On Saturday 31 May 2003 07.11, Mohammad Shakir wrote: > Dear, > > in squid.conf I have set "cache_effective_user squid" and here is > my files permissions
> -rwxr-xr-x 1 root root 5148 Mar 23 2002 pam_auth This is not installed correctly. See my previous reply: >> Make sure the pam_auth helper is installed correctly and that the >> squid PAM service is configured correctly. pam_auth needs to be >> installed set-user-id root to be allowed to verify the passwords of >> other users than the user Squid runs as (cache_effective_user). > one more thing at command prompt from root when I run pam_auth > shakir shakir, its do nothing, so by del key I terminate this > process. and in my browser in username password window when I enter > password its show authtication fail. This is not the tests I asked you to run. See my previous reply: >> To verify the squid PAM service configuration run pam_auth from the >> command line as root, and then type a >> username password >> >> If the above works then verify that pam_auth is installed correctly >> by running it as the cache_effective_user (use the su command to >> change user). To clarify Run /usr/lib/squid/pam_auth from the command line. Then give lines consisting of username <space> password <enter> as input to the program while it is running. If it works the program will respond with OK/ERR, once per line of input. Regards Henrik > Henrik Nordstrom <[EMAIL PROTECTED]> wrote: > > On Friday 30 May 2003 14.49, Mohammad Shakir wrote: > > authenticate_program /usr/lib/squid/pam_auth > > acl mypassword proxy_auth shakir > > http_acess allow mypassword > > > > when I use proxy then user name and password window is > > also appear but its not verify my password from > > /etc/shadow file, I have also create a user shakir by > > adduser command. > > Make sure the pam_auth helper is installed correctly and that the > squid PAM service is configured correctly. pam_auth needs to be > installed set-user-id root to be allowed to verify the passwords of > other users than the user Squid runs as (cache_effective_user). > > To verify the squid PAM service configuration run pam_auth from the > command line as root, and then type a > username password > > If the above works then verify that pam_auth is installed correctly > by running it as the cache_effective_user (use the su command to > change user). > > > some of friends advise me to recomplie squid source > > with externel authentication but I do not know how to > > recomplie and after recompling this problem will slove > > ? > > No. There is no such recompile needed. > > A standard compile of Squid includes basic authentication, and if > you have the pam_auth helper available then you have all components > needed. > > Only if you want to use other authentication schemes than basic > authentication such as NTLM or Digest authentication then a > recompile of Squid is needed. However, neither NTLM or Digest > authentication can use your /etc/shadow file as user database.. > (not mathematically possible). > > Regards > Henrik -- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, [EMAIL PROTECTED]
