#!/bin/sh # tac_plus configuration file location CONF=/etc/tacacs.conf # deamon location TAC=/usr/sbin/tac_plus # LOGFILE location LOG=/var/tmp/tac_plus.log # PID location TACPID="/etc/tac_plus.pid" ############### rm -rf $LOG if [ "$1" = "" ] then TACPID="/etc/tac_plus.pid" fi if [ "$1" = "-k" ] then kill -9 `cat $TACPID`;echo "Shutting Down the tac_plus service PID `cat $TACPID`";exit fi # If no PID file exists if [ "$1" = "" ] then ls -A /etc/tac_plus.pid 2>/dev/null | grep -c "$TACPID" > /var/tmp/cpid fi if [ "$1" = "" ] then if [ "`cat /var/tmp/cpid`" = "0" ] then /usr/sbin/tac_plus -C /etc/tacacs.conf;echo "No PID File, Starting tac_plus on port 49, PID `cat $TACPID`";exit fi fi # # If PID File Exists ps -aux | awk '{print $2}' | grep -c "`cat $TACPID`" > /var/tmp/dbugpid if [ "$1" = "" ] then if [ "`cat /var/tmp/dbugpid`" -gt "0" ]; then echo "tac_plus is up PID `cat /etc/tac_plus.pid`";exit elif [ "`cat /var/tmp/dbugpid`" = "0" ]; then echo "tac_plus is down";$TAC -C $CONF;echo Restarting tac_plus PID `cat /etc/tac_plus.pid`;exit fi fi if [ "$1" = "-h" ] then echo " This script provides a wrapper starting the tac_plus TACACS+ daemon. In default mode (no flags) the deamon starts with no debug options. The debug options are addative each mode inherets the previous modes, yielding the debug output of all of the -k Stop the service -par Start service parse configuration file to logfile -for Start service in fork mode -auz Start service in authorization debug mode -aut Start service in authentication debug mode -pas Start service in password debug mode -cfg Start service in config debug mode -pak Start service in packet debug mode -md5 Start service in MD5 debug mode -enc Start service in Low Level Encrypt/Decrypt debug mode -pro Start service in proxy debug mode -max Start service in max-session debug mode (if compiled) " | more fi if [ "$2" = "-C" ] then CONF="$3";echo "Using Alternative Configuration File" fi if [ "$1" = "-par" ] then $TAC -C $CONF -d 2;echo "Starting In Parse Mode";more $LOG fi if [ "$1" = "-for" ] then $TAC -C $CONF -d 4;echo "Starting In Fork Mode";tail -f $LOG fi if [ "$1" = "-auz" ] then $TAC -C $CONF -d 8;echo "Starting In Authorization Debug Mode";tail -f $LOG fi if [ "$1" = "-aut" ] then $TAC -C $CONF -d 16;echo "Starting In Authentication Debug Mode";tail -f $LOG fi if [ "$1" = "-pas" ] then $TAC -C $CONF -d 32;echo "Starting In Password File Processing Debug Mode";tail -f $LOG fi if [ "$1" = "-acc" ] then $TAC -C $CONF -d 64;echo "Starting In Accounting Debug Mode";tail -f $LOG fi if [ "$1" = "-cfg" ] then $TAC -C $CONF -d 128;echo "Starting In Config File Parsing And Lookup Debug Mode";tail -f $LOG fi if [ "$1" = "-pak" ] then $TAC -C $CONF -d 256;echo "Starting In Packet Level Debug Mode";tail -f $LOG fi if [ "$1" = "-hex" ] then $TAC -C $CONF -d 512;echo "Starting In Authentication and Authorization Debug Mode";tail -f $LOG fi if [ "$1" = "-md5" ] then $TAC -C $CONF -d 1024;echo "Starting In MD5 Hash Debug Mode";tail -f $LOG fi if [ "$1" = "-enc" ] then $TAC -C $CONF -d 2048;echo "Starting In Low Level Encrypt/Decrypt Debug Mode";tail -f $LOG fi if [ "$1" = "-pro" ] then $TAC -C $CONF -d 16348;echo "Starting In Proxy Debug Mode";tail -f $LOG fi if [ "$1" = "-max" ] then $TAC -C $CONF -d 32768;echo "Starting In Max Session Debug Mode";tail -f $LOG fi