matthew/sonic-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-03-20. You can view files and clone it, but cannot push or open issues or pull requests.
1c4ca07cf5
sonic-buildimage/files/build_templates
History
liuh-80 ff09b8b8ed
[TACACS+] Add Bash TACACS+ plugin for per-command authorization. (#8715) 
This pull request add a bash plugin for TACACS+ per-command authorization

#### Why I did it
1. To support TACACS per command authorization, we check user command before execute it.
2. Fix libtacsupport.so can't parse tacplus_nss.conf correctly issue:
            Support debug=on setting.
            Support put server address and secret in same row.
3. Fix the parse_config_file method not reset server list before parse config file issue.

#### How I did it
The bash plugin will be called before every user command, and check user command with remote TACACS+ server for per-command authorization.

#### How to verify it
UT with CUnit cover all code in this plugin.
Also pass all current UT.

#### Which release branch to backport (provide reason below if selected)
N/A

#### Description for the changelog
Add Bash TACACS+ plugin.


#### A picture of a cute animal (not mandatory but encouraged)
2021-11-13 09:57:30 +08:00
..
per_namespace Merged PR 4559560: [bgp]: Switch to standby if BGP container exits 2021-10-15 09:59:59 -07:00
share_image [hostcfgd] Configure service auto-restart in hostcfgd. (#5744) 2021-06-29 09:06:21 -07:00
arp_update_vars.j2 [swss][arp_update] Send ipv6 pings over vlan sub interfaces (#8363) 2021-08-06 21:14:18 -07:00
buffers_config.j2 SONIC QOS YANG - Remove qos tables field value refernce format (#7752) 2021-09-28 09:21:24 -07:00
cbf_config.j2 [CBF] Added configuration templates to generate configs for CBF (#8689) 2021-10-29 17:18:57 -07:00
config-chassisdb.service.j2 [ChassisDB]: bring up ChassisDB service (#5283) 2020-10-14 15:15:24 -07:00
config-setup.service.j2 [config-setup]: create a SONiC configuration management service (#3227) 2019-12-04 07:15:58 -08:00
database.service.j2 Multi-ASIC implementation (#3888) 2020-03-31 10:06:19 -07:00
dhcp_relay.service.j2 [hostcfgd] Configure service auto-restart in hostcfgd. (#5744) 2021-06-29 09:06:21 -07:00
docker_image_ctl.j2 Fix Python 3 syntax in SONiC container startup scripts 2021-11-10 15:27:22 -08:00
gbsyncd-cisco.service.j2 [gearbox] Add gbsyncd container for Credo gearbox chips (#9009) 2021-10-27 12:35:47 +08:00
gbsyncd-credo.service.j2 [gearbox] Add gbsyncd container for Credo gearbox chips (#8144) 2021-08-04 16:05:53 -07:00
gbsyncd.service.j2 [gearbox] Add gbsyncd container for Credo gearbox chips (#8144) 2021-08-04 16:05:53 -07:00
iccpd.service.j2 [services] introduce sonic.target (#5705) 2021-02-25 14:26:24 +02:00
init_cfg.json.j2 [ACL] enable ACL FC when genereting config from minigraph but disable by default (#8908) 2021-11-11 09:07:54 +08:00
kube_cni.10-flannel.conflist First cut image update for kubernetes support. (#5421) 2020-12-22 08:01:33 -08:00
lldp.service.j2 Changes for LLDP docker to support multi-npu platforms (#4530) 2020-05-11 11:05:44 -07:00
macsec.service.j2 [macsec]: Bind macsec service to sonic.target (#7642) 2021-05-18 11:44:21 -07:00
manifest.json.j2 [dockers] change RPC, DBG dockers version: put RPG, DBG sign in build metadata part of the version (#8920) 2021-11-01 19:02:57 +02:00
mgmt-framework.service.j2 [services] introduce sonic.target (#5705) 2021-02-25 14:26:24 +02:00
mgmt-framework.timer Grouping delayed services under a target for config reload checks (#7846) 2021-06-21 11:55:02 -07:00
mux.service.j2 [mux.service]: Remove pmon dependency (#9211) 2021-11-10 08:08:03 -08:00
nat.service.j2 [hostcfgd] Configure service auto-restart in hostcfgd. (#5744) 2021-06-29 09:06:21 -07:00
organization_extensions.sh Framework to plugin Organization specific scripts during ONIE Image build (#951) 2017-09-19 16:23:31 -07:00
packages.json.j2 [sonic_debian_extension] fix packages.json generation and make the build fail when packages.json is not generated (#8044) 2021-07-09 12:29:33 -07:00
pde.service.j2 [PDE]: introduce the SONiC Platform Development Env (#7510) 2021-07-24 16:24:43 -07:00
pmon.service.j2 [hostcfgd] Configure service auto-restart in hostcfgd. (#5744) 2021-06-29 09:06:21 -07:00
qos_config.j2 SONIC QOS YANG - Remove qos tables field value refernce format (#7752) 2021-09-28 09:21:24 -07:00
radv.service.j2 [hostcfgd] Configure service auto-restart in hostcfgd. (#5744) 2021-06-29 09:06:21 -07:00
restapi.service.j2 [hostcfgd] Configure service auto-restart in hostcfgd. (#5744) 2021-06-29 09:06:21 -07:00
sflow.service.j2 [hostcfgd] Configure service auto-restart in hostcfgd. (#5744) 2021-06-29 09:06:21 -07:00
snmp.service.j2 [hostcfgd] Configure service auto-restart in hostcfgd. (#5744) 2021-06-29 09:06:21 -07:00
snmp.timer Grouping delayed services under a target for config reload checks (#7846) 2021-06-21 11:55:02 -07:00
sonic_debian_extension.j2 [TACACS+] Add Bash TACACS+ plugin for per-command authorization. (#8715) 2021-11-13 09:57:30 +08:00
sonic_version.yml.j2 [build]: add branch and release name in sonic_version.yml (#6356) 2021-08-08 20:44:02 -07:00
sonic-delayed.target Grouping delayed services under a target for config reload checks (#7846) 2021-06-21 11:55:02 -07:00
sonic.target [services] introduce sonic.target (#5705) 2021-02-25 14:26:24 +02:00
swss_vars.j2 [swss_vars]: Add 'resource_type' attribute. (#7526) 2021-05-06 12:14:21 -07:00
tacacs-config.service Add service to restore TACACS from old config (#7560) 2021-06-03 20:07:17 -07:00
tacacs-config.timer Add service to restore TACACS from old config (#7560) 2021-06-03 20:07:17 -07:00
telemetry.service.j2 [hostcfgd] Configure service auto-restart in hostcfgd. (#5744) 2021-06-29 09:06:21 -07:00
telemetry.timer Grouping delayed services under a target for config reload checks (#7846) 2021-06-21 11:55:02 -07:00
updategraph.service.j2 [config-setup]: create a SONiC configuration management service (#3227) 2019-12-04 07:15:58 -08:00