>Geordie Williamson wrote:
>
> > helperOpenServers: starting 5 'pam_auth' processes.
> >
> > It halts here for about five minutes and then states:
> >
> > WARNING: Cannot run '/usr/local/squid/libexec/squid/pam_auth'.
>
> > I have also written a shell script authenticator which echos something
>to a
> > file as soon as it is run. This confirms that the auth module is not run
>by
> > squid and it is, as it says, that it can't run it.
>
>Ok, so the problem is not with pam_auth, but that Squid cannot start the
>auth helpers.
>
>The fact that it halts for 5 minutes makes me suspect there is some
>problem with the communication to the child processes. Make sure you
>have the loopback interface properly configured (lo, 127.0.0.1), and
>communication on this interface is not blocked by any ipchains/iptables
>firewalling.
Thankyou soo much!
I was blocking lo for some stupid reason!
Everything works fine now.
> > A friend of mine who has got pam_auth working suggested that I should
>have
> > pam_auth owned by root:root but with the 's' bits set: chmod ug+s
>pam_auth.
> > This didn't help.
>
>Making pam_auth suid root is only needed if you are authenticating to
>/etc/shadow. In all other configurations it should not be installed suid
>root for security reasons.
>
>Regards
>Henrik Nordström
>Squid Hacker
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
Received on Fri Oct 12 2001 - 00:19:34 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:41 MST