[Slackbuilds-users] squid options
Robby Workman
rworkman at slackbuilds.org
Sun Jan 4 19:35:14 UTC 2015
On Sun, 4 Jan 2015 11:24:23 -0500
xgizzmo at gmail.com wrote:
> On Saturday 03 January 2015 08:15:00 Helmut Hullen wrote:
> > Hallo, slackbuilds-users,
> >
> > could it be that in the squid SBo packet the
> >
> > /usr/libexec/basic_*_auth
> >
> > files must have the suid flag?
> >
> > I use the "getpwnam" file, and without this flag the acl
> >
> > auth_param basic
> > program /usr/libexec/basic_getpwnam_auth /etc/shadow
> >
> > produces strange error messages (it tells that there are not
> > enough basic children).
> >
> > Viele Gruesse!
> > Helmut
>
> From the man page Quote:
> " When used for authenticating to local UNIX shadow password
> databases the program must be running as root or else it won’t have
> sufficient permissions to access the user password database. Such use
> of this program is not recommended, but if you absolutely need to
> then make the program setuid root. "
>
> Obviously we won't do this in the slackbuild, the sysadmin can make
> that choice.
I suspect that you can make it sgid shadow instead and it will work
just fine - I'd try that before making it suid root.
-RW
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.slackbuilds.org/pipermail/slackbuilds-users/attachments/20150104/b22ead49/attachment-0001.asc>
More information about the SlackBuilds-users
mailing list