[squid-users] ext_ldap_group_acl not working

alesironi alesironi at yahoo.it
Tue Feb 2 06:36:45 UTC 2016 

Amos Jeffries wrote
> On 2/02/2016 3:22 a.m., alesironi wrote:
>> L.P.H. van Belle wrote
>>> Just a question..
>>>
>>> You are using debian,  i did say..  
>>>
>>> chmod root:proxy ( proxy is the default squid user in debian ) 
>>>
>>> i see..
>>> chown root:squid /etc/squid3/ldappass.txt
>>>
>>> try again with 
>>> chown root:proxy /etc/squid3/ldappass.txt
>>>
>>> Greetz, 
>>>
>>> Louis
>> 
>> It was probably my typo, anyway I reconfigured as you said again.
>> Same result. If I use SUDO (or if I configure to use the password in
>> clear)
>> it proceeds, but with the same error: invalid request: No Username
>> 
>> Looks like an error in the syntax I used....
>> 
> 
> 
> Maybe. But at the very least it is clear you do not understand what
> "sudo" is or how to use it for non-root user accounts.
> 
> Running any command "sudo X" will run the command X as *root* user.
> 
> That is bad, both because its running a sensitive networking process
> with root privileges. And because its running a test very different to
> what we are telling you needs to be run.
> 
> Running this:
>   sudo -u squid X
> 
> or this:
>   su squid && X
> 
> will run the command X as user 'squid' instead of user 'root'. That is
> the test we are writing about to figure out what the problem(s) are.
> 
> 
> Amos
> _______________________________________________
> squid-users mailing list

> squid-users at .squid-cache

> http://lists.squid-cache.org/listinfo/squid-users

Thanks for the clarification, my technical base comes from Windows OS and I
wrongly assumed that SUDO was the equivalet of Windows UAC (User Account
Control), or running a process with elevated privileges of the securit
context in which I'm working (which is not exatly the same; as you said SUDO
X means using root). 
I'll investigate that as well.




--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ext-ldap-group-acl-not-working-tp4675816p4675844.html
Sent from the Squid - Users mailing list archive at Nabble.com.

More information about the squid-users mailing list