Subject: | |
From: | |
Reply To: | |
Date: | Wed, 17 Sep 2014 12:05:32 +0100 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
mine user db backend is ldap so I'm trying this instead.
Shame about pam module for it was, exactly, easy by its
versatility.
I see there is more package that new 7 lacks, eg. ruby
mongrel, I wonder will this one work?
many thanks
On 16/09/14 16:35, Gilbert E. Detillieux wrote:
> The mod_auth_pam module also doesn't work if you're using
> shadow passwords, since it runs with the same user
> privileges as the web server. I've been using
> mod_auth_shadow (also found in EPEL) instead.
>
> The module mod_auth_shadow doesn't directly query the
> shadow file/map, but simply leaves authentication up to a
> setuid-root helper program (/usr/sbin/validate), which
> uses getspnam(3) to look up the user's shadow map entry
> and crypt(3) to encrypt the supplied password. This may
> not be as versatile as pam, but it does at least give you
> nss support for non-local maps.
>
> Gilbert
>
> On 16/09/2014 8:49 AM, Brandon Vincent wrote:
>> On Tue, Sep 16, 2014 at 12:16 PM, lejeczek
>> <[log in to unmask]> wrote:
>>> I see there is no "mod_auth_pam" in repos, is there
>>> anything that has
>>> replaced it would you know?
>>
>> The "mod_auth_pam" package for EL5 and EL6 is provided by
>> the EPEL
>> repositories [1].
>>
>> mod_auth_pam has been unsupported and no longer developed
>> by upstream
>> since Apache 2.0. SL7 ships with Apache 2.4. [2]
>>
>> You should take a look at mod_authnz_external as a
>> replacement. [3]
>> Please note that there is presently no EPEL 7 package
>> yet, so you'll
>> have to compile it from source.
>>
>> [1] https://fedoraproject.org/wiki/EPEL
>> [2] http://pam.sourceforge.net/mod_auth_pam/
>> [3] http://code.google.com/p/mod-auth-external/
>>
>> Brandon Vincent
>
|
|
|