mine user db backend is ldap so I'm trying this instead.
Shame about pam module for it was, exactly, easy by its
versatility.
I see there is more package that new 7 lacks, eg. ruby
mongrel, I wonder will this one work?
many thanks
On 16/09/14 16:35, Gilbert E. Detillieux wrote:
The mod_auth_pam module also doesn't work if you're using
shadow passwords, since it runs with the same user
privileges as the web server. I've been using
mod_auth_shadow (also found in EPEL) instead.
The module mod_auth_shadow doesn't directly query the
shadow file/map, but simply leaves authentication up to a
setuid-root helper program (/usr/sbin/validate), which
uses getspnam(3) to look up the user's shadow map entry
and crypt(3) to encrypt the supplied password. This may
not be as versatile as pam, but it does at least give you
nss support for non-local maps.
Gilbert
On 16/09/2014 8:49 AM, Brandon Vincent wrote:
On Tue, Sep 16, 2014 at 12:16 PM, lejeczek
<[email protected]> wrote:
I see there is no "mod_auth_pam" in repos, is there
anything that has
replaced it would you know?
The "mod_auth_pam" package for EL5 and EL6 is provided by
the EPEL
repositories [1].
mod_auth_pam has been unsupported and no longer developed
by upstream
since Apache 2.0. SL7 ships with Apache 2.4. [2]
You should take a look at mod_authnz_external as a
replacement. [3]
Please note that there is presently no EPEL 7 package
yet, so you'll
have to compile it from source.
[1] https://fedoraproject.org/wiki/EPEL
[2] http://pam.sourceforge.net/mod_auth_pam/
[3] http://code.google.com/p/mod-auth-external/
Brandon Vincent
