Go to main content

man pages section 8: System Administration Commands

Exit Print View

Updated: Wednesday, July 27, 2022

basic_pam_auth (8)


basic_pam_auth - PAM Basic authentication helper for Squid


basic_pam_auth [-n service name  TTL ] [-o] [-1]


basic_pam_auth(8)           System Manager's Manual          basic_pam_auth(8)

       basic_pam_auth - PAM Basic authentication helper for Squid

       basic_pam_auth [-n service name  TTL ] [-o] [-1]

       basic_pam_auth  allows  Squid  to connect to a mostly any available PAM
       database to validate the user name and password of Basic HTTP authenti-

       -s  service-name
                   Specifies  the  PAM  service  name  Squid uses, defaults to

       -t  TTL     Enables persistent PAM connections where the connection  to
                   the  PAM  database  is kept open and reused for new logins.
                   The TTL specifies how long the connection will be kept open
                   (in seconds).  Default is to not keep PAM connections open.
                   Please note that the use of persistent PAM  connections  is
                   slightly  outside  the  PAM  specification and may not work
                   with all PAM configurations.

       -o          Do not perform the PAM account  management  group  (account
                   expiration etc)

       The  program  needs  a PAM service to be configured in /etc/pam.conf or

       The default service name is squid , and the program makes  use  of  the
       auth  and  account  management  groups  to  verify the password and the
       accounts validity.

       For details on how to configure PAM services, see the PAM documentation
       for your system. This manual does not cover PAM configuration details.

       See attributes(7) for descriptions of the following attributes:

       |Availability   | web/proxy/squid  |
       |Stability      | Uncommitted      |

       When  used  for  authenticating to local UNIX shadow password databases
       the program must be running as root or else it  won't  have  sufficient
       permissions to access the user password database. Such use of this pro-
       gram is not recommended, but if you absolutely need to  then  make  the
       program setuid root

              chown root basic_pam_auth
              chmod u+s basic_pam_auth

       Please note that in such configurations it is also strongly recommended
       that the program is moved into a directory where  normal  users  cannot
       access  it,  as  this  mode  of  operation will allow any local user to
       brute-force other users passwords. Also note the program has  not  been
       fully  audited  and the author cannot be held responsible for any secu-
       rity issues due to such installations.

       Source code for open source software components in Oracle  Solaris  can
       be found at https://www.oracle.com/downloads/opensource/solaris-source-

       This    software    was    built    from    source     available     at
       https://github.com/oracle/solaris-userland.    The  original  community
       source    was    downloaded    from     http://www.squid-cache.org/Ver-

       Further information about this software can be found on the open source
       community website at http://www.squid-cache.org/.

       This  program  and  documentation  was  written  by  Henrik   Nordstrom

        *  Copyright (C) 1996-2021 The Squid Software Foundation and contribu-
        * Squid software is distributed under GPLv2+ license and includes
        * contributions from numerous individuals and organizations.
        * Please see the COPYING and CONTRIBUTORS files for details.

       Squid basic_pam_auth and this manual is Copyright 1999,2002,2003 Henrik
       Nordstrom  <hno@squid-cache.org> Distributed under the GNU General Pub-
       lic License (GNU GPL) version 2 or later (GPLv2+).

       Questions on the usage of this program can be sent to the  Squid  Users
       mailing list <squid-users@lists.squid-cache.org>

       Bug  reports  need  to  be  made  in  English.   See http://wiki.squid-
       cache.org/SquidFaq/BugReporting for details of what you need to include
       with your bug report.

       Report bugs or bug fixes using http://bugs.squid-cache.org/

       Report  serious  security  bugs  to Squid Bugs <squid-bugs@lists.squid-

       Report ideas for new improvements to the Squid Developers mailing  list

       squid(8), pam(3), pam.conf(5), chown(1), chmod(1), GPL(7),
       PAM Systems Administrator Guide
       The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq
       The Squid Configuration Manual http://www.squid-cache.org/Doc/config/

                                  5 Sep 2003                 basic_pam_auth(8)