Provided by: squid3_3.3.8-1ubuntu6.11_amd64 bug

NAME

       basic_pam_auth - Squid PAM Basic authentication helper

SYNOPSIS

       basic_pam_auth [-n service name  TTL ] [-o] [-1]

DESCRIPTION

       basic_pam_auth  allows Squid to connect to a mostly any available PAM database to validate
       the user name and password of Basic HTTP authentication.

OPTIONS

       -s  service-name
                   Specifies the PAM service name Squid uses, defaults to squid

       -t  TTL     Enables persistent PAM connections where the connection to the PAM database is
                   kept open and reused for new logins. The TTL specifies how long the connection
                   will be kept open (in seconds).  Default is to not keep PAM connections  open.
                   Please note that the use of persistent PAM connections is slightly outside the
                   PAM specification and may not work with all PAM configurations.

       -o          Do not perform the PAM account management group (account expiration etc)

CONFIGURATION

       The program needs a PAM service to be configured in /etc/pam.conf or /etc/pam.d/squid

       The default service name is squid , and the program makes use  of  the  auth  and  account
       management groups to verify the password and the accounts validity.

       For  details  on how to configure PAM services, see the PAM documentation for your system.
       This manual does not cover PAM configuration details.

NOTES

       When used for authenticating to local UNIX shadow password databases the program  must  be
       running  as  root or else it won't have sufficient permissions to access the user password
       database. Such use of this program is not recommended, but if you absolutely need to  then
       make the program setuid root

              chown root basic_pam_auth
              chmod u+s basic_pam_auth

       Please  note  that in such configurations it is also strongly recommended that the program
       is moved into a directory where normal users cannot access it, as this mode  of  operation
       will  allow any local user to brute-force other users passwords. Also note the program has
       not been fully audited and the author cannot be held responsible for any  security  issues
       due to such installations.

AUTHOR

       This program and documentation was written by Henrik Nordstrom <hno@squid-cache.org>

COPYRIGHT

       Squid  basic_pam_auth  and  this  manual  is  Copyright  1999,2002,2003  Henrik  Nordstrom
       <hno@squid-cache.org> Distributed under the GNU General Public License (GNU GPL) version 2
       or later (GPLv2+).

QUESTIONS

       Questions on the usage of this program can be sent to the Squid Users mailing list <squid-
       users@squid-cache.org>

REPORTING BUGS

       Bug    reports    need    to    be    made    in    English.     See    http://wiki.squid-
       cache.org/SquidFaq/BugReporting  for  details  of  what  you need to include with your bug
       report.

       Report bugs or bug fixes using http://bugs.squid-cache.org/

       Report serious security bugs to Squid Bugs <squid-bugs@squid-cache.org>

       Report ideas for new improvements to the Squid Developers mailing  list  <squid-dev@squid-
       cache.org>

SEE ALSO

       squid(8), pam(3), pam.conf(5), chown(1), chmod(1), GPL(7),
       PAM Systems Administrator Guide
       The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq
       The Squid Configuration Manual http://www.squid-cache.org/Doc/config/

                                            5 Sep 2003                          basic_pam_auth(8)