gist-diffs.txt

@@ -135,24 +135,30 @@ define sf_squid::firewall_allow::service ( $source = undef ) {
      }
 }
 define sf_squid::firewall_allow::output ( $destination = undef ) {
+
+    $uid = sf_get_uid($sf_squid::params::user)
+
     sf_firewall::basic { "00080 ${title}":
         proto       => 'tcp',
         dport       => '80',
         destination => $destination,
         action      => 'accept',
         chain       => 'OUTPUT',
-        uid         => $sf_squid::params::user
+        uid         => $uid,
     }
 }

 define sf_squid::firewall_allow::output_https ( $destination = undef ) {
+
+    $uid = sf_get_uid($sf_squid::params::user)
+
     sf_firewall::basic { "00443 ${title}":
         proto       => 'tcp',
         dport       => '443',
         destination => $destination,
         action      => 'accept',
         chain       => 'OUTPUT',
-        uid         => $sf_squid::params::user
+        uid         => $uid,
     }
 }

sf_get_uid.rb

require 'etc'

module Puppet::Parser::Functions

    newfunction(:sf_get_uid, :type => :rvalue) do |user|
        return_uid = nil
        Etc.passwd { |u|
            if u.name =~ /#{user}/
                return_uid = u.uid
                break
            end
        }
        return_uid
    end

end