Source: squid3 Version: 3.1.20-2.2+deb7u2 Severity: normal Dear Maintainer,
I have noticed that after recent security update of squid3, pam_auth stopped working. Users are authenticated with basic auth, but even if they supply the right credentials, they sill get: "Cache Access Denied." I have tracked the problem to /usr/lib/squid3/pam_auth, which used to have setuid bit, but does not have it any more. Setting the file to proxy:shadow 2750, or root:proxy 4750 solved the problem. I'm not sure which of the two is preferred. Simple test is to run /usr/lib/squid3/pam_auth from command line and enter "name password". If run as root, OK is returned, if run as normal user you get ERR, unless you have the proper setgid or setuid bits. This applies to wheezy as well as squeeze-lts. Should I file a separate bug for squeeze-lts? -- System Information: Debian Release: 7.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'squeeze-lts'), (500, 'oldstable-updates'), (500, 'stable'), (500, 'oldstable') Architecture: i386 (i686) Kernel: Linux 3.2.0-4-686-pae (SMP w/8 CPU cores) Locale: LANG=, LC_CTYPE= (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
