我正在尝试安装squid 3.5.4(在docker上,运行debian 8)并以ssl-bump模式运行它。汇编:
./configure --prefix=/opt/squid --srcdir=. --disable-maintainer-mode \
--disable-dependency-tracking --disable-silent-rules --enable-inline\
--disable-arch-native --enable-async-io=8 \
--enable-storeio=ufs,aufs,diskd,rock \
--enable-removal-policies=lru,heap --enable-delay-pools \
--enable-cache-digests --enable-icap-client \
--enable-follow-x-forwarded-for \
--enable-auth-basic=DB,fake,getpwnam,LDAP,MSNT-multi-domain,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB \
--enable-auth-digest=file,LDAP \
--enable-auth-negotiate=kerberos,wrapper \
--enable-auth-ntlm=fake,smb_lm \
--enable-external-acl-helpers=file_userip,kerberos_ldap_group,LDAP_group,session,SQL_session,unix_group,wbinfo_group \
--enable-url-rewrite-helpers=fake --enable-eui \
--enable-esi --enable-icmp --enable-zph-qos \
--disable-translation --with-filedescriptors=65536 \
--with-large-files --with-default-user=squid \
--enable-linux-netfilter \
CFLAGS="-g -O2 -fPIE -Wall" LDFLAGS="-fPIE -pie -Wl,-z,relro -Wl,-z,now" CPPFLAGS="-D_FORTIFY_SOURCE=2" \
CXXFLAGS="-g -O2 -fPIE " --enable-ssl --with-openssl --enable-ssl-crtd
更改配置(squid.conf)(其余为默认值):
# Squid normally listens to port 3128 \
http_port 9090
sslcrtd_program /opt/squid/libexec/ssl_crtd -s …问题陈述:
配置:
进步:
可以使用[OUTSIDE JENKINS]
reprepro --ask-passphrase -Vb . includedeb ${_repo_name} ${_pkg_location}
从 gpg-agent 获取密码短语并签署 repo。
问题:
代码:
启动 gpg 代理:
GPGAGENT=/usr/bin/gpg-agent
GNUPG_PID_FILE=${GNUPGHOME}/gpg-agent-info
GNUPG_CFG=${GNUPGHOME}/gpg.conf
GNUPG_CFG=${GNUPGHOME}/gpg-agent.conf
function start_gpg_agent {
GPG_TTY=$(tty)
export GPG_TTY
if [ -r "${GNUPG_PID_FILE}" ]
then
source "${GNUPG_PID_FILE}" count=$(ps lax | grep "${GPGAGENT}" | grep "$SSH_AGENT_PID" | wc -l)
if …