Install errors with TAC_PLUS
All teng
I am trying to install TAC_PLUS to test IPv6 operations and get the
following errors when doing the make...
/usr/local/lib/libssl.so.5: undefined reference to `EVP_idea_cbc'
gmake[2]: *** [tac_plus] Error 1
gmake[2]: Leaving directory `/usr/PROJECTS/tac_plus/obj.freebsd-7.2-
release-sparc64'
gmake[1]: *** [build] Error 2
gmake[1]: Leaving directory `/usr/PROJECTS/tac_plus'
gmake: *** [all] Error 1
*** Error code 2
Is there any flag that I need to stop the errors?
Thanks
Al
Marc Huber
it would help to see the actual command that yields this error.
You probably have multiple OpenSSL versions installed on your system.
You can try reconfiguring using either the --with-ssl=/usr switch to
force use of the stock libraries, then recompile. Alternatively,
remove the ports (?) version of OpenSSL.
Cheers,
Marc
All teng
The command is the "make" - I have attached the outputs... I tried
with the switch and it is still has the same results...
could it be conflicting with the TACACS+ already installed and running..
Thanks
Al
> --
> You received this message because you are subscribed to the Google Groups "Event-Driven Servers" group.
> To post to this group, send email to event-driv...@googlegroups.com.
> To unsubscribe from this group, send email to event-driven-ser...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/event-driven-servers?hl=en.
>
>
Marc Huber
no, there's no conflict with any existing TACACS+ software. Judging
from your output there are multiple OpenSSL installations on your
system, one in /usr/local/ and one in /usr/bin/openssl/. The latter
isn't autodetected, so you've probably told configure to use that
location. Now, there are a couple of choices:
- reconfigure without SSL support and recompile. The crypto library is
required for ARAP and MSCHAP only, and you probably won't need this.
- use a different --prefix= location. The build will install the mavis
library to /usr/local/lib, so this comes first in the search path.
Unfortunately, one of your OpenSSL installations resides there, too.
- fix your local openssl library setup
Cheers,
Marc
> with the switch and it is still has the same results...
> could it be conflicting with the TACACS+ already installed and running..
>
> Thanks
> Al
>
> 3KAnzeigenHerunterladen
All teng
It installed OK with ignoring the SSL side of things but now when I
start the TAC_PLUS it is not opening the IPv6 port - is there any
specific change that needs to be made? Other programs are opening the
IPv6 ports...
sockstat -l
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
squid squid 861 5 udp4 *:64689 *:*
squid squid 861 12 tcp4 *:8080 *:*
squid squid 861 13 udp4 *:3130 *:*
squid squid 861 14 udp4 *:3401 *:*
root inetd 827 5 tcp4 *:21 *:*
root inetd 827 6 tcp6 *:21 *:*
root inetd 827 7 tcp4 *:23 *:*
root inetd 827 9 tcp6 *:23 *:*
root inetd 827 10 udp4 *:69 *:*
root inetd 827 11 udp6 *:69 *:*
root sendmail 780 3 tcp4 127.0.0.1:25 *:*
root sshd 774 3 tcp6 *:22 *:*
root sshd 774 4 tcp4 *:22 *:*
root radiusd 747 3 udp4 *:1812 *:*
root radiusd 747 4 udp4 *:1813 *:*
root ntpd 706 20 udp4 *:123 *:*
root ntpd 706 21 udp6 *:123 *:*
root ntpd 706 22 udp6 fe80:1::203:baff:fe14:3ef0:123*:*
root ntpd 706 23 udp4 10.80.130.254:123 *:*
root ntpd 706 24 udp6 2001:800e:2:0:203:baff:fe14:3ef0:123*:*
root ntpd 706 25 udp6 ::1:123 *:*
root ntpd 706 26 udp6 fe80:3::1:123 *:*
root ntpd 706 27 udp4 127.0.0.1:123 *:*
root dhcpd 680 5 udp4 *:67 *:*
root tac_plus 668 0 tcp4 *:49 *:*
<<<<<<<<<<<<<<<<<<<
bind named 607 20 tcp6 *:53 *:*
bind named 607 21 tcp4 10.80.130.254:53 *:*
bind named 607 22 tcp4 127.0.0.1:53 *:*
bind named 607 23 tcp4 127.0.0.1:953 *:*
bind named 607 24 tcp6 ::1:953 *:*
bind named 607 512udp6 *:53 *:*
bind named 607 513udp4 10.80.130.254:53 *:*
bind named 607 514udp4 127.0.0.1:53 *:*
root syslogd 539 4 dgram /var/run/log
root syslogd 539 5 dgram /var/run/logpriv
root syslogd 539 6 dgram /var/run/log
root syslogd 539 7 dgram /var/named/var/run/log
root syslogd 539 8 udp6 *:514 *:*
root syslogd 539 9 udp4 *:514 *:*
root devd 481 4 stream /var/run/devd.pipe
Thanks
Al
Marc Huber
try
id = spawnd {
...
listen = {
address = ::
port = 49
}
}
Current default for address is the IPv4 wildcard; I'll change that to
the IPv6 one in the next snapshot.
Cheers,
Marc
Murali Krishnan
I have installed tacacs+ in red hat Enterprise linux 5.5. The tacacs version is F4.0.4.26. In this i can able to test in IPv4 but not with IPv6 address. I have also tried with bind option but it returns the following error:
Reading config
Version F4.0.4.26 Initialized 1
get_socket: bind 49 Address already in use
Once i added listen={address=::} it returns the error (unrecognized toke id )while restarting daemon.I don’t know how to make tacacs+ to listen on IPv6 address. Or is that I need to do any entries in tac_plus.cfg to listen for IPv6.
> >> > To unsubscribe from this group, send email to event-driven-servers+unsub...@googlegroups.com.
> >> > For more options, visit this group athttp://groups.google.com/group/event-driven-servers?hl=en.
>
> >> error.txt
> >> 3KAnzeigenHerunterladen
>
> > --
> > You received this message because you are subscribed to the Google Groups "Event-Driven Servers" group.
> > To post to this group, send email to event-driv...@googlegroups.com.
> > To unsubscribe from this group, send email to event-driven-servers+unsub...@googlegroups.com.
Marc Huber
On 09.07.13 07:03, Murali Krishnan wrote:
> I have installed tacacs+ in red hat Enterprise linux 5.5.
> The tacacs version is F4.0.4.26. In this i can able to test in IPv4
> but not with IPv6 address. I have also tried with bind option but it
> returns the following error:
Cheers,
Marc
Murali Krishnan
HI,
Now i have installed the tacacs versio: 201305271736/PCRE/DES/CURL
Once is added the id = spawnd {
listen = {
address = ::
port = 49
}
}
Starting tacacs+: Error: Unrecognised token id on line 3
Kindly help me Why is that ? How can i use on Tacacs on IPv6 networks.
Marc Huber
On 10.07.13 14:53, Murali Krishnan wrote:
> in /etc/tac_plus.cfg i restarted the service. But service not started
> it return the following error:
> Starting tacacs+: Error: Unrecognised token id on line 3
start F4.0.4.26. Impossible to tell, as you didn't post your
configuration and I've no idea what "restarting the service" on your
system actually means/does. Please provide more details.
Cheers,
Marc
Murali Krishnan
And is that any document availabe to completely remove the tacacs and install the new one. I think i am doing some mistake while re-installing.
Thanks,
MK
Marc Huber
On 11.07.13 07:39, Murali Krishnan wrote:
> Please find the attached /etc/tacacs/tac_plus.cfg file and
> /usr/bin/tacacs.
adjustments are made.
> And is that any document availabe to completely remove the tacacs and
> install the new one. I think i am doing some mistake while re-installing.
in my version). Plus, your configuration isn't compatible at all. Please
read the documentation. There's no way around that.
Cheers,
Marc
Murali Krishnan
Murali Krishnan
And i did the following:
- Copy the attached tac_plus.conf file to /etc
- Verify the file tac_plus has been copied to /etc/init.d
- Modify that file so it will run at startup
- /etc/init.d# chmod -x tac_plus
- Make the tac_plus daemon start at boot
- update-rc.d tac_plus defaults
- Manually start the daemon:
- tac_plus /etc/tac_plus.conf
->systemctl enable tac_plus.service
tac_plus.service is not a native service, redirecting to /sbin/chkconfig.
Executing /sbin/chkconfig tac_plus on
->systemctl status tac_plus.service
tac_plus.service
Loaded: loaded (/etc/init.d/tac_plus)
Active: failed (Result: exit-code) since Fri, 19 Jul 2013 07:16:38 -0700; 4min 1s ago
Process: 4443 ExecStart=/etc/init.d/tac_plus start (code=exited, status=66)
CGroup: name=systemd:/system/tac_plus.service
Jul 19 07:16:38 linux-ey5i tac_plus[4443]: startup (version 201305271736)
Jul 19 07:16:38 linux-ey5i tac_plus[4443]: Error Couldn't open start: No such file or directory
So how i proceed this.
Thanks,
MK
Then i tried the following:
Murali Krishnan
4. "make"
5. check /usr/local/lib/mavis/mavis_tacplus_ads.pl < /dev/null
if error: "sudo apt-get install libnet-ldap-perl"
6. copy http://www.pro-bono-publico.de/projects/unpacked/tac_plus/extra/tac_plus.cfg-ads /usr/local/etc/tac_plus.cfg
- Edit the config to suite your needs
7. then check cofig for errors with /usr/local/sbin/tac_plus -P /usr/local/etc/tac_plus.cfg
8. copy http://www.pro-bono-publico.de/projects/unpacked/tac_plus/extra/etc_init.d_tac_plus to /etc/init.d/tac_plus
9. chmod 755 /etc/init.d/tac_plus
Thanks,
MK
ramesh....@gmail.com
Marc Huber
Looks like it isn't simple to get the IPv6 stuff over Tacacs+, I've installed tacacs+-F4.0.4.26 in my linux, please let me know what tweeking I need to make the ipv6 stuff running.
The daemon from http://www.pro-bono-publico.de/projects/ (which is covered here) handles IPv6 just fine.
Cheers,
Marc
ramesh....@gmail.com
Marc Huber
On 14.07.14 22:40, ramesh....@gmail.com wrote:
> Which version of tacacs should I install ? I just went through the
> link couldn't find which version I had to download.
packages.
Cheers,
Marc