init: T5577: clear mandatory and optional RADIUS/TACACS PAM settings

This complements commit 5181ab60bb ("RADIUS: T5577: Added 'mandatory' and 'optional' modes for RADIUS") and commit 1c804685d0 ("TACACS: T5577: Added 'mandatory' and 'optional' modes for TACACS+"). As those new services should also be cleaned during system boot.
author: Christian Breunig <christian@breunig.cc> 2023-10-03 09:23:20 +0200
committer: Christian Breunig <christian@breunig.cc> 2023-10-03 09:31:48 +0200
commit: 9fa024bdbaa861a6066a1e58afb7a7c6a977820c (patch)
tree: 4a2918912923bd78549670d5b0ccbda5f16be0a9 /src/init
parent: baa12ccf0f6eb092099a9e17444e9efd86a59fcc (diff)
download: vyos-1x-9fa024bdbaa861a6066a1e58afb7a7c6a977820c.tar.gz
vyos-1x-9fa024bdbaa861a6066a1e58afb7a7c6a977820c.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/init/vyos-router b/src/init/vyos-router
index dd07d2e4b..fbb89a77c 100755
--- a/src/init/vyos-router
+++ b/src/init/vyos-router
@@ -229,9 +229,9 @@ cleanup_post_commit_hooks () {
 security_reset ()
 {
     # restore PAM back to virgin state (no radius/tacacs services)
-    pam-auth-update --package --remove radius
+    pam-auth-update --disable radius-mandatory radius-optional
     rm -f /etc/pam_radius_auth.conf
-    pam-auth-update --package --remove tacplus
+    pam-auth-update --disable tacplus-mandatory tacplus-optional
     rm -f /etc/tacplus_nss.conf /etc/tacplus_servers
 
     # Certain configuration files are re-generated by the configuration
author	Christian Breunig <christian@breunig.cc>	2023-10-03 09:23:20 +0200
committer	Christian Breunig <christian@breunig.cc>	2023-10-03 09:31:48 +0200
commit	9fa024bdbaa861a6066a1e58afb7a7c6a977820c (patch)
tree	4a2918912923bd78549670d5b0ccbda5f16be0a9 /src/init
parent	baa12ccf0f6eb092099a9e17444e9efd86a59fcc (diff)
download	vyos-1x-9fa024bdbaa861a6066a1e58afb7a7c6a977820c.tar.gz vyos-1x-9fa024bdbaa861a6066a1e58afb7a7c6a977820c.zip