> -----Original Message----- > From: Amos Jeffries > Sent: Friday, April 30, 2010 1:26 AM > >>> my squid.conf looks like this: > >>> > >>> 1742 auth_param basic program /usr/lib/squid3/sasl_auth > >>> /etc/postfix/sasl/smtpd.conf > >> Does it actually need the config file listed? My understanding was > >> that placing it in /usr/lib/sasl caused SASL to load it > automatically > >> as needed. > > > > Interesting - part of the problem I guess is that I didn't really > understand the sasl mech when I set it up - and I can't really > remember what I did. I only have .h and .c files in /usr/lib/sasl - > after a bit of looking I found a file at /etc/default/saslauth that > seems to list the config options for sasl. What I don't seem to be > able to do at the moment is to tell /usr/lib/squid3/sasl_auth where > or to do what it needs to do. (The file /etc/postfix/sasl/smtpd.conf > tells saslauth what query to run on the DB to compare credentials. > I'll keep trying. Perhaps Ralf can help - since I largely set up SASL with his and Patrick's help *wave* > >>> Trying > >>> /usr/sbin/squid3 from the commandline with -d9 -N gives me too > much > >>> information although I'm trying now to trap it and see, but > having > >>> spent > >> 48 > >>> hours to get this far, I thought I'd ask. It's probably as > simple > >> as > >>> fixing line 1742, but I'd appreciate any pointers in doing that. > >>> > >> If this way gets too much there are two other helpers which may be > an > >> option for you: > >> POP3 helper (squid tries to use the credentials to login to the > POP > >> server and uses the success/fail result from that). > >> DB helper (Squid passes an SQL query direct to the MySQL > database. > >> Using the success/fail of that as the result) > > > > Frankly, either would be fine.. In fact, that's all that SASL is > doing. The only reason I went for SASL was because it was the only > thing I could find that seemed relevant to my system. MYSQL would be > more than adequate since it removes the middle-man.. However, I > don't find documentation on this. Can you point me to some? > > > > I found this: http://www.squid- > cache.org/Versions/v3/HEAD/manuals/basic_db_auth but I can't find > db_auth.pl on my system so I don't know what to put for the > auth_param basic program.. > > > > Thats manual you found is pretty much the entire documentation for > the DB helper. It does not mention that the --cond parameter can take > a whole string of complex condition if its quoted with "". > > Luckily that latter is a perl script. I have a temporary copy here: > http://treenet.co.nz/projects/squid/src/helpers/basic_auth/DB/basic_d > b_auth.in > > Just needs: > alter the @PERL@ in the first line > remove the file extension. > chmod / chown to the squid user with read/execute privileges. > configure squid.conf Forgive me for being an idiot. Sometimes what's clear to the person who wrote something is a complete black box to someone trying to use it (and I disclose I'm not techie, just a geek). That manual page doesn't say where these options should go. I presume on the command line (i.e. immediately following /usr/lib/squid3/basic_db_auth) as in /usr/lib/squid3/basic_db_auth --dsn=Mail --table=Accounts, etc. But is it --dsn=Mail or --dsn Mail (both are common in *nix world..) Also, could I put my args in a file (say /etc/squid3/dbauth) and just have: /usr/lib/squid3/basic_db_auth /etc/squid3/dbauth Finally, I opted for editing basic_db_auth (I would have opened it up even if I didn't need to change the @PERL@ and when I saw the my options in there, I figured that would be easiest route). However - and this may not be related, I'm getting a seg fault. donald:~# /etc/init.d/squid3 start Starting Squid HTTP Proxy 3.0: squid32010/04/30 15:19:31.080| Processing: 'log_fqdn on' 2010/04/30 15:19:31.080| Processing: 'dns_nameservers 127.0.0.1 8.8.8.8' 2010/04/30 15:19:31.080| Processing: 'auth_param basic program /usr/lib/squid3/libexec/basic_db_auth ' 2010/04/30 15:19:31.080| storeDirWriteCleanLogs: Starting... 2010/04/30 15:19:31.080| file_open: FD 5 /etc/init.d/squid3: line 32: 19094 Segmentation fault start-stop-daemon --quiet --start --pidfile $PIDFILE --exec $DAEMON -- $SQUID_ARGS </dev/null failed! I googled, but the only results I could find were in Japanese.. Simon
