Date: Thu, 3 May 2007 09:38:09 -0400 From: "Corey Smith" <corsmith@gmail.com> To: "Jonathan Weiss" <jw@innerewut.de> Cc: freebsd-ports@freebsd.org Subject: Re: Apache 2.2 + mod_auth_pam + PAM Message-ID: <8061fbee0705030638g4cf50bfoe5b5202fc1d34751@mail.gmail.com> In-Reply-To: <46398B8D.9020604@innerewut.de> References: <46398B8D.9020604@innerewut.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/3/07, Jonathan Weiss <jw@innerewut.de> wrote:
>
> I'm struggeling with setting up Apache 2.2 and mod_auth_pam to
> authenticate an BasicAuth directory against my local unix users.
>
>
I'm using pam authentication with apache 2.2. We mostly use radius for
authentication but here is my config:
$ cat /etc/pam.d/httpd
#
# PAM configuration for the "httpd" service
#
# auth
auth required pam_nologin.so no_warn
auth sufficient pam_radius.so no_warn
try_first_pass
auth required pam_unix.so no_warn
try_first_pass
# account
account required pam_login_access.so
account required pam_unix.so
# session
session required pam_permit.so
# password
password required pam_unix.so no_warn
try_first_pass
# relevant httpd.conf:
LoadModule auth_pam_module libexec/apache2/mod_auth_pam.so
LoadModule auth_sys_group_module libexec/apache2/mod_auth_sys_group.so
Alias /wordpress "/usr/local/www/data/wordpress"
<Directory "/usr/local/www/data/wordpress/">
AuthType Basic
AuthName "Secure Area"
AuthGroupFile /usr/local/etc/apache2/groups
Require group group1
DirectoryIndex index.php
</Directory>
$ cat /usr/local/etc/apache2/groups
group1: corsmith
BTW: I don't believe you need to mess around with changing permissions on
any of the password files:
$ ls -l /etc/passwd /etc/master.passwd /etc/spwd.db
-rw------- 1 root wheel 1248 Apr 1 11:35 /etc/master.passwd
-rw-r--r-- 1 root wheel 1022 Apr 1 11:35 /etc/passwd
-rw------- 1 root wheel 20960 Apr 1 11:35 /etc/spwd.db
-Corey Smith
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8061fbee0705030638g4cf50bfoe5b5202fc1d34751>