Hi, (Squid version:
squid-2.4.STABLE4 and Openldap version: Openldap-2.0.19)
I configure squid to use
ldap_auth as external program authenticator, with this squid.conf
file
http_port 8080
icp_port 0 hierarchy_stoplist cgi-bin \? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY cache_swap_low 90 cache_swap_high 95 maximum_object_size 4096 KB cache_mem 32 MB cache_dir ufs /var/spool/squid 1000 16 256 reference_age 1 month quick_abort_min 16 KB quick_abort_min 16 KB quick_abort_pct 95 negative_ttl 5 minutes positive_dns_ttl 6 hours negative_dns_ttl 5 minutes redirect_rewrites_host_header off request_header_max_size 10 KB request_body_max_size 512 KB reply_body_max_size 512 KB authenticate_program /opt/squid/libexec/squid/ldap_auth authenticate_options localhost 389 ou=correo,dc=pruebas,dc=com uid authenticate_children 5 acl localnet src 10.10.21.240/255.255.255.255 acl localhost src 127.0.0.1/255.255.255.255 acl ldap proxy_auth REQUIRED acl Safe_ports port 80 443 210 119 70 21 1025-65535 acl CONNECT method CONNECT acl all src 0.0.0.0/0.0.0.0 http_access allow localnet http_access allow localhost http_access allow ldap http_access deny !Safe_ports http_access deny CONNECT http_access deny all cache_mgr pepe@ola.es cache_effective_user nobody cache_effective_group nobody log_icp_queries off cachemgr_passwd secret all buffered_logs on I just have created the cache
directories ( squid -z ), but when I up the squid this is the output
message:
[root@wapchat kk]# /opt/squid/bin/squid
2002/08/02 19:50:09| parseConfigFile: line 23 unrecognized: 'authenticate_options localhost 389 ou=correo,dc=pruebas,dc=com uid' [root@wapchat kk]# Message from syslogd@wapchat at Fri Aug 2 19:50:09 2002 ... wapchat kernel: <1>Unable to handle kernel NULL pointer dereference at virtual address 00000000 Message from syslogd@wapchat at Fri Aug 2
19:50:09 2002 ...
wapchat kernel: printing eip: Message from syslogd@wapchat at Fri Aug 2
19:50:09 2002 ...
wapchat kernel: d08eeb4f Message from syslogd@wapchat at Fri Aug 2
19:50:09 2002 ...
wapchat kernel: *pde = 00000000 Message from syslogd@wapchat at Fri Aug 2
19:50:09 2002 ...
wapchat kernel: Oops: 0000 Message from syslogd@wapchat at Fri Aug 2
19:50:09 2002 ...
wapchat kernel: CPU: 0 Message from syslogd@wapchat at Fri Aug 2
19:50:09 2002 ...
wapchat kernel: EIP: 0010:[sym53c8xx:__insmod_sym53c8xx_S.bss_L4+768827/234812305] Message from syslogd@wapchat at Fri Aug 2
19:50:10 2002 ...
wapchat kernel: EIP: 0010:[<d08eeb4f>] Message from syslogd@wapchat at Fri Aug 2
19:50:10 2002 ...
wapchat kernel: EFLAGS: 00010246 Message from syslogd@wapchat at Fri Aug 2
19:50:10 2002 ...
wapchat kernel: eax: bffff880 ebx: 00000005 ecx: 00000000 edx: 00000000 Message from syslogd@wapchat at Fri Aug 2
19:50:10 2002 ...
wapchat kernel: esi: 00000000 edi: c51bbf6c ebp: c51bbfbc esp: c51bbf34 Message from syslogd@wapchat at Fri Aug 2
19:50:10 2002 ...
wapchat kernel: ds: 0018 es: 0018 ss: 0018 Message from syslogd@wapchat at Fri Aug 2
19:50:10 2002 ...
wapchat kernel: Process squid (pid: 24368, stackpage=c51bb000) Message from syslogd@wapchat at Fri Aug 2
19:50:10 2002 ...
wapchat kernel: Stack: 00660004 00005eb3 0000000f 00000000 00000000 c51ba23c c51bbf9c d08ef07d Message from syslogd@wapchat at Fri Aug 2
19:50:10 2002 ...
wapchat kernel: 00000006 00005f30 69757173 00000064 00000000 00000000 3d4ac64d 00091e0d Message from syslogd@wapchat at Fri Aug 2
19:50:10 2002 ...
wapchat kernel: 00000000 00000000 00000000 c0907aa0 00000000 bffff8ac bffff8f8 c01350f3 Message from syslogd@wapchat at Fri Aug 2
19:50:10 2002 ...
wapchat kernel: Call Trace: [sym53c8xx:__insmod_sym53c8xx_S.bss_L4+770153/234810979] [filp_close+83/96] [system_call+51/56] Message from syslogd@wapchat at Fri Aug 2
19:50:10 2002 ...
wapchat kernel: Call Trace: [<d08ef07d>] [<c01350f3>] [<c0106f0b>] Message from syslogd@wapchat at Fri Aug 2
19:50:10 2002 ...
wapchat kernel: Message from syslogd@wapchat at Fri Aug 2
19:50:10 2002 ...
wapchat kernel: Code: 66 83 3e 02 c7 45 b0 05 00 00 00 75 60 8d 56 04 83 ec 08 0f ¿ Why is not valid the value
'authenticate_options localhost 389 ou=correo,dc=pruebas,dc=com uid', please ?,
thus the mesage in the cache.log is this one:
2002/08/02 19:50:06| Squid Cache (Version
2.4.STABLE4): Exiting normally.
2002/08/02 19:50:09| Starting Squid Cache version 2.4.STABLE4 for i686-pc-linux-gnu... 2002/08/02 19:50:09| Process ID 24367 2002/08/02 19:50:09| With 1024 file descriptors available 2002/08/02 19:50:09| Performing DNS Tests... 2002/08/02 19:50:09| Successful DNS name lookup tests... 2002/08/02 19:50:09| DNS Socket created on FD 4 2002/08/02 19:50:09| Adding nameserver 212.73.32.3 from /etc/resolv.conf 2002/08/02 19:50:09| Adding nameserver 193.127.1.11 from /etc/resolv.conf 2002/08/02 19:50:09| helperOpenServers: Starting 5 'ldap_auth' processes 2002/08/02 19:50:09| WARNING: Cannot run '/opt/squid/libexec/squid/ldap_auth' process. 2002/08/02 19:50:09| WARNING: Cannot run '/opt/squid/libexec/squid/ldap_auth' process. 2002/08/02 19:50:09| WARNING: Cannot run '/opt/squid/libexec/squid/ldap_auth' process. 2002/08/02 19:50:09| WARNING: Cannot run '/opt/squid/libexec/squid/ldap_auth' process. 2002/08/02 19:50:09| WARNING: Cannot run '/opt/squid/libexec/squid/ldap_auth' process. However the file ldap_auth have
this permisions:
[root@wapchat kk]# ls -laF
/opt/squid/libexec/squid/ldap_auth
-rwsr-sr-x 1 root root 30456 ago 2 16:40 /opt/squid/libexec/squid/ldap_auth* And this module works
succesfully, like this:
[root@wapchat kk]#
/opt/squid/libexec/squid/ldap_auth localhost 389 ou=correo,dc=pruebas,dc=com
uid
dummy pruebas OK ¿ How could I configure the
authenticate_options in the squid.conf, please ?, ¿ and why the squid Cannot
run '/opt/squid/libexec/squid/ldap_auth' process, adding this messages in
the cache.log, please?
Best regards.
|