Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   31559 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

pam_auth(8)					      pam_auth(8)

NAME
       pam_auth - Squid PAM authentication helper

SYNOPSIS
       squid_pam_auth [-n "service name"] [-t TTL] [-o] [-1]

DESCRIPTION
       This helper allows Squid to connect to a mostly any avail-
       able PAM database to validate the user name  and	 password
       of Basic HTTP authentication.

       -s service-name
	      Specifies the PAM service name Squid uses, defaults
	      to "squid"

       -t TTL Unless the -1 option is used,  this  specified  for
	      how  long the connection to the PAM database should
	      be kept open and reused for new logins. Defaults to
	      60 seconds.

       -o     Do  not  perform	the  PAM account management group
	      (account expiration etc)

       -1     Specifies "One shot" mode, where a new PAM  connec-
	      tion  will be opened for each new user. This is how
	      PAM is normally used and may be  required	 by  some
	      backend databases.  The default is to reuse the PAM
	      connection to maximize performance. (see -t above)

CONFIGURATION
       The program needs  a  PAM  service  to  be  configured  in
       /etc/pam.conf or /etc/pam.d/<servicename>

       The default service name is "squid", and the program makes
       use of the 'auth' and 'account' management groups to  ver-
       ify the password and the accounts validity.

       For  details on how to configure PAM services, see the PAM
       documentation for your system. This manual does not  cover
       PAM configuration details.

NOTES
       When used for authenticating to local UNIX shadow password
       databases the program must be running as root or	 else  it
       won't have sufficient permissions to access the user pass-
       word database. Such use of  this	 program  is  not  recom-
       mended,	but  if you absolutely need to then make the pro-
       gram setuid root

	      chown root pam_auth
	      chmod u+s pam_auth

       Please  note  that  in  such  configurations  it	 is  also
       strongly	 recommended  that  the	 program  is moved into a
       directory where normal users cannot  access  it,	 as  this
       mode of operation will allow any local user to brute-force
       other users passwords. Also note the program has not  been
       fully  audited  and  the author cannot be held responsible
       for any security issues due to such installations.

AUTHOR
       Squid pam_auth and this manual is written by Henrik  Nord-
       strom <hno@squid-cache.org>

COPYRIGHT
       Squid pam_auth and this manual is Copyright 1999,2002 Hen-
       rik Nordstrom <hno@squid-cache.org>

QUESTIONS
       Questions on the usage of this program can be sent to  the
       Squid Users <squid-users@squid-cache.org> mailing list.

REPORTING BUGS
       Report  bugs or bug-fixes to Squid Bugs <squid-bugs@squid-
       cache.org> or ideas for new improvements to Squid Develop-
       ers <squid-dev@squid-cache.org>

SEE ALSO
       pam(8), PAM Systems Administrator Guide

Squid PAM Auth		   15 May 2002		      pam_auth(8)

Vote for polarhome