Re: [squid-users] PAM does not work properly

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Wed, 20 Nov 2002 08:19:25 +0100

Michael Gens wrote:

> Hello Henrik,
>
> I thought following lines in /etc/squid/squid.conf will do that:
>
> ...
> acl checkpw proxy_auth REQUIRED
> ...
> http_access allow checkpw all
> ...

This part only tells Squid that it needs a password from the user. What
is missing is how Squid should verify this password.

In squid-2.5 this is set by the auth_param directive. In earlier squid
versions this is the authenticate_program directive.

You also need to build Squid-2.5 with support for the authentication
schemes you want to use ("basic" is enabled by default) and the
authentication helpers you want to use for each scheme (none enabled by
default, as we cannot guess what password database you are using)

See the configure directives
  --enable-auht=
  --enable-*-auth-helpers=

PAM is only one of many "password databases" Squid knows to use.

If you are using the pam_auth helper then you may also need to make sure
this helper is installed suid root and set up a PAM service definition
for Squid. See pam_auth.c for details.

Regards
Henrik
Received on Thu Nov 21 2002 - 09:19:46 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:20 MST