]>
Commit | Line | Data |
---|---|---|
980909fd | 1 | .if !'po4a'hide' .TH basic_pam_auth 8 "5 Sep 2003" |
fab7a87e | 2 | . |
3 | .SH NAME | |
d632afde | 4 | basic_pam_auth \- PAM Basic authentication helper for Squid |
fab7a87e | 5 | . |
6 | .SH SYNOPSIS | |
980909fd AJ |
7 | .if !'po4a'hide' .B "basic_pam_auth [\-n \"" |
8 | service name | |
b8e70af0 | 9 | .if !'po4a'hide' .B "\"] [\-t " |
980909fd AJ |
10 | TTL |
11 | .if !'po4a'hide' .B "] [\-o] [\-1]" | |
fab7a87e | 12 | . |
fab7a87e | 13 | .SH DESCRIPTION |
92a0c1e0 AJ |
14 | .B basic_pam_auth |
15 | allows Squid to connect to a mostly any available PAM | |
fab7a87e | 16 | database to validate the user name and password of Basic HTTP |
17 | authentication. | |
18 | . | |
980909fd AJ |
19 | .SH OPTIONS |
20 | .if !'po4a'hide' .TP 12 | |
b8e70af0 | 21 | .if !'po4a'hide' .B "\-s " "service\-name" |
92a0c1e0 AJ |
22 | Specifies the PAM service name Squid uses, defaults to |
23 | .B squid | |
fab7a87e | 24 | . |
980909fd | 25 | .if !'po4a'hide' .TP |
b8e70af0 | 26 | .if !'po4a'hide' .B "\-t " TTL |
2900aadb | 27 | Enables persistent PAM connections where the connection to the PAM |
28 | database is kept open and reused for new logins. The TTL specifies | |
34de5a0a | 29 | how long the connection will be kept open (in seconds). Default is |
2900aadb | 30 | to not keep PAM connections open. Please note that the use of |
31 | persistent PAM connections is slightly outside the PAM | |
32 | specification and may not work with all PAM configurations. | |
fab7a87e | 33 | . |
980909fd | 34 | .if !'po4a'hide' .TP |
b8e70af0 | 35 | .if !'po4a'hide' .B \-o |
1a44d781 | 36 | Do not perform the PAM account management group (account |
37 | expiration etc) | |
fab7a87e | 38 | . |
39 | .SH CONFIGURATION | |
fab7a87e | 40 | The program needs a PAM service to be configured in |
92a0c1e0 | 41 | .BR /etc/pam.conf |
fab7a87e | 42 | or |
92a0c1e0 | 43 | .BR /etc/pam.d/squid |
8c2b74bc | 44 | .PP |
92a0c1e0 | 45 | The default service name is |
56834b2a | 46 | .B squid |
92a0c1e0 | 47 | , and the program makes use of the |
56834b2a AJ |
48 | .B auth |
49 | and | |
50 | .B account | |
fab7a87e | 51 | management groups to verify the password and the accounts validity. |
8c2b74bc | 52 | .PP |
fab7a87e | 53 | For details on how to configure PAM services, see the PAM |
54 | documentation for your system. This manual does not cover PAM | |
55 | configuration details. | |
56 | . | |
57 | .SH NOTES | |
58 | . | |
59 | When used for authenticating to local UNIX shadow password databases | |
60 | the program must be running as root or else it won't have sufficient | |
61 | permissions to access the user password database. Such use of this | |
62 | program is not recommended, but if you absolutely need to then make | |
63 | the program setuid root | |
8c2b74bc AJ |
64 | .if !'po4a'hide' .RS |
65 | .if !'po4a'hide' .P | |
4ac1334a | 66 | .if !'po4a'hide' .B chown root basic_pam_auth |
8c2b74bc | 67 | .if !'po4a'hide' .br |
4ac1334a | 68 | .if !'po4a'hide' .B chmod u+s basic_pam_auth |
8c2b74bc | 69 | .if !'po4a'hide' .RE |
980909fd | 70 | .PP |
fab7a87e | 71 | Please note that in such configurations it is also strongly recommended |
72 | that the program is moved into a directory where normal users cannot | |
73 | access it, as this mode of operation will allow any local user to | |
74 | brute-force other users passwords. Also note the program has not been | |
75 | fully audited and the author cannot be held responsible for any security | |
76 | issues due to such installations. | |
77 | . | |
78 | .SH AUTHOR | |
980909fd | 79 | This program and documentation was written by |
8c2b74bc | 80 | .if !'po4a'hide' .I Henrik Nordstrom <hno@squid-cache.org> |
fab7a87e | 81 | . |
cbee2c76 | 82 | .SH COPYRIGHT |
5b95b903 | 83 | .PP |
5b74111a | 84 | * Copyright (C) 1996-2018 The Squid Software Foundation and contributors |
5b95b903 AJ |
85 | * |
86 | * Squid software is distributed under GPLv2+ license and includes | |
87 | * contributions from numerous individuals and organizations. | |
88 | * Please see the COPYING and CONTRIBUTORS files for details. | |
ca02e0ec AJ |
89 | .PP |
90 | Squid | |
91 | .B basic_pam_auth | |
92 | and this manual is Copyright 1999,2002,2003 | |
93 | .if !'po4a'hide' .I Henrik Nordstrom <hno@squid-cache.org> | |
94 | . | |
95 | Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+). | |
92a0c1e0 | 96 | . |
fab7a87e | 97 | .SH QUESTIONS |
98 | Questions on the usage of this program can be sent to the | |
8c2b74bc | 99 | .I Squid Users mailing list |
8311b837 | 100 | .if !'po4a'hide' <squid-users@lists.squid-cache.org> |
fab7a87e | 101 | . |
102 | .SH REPORTING BUGS | |
c871f41e AJ |
103 | Bug reports need to be made in English. |
104 | See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report. | |
105 | .PP | |
8c2b74bc | 106 | Report bugs or bug fixes using http://bugs.squid-cache.org/ |
980909fd | 107 | .PP |
8c2b74bc | 108 | Report serious security bugs to |
8311b837 | 109 | .I Squid Bugs <squid-bugs@lists.squid-cache.org> |
980909fd | 110 | .PP |
8c2b74bc AJ |
111 | Report ideas for new improvements to the |
112 | .I Squid Developers mailing list | |
8311b837 | 113 | .if !'po4a'hide' <squid-dev@lists.squid-cache.org> |
fab7a87e | 114 | . |
980909fd AJ |
115 | .SH SEE ALSO |
116 | .if !'po4a'hide' .BR squid "(8), " | |
4ac1334a | 117 | .if !'po4a'hide' .BR pam "(3), " |
980909fd | 118 | .if !'po4a'hide' .BR pam.conf "(5), " |
92a0c1e0 AJ |
119 | .if !'po4a'hide' .BR chown "(1), " |
120 | .if !'po4a'hide' .BR chmod "(1), " | |
6d5cbee6 | 121 | .if !'po4a'hide' .BR GPL "(7), " |
980909fd | 122 | .br |
8c2b74bc | 123 | PAM Systems Administrator Guide |
6d5cbee6 AJ |
124 | .br |
125 | The Squid FAQ wiki | |
126 | .if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq | |
127 | .br | |
128 | The Squid Configuration Manual | |
129 | .if !'po4a'hide' http://www.squid-cache.org/Doc/config/ | |
130 |