MarcJHuber/event-driven-servers

tac_plus-ng as a service?

jamenlang opened this issue · 3 comments

jamenlang commented

I'm re-visiting setting up tac_plus-ng and I've got everything working that I want so far, logging, TLS and by some miracle pattern matching for groups. (this truly was a pain)

I'm on the final stretch to replace my 201607310722 tac_plus servers, but I ran into a problem with the commands I found on Google Groups. https://groups.google.com/g/event-driven-servers/c/St-ujxoPfmI (modified for -ng)

cd /etc/init.d
sudo cp ~/PROJECTS/tac_plus-ng/extra/etc_init.d_tac_plus-ng /etc/init.d/tac_plus-ng
sudo chmod 755 /etc/init.d/tac_plus-ng
sudo chown root:root /etc/init.d/tac_plus-ng
sudo update-rc.d tac_plus-ng defaults
sudo service tac_plus-ng start

I get the following syslog entries

Sep 27 14:35:18 tacacs systemd[1]: Reloading.
Sep 27 14:35:33 tacacs systemd[1]: Starting SYSV: Starts and stops the spawnd server process....
Sep 27 14:35:33 tacacs spawnd[1361]: startup (version 3a72b45)
Sep 27 14:35:33 tacacs spawnd[1362]: FATAL: Recursive execution prohibited.
Sep 27 14:35:33 tacacs tac_plus-ng[1363]: ********************************************************************************
Sep 27 14:35:33 tacacs tac_plus-ng[1363]: * Unable to start spawnd ... please fix the configuration problem
Sep 27 14:35:33 tacacs tac_plus-ng[1363]: * indicated above.
Sep 27 14:35:33 tacacs tac_plus-ng[1363]: ********************************************************************************
Sep 27 14:35:33 tacacs systemd[1]: tac_plus-ng.service: Control process exited, code=exited, status=1/FAILURE
Sep 27 14:35:33 tacacs systemd[1]: tac_plus-ng.service: Failed with result 'exit-code'.
Sep 27 14:35:33 tacacs systemd[1]: Failed to start SYSV: Starts and stops the spawnd server process..

It seems that I'm the only person EVER to get "FATAL: Recursive execution prohibited." as it returns 0 search results on Google. Either that or I'm banned by Google again.

How can I start this as a service and have it run automatically after a reboot like I was doing with tac_plus?

jamenlang commented

It sure helps if you use the right init.d script. I copied the tac_plus etc_init.d script to /etc/init.d instead of tac_plus-ng etc_init.d script to /etc/init.d

seems like it's working now.

jamenlang commented

I'm on debian and I had to make a /etc/systemd/system/tacacs_plus-ng.service file

[Unit]
Description=...

[Service]
ExecStart=/etc/init.d/tac_plus-ng start
ExecStop=/etc/init.d/tac_plus-ng stop

[Install]
WantedBy=multi-user.target

then issue the command

systemctl enable tacacs_plus-ng

MarcJHuber commented

Hi Jamen,

thanks for reporting!

The service file at

tac_plus-ng/extra/tac_plus-ng.service

likely needs some referencing in the documentation ... I'll think about that.

Cheers,

Marc