Date: Thu, 26 May 2005 02:23:52 +0800 From: Ihsan Junaidi Ibrahim <ihsan@synthexp.net> To: questions@freebsd.org Subject: Re: mod_auth_pam apache pam Message-ID: <4294C2B8.6010801@synthexp.net> In-Reply-To: <1657183228.20050525175024@hexren.net> References: <1657183228.20050525175024@hexren.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hexren wrote: > Hi, > I am trying to authentificate user against the system user database > using mod_auth_pam-1.1.1 on apache-1.3.33_1. > > I get the following error in the apache error.log > "(2)No such file or directory: access to /www.xxx.net/ failed for 217.228.101.117, reason: authentication error" > > /etc/pam.d/httpd > #cat /etc/pam.d/httpd > auth required pam_unix.so debug > account required pam_unix.so debug > > the relevant Directory directive from httpd.conf > <Directory /var/www/webalizer/www.xxx.net> > AuthPAM_Enabled on > AllowOverride None > AuthName "Web Statistics xxx" > AuthType "basic" > require group test > </Directory> > > imho the error has some connection to pam_unix.so, that is because > pam_permit.so works as it should (it permits everything). > Strangely no error shows up in my system message log. (where I log *.debug level > messages) despite the debug flag in /etc/pam.d/httpd. > I've encountered the problem as well and have lived without it since; if I recalled correctly from a previous reply on this list, pam_unix.so uses getpwnam () to fetch the password information. It will only return the password if the calling process has an UID of 0 (root). Since your apache is running as user www, that should explain why the authentication failed. The only workaround is to have your apache runs as root or use a different authentication back-end. -- Thank you for your time, Ihsan Junaidi Ibrahim, http://ihsan.synthexp.net
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4294C2B8.6010801>