mod_auth_pam apache pam

Hexren me at hexren.net
Wed May 25 13:25:49 PDT 2005


> Ihsan Junaidi Ibrahim wrote:
>   > I've encountered the problem as well and have lived without it since; if
>> I recalled correctly from a previous reply on this list, pam_unix.so
>> uses getpwnam () to fetch the password information. It will only return
>> the password if the calling process has an UID of 0 (root). Since your
>> apache is running as user www, that should explain why the
>> authentication failed.
>> 
>> The only workaround is to have your apache runs as root or use a
>> different authentication back-end.
>> 

> I forgot to add. Another suitable workaround is to use mod_auth_external 
> (www/mod_auth_external) and pwauth (security/pwauth) to authenticate 
> against but not limited to /etc/passwd. On a busy server, this may incur 
> certain overhead but the important thing is that it does the job. It is 
> more involving configuration-wise than mod_auth_pam but not by much.

> I have it running for WebDAV as well as password protected directories 
> on an installation.


---------------------------------------------

I think I'll use mod_auth_external, in afterthought I was a bit narrow
minded to focus completly on mod_auth_pam instead of also looking for
other solutions. Thx for fixing that :-)

regards
Hexren



More information about the freebsd-questions mailing list