squid auth pam over mysql


here some nice walkthrough for a little tricky config 🙂

apt-get install libpam-mysql
vim /etc/pam.d/squid
auth required pam_mysql.so user=blahuser passwd=blahpwd db=blahdb host=localhost table=squiduser  usercolumn=user_name passwdcolumn=password crypt=0

for verbose pam auth logging under /var/log/auth.log use


you do not need to restart pam, pam does not run as daemon

vim /etc/squid/squid.conf
auth_param basic program /usr/lib/squid/pam_auth -o
auth_param basic children 10
auth_param basic realm proxy01
auth_param basic credentialsttl 2 hours
acl password-pam proxy_auth REQUIRED
http_access allow password-pam
#http_access allow localhost

the -o option defines pam with auth with no account management group (account expiration etc)
now restart you squid and auth over pam with msql

have fun!