« Sendmail Configuration Stuff | Main | Data Security Legal Stuff »
Configuring auth_pam
By mkivela | July 22, 2008
mod_auth_pam is an somewhat orphaned project that allows Apache 1.3 and 2.0 to be tied to the Linux user authentication module (PAM).
– http://pam.sourceforge.net/mod_auth_pam/configure.html is a good basic reference. You can download the source from there.
– You may need to include apxs in your path (PATH=$PATH:/usr/sbin perhaps?)
– make & make install mod_auth_pam per the directions above
– In /etc/httpd/conf/httpd.conf add:
LoadModule auth_pam_module modules/mod_auth_pam.so
– In /etc/httpd/conf/httpd.conf, or the virtual host, etc as appropriate:
Order allow,deny
Allow from all
AuthName “Your linux server login”
AuthType Basic
AuthPAM_Enabled on
Require valid-user
The following three steps allow the Apache user to read the shadow (password) file:
– Create a shadow group in /etc/group
shadow:x:522:apacheuser (522 of course varying as necessary; apacheuser being your apacheuser, easily
determined via ps -ef | grep http …or grep apache on Debian / Ubuntu)
– chown root:shadow /etc/shadow
– chmod 440 /etc/shadow
Topics: Uncategorized | No Comments »
Comments
You must be logged in to post a comment.