.i> #include <include/radius-timeout.xml.i> #include <include/interface/vrf.xml.i> |