Re: [squid-users] Off Topic - Reconfiguration by a non-root user

From: Anthony M. Rasat <[email protected]>
Date: Tue, 12 Aug 2003 23:22:38 +0700

Linux permissions gives you headache, doesn't it?
I can't help you with chmod and chown, they are supposed Linux guruz' job.
However I can only suggest a trick.
Perhaps all you need to simple crontab script.

Let say you write a simple bash script which will do following :

a. Check existance of files. For example : /home/aqil/scripts/proxy_auth and
/home/aqil/scripts/ip_user_check. Your operator owned these files. If they
are not exist, simply quit.
b. Copy the old proxy_auth and ip_user_check to proxy_auth.old and
ip_user_check.old for backup, just in case.
c. Copy the operator's proxy_auth and ip_user_check files to their proper
location, overwriting the original files.
d. Change ownership of both files to Squid.
e. Delete /home/aqil/scripts/proxy_auth and
/home/aqil/scripts/ip_user_check.
f. Reconfigure Squid.
f. Run this script every, say, 5 minutes.

I think you will save your hair this way.

Regards,

Anthony M. Rasat
PT. Kalteng Pos Press
Palangkaraya - Indonesia.-

----- Original Message -----
From: "aqil" <aqil@indosat.net.id>
To: <squid-users@squid-cache.org>
Sent: Wednesday, August 13, 2003 10:52 AM
Subject: [squid-users] Reconfiguration by a non-root user

> I'd like to add a user for our helpdesk in our proxy server (linux) here.
His
> linux user is ... say operator. I want to give him right to edit the
password file (for proxy_auth) and the IP address file (for ip_user_check)..
>
> So what I've done is to set operator's group to ... say squid.
> I also change both files to be edited to : squid, and make them
> writeable by squid group.
> And at last for reconfiguration, I change the group of my squid program to
the same group,
> i.e. squid, and not to forget to make it executable by squid group...
>
> I think I miss something as I still got error message which is
> operation not permitted
>
> I know it's linux adminstration problem, but as I told you, I do miss
> something and maybe one of you can see clearer and will tell me what it
is... :)
>
> Any help would be very appreciated
>
> regards,
> aqil
>
Received on Wed Aug 13 2003 - 07:05:31 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:52 MST