squid::acl does not support sourcing acl contents from files as SQUID does
we ran into an issue with puppet-squid internally and wanted to share the fix with you.
puppet-squid seems to only allow specifying acl elements directly and seems to be missing
Quoting from squid documentation (relvant parts marked):
# TAG: acl
# Defining an Access List
# Every access list definition must begin with an aclname and acltype,
# followed by either type-specific arguments or a quoted filename that
# they are read from.
# acl aclname acltype argument ...
# acl aclname acltype "file" ...
# When using "file", the file should contain one item per line.
The following patch enables the template used to support the present SQUID feature.
templates/squid.conf.acl.erb - acls with files need filename in double quotes (")
- If “e” starts with “/” emit double quotes around “e”
diff templates/squid.conf.acl.erb.orig templates/squid.conf.acl.erb
@@ -1,5 +1,5 @@
# <%= @comment %>
<% @entries.sort.each do |e| -%>
-acl <%= @aclname %> <%= @type %> <%= e %>
+acl <%= @aclname %> <%= @type %> <%- if e.to_s.start_with?("/") -%>"<%- end -%><%= e %><%- if e.to_s.start_with?("/") -%>"<%- end -%> <% end -%>
Kind regards | Mit freundlichen Grüßen,
ATOS IT Solutions
for: IT/DT, IT-Sicherheit MCG/D
Mercedes Car Group/Development
Daimler AG, ITP/DT
Phone +49-(0)70 31 90-8 41 80
Fax +49-(0)70 31 90-8 41 11
If you are not the addressee, please inform us immediately that you have received this e-mail by mistake, and delete it. We thank you for your support.
Ewoud Kohl van Wijngaarden
On Thu, Jul 02, 2020 at 04:27:51PM +0000, sc.hechelmann@... wrote:
Hi there,Ths sounds valid but please submit this as a patch to Github
That way you get proper credit but it's also much easier to review for others.