[Slackbuilds-users] squid options

Robby Workman rworkman at slackbuilds.org
Sun Jan 4 19:35:14 UTC 2015


On Sun, 4 Jan 2015 11:24:23 -0500
xgizzmo at gmail.com wrote:

> On Saturday 03 January 2015 08:15:00 Helmut Hullen wrote:
> > Hallo, slackbuilds-users,
> > 
> > could it be that in the squid SBo packet the
> > 
> >         /usr/libexec/basic_*_auth
> > 
> > files must have the suid flag?
> > 
> > I use the "getpwnam" file, and without this flag the acl
> > 
> > auth_param basic
> > program /usr/libexec/basic_getpwnam_auth /etc/shadow
> > 
> > produces strange error messages (it tells that there are not
> > enough basic children).
> > 
> > Viele Gruesse!
> > Helmut
>  
> From the man page Quote:
> " When used for authenticating to local UNIX shadow password
> databases the program must be running as root or else it won’t have
> sufficient permissions to access the user password database. Such use
> of this program is not recommended, but if you absolutely need to
> then make the program setuid root. "
> 
> Obviously we won't do this in the slackbuild, the sysadmin can make 
> that choice.


I suspect that you can make it sgid shadow instead and it will work
just fine - I'd try that before making it suid root.

-RW
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.slackbuilds.org/pipermail/slackbuilds-users/attachments/20150104/b22ead49/attachment-0001.asc>


More information about the SlackBuilds-users mailing list