From owner-freebsd-questions@FreeBSD.ORG Tue Sep 23 15:59:56 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0542016A4B3 for ; Tue, 23 Sep 2003 15:59:56 -0700 (PDT) Received: from yt.88.net (h-66-134-174-190.NYCMNY83.covad.net [66.134.174.190]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0F77043F75 for ; Tue, 23 Sep 2003 15:59:53 -0700 (PDT) (envelope-from john@zog.net) Received: by yt.88.net (Postfix, from userid 33) id B9DEFCE; Tue, 23 Sep 2003 22:59:51 +0000 (GMT) Received: from 217.162.114.208 (SquirrelMail authenticated user john) by yt.88.net with HTTP; Tue, 23 Sep 2003 22:59:51 -0000 (GMT) Message-ID: <2885.217.162.114.208.1064357991.squirrel@yt.88.net> Date: Tue, 23 Sep 2003 22:59:51 -0000 (GMT) From: "John Morgan Salomon" To: questions@freebsd.org X-Mailer: SquirrelMail (version 1.4.0 RC1) MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 X-Priority: 3 Importance: Normal Subject: mod_auth_pam/apache2 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: john@zog.net List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Sep 2003 22:59:56 -0000 Hiya, any help would be greatly appreciated (before I send this server airborne.) I'm trying to set up Apache 2 with mod_auth_pam (or, for that matter, anything that will let me use unix passwords to authenticate to a page.) mod_auth_external won't do, as I've run into inexplicable freezes compiling. I have the following scenario: -user www is a member of group shadow -/etc/master.passwd and /etc/spwd.db are owned by group shadow, and chmoded 640 (just for testing). -All other apache settings (including loading mod_auth_pam.so) seem ok -Users who need to access directory 'foo' are members of group webauth My /etc/pam.d/httpd: auth required pam_unix.so service=system-auth debug account required pam_unix.so service=system-auth debug My httpd.conf entry: AllowOverride none AuthPAM_Enabled on AuthType Basic AuthName "foo" require group webauth I've also tried this using , as well as with a .htaccess under directory 'foo'. However, I am unable to access 'foo', with the usual uninformative httpd-error.log entry: [Tue Sep 23 18:00:25 2003] [error] [client ***.***.***.***] PAM: user 'john' - n ot authenticated: Authentication failure What I don't understand is why, if something like sshd can work fine with PAM, httpd doesn't let me authenticate. Has anyone ever gotten this working? Cheers, -John