Using following VyOS version for the TACACS+ test:
linux@R180> show version Version: VyOS 1.5-rolling-202406060020 Release train: current Release flavor: generic Built by: autobuild@vyos.net Built on: Thu 06 Jun 2024 03:11 UTC Build UUID: e0cb746f-5572-4aaf-8d6c-536ac82e5957 Build commit ID: 9c2ec5e3d31713
The TACACS+ Authnetication and Authorization request for new users are working fine. Using TACACS+NG for testing over here. As soon as the T+ config is active the appliance sends local system users authorization requests to the AAA daemon. Logs from the AAA daemon. 10.100.100.180 is the source IP address of the VyOS appliance in the logs. This happens in different time intervals for different vyos-system-users.
... 29533: 11:00:02.802 22/a41daa59: 10.100.100.180 Start authorization request 29533: 11:00:02.802 22/a41daa59: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:00:02.807 23/aad96e35: 10.100.100.180 Start authorization request 29533: 11:00:02.807 23/aad96e35: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:00:02.811 24/ac72ae00: 10.100.100.180 Start authorization request 29533: 11:00:02.811 24/ac72ae00: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:00:02.816 25/cb608d09: 10.100.100.180 Start authorization request 29533: 11:00:02.816 25/cb608d09: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:00:02.819 26/3becaa5b: 10.100.100.180 Start authorization request 29533: 11:00:02.819 26/3becaa5b: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:00:02.823 27/b0188c0e: 10.100.100.180 Start authorization request 29533: 11:00:02.823 27/b0188c0e: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:00:02.828 28/49672c55: 10.100.100.180 Start authorization request 29533: 11:00:02.828 28/49672c55: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:00:02.830 29/5fa44805: 10.100.100.180 Start authorization request 29533: 11:00:02.830 29/5fa44805: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:00:02.841 2a/6275d73d: 10.100.100.180 Start authorization request 29533: 11:00:02.841 2a/6275d73d: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:00:02.874 2b/6275d73d: 10.100.100.180 Start authorization request 29533: 11:00:02.874 2b/6275d73d: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:00:13.880 2c/9507397c: 10.100.100.180 Start authorization request 29533: 11:00:13.880 2c/9507397c: 10.100.100.180 user 'www-data' not found, denied by default 29533: 11:00:13.884 2d/fb10c858: 10.100.100.180 Start authorization request 29533: 11:00:13.884 2d/fb10c858: 10.100.100.180 user 'proxy' not found, denied by default 29533: 11:00:13.888 2e/a6a24741: 10.100.100.180 Start authorization request 29533: 11:00:13.888 2e/a6a24741: 10.100.100.180 user 'stunnel4' not found, denied by default 29533: 11:00:13.892 2f/6a1a1c2c: 10.100.100.180 Start authorization request 29533: 11:00:13.892 2f/6a1a1c2c: 10.100.100.180 user 'zabbix' not found, denied by default 29533: 11:03:32.246 30/fa153f6a: 10.100.100.180 Start authorization request [...] 29533: 11:06:33.853 34/8a845756: 10.100.100.180 Start authorization request 29533: 11:06:33.853 34/8a845756: 10.100.100.180 user 'messagebus' not found, denied by default 29533: 11:06:33.857 35/177a757b: 10.100.100.180 Start authorization request 29533: 11:06:33.857 35/177a757b: 10.100.100.180 user 'haproxy' not found, denied by default 29533: 11:06:33.861 36/3235a107: 10.100.100.180 Start authorization request 29533: 11:06:33.861 36/3235a107: 10.100.100.180 user 'polkitd' not found, denied by default 29533: 11:06:33.864 37/7833b55b: 10.100.100.180 Start authorization request 29533: 11:06:33.864 37/7833b55b: 10.100.100.180 user 'polkitd' not found, denied by default 29533: 11:06:33.868 38/2323b47c: 10.100.100.180 Start authorization request 29533: 11:06:33.868 38/2323b47c: 10.100.100.180 user 'proxy' not found, denied by default 29533: 11:06:33.871 39/b4cf4761: 10.100.100.180 Start authorization request 29533: 11:06:33.871 39/b4cf4761: 10.100.100.180 user 'systemd-network' not found, denied by default 29533: 11:06:33.874 3a/05c2f659: 10.100.100.180 Start authorization request 29533: 11:06:33.874 3a/05c2f659: 10.100.100.180 user 'systemd-network' not found, denied by default 29533: 11:06:33.877 3b/dfa6a706: 10.100.100.180 Start authorization request 29533: 11:06:33.877 3b/dfa6a706: 10.100.100.180 user 'systemd-network' not found, denied by default 29533: 11:06:33.879 3c/04e34c2f: 10.100.100.180 Start authorization request 29533: 11:06:33.879 3c/04e34c2f: 10.100.100.180 user 'systemd-network' not found, denied by default 29533: 11:06:33.887 3d/3c07cd39: 10.100.100.180 Start authorization request 29533: 11:06:33.887 3d/3c07cd39: 10.100.100.180 user 'tss' not found, denied by default 29533: 11:06:33.890 3e/13420f5e: 10.100.100.180 Start authorization request 29533: 11:06:33.890 3e/13420f5e: 10.100.100.180 user 'tss' not found, denied by default 29533: 11:06:33.894 3f/7e507969: 10.100.100.180 Start authorization request 29533: 11:06:33.894 3f/7e507969: 10.100.100.180 user 'zabbix' not found, denied by default ... 29533: 11:20:02.948 40/253c5132: 10.100.100.180 Start authorization request 29533: 11:20:02.948 40/253c5132: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:20:02.954 41/61f7bf47: 10.100.100.180 Start authorization request 29533: 11:20:02.954 41/61f7bf47: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:20:02.958 42/2f442609: 10.100.100.180 Start authorization request 29533: 11:20:02.958 42/2f442609: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:20:02.965 43/3ad8b806: 10.100.100.180 Start authorization request 29533: 11:20:02.965 43/3ad8b806: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:20:02.967 44/b49fdb09: 10.100.100.180 Start authorization request 29533: 11:20:02.967 44/b49fdb09: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:20:02.970 45/53b2c710: 10.100.100.180 Start authorization request 29533: 11:20:02.970 45/53b2c710: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:20:02.976 46/c680ff5c: 10.100.100.180 Start authorization request 29533: 11:20:02.976 46/c680ff5c: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:20:02.978 47/49a1880b: 10.100.100.180 Start authorization request 29533: 11:20:02.978 47/49a1880b: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:20:02.985 48/3ffcb94e: 10.100.100.180 Start authorization request 29533: 11:20:02.985 48/3ffcb94e: 10.100.100.180 user 'smmsp' not found, denied by default 29533: 11:20:02.996 49/3ffcb94e: 10.100.100.180 Start authorization request 29533: 11:20:02.996 49/3ffcb94e: 10.100.100.180 user 'smmsp' not found, denied by default
Please check if the Authorization requests sent from local-system users, could be authorized differently not sending the requests to AAA daemon.
Thanks.