>And you are absolutely sure it works when running squid_ldap_auth from the
>command line?
>
>The reason I ask is because the TLS support in squid_ldap_auth in
>2.5.STABLE10 is known to be broken, always reporting this error..
>
>
>http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-LDAP_TLS
>
I use squid_ldap_auth from squid-2.STABLE9-7 and patch only 2 as follow
squid-2.5.STABLE10-ldap_auth-U.patch
squid-2.5.STABLE10-LDAP_TLS.patch
So im not sure after patch it same result with squid_ldap_auth from
squid-2.5STABLE10 but it return "OK" when i run it from command line
>Ah.. here is a hint. You placed .ldaprc in $HOME. Quite likely the
>environment variable $HOME is not what you expect then Squid is running as
>a daemon. Try specifying the same in /etc/ldap.conf instead. Alternatively
>you can try using the following small wrapper script around squid_ldap_auth
>making sure $HOME is set properly:
>
> #!/bin/sh
> HOME=/home/squid
> export HOME
> exec /path/to/squid_ldap_auth "$@"
>
>(change /home/squid to the home of your cache_effective_user)
Sorry . Actually , i mean $HOME is /var/spool/squid if i run
squid_ldap_auth as squid user
and i put ldaprc in /root if i run squid_ldap_auth as root user
but lazy to type abosolute path so i type $HOME instead
### /etc/passwd ####
squid:x:23:23::/var/spool/squid:/bin/bash
from ldap.conf manpage said that it will ignore if specify TLS_KEY,
TLS_CERT in /etc/ldap.conf because this user-only option will effect only
if specify in ldaprc in home directory of that user
Thanks for your suggestion
Regards
Nattapon
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Received on Tue Sep 20 2005 - 10:50:04 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Oct 01 2005 - 12:00:03 MDT