From owner-freebsd-ports@FreeBSD.ORG Thu May 3 13:38:10 2007 Return-Path: X-Original-To: freebsd-ports@freebsd.org Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id BD6C316A402 for ; Thu, 3 May 2007 13:38:10 +0000 (UTC) (envelope-from corsmith@gmail.com) Received: from nz-out-0506.google.com (nz-out-0506.google.com [64.233.162.228]) by mx1.freebsd.org (Postfix) with ESMTP id 62D6813C448 for ; Thu, 3 May 2007 13:38:10 +0000 (UTC) (envelope-from corsmith@gmail.com) Received: by nz-out-0506.google.com with SMTP id s1so528826nze for ; Thu, 03 May 2007 06:38:09 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=E80vW+q0oGIfOuf+fAjZJDnrwezpvBfIY9PAq/7DsASo1Y5wa4XFLHpb31VCeB8+h1S6nzilKamLHAd74Xr8IbEBXoIGMQ7fioVHpeLbLjDjw7XV+f8jE/im53pa1S2tyoh6TBmM992uPEKOtnFrb6XnX8I7gPHnoecGp9GFZ8A= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=oU1oXSD9xs3U/oBNFGCPkbaK+MH31E9ffes0zQSN/S3Edp9OQfGggYH6DsDibHzktp/m8bHAka9j7OF+Fa+Lp3cAjYjq7dfddhsjv51+AVdgWZvY4/PCwtBYUPpY/NMEe3aTjm/6KrgS83J2fb5sj78DVkq4eXt8ZKXd0ajxDI8= Received: by 10.115.58.1 with SMTP id l1mr663131wak.1178199489236; Thu, 03 May 2007 06:38:09 -0700 (PDT) Received: by 10.114.73.19 with HTTP; Thu, 3 May 2007 06:38:09 -0700 (PDT) Message-ID: <8061fbee0705030638g4cf50bfoe5b5202fc1d34751@mail.gmail.com> Date: Thu, 3 May 2007 09:38:09 -0400 From: "Corey Smith" To: "Jonathan Weiss" In-Reply-To: <46398B8D.9020604@innerewut.de> MIME-Version: 1.0 References: <46398B8D.9020604@innerewut.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-ports@freebsd.org Subject: Re: Apache 2.2 + mod_auth_pam + PAM X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 May 2007 13:38:10 -0000 On 5/3/07, Jonathan Weiss wrote: > > I'm struggeling with setting up Apache 2.2 and mod_auth_pam to > authenticate an BasicAuth directory against my local unix users. > > I'm using pam authentication with apache 2.2. We mostly use radius for authentication but here is my config: $ cat /etc/pam.d/httpd # # PAM configuration for the "httpd" service # # auth auth required pam_nologin.so no_warn auth sufficient pam_radius.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass # account account required pam_login_access.so account required pam_unix.so # session session required pam_permit.so # password password required pam_unix.so no_warn try_first_pass # relevant httpd.conf: LoadModule auth_pam_module libexec/apache2/mod_auth_pam.so LoadModule auth_sys_group_module libexec/apache2/mod_auth_sys_group.so Alias /wordpress "/usr/local/www/data/wordpress" AuthType Basic AuthName "Secure Area" AuthGroupFile /usr/local/etc/apache2/groups Require group group1 DirectoryIndex index.php $ cat /usr/local/etc/apache2/groups group1: corsmith BTW: I don't believe you need to mess around with changing permissions on any of the password files: $ ls -l /etc/passwd /etc/master.passwd /etc/spwd.db -rw------- 1 root wheel 1248 Apr 1 11:35 /etc/master.passwd -rw-r--r-- 1 root wheel 1022 Apr 1 11:35 /etc/passwd -rw------- 1 root wheel 20960 Apr 1 11:35 /etc/spwd.db -Corey Smith