On Sat, Aug 03, 2002 at 04:38:59PM +0600, Dr. Muhammad Masroor Ali wrote: > > I do not know why, it is not generating any record for me. I will repeat > my pam.d/squid file: > > # > auth required /lib/security/pam_securetty.so > session required /lib/security/pam_radius_auth.so debug > account required /lib/security/pam_radius_auth.so debug > auth required /lib/security/pam_radius_auth.so
hmm. Maybe squid isn't calling pam_session_*()? 'nm squid | grep pam_session_' output would be good to see. If it has no reference to the start/stop functions, you know squid isn't using them. But even if it does show those functions doesn't mean squid is actually calling them. So if you see the references, grab ftp://ftp.dementia.org/pub/pam/pam_syslog-980401.tar.gz and add session required /lib/security/pam_syslog.so debug before and after the session line for pam_radius_auth. That will tell you definitively if the session module is being used. > Frank Cusack wrote: > > > >Use the PAM "session" module to have pam_radius_auth generate radius > >accounting records. I don't know that this will be useful for squid; > >you'll have tons of start/stop records. > > > > Definitely we do not want tons of start/stop records. But I am not > getting even a milligram of it :-). On a more serious note, can not we > arrange to have two records at authentication. Two simultaneous records > for start and stop. Sure, but you'll have to patch the code. What you're suggesting is not suitable for general inclusion. /fc - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
