mod_auth_pam apache pam
Hexren
me at hexren.net
Wed May 25 13:25:49 PDT 2005
> Ihsan Junaidi Ibrahim wrote:
> > I've encountered the problem as well and have lived without it since; if
>> I recalled correctly from a previous reply on this list, pam_unix.so
>> uses getpwnam () to fetch the password information. It will only return
>> the password if the calling process has an UID of 0 (root). Since your
>> apache is running as user www, that should explain why the
>> authentication failed.
>>
>> The only workaround is to have your apache runs as root or use a
>> different authentication back-end.
>>
> I forgot to add. Another suitable workaround is to use mod_auth_external
> (www/mod_auth_external) and pwauth (security/pwauth) to authenticate
> against but not limited to /etc/passwd. On a busy server, this may incur
> certain overhead but the important thing is that it does the job. It is
> more involving configuration-wise than mod_auth_pam but not by much.
> I have it running for WebDAV as well as password protected directories
> on an installation.
---------------------------------------------
I think I'll use mod_auth_external, in afterthought I was a bit narrow
minded to focus completly on mod_auth_pam instead of also looking for
other solutions. Thx for fixing that :-)
regards
Hexren
More information about the freebsd-questions
mailing list