> > external_acl_type NT_global_group %LOGIN /usr/lib/squid/wb_group
> > acl domainadmins external NT_global_group "Domain Admins"
> Hi Gavin,
> Brian O'Neill submitted a patch in November to allow you to use `Domain
> Admins`, because you can't do it with spaces (as you've discovered).
> It's down to the passing around between squid.conf and the ACL helper.
>
> I don't know if it made it in, but you could give it a go.
Thanks for the suggestion, Greg :)
Alas it didn't solve the problem, but it did get me thinking in a different
direction. I attached a 'strace' to one of the wb_group processes before
implementing your suggestion:
# using "Domain Admins" in the squid.conf
wintermute:~# strace -p 17953
read(0, "bytel\\\\floss\n", 4096) = 29
# using `Domain Admins` in the squid.conf
wintermute:~# strace -p 18019
read(0, "bytel\\\\floss `Domain Admins`\n", 4096) = 29
So I tried this and many others at the commandline...
wintermute:~# /usr/lib/squid/wb_group
BYTEL\\floss `Domain Admins`
ERR
BYTEL\\floss "Domain Admins"
OK
BYTEL\\floss Domain Admins
ERR
BYTEL\\floss 'Domain Admins'
ERR
Very interesting... so, the key appears to be double-quotes, whereas the
little patch in squid can only output backticks...
This sounds like either a source-hacking job, or a little shim bash script
with 'tr' to translate the backtick into a double-quote to pass on to the
real wb_group
Many thanks for the clue ;)
gdh
Received on Tue Apr 01 2003 - 04:18:28 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:34 MST