Re: [squid-users] getpwnam syntax

What a perfect way to end the work week!

The issue is resolved. The missing piece was to toggle the s bit on
pam_auth.

chmod ug+s pam_auth

So thanks to everyone for contributing to my little problem, and I
hope these emails will help others in their quest to pam authenticate
their users!

Robert Denton
Network Administrator
Headsprout
800.401.5062 x1305
www.headsprout.com

On Jun 23, 2006, at 4:52 PM, Robert Denton wrote:

> No such luck. Here is what I have so far...
>
> After installing pam-devel I was able to configure and make squid
> to use PAM. I also yum updated everything to make sure I wasn't
> missing anything, and that nothing I had was outdated.
>
> I set the auth_param program to use the pam_auth.
> I chown'd it to root, as suggested in the man page for pam_auth
> I created the squid config file in pam.d
> I restarted the squid service
> authconfig shows USESHADOW=yes
>
> As far as I can tell I have everything installed and configured
> correctly, yet I cannot authenticate to squid from a browser set to
> use this machine as a proxy. And I can clearly see the denials in
> messages as well as in the squid logs, such as...
>
> Jun 23 16:47:38 stormcrow squid(pam_unix)[2680]: authentication
> failure; logname= uid=23 euid=23 tty= ruser= rhost= user=joe
>
> So it sees the user, but it is not taking the password for some
> reason. Can anyone point me in the right direction on this?
>
>
> Robert Denton
> Network Administrator
> Headsprout
> 800.401.5062 x1305
> www.headsprout.com
>
> On Jun 23, 2006, at 3:58 PM, Robert Denton wrote:
>
>> Terrific, I am making progress on this. The absense of the
>> pam.conf file in /etc is irrelevant since, according to the man
>> page for pam, the mere existence of the pam.d dir will cause pam
>> to completely ignore pam.conf. I have such a dir. However inside
>> there is NO squid file. My plan is to make one by doing this:
>>
>> cp samba squid
>>
>> since the samba file looks pretty simple and somewhat
>> representative of the config files inside pam.d. Whatsmore, there
>> is nothing inside samba that seems specific to samba, likewise
>> with similar pam.d config files such as sudo, etc. Also, the
>> follow example I found on the web is mostly the same but doesn't
>> exactly match my system:
>>
>> auth required /lib/security/pam_stack.so service=system-
>> auth
>> auth required /lib/security/pam_nologin.so
>> account required /lib/security/pam_stack.so
>> service=system-auth
>> password required /lib/security/pam_stack.so
>> service=system-auth
>> session required /lib/security/pam_stack.so
>> service=system-auth
>>
>> Does anyone see any problems with this? I will try it and report
>> back the results.
>>
>>
>> Robert
>>
>> On Jun 23, 2006, at 2:19 PM, Robert Denton wrote:
>>
>>> This note may have been a bit premature. I installed pam-devel
>>> and the make output is different, although the /etc/squid/libexec
>>> directory I was expecting to appear is still not there. A
>>>
>>> find -name *pam_auth* reveals there is such a file here:
>>>
>>> ./usr/lib/squid/pam_auth
>>>
>>> which I suppose will work, but there is also no pam.conf file
>>> anywhere to be found. I am running red hat 9. Shouldn't there
>>> be a pam.conf file somewhere?
>>
>
>
Received on Fri Jun 23 2006 - 15:21:26 MDT