[squid-users] ntlm: No such file or directory
Amos Jeffries
squid3 at treenet.co.nz
Fri Jan 16 13:16:11 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 16/01/2015 11:51 p.m., Rietzler, Markus (RZF, SG 324 /
<RIETZLER_SOFTWARE>) wrote:
> tow more additions:
>
> check the user squid is running, is this user able to access
> ntlm_auth. we also had to correct access rights for
>
> /var/lib/samba/winbindd_privilege
>
> so that our squid-user "www" will be able to use it...
FYI: You should never have to touch the pivileges on the
/var/lib/samba/winbindd_privilege directory. In fact if you do Samba
will at some point reset them to correct values and Squid access
breaks again.
What is *required* is that 1) the Squid user account be a member of
the Samba winbindd_priv group which has read access to that path and
2) the cache_effective_group parameter is *absent* from squid.conf.
Using that directive will remove the group membership permissions
required for winbind access.
NP: the RHEL official packages for years had a patch which hard-coded
a value for cache_effective_group which made it impossible to
integrate Squid and Samba winbind in the correct way. A custom built
package is required to get around that.
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUuQ8bAAoJELJo5wb/XPRj2RMH+wavFBqNPU+as7OysRJjhTtw
vWemsV569Lk5hNs2iuW/s7B/jaiE/rIwDUnEhRGCW4imVXtHytjFWBAQoK5re63a
lAfB70RJaoyom+Fj89B2TUtLHQ+8bWESzVHdFzmg4sSmh+DCqHWgi5QjJ6DMSyvG
OCn4AYwWDvYloPBJCZ2IvOK52Ig5YBzvCCPOsxDFNO4EYZu/Rsmy1M8Fqj0SgFVW
zkkqYaSQq5aznjLO2G+UYTGFcFG6Zh/0akELmGBYJsc2vjERLBmvMkFnpAOYPLbh
dA0tFI+ei6+M35dU5IKpxIBHknTfY5bH6HgKcMP0zAv7LnLkfDbf2gG2ia4AKEQ=
=f3e5
-----END PGP SIGNATURE-----
More information about the squid-users
mailing list