-----BEGIN PGP SIGNED MESSAGE-----
On 03/14/2013 08:07 AM, Martin Kosek wrote:
> On 03/13/2013 11:02 PM, Natxo Asenjo wrote:
>> On Wed, Mar 13, 2013 at 10:45 PM, Dale Macartney
>> <d...@themacartneyclan.com> wrote:
>>> I've just deployed a RHEL 6.4 proxy and the guide is still accurate and
>>> works.. however I agree a config file would be a better place for the
>>> options. Both work at the end of the day.
>> yes, the guide is accurate, but upgrading to meet a bunch of angry
>> users is not nice ;-)
>>> I'm more curious as to why your squid init script was replaced instead
>>> of the usual scenario of having the new file saved as .rpmsave.
>> beats me. Anyway, config stuff should go in /etc/sysconfig, period ;-)
>> ; we should not be touching the init scripts. The init scripts source
>> the files in /etc/sysconfig/*
>>>> By the way, I came accross http://squidkerbauth.sourceforge.net/
>>>> squid_kerb_ldap to allow/block stuff in the proxy depending on ldap
>>>> group membership. I have not tested it yet, but will post it if(when)
>>>> I get it working.
>>> You can also check out SquidGuard, which is available in EPEL.
>> ha, squid_kerb_ldap is not a proxy, it is an authenticator for squid
>> and what it does is verify the group membership of the users so you
>> can build ACLs based on that.
>> squidguard is nice. I like privoxy too ;-)
>>> I've written an article for Active Directory, however it is just as easy
>>> to use it with IPA.
>> cool, thanks.
> Hi guys,
> Dale, do you plan to update the howto on FreeIPA wiki to fix the
> section? If not, I can try to update it myself. I agree with Natxo
> the configuration in /etc/sysconfig/squid is safer than having it
hacked in the
> init script.
> Thanks both to sharing this info btw :-)
I've literally just walked into the office and connected to vpn. Will be
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
Freeipa-users mailing list