From: Özgür ÖZASLAN (ozguro@ins.itu.edu.tr)
Date: Wed 11 Apr 2007 - 10:39:02 EEST
Active Directory gruplarına dahil kullanıcıları NTLM ile
(Kerberos+Samba+Squid+Dansguadian) ile internete çıkarmak istiyorum.
Ayarları da yaptım aslında. Tek sorun dansguardian için filtre gruplarını AD
grupları içinden otomatik almak. Çok fazla kabuk programlama bilmiyorum
fakat aşağıdaki gibi create_filtergrouplist isimli bir betik hazırlayıp,
root olarak çalıştırdığımda
./create_filtergrouplist
İle kullanıcı listemi sorunsuz olarak oluşturuyorum. Betik aşağıdaki gibi:
#!/bin/sh
cat /usr/local/etc/dansguardian/lists/tmpfiltergrouplist/baslik >
/usr/local/etc/dansguardian/lists/tmpfiltergrouplist/filtergrouplists.tmp
net rpc group MEMBERS "inetuser" -Uadministrator%password -S193.0.0.11 | cut
-c5-50 | awk '{print $1 "=filter2"}' >> /usr/local/etc/dansguardian/lists/
tmpfiltergrouplist/filtergrouplists.tmp
net rpc group MEMBERS "internetadna" -Uadministrator%password -S193.0.0.11 |
cut -c5-50 | awk '{print $1 "=filter3"}' >>
/usr/local/etc/dansguardian/lists/tmpfiltergrouplist/filtergrouplists.tmp
net rpc group MEMBERS "internetanka" -Uadministrator%password -S193.0.0.11 |
cut -c5-50 | awk '{print $1 "=filter3"}' >>
/usr/local/etc/dansguardian/lists/tmpfiltergrouplist/filtergrouplists.tmp
net rpc group MEMBERS "internetbrsa" -Uadministrator%password -S193.0.0.11 |
cut -c5-50 | awk '{print $1 "=filter3"}' >>
/usr/local/etc/dansguardian/lists/tmpfiltergrouplist/filtergrouplists.tmp
net rpc group MEMBERS "internetelaz" -Uadministrator%password -S193.0.0.11 |
cut -c5-50 | awk '{print $1 "=filter3"}' >>
/usr/local/etc/dansguardian/lists/tmpfiltergrouplist/filtergrouplists.tmp
net rpc group MEMBERS "internetista" -Uadministrator%password -S193.0.0.11 |
cut -c5-50 | awk '{print $1 "=filter3"}' >>
/usr/local/etc/dansguardian/lists/tmpfiltergrouplist/filtergrouplists.tmp
net rpc group MEMBERS "internetizmr" -Uadministrator%password -S193.0.0.11 |
cut -c5-50 | awk '{print $1 "=filter3"}' >>
/usr/local/etc/dansguardian/lists/tmpfiltergrouplist/filtergrouplists.tmp
net rpc group MEMBERS "internetizmt" -Uadministrator%password -S193.0.0.11 |
cut -c5-50 | awk '{print $1 "=filter3"}' >>
/usr/local/etc/dansguardian/lists/tmpfiltergrouplist/filtergrouplists.tmp
net rpc group MEMBERS "internetkbey" -Uadministrator%password -S193.0.0.11 |
cut -c5-50 | awk '{print $1 "=filter3"}' >>
/usr/local/etc/dansguardian/lists/tmpfiltergrouplist/filtergrouplists.tmp
net rpc group MEMBERS "internetmahm" -Uadministrator%password -S193.0.0.11 |
cut -c5-50 | awk '{print $1 "=filter3"}' >>
/usr/local/etc/dansguardian/lists/tmpfiltergrouplist/filtergrouplists.tmp
net rpc group MEMBERS "interneturfa" -Uadministrator%password -S193.0.0.11 |
cut -c5-50 | awk '{print $1 "=filter3"}' >>
/usr/local/etc/dansguardian/lists/tmpfiltergrouplist/filtergrouplists.tmp
cp /usr/local/etc/dansguardian/lists/filtergroupslist
/usr/local/etc/dansguardian/lists/filtergroupslist.bck
cp /usr/local/etc/dansguardian/lists/tmpfiltergrouplist/filtergrouplists.tmp
/usr/local/etc/dansguardian/lists/filtergroupslist
/usr/local/etc/rc.d/dansguardian restart
/usr/local/etc/dansguardian/lists/tmpfiltergrouplist dizinindeki baslik
dosyası ise
# Filter Groups List file for DansGuardian
#
# Format is <user>=filter<1-9> where 1-9 are the groups
#
# Eg:
# daniel=filter2
#
# This file is only of use if you have more than 1 filter group
#
# inetuser=filter2
# internet=filter3
Şeklinde. Cron'a
16 * * * *
/usr/local/etc/dansguardian/lists/tmpfiltergrouplist/create_filtergropslist
Şeklinde görev tanımladığımda dosyada sadece baslik ile belirttiğim üstteki
kısım oluşuyor ve diğer komut çıktıları eklenmiyor. Sorun ne olabilir?
create_filtergropslist yetkilerini 755 yaptım. Zaten cron log baktığımda
root olarak çalıştığı bilgisi var. Log aşağıdaki gibi
Apr 11 10:05:00 server /usr/sbin/cron[9317]: (root) CMD
(/usr/local/etc/dansguardian/lists/tmpfiltergrouplist/create_filtergropslist
)
Apr 11 10:10:00 server /usr/sbin/cron[9431]: (root) CMD (/usr/libexec/atrun)
Apr 11 10:11:00 server /usr/sbin/cron[9503]: (operator) CMD
(/usr/libexec/save-entropy)
Apr 11 10:14:44 server crontab[9518]: (root) BEGIN EDIT (root)
Apr 11 10:14:58 server crontab[9518]: (root) REPLACE (root)
Apr 11 10:14:58 server crontab[9518]: (root) END EDIT (root)
Apr 11 10:15:00 server /usr/sbin/cron[753]: (root) RELOAD (tabs/root)
Apr 11 10:15:00 server /usr/sbin/cron[9521]: (root) CMD (/usr/libexec/atrun)
Apr 11 10:16:00 server /usr/sbin/cron[9525]: (root) CMD
(/usr/local/etc/dansguardian/lists/tmpfiltergrouplist/create_filtergropslist
)
Apr 11 10:20:00 server /usr/sbin/cron[9598]: (root) CMD (/usr/libexec/atrun)
Apr 11 10:22:00 server /usr/sbin/cron[9602]: (operator) CMD
(/usr/libexec/save-entropy)
Apr 11 10:25:00 server /usr/sbin/cron[9621]: (root) CMD (/usr/libexec/atrun)
Apr 11 10:30:00 server /usr/sbin/cron[9624]: (root) CMD (/usr/libexec/atrun)
Apr 11 10:31:00 server crontab[9626]: (root) LIST (root)
Apr 11 10:33:00 server /usr/sbin/cron[9628]: (operator) CMD
(/usr/libexec/save-entropy)
_______________________________________________
Linux-programlama mailing list
Linux-programlama@liste.linux.org.tr
http://liste.linux.org.tr/mailman/listinfo/linux-programlama