≡ Menu


Reload Squid Proxy Server Without Restarting Squid Daemon

I made some changes to the /etc/squid/squid.conf file and issued the command /sbin/service squid restart. However, this command takes way too much time to restart the server. How do I tell squid to just reread the config file and apply new changes under Linux operating systems?
[click to continue…]

Linux / Unix: SysVinit Services Restart vs Reload vs Condrestart

Can you tell me differences between the following sysvinit /sbin/service command:

service httpd restart

service httpd condrestart

service httpd reload

[click to continue…]

Linux Syslogd: Nothing Gets Logged Using /dev/log And /jail/apache/dev/log

I've configured my Apache in chrooted jail at /jail/apache directory. However, my syslogd is not working and nothing gets logged using /dev/log and /jail/apache/dev/log. How do I fix this problem under CentOS 5.x AMD64 with SELinux?
[click to continue…]

CentOS / Redhat Linux: Install OpenNTPD To Synchronize The Local Clock

OpenNTPD is a Unix system daemon implementing the Network Time Protocol to synchronize the local clock of a computer system with remote NTP servers. How do I install OpenNTPD under CentOS / RHEL / Fedora Linux instead of default NTPD client / server?
[click to continue…]

What Is Tux Web Server and How do I Use it?

Q. Can you explain the tux web server and its usage against regular apache httpd web server?
[click to continue…]

Remove Shutdown and Reboot Option from Linux GUI Login Screen ( GDM Setup )

Q. I've a central Linux test server. It has GDM based GUI login screen. How do I remove both shutdown and reboot server options from the login screen?
[click to continue…]

Linux / UNIX: Find out or determine if process pid is running

How do I find out my process is running on a Unix-like operating systems? How do I get the pid number for particular process on a Linux operating systems using bash shell?
[click to continue…]

Squid NTLM authentication configuration using ntlm_auth

Q. How do I configure squid for NTLM authentication?

A. You need to use squid ntlm_auth helper tool. It o allow external access to Winbind's NTLM authentication function. ntlm_auth uses winbind to access the user and authentication data for a domain.

Make sure winbindd is working

winbindd is a daemon that provides a number of services to the Name Service Switch capability found in most modern C libraries, to arbitary applications via PAM and ntlm_auth and to Samba itself. If you are not sure about winbindd, refer to official Samba documentation for configuration.

Configure squid for NTLM authentication

Open squid configuration file - squid.conf, enter:
# vi squid.conf
Append following configuration directive:
auth_param ntlm program /usr/lib/squid/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param basic program /usr/lib/squid/ntlm_auth --helper-protocol=squid-2.5-basic
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

To setup ntlm_auth for use by squid 2.5 with group limitation, add:
auth_param ntlm program /usr/lib/squid/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of="WORKGROUP\Domain Users"
auth_param basic program /usr/lib/squid/ntlm_auth --helper-protocol=squid-2.5-basic --require-membership-of="WORKGROUP\Domain Users"
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

OR You can also pass DOMAIN/PDC name:
auth_param ntlm program /usr/lib/squid/ntlm_auth DOMAINNAME/PDC
auth_param ntlm children 5
auth_param ntlm max_challenge_reuses 0
auth_param ntlm max_challenge_lifetime 2 minutes

Now add ACL configuration for ntlm_auth helper
acl ntlm_users proxy_auth REQUIRED
http_access allow ntlm_users
http_access deny all

Save and close the file. Restart Squid:
# /etc/init.d/squid restart
For more information:

Updated for accuracy.