On Friday 27 June 2003 08.14, Frank Fegert wrote: > I'm not exactly shure why this happened, since in either case the > effective UID should have been the squid-user, shouldn't it?
Not actually relevant. See the RunCache script.. Daemons should never implicitly depend on non-standard paths (other than /bin:/usr/bin). If they do then they will fail in one configuration or another. > external_acl_type passwd-expired-external ttl=5 concurrency=5 > %LOGIN <path-to>/expire.sh -D <binddn> -b <basedn>\ > -h <ldap-server> -f <ldap-search-filter> > acl passwd-expired external passwd-expired-external > http_access deny !passwd-expired > deny_info ERR_PASSWD_EXPIRED passwd-expired I think you want to retune the ttl there, and use a margin to start denying shortly before the set password expires if possible to avoid accidental blocking the password. Suggested ttls for the external_acl_type: ttl=1800 negative_ttl=5 and use a negative margin of 30 minutes when determining if the user needs to change his password. -- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, [EMAIL PROTECTED]
