[nycbug-talk] Apache 2 mod_auth_pam user 'XXXX' - not authenticated: authentication error
jonathan at kc8onw.net
Fri Jun 9 13:14:35 EDT 2006
> I emailed the list about this a while back with the subject "Apache 2
> mod_auth_pam and DAV" without much luck. I've decided to tackle the
> problem once again and have managed to I /think/ narrow the problem down
> a bit more.
> I'm using mod_auth_imap2 for apache 2 from ports on FreeBSD and have
> checked configurations everywhere I can. My apache conf has the
> mod_auth_pam module loaded and enabled and I am using "require user
> jonathan" my pam.d httpd file is simply
>> #auth required pam_permit.so
>> auth required pam_unix.so
>> account required pam_permit.so
> if I change pam_unix to pam_permit everything works except of course it
> no longer matters what username and password I put in which defeats the
> purpose of all this. DAV has nothing to do with it unlike I originally
[snip unneeded stuff]
I finally found what appears to be the answer :D I don't know how the
heck I missed it before considering how old the message I found is but
anyway just in case it helps someone now or someday.
Apparently using pam_unix through mod_auth_pam requires having a uid of
0 because of a syscall pam_unix uses. Of course running apache as root
is generally considered a rather poor idea so it looks like a combo of
mod_auth_external2 and pwauth is what I will wind up using. I also
found mod_authenticache which I will have to look into for things like
DAV and SVN that do a *lot* of requests that require authentication.
Here is the thread I found the answer in...
Hope this helps someone,
More information about the talk