[Freeipa-users] squid problems when upgrading to 6.4
Natxo Asenjo
natxo.asenjo at gmail.com
Wed Mar 13 21:20:26 UTC 2013
hi,
following the howto
http://freeipa.org/page/Squid_Integration_with_FreeIPA_using_Single_Sign_On
I had setup squid.
Tonight running the updates the changes to the init script
http://freeipa.org/page/Squid_Integration_with_FreeIPA_using_Single_Sign_On#Change_the_.2Fetc.2Finit.d.2Fsquid_startup_script_to_read_in_the_keytab_on_service_start.
were gone and so the internet was not working. Not nice.
The howto should specify that the config must come in
/etc/sysconfig/squid instead. Then the upgrade has no nasty
consequences. So /etc/sysconfig/squid should look like this:
# default squid options
SQUID_OPTS=""
# Time to wait for Squid to shut down when asked. Should not be necessary
# most of the time.
SQUID_SHUTDOWN_TIMEOUT=100
# default squid conf file
SQUID_CONF="/etc/squid/squid.conf"
# kerberos stuff
KRB5_KTNAME=/etc/squid/krb5.keytab
export KRB5_KTNAME
By the way, I came accross http://squidkerbauth.sourceforge.net/
squid_kerb_ldap to allow/block stuff in the proxy depending on ldap
group membership. I have not tested it yet, but will post it if(when)
I get it working.
--
Groeten,
natxo
More information about the Freeipa-users
mailing list