Search squid archive

Re: getpwnam syntax

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



What a perfect way to end the work week!

The issue is resolved. The missing piece was to toggle the s bit on pam_auth.

chmod ug+s pam_auth

So thanks to everyone for contributing to my little problem, and I hope these emails will help others in their quest to pam authenticate their users!

Robert Denton
Network Administrator
Headsprout
800.401.5062 x1305
www.headsprout.com

On Jun 23, 2006, at 4:52 PM, Robert Denton wrote:

No such luck.  Here is what I have so far...

After installing pam-devel I was able to configure and make squid to use PAM. I also yum updated everything to make sure I wasn't missing anything, and that nothing I had was outdated.

I set the auth_param program to use the pam_auth.
I chown'd it to root, as suggested in the man page for pam_auth
I created the squid config file in pam.d
I restarted the squid service
authconfig shows USESHADOW=yes

As far as I can tell I have everything installed and configured correctly, yet I cannot authenticate to squid from a browser set to use this machine as a proxy. And I can clearly see the denials in messages as well as in the squid logs, such as...

Jun 23 16:47:38 stormcrow squid(pam_unix)[2680]: authentication failure; logname= uid=23 euid=23 tty= ruser= rhost= user=joe

So it sees the user, but it is not taking the password for some reason. Can anyone point me in the right direction on this?


Robert Denton
Network Administrator
Headsprout
800.401.5062 x1305
www.headsprout.com

On Jun 23, 2006, at 3:58 PM, Robert Denton wrote:

Terrific, I am making progress on this. The absense of the pam.conf file in /etc is irrelevant since, according to the man page for pam, the mere existence of the pam.d dir will cause pam to completely ignore pam.conf. I have such a dir. However inside there is NO squid file. My plan is to make one by doing this:

cp samba squid

since the samba file looks pretty simple and somewhat representative of the config files inside pam.d. Whatsmore, there is nothing inside samba that seems specific to samba, likewise with similar pam.d config files such as sudo, etc. Also, the follow example I found on the web is mostly the same but doesn't exactly match my system:

auth required /lib/security/pam_stack.so service=system- auth
     auth       required     /lib/security/pam_nologin.so
account required /lib/security/pam_stack.so service=system-auth password required /lib/security/pam_stack.so service=system-auth session required /lib/security/pam_stack.so service=system-auth

Does anyone see any problems with this? I will try it and report back the results.


Robert

On Jun 23, 2006, at 2:19 PM, Robert Denton wrote:

This note may have been a bit premature. I installed pam-devel and the make output is different, although the /etc/squid/libexec directory I was expecting to appear is still not there. A

find -name *pam_auth*  reveals there is such a file here:

./usr/lib/squid/pam_auth

which I suppose will work, but there is also no pam.conf file anywhere to be found. I am running red hat 9. Shouldn't there be a pam.conf file somewhere?






[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux