1basic_sasl_auth(8)          System Manager's Manual         basic_sasl_auth(8)
2
3
4

NAME

6       basic_sasl_auth  -  Basic  Authentication  using SASL (specifically the
7       cyrus-sasl authentication method)
8
9       Version 1.0
10

SYNOPSIS

12       basic_sasl_auth
13

DESCRIPTION

15       basic_sasl_auth is an installed binary helper for Squid. SASL  is  con‐
16       figurable  (somewhat  like  PAM).   Each service authenticating against
17       SASL identifies itself with an application name.  Each application  can
18       be configured independently by the SASL administrator.
19

CONFIGURATION

21       To   configure   the   authentication   method   used   the   file  ba‐
22       sic_sasl_auth.conf can be placed in the appropriate  location,  usually
23       /usr/lib/sasl.
24
25       The authentication database is defined by the pwcheck_method parameter.
26       Only the PLAIN authentication mechanism is used.
27
28       Examples: pwcheck_method:sasldb use sasldb - the  default  if  no  conf
29       file is installed.  pwcheck_method:pam
30        - use PAM authentication database pwcheck_method:passwd
31        - use traditional /etc/passwd pwcheck_method:shadow
32        - use slightly less traditional /etc/shadow
33
34       Others  methods  may  be  supported by your cyrus-sasl implementation -
35       consult your cyrus-sasl documentation for information.
36
37       Typically the authentication database ( /etc/sasldb , /etc/shadow , PAM
38       )  can  not  be accessed by a normal user. You should use setuid/setgid
39       and an appropriate user/group on the executable to allow the  authenti‐
40       cator to access the appropriate password database. If the access to the
41       database is not permitted then the authenticator  will  typically  fail
42       with "-1, generic error".
43
44              chown root.mail basic_sasl_auth
45              chmod ug+s basic_sasl_auth
46
47       If  the  application name basic_sasl_auth will also be used for the PAM
48       service name if pwcheck_method:pam is chosen. And example PAM  configu‐
49       ration file basic_sasl_auth.pam is also included.
50

AUTHOR

52       This program was written by Ian Castle <ian.castle@coldcomfortfarm.net>
53
54       This  manual was written by Ian Castle <ian.castle@coldcomfortfarm.net>
55       Amos Jeffries <amosjeffries@squid-cache.org>
56

COPYRIGHT

58        * Copyright (C) 1996-2022 The Squid Software Foundation and  contribu‐
59       tors
60        *
61        * Squid software is distributed under GPLv2+ license and includes
62        * contributions from numerous individuals and organizations.
63        * Please see the COPYING and CONTRIBUTORS files for details.
64
65       This program and documentation is copyright to the authors named above.
66
67       Distributed under the GNU General Public License (GNU GPL) version 2 or
68       later (GPLv2+).
69

QUESTIONS

71       Questions on the usage of this program can be sent to the  Squid  Users
72       mailing list <squid-users@lists.squid-cache.org>
73

REPORTING BUGS

75       Bug  reports  need  to  be  made  in  English.   See http://wiki.squid-
76       cache.org/SquidFaq/BugReporting for details of what you need to include
77       with your bug report.
78
79       Report bugs or bug fixes using http://bugs.squid-cache.org/
80
81       Report  serious  security  bugs  to Squid Bugs <squid-bugs@lists.squid-
82       cache.org>
83
84       Report ideas for new improvements to the Squid Developers mailing  list
85       <squid-dev@lists.squid-cache.org>
86

SEE ALSO

88       squid(8),  SASL(3),  PAM(7),  passwd(1), shadow(5), chown(1), chmod(1),
89       GPL(7),
90       The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq
91       The Squid Configuration Manual http://www.squid-cache.org/Doc/config/
92
93
94
95                                                            basic_sasl_auth(8)