Docker Community Forums

Share and learn in the Docker community.

Issue in running custom docker container for tacacs+

General Discussions
#1

hi , i have used the below docker file to run TACACS+ on ubuntu 18.04. am seeing an error wherein tacacs+ is not starting with the conatiner. saying rc.d init run level not set. I tried all solutions in

and other similar posts. but still my application does not start. can you please let me know what could be the issue?

Use Base Ubuntu image

FROM ubuntu:18.04

Author of this Dockerfile

MAINTAINER Yamini Umapathy

Update & upgrades

RUN apt-get update && apt-get upgrade -y

Install tacacs+ and Google Authenticator

RUN apt-get install tacacs+ -y

Clear local repo

RUN apt-get clean

Copy tac_plus configuration file from host to the container

COPY tac_plus.conf /etc/tacacs+/tac_plus.conf

Run tac_plus as foreground process and use /etc/tacacas+/tac_plus.conf as the config file

CMD [“tac_plus”, “-G”, “-C”, “/etc/tacacs+/tac_plus.conf”]

#2

Configuration is stored in two files tac_base.cfg and tac_user.cfg for the majority of users neither of these need changing should simple, basic TACACS+ testing be required.

If additional users or parameters are required, the tac_user.cfg file should be modified and passed into the container via a docker volume using -v /path/to/tac_user.cfg:/etc/tac_plus/tac_user.cfg

If base configuration changes are required, the tac_base.cfg file can be altered and included as a docker volume following the above syntax.

Various configuration defaults exist (defined in tac_user.cfg)
TACACS Key: ciscotacacskey
Priv 15 User (IOS): iosadmin password: cisco
Priv 0 User (IOS): iosuser password: cisco Network Admin (NXOS): nxosadmin password: cisco
Network User (NXOS): nxosuser password: cisco
Read-write User (ACI): aciadmin password: cisco
Read-only User (ACI): aciro password: cisco
Show User: showuser password: cisco

The following cisco IOS configuration was used in the development of this image:

aaa new-model
aaa authentication login default group tacacs+ local

aaa authorization exec default group tacacs+ local
aaa authorization commands 0 default group tacacs+
aaa authorization commands 1 default group tacacs+
aaa authorization commands 15 default group tacacs+

aaa accounting exec default start-stop group tacacs+
aaa accounting commands 0 default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+

tacacs-server host key