Apache 2.2 + mod_auth_pam + PAM
Corey Smith
corsmith at gmail.com
Thu May 3 06:38:10 PDT 2007
On 5/3/07, Jonathan Weiss <jw at innerewut.de> wrote:
>
> I'm struggeling with setting up Apache 2.2 and mod_auth_pam to
> authenticate an BasicAuth directory against my local unix users.
>
>
I'm using pam authentication with apache 2.2. We mostly use radius for
authentication but here is my config:
$ cat /etc/pam.d/httpd
#
# PAM configuration for the "httpd" service
#
# auth
auth required pam_nologin.so no_warn
auth sufficient pam_radius.so no_warn
try_first_pass
auth required pam_unix.so no_warn
try_first_pass
# account
account required pam_login_access.so
account required pam_unix.so
# session
session required pam_permit.so
# password
password required pam_unix.so no_warn
try_first_pass
# relevant httpd.conf:
LoadModule auth_pam_module libexec/apache2/mod_auth_pam.so
LoadModule auth_sys_group_module libexec/apache2/mod_auth_sys_group.so
Alias /wordpress "/usr/local/www/data/wordpress"
<Directory "/usr/local/www/data/wordpress/">
AuthType Basic
AuthName "Secure Area"
AuthGroupFile /usr/local/etc/apache2/groups
Require group group1
DirectoryIndex index.php
</Directory>
$ cat /usr/local/etc/apache2/groups
group1: corsmith
BTW: I don't believe you need to mess around with changing permissions on
any of the password files:
$ ls -l /etc/passwd /etc/master.passwd /etc/spwd.db
-rw------- 1 root wheel 1248 Apr 1 11:35 /etc/master.passwd
-rw-r--r-- 1 root wheel 1022 Apr 1 11:35 /etc/passwd
-rw------- 1 root wheel 20960 Apr 1 11:35 /etc/spwd.db
-Corey Smith
More information about the freebsd-ports
mailing list