Go to main content

man pages section 8: System Administration Commands

Exit Print View

Updated: Thursday, June 13, 2019
 
 

basic_pam_auth (8)

Name

basic_pam_auth - PAM Basic authentication helper for Squid

Synopsis

basic_pam_auth [-n service name  TTL ] [-o] [-1]

Description

basic_pam_auth(8)           System Manager's Manual          basic_pam_auth(8)



NAME
       basic_pam_auth - PAM Basic authentication helper for Squid

SYNOPSIS
       basic_pam_auth [-n service name  TTL ] [-o] [-1]

DESCRIPTION
       basic_pam_auth  allows  Squid  to connect to a mostly any available PAM
       database to validate the user name and password of Basic HTTP authenti-
       cation.

OPTIONS
       -s  service-name
                   Specifies  the  PAM  service  name  Squid uses, defaults to
                   squid

       -t  TTL     Enables persistent PAM connections where the connection  to
                   the  PAM  database  is kept open and reused for new logins.
                   The TTL specifies how long the connection will be kept open
                   (in seconds).  Default is to not keep PAM connections open.
                   Please note that the use of persistent PAM  connections  is
                   slightly  outside  the  PAM  specification and may not work
                   with all PAM configurations.

       -o          Do not perform the PAM account  management  group  (account
                   expiration etc)

CONFIGURATION
       The  program  needs  a PAM service to be configured in /etc/pam.conf or
       /etc/pam.d/squid

       The default service name is squid , and the program makes  use  of  the
       auth  and  account  management  groups  to  verify the password and the
       accounts validity.

       For details on how to configure PAM services, see the PAM documentation
       for your system. This manual does not cover PAM configuration details.


ATTRIBUTES
       See attributes(7) for descriptions of the following attributes:


       +---------------+------------------+
       |ATTRIBUTE TYPE | ATTRIBUTE VALUE  |
       +---------------+------------------+
       |Availability   | web/proxy/squid  |
       +---------------+------------------+
       |Stability      | Uncommitted      |
       +---------------+------------------+
NOTES
       When  used  for  authenticating to local UNIX shadow password databases
       the program must be running as root or else it  won't  have  sufficient
       permissions to access the user password database. Such use of this pro-
       gram is not recommended, but if you absolutely need to  then  make  the
       program setuid root

              chown root basic_pam_auth
              chmod u+s basic_pam_auth

       Please note that in such configurations it is also strongly recommended
       that the program is moved into a directory where  normal  users  cannot
       access  it,  as  this  mode  of  operation will allow any local user to
       brute-force other users passwords. Also note the program has  not  been
       fully  audited  and the author cannot be held responsible for any secu-
       rity issues due to such installations.

AUTHOR
       This  program  and  documentation  was  written  by  Henrik   Nordstrom
       <hno@squid-cache.org>

COPYRIGHT
        *  Copyright (C) 1996-2017 The Squid Software Foundation and contribu-
       tors
        *
        * Squid software is distributed under GPLv2+ license and includes
        * contributions from numerous individuals and organizations.
        * Please see the COPYING and CONTRIBUTORS files for details.

       Squid basic_pam_auth and this manual is Copyright 1999,2002,2003 Henrik
       Nordstrom  <hno@squid-cache.org> Distributed under the GNU General Pub-
       lic License (GNU GPL) version 2 or later (GPLv2+).

QUESTIONS
       Questions on the usage of this program can be sent to the  Squid  Users
       mailing list <squid-users@squid-cache.org>

REPORTING BUGS
       Bug  reports  need  to  be  made  in  English.   See http://wiki.squid-
       cache.org/SquidFaq/BugReporting for details of what you need to include
       with your bug report.

       Report bugs or bug fixes using http://bugs.squid-cache.org/

       Report serious security bugs to Squid Bugs <squid-bugs@squid-cache.org>

       Report  ideas for new improvements to the Squid Developers mailing list
       <squid-dev@squid-cache.org>

SEE ALSO
       squid(8), pam(3), pam.conf(5), chown(1), chmod(1), GPL(7),
       PAM Systems Administrator Guide
       The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq
       The Squid Configuration Manual http://www.squid-cache.org/Doc/config/



       This    software    was    built    from    source     available     at
       https://github.com/oracle/solaris-userland.    The  original  community
       source    was    downloaded    from     http://www.squid-cache.org/Ver-
       sions/v3/3.5/squid-3.5.27.tar.xz

       Further information about this software can be found on the open source
       community website at http://www.squid-cache.org/.



                                  5 Sep 2003                 basic_pam_auth(8)