[Freeipa-users] squid problems when upgrading to 6.4
Natxo Asenjo
natxo.asenjo at gmail.com
Wed Mar 13 22:02:21 UTC 2013
On Wed, Mar 13, 2013 at 10:45 PM, Dale Macartney
<dale at themacartneyclan.com> wrote:
> I've just deployed a RHEL 6.4 proxy and the guide is still accurate and
> works.. however I agree a config file would be a better place for the
> options. Both work at the end of the day.
yes, the guide is accurate, but upgrading to meet a bunch of angry
users is not nice ;-)
> I'm more curious as to why your squid init script was replaced instead
> of the usual scenario of having the new file saved as .rpmsave.
beats me. Anyway, config stuff should go in /etc/sysconfig, period ;-)
; we should not be touching the init scripts. The init scripts source
the files in /etc/sysconfig/*
>> By the way, I came accross http://squidkerbauth.sourceforge.net/
>> squid_kerb_ldap to allow/block stuff in the proxy depending on ldap
>> group membership. I have not tested it yet, but will post it if(when)
>> I get it working.
> You can also check out SquidGuard, which is available in EPEL.
ha, squid_kerb_ldap is not a proxy, it is an authenticator for squid
and what it does is verify the group membership of the users so you
can build ACLs based on that.
squidguard is nice. I like privoxy too ;-)
> I've written an article for Active Directory, however it is just as easy
> to use it with IPA.
> https://www.dalemacartney.com/2012/07/06/web-proxy-filtering-with-squidguard-using-active-directory-group-memberships/
cool, thanks.
--
natxo
More information about the Freeipa-users
mailing list