PAM auth no longer works after upgrade to 16.04.1
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
squid (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Since upgrading from 15.10 to 16.04.1, PAM authentication no longer works.
(basic_
(basic_
(basic_
There's 2 issues with this:
1. /etc/pam.d/other does exist
2. But the service name is squid and /etc/pam.d/squid exists, containing:
auth required pam_unix.so
account required pam_unix.so
Squid config:
$ grep ^auth_param /etc/squid/
auth_param basic program /usr/lib/
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
Running basic_pam_auth myself works correctly:
$ sudo -u proxy /usr/lib/
user password
OK
$ apt-cache policy squid
squid:
Installed: 3.5.12-1ubuntu7.2
Candidate: 3.5.12-1ubuntu7.2
Version table:
*** 3.5.12-1ubuntu7.2 500
500 http://
500 http://
100 /var/lib/
3.
500 http://
Just figured out it was being eaten by AppArmor. authentication> d/local/ usr.sbin. squid
For anyone else, you need to add:
#include <abstractions/
to /etc/apparmor.
and reload apparmor