-
Notifications
You must be signed in to change notification settings - Fork 135
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
duo_pam http_proxy not working on anything but port 8080 #153
Comments
Hi! How to view the ports
This is on a vanilla system and as you can see 8888 is not in either list. To add 8888 to your SELinux policy (http_cache_port is meant for proxies so I would recommend that type)
Or to disable SELinux instead
|
Ohhhh.. that makes sense.. I hate selinux, tends to cause way to many problems. |
Maybe want to update the documentation to mention something like that? |
That's good feedback. I'll take a note that we should consider adding this to our FAQ somewhere. |
Summary
When setting up duo_pam on my centos 7 environment. I'd originally setup DUO_AUTH_PROXY as an http_proxy for duo_pam, and everything worked fine (DUO_AUTH_PROXY defaults to 8080 as the port for proxying).
I then tried to setup tinyproxy (defaults to 8888) and squid (on 8888), configured duo_pam to listen on the new port, and things just didn't want to work. I couldn't even see the inbound (or outbound) connection on wireshark.
So on a hunch, I changed the port for tinyproxy and squid to 8080 and updated and wow they started working.
Steps to reproduce
Specs
The text was updated successfully, but these errors were encountered: