> I'm going slowly insane trying to convince Apache to pass a user/pass to > pam_krb4, thereby validating a user for entrance into a secure directory. Is > it too much to hope for that it's this simple?
I haven't used that module before, but I would suggest making sure you have a /etc/pam.d/other ruleset that looks similar to: auth required pam_deny.so auth required pam_warn.so account required pam_deny.so account required pam_warn.so password required pam_deny.so password required pam_warn.so session required pam_deny.so session required pam_warn.so This will make things which fall through other pam rules complain loudly in the logs and reject any [auth/account/password/session] attempts without explicit rules. Its not only handy for debugging but its also probably not a bad default configuration, I rather wish pam was distributed this way as a stock config, but I gather its not "traditional." Anyway, it may help you figure out whats wrong, it may not - I tend to find looking at the source code for pam modules mandatory when debugging problems like that, many times there is a squirled away debug option which can bring more things to light. -- Jamie Heilman http://audible.transient.net/~jamie/ "You came all this way way without saying squat and now you're trying to tell me a '56 Chevy can beat a '47 Buick in a dead quarter mile? I liked you better when you weren't saying squat kid." -Buddy
