Hi,
I want my users to identify via
proxy_auth and i have following lines in squid.conf:
authenticate_program /usr/local/squid/bin/pam_auth
authenticate_children 5
authenticate_ttl 600
authenticate_ip_ttl 600
There is acl record:
acl V1 src 192.168.0.0/255.255.255.0
acl passwd proxy_auth REQUIRED
http_access allow V1 passwd
Authentification is working, but I have following problem: squid is IMHO
ingnoring authenticate_ttl 600, authenticate_ip_ttl 600 parameters. I'd
like to disable users to log via proxy more than once, as is written in
squid.conf. If i try to auth. myself from more than 1 IP, I'm refused
but if i try this once more, I'm allowed to browse from both IPs!! And
after time in authenticate_ttl my re-authentification in not required!
Pam_auth is running as suid root.
In /etc/pam.d/squid I have following:
auth required /lib/security/pam_pwdb.so shadow nullok
account required /lib/security/pam_pwdb.so
What's wrong? Can you hep me please? I'm running RH 5.2, 2.0.36, Squid
2.3stable2
Thanks a lot
Ales Rygl
-- ------------------------------------------------------------- Linux is like a wigwam - no windows, no gates, apache inside! ------------------------------------------------------------- Ing. Ales Rygl rygl@moa.jicinet.cz ICQ 4616993 -------------------------------------------------------------Received on Fri Apr 21 2000 - 04:28:58 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:53:00 MST