Centos 7 Automatic Service Start / TACACS+

I've configured TACACS+ running on CentOS 7 and the TACACAS+ configuration is working perfectly. However, I cannot get TACACS+ to run automatically upon startup.

I have configured the automatic service start using
chkconfig tac_plus --add

Open in new window

, everything looks good in
chkconfig tac_plus --list

Open in new window

. When I check the service status using
service tac_plus status

Open in new window

, everything is loaded & running, however when I trying to SSH to the switch I get huge delays and TACACS isn't available, only local authentication.

The only way I can get it to work is to do the following manual steps:-

1.) Upon server restart, stop the tac_plus service using
service tac_plus stop

Open in new window

2. Manually run the command
sudo tac_plus -C /etc/tac_plus.conf

Open in new window

3.) TACACS starts to work as expected

I have an extremely basic understanding with Linux, any help would be appreciated.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

centos7 uses systemctl versus the prior chkconfig


systemctl -a  

Not sure what your issue is does the check for auth from the switch (debug test) does it pass or fail)?
The issue could be that you did not configure firewalld or iptables to allow inbound connection or the ports you chose are not the same to whicih the switch sending the requests....

It is hard from the information you provided to determine what might be going on or what might be causing your issues.
David FavorLinux/LXD/WordPress/Hosting SavantCommented:
Sigh... arnold is correct. The systemd madness has crept into every major Distro, except Alpine.

Fix approaches.

1) Easy - Just to get things running immediately + to work across reboots, add an entry to run tac_plus -C /etc/tac_plus.conf from your /etc/rc.local file... if that even works. Most systemd based systems, you'll have to enable to plumbing for /etc/rc.local to run at reboot time.

2) Permanent - Create a systemd service wrapper to start/stop tac_plus as a real systemd process.

Avoid using /etc/init.d based scripts. They may work after a fashion with CentOS 7 + likely be completely deprecated at some point in the future.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Joy DingenenICT system consultantCommented:

systemd is the best :) you learn to love it.
everything has tab-completion so it's very easy to use. Starting something on boot is done with
systemctl enable service_name

Open in new window

lets say you want to run that manual command in a systemd service that starts after the network card is on.
vi /etc/systemd/system/start_tacacs.service

Description=start_tacacs Service

ExecStart=/path/to/tac_plus -f /path/to/tacacs.cfg


Open in new window

systemctl enable start_tacacs
systemctl start start_tacacs

Open in new window

Have fun with centos 7 :D
Joy DingenenICT system consultantCommented:
A small google search later i find:
TACACS server as systemd service, external logging
EnsingerLTDAuthor Commented:
I ended up completely binning off the CentOS installation as none of the solutions worked for me, however this comment ended up leading me down the right path so to speak. Whenever I tried to start TACACS+ using systemactl I kept receiving a message stating that TACACS+ is native to CHKCONFIG and would always revert me to setting up the CHKCONFIG process.

Ended up deploying Ubuntu Server, installed & configured TACACS+ without any issue whatsoever, as well as getting it to start automatically. This was satisfactory considering my basic Linux skills and requirement for simple TACACS+ deployment.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.