Re: [squid-users] Basic Pam authentification problem with on mandrake 9.0

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Fri, 23 Nov 2007 12:17:39 +0100

Looks fine to me.

On fre, 2007-11-23 at 10:46 +0000, Edjé wrote:
> Hello thank you for interest to my problem:
> But it doesn't success.
> I send you what permissions on files seem to be:
> -rwsr-xrr-x 1 root squid 5060 Aug 6 2002 /usr/lib/squid/pam_auth
> For lib directory of squid (/usr/lib/squid):
> drwxr-x--- 4 root squid 4096 Oct 31 17:46 squid/
>
> What do you think about?
>
> Selon Henrik Nordstrom <henrik@henriknordstrom.net>:
>
> > On tor, 2007-11-15 at 08:10 +0000, Edjé wrote:
> > > > Selon Henrik Nordstrom <henrik@henriknordstrom.net>:
> > > >
> > > > > On mån, 2007-11-05 at 09:52 +0000, Edjé wrote:
> > > > >
> > > > > > But some unix accounts authentication succeeded while others failed.
> > More
> > > > > if i
> > > > > > do the test on the server with /usr/lib/squid/pam_auth the problem is
> > the
> > > > > same.
> > > > > > This version(squid-2.4.STABLE7-2mdk) does it have a problem with
> > Mandrake
> > > > > 9.0?
> > > > > What can i do?
> > > >
> > > > Do you use shadow passwords? In such case squid_pam_auth needs to be
> > > > installed setuid root.
> > > >
> > > What this means? How can i do it? Thank you to help me understand.
> >
> > It means that if your system is using shadow passwords (most UNIX:es do
> > these days) then squid_pam_auth needs to be installed setuserid root.
> >
> > chown root /usr/local/squid/libexec/squid_pam_auth
> > chmod u+s /usr/local/squid/libexec/squid_pam_auth
> >
> > I'd also recommend restricting access to /usr/local/squid/libexec/ if
> > you allow users to login on the proxy server.
> >
> > chgrp squid /usr/local/squid/libexec/
> > chmod o= /usr/local/squid/libexec/
> >
> > assuming you have a group for squid..
> >
> > Regards
> > Henrik
> >
>
>
> --
> "Heureux ceux qui sont conscients de leur pauvreté spirituelle." - Mat 5:3(Les
> Saintes Ecritures - Traduction du monde nouveau).
>
> ----------------------------------------------------------------
> Ce message a été envoyé depuis le serveur de messagerie de l'Université de
> Lomé.
> Université de Lomé
> BP 1515
> Lomé TOGO.

Received on Fri Nov 23 2007 - 04:17:48 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:02 MST