On 9/13/2012 10:28 PM, Marcio Merlone wrote:
We can try to help you figure out some basics and to move on from there.
What exactly do you need? LDAP or PAM?
See above. PAM is required for auth, LDAP is not needed if
squid_unix_group works - pam_ldap is working fine for users and auth.
Complied latest source squid-3.2.1.tar.gz as per Ubuntu docs like this:
./configure --prefix=/usr \
--localstatedir=/var \
--libexecdir=/usr/lib/squid3 \
--srcdir=. \
--datadir=/usr/share/squid3 \
--sysconfdir=/etc/squid3 \
--disable-ipv6 \
--enable-auth-basic="PAM"
make all && make install
I would use without specifying PAM and compile all helpers that are in
squid for basic testing.
just notice that nothing is forcing you to use specific directory for
squid and you can use two different compiled squid both at the same time
in different locations.
I like to use /opt/ and use only prefix which gives me an easy to use
and if needed chroot the process.
I have been using:
'--prefix=/opt/squid3120a' '--enable-delay-pools' '--enable-icap-client'
'--enable-ssl' '--enable-linux-netfilter' '--disable-translation'
'--disable-auto-locale' '--with-default-user=proxy' '--with-large-files'
'--with-dl' '--enable-esi' '--disable-ipv6'
which is kind of basic for my needs.
I wrote a start\stop\pasre\reload\restart init.d script by myself to
this specific system.
What I can say that if you are not bound to PAM\unix by default dont use
it yet.
There are better choices that can fit your needs.
If it's only for the proxy you can use other DB that will make it more
easy for squid helper to work with.
Other options are mysql\sqlite\nosql.
If you do have a list of needs Maybe it will be easy to implement
outside of PAM\LDAP.
Regards,
Eliezer
Could not yet test the results, will post here when done. I'll be glad
if you can advance some tips.
Thanks a lot and best regards.
--
Eliezer Croitoru
https://www1.ngtech.co.il
IT consulting for Nonprofit organizations
eliezer <at> ngtech.co.il
