Re: [squid-users] wbinfo_group.pl from Matt Alexander on 2004-11-08 (squid-users)

From: Matt Alexander <lowbassman@dont-contact.us>
Date: Mon, 8 Nov 2004 17:52:42 -0700

Is this a RH ES 3 box? There's a Perl bug that causes the shellwords
function to fail in wbinfo_group.pl. Also, you'll need to fix the
wbinfo_group.pl script to strip off the Domain Group stuff after
wbinfo gets the group SID. Here's a replacement for the check
subroutine:

sub check {
        local($user, $group) = @_;
        $groupSID = `wbinfo -n "$group"` . " ";
        $groupSID = substr($groupSID,0,index($groupSID," ",0));
        $groupGID = `wbinfo -Y $groupSID`;
        chomp $groupGID;
        &debug( "User: -$user-\nGroup: -$group-\nSID:
-$groupSID-\nGID: -$groupGID-");
        return 'OK' if(`wbinfo -r \Q$user\E` =~ /^$groupGID$/m);
        return 'ERR';
}

If you are using RH ES 3, then here's a replacement for the main loop:

while (<STDIN>) {
        chomp;
        &debug ("Got $_ from squid");
        @stupidRHperlbug = split(/\s+/, $_);
        $user = $stupidRHperlbug[0];
        $group = $stupidRHperlbug[1];
        $ans = &check($user, $group);
        &debug ("Sending $ans to squid");
        print "$ans\n";
}

On Tue, 9 Nov 2004 09:28:58 +1100, t1@hotline.net.au <t1@hotline.net.au> wrote:
> Hi,
>
> I currently have squid authenticating with AD on a per user basis.
>
> In trying to get wbinfo_group.pl working, the version that comes with the current stable version of squid:
>
> Squid Cache: Version 2.5.STABLE7
> configure options: --prefix=/usr --datadir=/usr/share --localstatedir=/var --sysconfdir=/etc/squid --infodir=/usr/share/info --mandir=/usr/share/man --enable-snmp --enable-ssl --enable-auth=ntlm,basic --enable-external-acl-helpers=wbinfo_group
>
> Examples1: Real user and group
>
> [root@proxysvr libexec]# ./wbinfo_group.pl
> hotline www-access
> Got hotline www-access from squid
>
> -- end of example 1
>
> Eample2: user and group that does not exist
>
> [root@proxysvr libexec]# ./wbinfo_group.pl
> fakeuser dummygroup
> Got fakeuser dummygroup from squid
>
> -- end of example 2
>
> In order to terminate the processes above I have to hit control-c or break.
>
> any ideas ?
>
> wbinfo -t
> wbinfo -u
> wbinfo -g
>
> the above check out ok.
>
> Help/Ideas appreciate
>
> cheers
>
> Ben
>
>

-- 
Get Firefox!
http://www.mozilla.org/products/firefox/

Received on Mon Nov 08 2004 - 17:53:07 MST

This archive was generated by hypermail pre-2.1.9 : Wed Dec 01 2004 - 12:00:01 MST