Target of this Squid3 implementation is to authenticate against PAM.
It’s also possible to create a virtual user list, but if you have already a system with a bunch of system accounts. So here it is:
1 2 3 | from /etc/pam.d/squid auth required /lib/security/pam_unix.so account required /lib/security/pam_unix.so |
1 2 3 4 5 6 7 8 | from /etc/squid3/squid.conf auth_param basic program /usr/lib/squid3/pam_auth auth_param basic children 5 auth_param basic realm Proxy-Server proxy.drobot.de auth_param basic credentialsttl 8 hours auth_param basic casesensitive off acl checkpw proxy_auth REQUIRED http_access allow checkpw all |
After successful implementation of squid_auth users are still unable to authenticate via pam, from the auth.log
pam_unix(squid:auth): authentication failure; logname= uid=13 euid=13 tty= ruser= rhost= user=root
Setting permissions will solve this problem:
1 | chmod u+s /usr/lib/squid3/pam_auth |
Change diff:
1 2 | -rwxr-xr-x 1 root root 15280 Feb 23 17:12 /usr/lib/squid3/pam_auth -rwsr-xr-x 1 root root 15280 Feb 23 17:12 /usr/lib/squid3/pam_auth |
zeldor says
Ciantic, you need to fix permissions for “pam_unix.so” only if you have problem with authentication.
Please try to find this lib:
I mean pam_unix.so library is installed by default on your system.
Ciantic says
Ubuntu 12.04.2 LTS
I don’t have
/lib/security/pam_unix.so
file, I did however found out that installing “libpam-unix2” package it installspam_unix2.so
but it doesn’t work with that.How did you get pam_unix.so file?
Thanks.