Lars, Ensure the permissions on /var/cache/samba/winbindd_privileged are set as chown root:squid and chmod 750. This works for me, and I've been able to upgrade to Samba 3.0.7 without changing these permissions, or changing the user I run Samba under.
John -----Original Message----- From: Lars Roland [mailto:[EMAIL PROTECTED] Sent: 06 October 2004 12:24 To: Squid Subject: [squid-users] Squid failure with samba 3.0.7, Hi all I just tried updating our samba server to 3.0.7 (from an ealier 3.x release). Now winbind auth does not work any more, I get the folowing error in smbd.log. ---------------------------------------------------------------------------- ---------------------- [2004/10/06 13:16:18, 2] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(383) winbindd_pam_auth_crap: non-privileged access denied. ! winbindd_pam_auth_crap: Ensure permissions on /var/cache/samba/winbindd_privileged are set correctly. ---------------------------------------------------------------------------- ---------------------- Both smbd, nmbd and winbindd is run as root, squid runs as a squid user in a squid group. I have not had any problems with this setup/config before so I am a little in the dark about what privileges that should be set on the /var/cache/samba/winbindd_privileged directory. Googling around to find an answer gave me this post: http://www.squid-cache.org/mail-archive/squid-users/200406/0357.html But I am not 100% sure how to implement this (should I create a samba user/group and somhow get samba to run with these priviliges ?? - most samba setups I have came accrose runs as root, so doing so seams a little odd to me). Regards. Lars Roland ITIS Holdings plc www.itisholdings.com Station House, Stamford New Road Altrincham, Cheshire WA14 1EP +44(0)161 927 3600 +44(0)161 929 5074 (fax) Internet communications are not secure and therefore ITIS Holdings cannot accept responsibility for the contents of this message. If you wish to verify that this email is genuine please contact us at the address above. This email is confidential and is intended only for the named recipient. If you are not the intended recipient, any dissemination, copying or disclosure of this message is strictly prohibited. If you have received this email in error please delete this email and contact us immediately. Any personal opinions expressed in this email are those of the sender and should not be taken as being representative of ITIS Holdings plc.
