Re: [squid-users] Basic Pam authentification problem with on mandrake 9.0

From: Henrik Nordstrom <[email protected]>
Date: Tue, 20 Nov 2007 06:07:24 +0100

On tor, 2007-11-15 at 08:10 +0000, Edjé wrote:
> > Selon Henrik Nordstrom <henrik@henriknordstrom.net>:
> >
> > > On mån, 2007-11-05 at 09:52 +0000, Edjé wrote:
> > >
> > > > But some unix accounts authentication succeeded while others failed. More
> > > if i
> > > > do the test on the server with /usr/lib/squid/pam_auth the problem is the
> > > same.
> > > > This version(squid-2.4.STABLE7-2mdk) does it have a problem with Mandrake
> > > 9.0?
> > > What can i do?
> >
> > Do you use shadow passwords? In such case squid_pam_auth needs to be
> > installed setuid root.
> >
> What this means? How can i do it? Thank you to help me understand.

It means that if your system is using shadow passwords (most UNIX:es do
these days) then squid_pam_auth needs to be installed setuserid root.

chown root /usr/local/squid/libexec/squid_pam_auth
chmod u+s /usr/local/squid/libexec/squid_pam_auth

I'd also recommend restricting access to /usr/local/squid/libexec/ if
you allow users to login on the proxy server.

chgrp squid /usr/local/squid/libexec/
chmod o= /usr/local/squid/libexec/

assuming you have a group for squid..

Regards
Henrik

Received on Mon Nov 19 2007 - 22:07:31 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:02 MST