vincent.blondel_at_ing.be wrote:
> Hello all,
>
> I really get a strange ( maybe not ?? ) problem. I get Squid 2.7.4
> running on Solaris 8 with Samba 3.0.32. My clients are essentially
> running Windows XP SP2 with IE6.
>
> authentication scheme is exclusively based on ntlm so this is the reason
> why winbindd is also running, smbd and nmbd are not running because I
> think this is not needed.
>
> this is all working fine but I randomly get thousands of lines appearing
> in cache.log file .. see below what I get.
>
> [2008/12/04 10:10:57, 0] utils/ntlm_auth.c:winbind_pw_check(515)
> Login for user [DOMAIN]\[user]@[desktop] failed due to [winbind client
> not authorized to use winbindd_pam_auth_crap. Ensure permissions on
> /var/l
> ib/samba/winbindd_privileged are set correctly.]
>
> process squid is running as user squid and group squidg so afaik
> permissions below are correct ..
>
> 342924 1 drwxr-x--- 5 root squidg 512 Dec 4 03:36
> /var/lib/samba
> 354946 1 drwxr-x--- 4 root squidg 512 Nov 18 01:34
> /var/lib/samba/locks
> 360979 1 drwxr-x--- 2 root squidg 512 Nov 18 01:34
> /var/lib/samba/locks/printing
> 366989 1 drwxr-x--- 2 root squidg 512 Nov 18 01:34
> /var/lib/samba/locks/winbindd_privileged
> 342930 8 -rw-r----- 1 root squidg 8192 Dec 4 03:37
> /var/lib/samba/gencache.tdb
> 342932 1 -rw-r----- 1 root squidg 696 Nov 18 01:34
> /var/lib/samba/idmap_cache.tdb
> 342933 1 -rw-r----- 1 root squidg 696 Dec 3 17:35
> /var/lib/samba/messages.tdb
> 342935 56 -rw------- 1 root root 57344 Dec 3 17:36
> /var/lib/samba/winbindd_cache.tdb
> 342936 29752 -rw-r----- 1 root squidg 30441472 Dec 4 09:58
> /var/lib/samba/netsamlogon_cache.tdb
> 138380 1 drwxr-x--- 2 root squidg 512 Dec 3 17:35
> /var/lib/samba/winbindd_privileged
> 138381 0 srwxrwxrwx 1 root root 0 Dec 3 17:35
> /var/lib/samba/winbindd_privileged/pipe
> 222599 1 drwxr-x--- 2 root squidg 512 Dec 4 03:36
> /var/lib/samba/smb_krb5
> 342937 1 -rw-r--r-- 1 root root 268 Dec 4 03:36
> /var/lib/samba/smb_krb5/krb5.conf.EUROPE
>
> I did not find any explanation right now except applying same security
> settings on directories again and reloading process squid.
>
> We are already running squid more than 3 years and never got the problem
> before ..
>
> Can somebody really help me because each time we encounter this issue
> hundreds of my users are impacted.
>
> many thanks for your help.
Please first ensure that you DO NOT have cache_effective_group
configured in your squid.conf.
All squid group settings under this setup need to be OS-defined
correctly and working properly that way.
Amos
-- Please be using Current Stable Squid 2.7.STABLE5 or 3.0.STABLE10 Current Beta Squid 3.1.0.2 or 3.0.STABLE11-RC1Received on Thu Dec 04 2008 - 12:48:14 MST
This archive was generated by hypermail 2.2.0 : Thu Dec 04 2008 - 12:00:01 MST