Lennart Hansen wrote:
>
> Greetings..
>
> I was woundering if anyone had any idea who i could use the squid auth program so that it reads
> the newest /etc/shadow file, whitout running squid as root, or make the shadow file readable to other
> users ??
The purpose of shadow passwords is to restrict availability of password
information to root only. If you have a shadow passwd system, then you
either have to run the authenticator as root (preferably using
getspnam() or PAM to read the shadow file), or you have to export the
shadowed password information to a file readable by Squid.
The ncsa_auth authenticator rereads the specified password file if it
changes.
Suitable commands to export /etc/shadow to Squid:
Preparation:
touch /usr/local/squid/etc/passwd
chown squid /usr/local/squid/etc/passwd
chmod 600 /usr/local/squid/etc/passwd
cp /etc/shadow /usr/local/squid/etc/passwd
root crontab, once / hour or any other suitable interval:
#!/bin/sh
if [ /etc/shadow -nt /usr/local/squid/etc/passwd]; then
cp /etc/shadow /usr/local/squid/etc/passwd
fi
-- Henrik Nordstrom Spare time Squid hackerReceived on Tue May 25 1999 - 11:30:22 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:46:25 MST