[PLUTO-help] samba e squid

ivan re re.ivan a gmail.com
Mar 28 Nov 2006 12:27:48 CET 

Ho un server fc5 con samba3 (usato per creare un PDC) e squid 2.5 (usato per
l'accesso ad internet)


La configurazione di samba è:

[global]
        workgroup = MyDom
        server string = Samba PDC  - Versione %v
        interfaces = 192.168.6.0/24, 127.0.0.1
        passwd program = /usr/bin/passwd %u
        passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password*
%n\n *passwd:*all*authentication*tokens*updated*successfully*
        check password script = /sbin/crackcheck -d /usr/lib/cracklib_dict
        unix password sync = Yes
        log level = 10
        log file = /var/log/samba/%m.log
        max log size = 150
        time server = Yes
        socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192
SO_SNDBUF=8192
        printcap name = /etc/printcap
        add machine script = /usr/sbin/useradd -d /dev/null -g machines -s
/bin/false -M %u
        logon script = netlogon.bat
        logon path = \\%L\profiles\%U
        logon drive = Z:
        logon home = \\%L\%U\.profiles
        domain logons = Yes
        os level = 64
        preferred master = Yes
        domain master = Yes
        remote announce = 192.168.6.255
        hosts allow = 19.168.6., 127.
        cups options = raw



La configurazione di squid è:

auth_param ntlm program /usr/lib/squid/ntlm_auth --helper-protocol=
squid-2.5-ntlmssp
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 15 minutes
auth_param ntlm use_ntlm_negotiate on
auth_param basic program /usr/lib/squid/ntlm_auth --helper-protocol=
squid-2.5-basic
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

#ACL per auth
acl squid_access proxy_auth REQUIRED
http_access allow squid_access

Il dominio funziona correttamente al contrario di squid:
service squid start
Avvio di squid: ....................                       [FALLITO]

/var/log/messages

Nov 28 12:25:27 Andromeda squid[8987]: Squid Parent: child process 8989
started
Nov 28 12:25:27 Andromeda kernel: audit(1164713127.294:59): avc:  denied  {
name_connect } for  pid=8989 comm="squid" dest=53892
scontext=root:system_r:squid_t:s0 tcontext=system_u:object_r:port_t:s0
tclass=tcp_socket


Sapete darmi qualche dritta?
Ivan

More information about the pluto-help mailing list