> -----Original Message----- > From: Amos Jeffries > Sent: Wednesday, April 28, 2010 8:36 PM > > A general note; > Etch is soon to be on the pile of obsolete Deabian release. If you > can please upgrade to the current Debian stable. > Worst case please upgrade to the backports.org version of squid3. I'm dreading this - but yes, it's on the roadmap. But the Squid package was the latest. > > and this resource is not terrible verbose: > > > http://www.squid- > cache.org/Versions/v3/HEAD/manuals/basic_sasl_auth.8.html > > > > Any useful additions welcome. :) Gladly! As soon as I get it working/understand what the hell I'm doing.. :) > > > > my squid.conf looks like this: > > > > 1742 auth_param basic program /usr/lib/squid3/sasl_auth > > /etc/postfix/sasl/smtpd.conf > > Does it actually need the config file listed? My understanding was > that placing it in /usr/lib/sasl caused SASL to load it automatically > as needed. Interesting - part of the problem I guess is that I didn't really understand the sasl mech when I set it up - and I can't really remember what I did. I only have .h and .c files in /usr/lib/sasl - after a bit of looking I found a file at /etc/default/saslauth that seems to list the config options for sasl. What I don't seem to be able to do at the moment is to tell /usr/lib/squid3/sasl_auth where or to do what it needs to do. (The file /etc/postfix/sasl/smtpd.conf tells saslauth what query to run on the DB to compare credentials. I'll keep trying. > > Trying > > /usr/sbin/squid3 from the commandline with -d9 -N gives me too much > > information although I'm trying now to trap it and see, but having > > spent > 48 > > hours to get this far, I thought I'd ask. It's probably as simple > as > > fixing line 1742, but I'd appreciate any pointers in doing that. > > > > If this way gets too much there are two other helpers which may be an > option for you: > POP3 helper (squid tries to use the credentials to login to the POP > server and uses the success/fail result from that). > DB helper (Squid passes an SQL query direct to the MySQL database. > Using the success/fail of that as the result) Frankly, either would be fine.. In fact, that's all that SASL is doing. The only reason I went for SASL was because it was the only thing I could find that seemed relevant to my system. MYSQL would be more than adequate since it removes the middle-man.. However, I don't find documentation on this. Can you point me to some? I found this: http://www.squid-cache.org/Versions/v3/HEAD/manuals/basic_db_auth but I can't find db_auth.pl on my system so I don't know what to put for the auth_param basic program.. Thanks.
