pam authentication not working.
balu phani
hi,
i installed svn,trac and i want to access through browse with pam
authentication so i installed pam modules added to httpd.conf
LoadModule auth_pam_module /usr/lib/httpd/modules/mod_auth_pam.so
LoadModule auth_sys_group_module /usr/lib/httpd/modules/
mod_auth_sys_group.so
and in /etc/pam.d/httpd i added
# auth
auth required pam_nologin.so no_warn
auth sufficient pam_radius.so no_warn
try_first_pass
auth required pam_unix.so no_warn
try_first_pass
# account
#account required pam_login_access.so
account required pam_unix.so
# session
#session required pam_permit.so
# password
#password required pam_unix.so no_warn
try_first_pass
i tried to locate pam_login_access.so but i coun't find so i commented
to test. iam very new to this (may be commenting is foolish thing)
and trac.conf is
<Location /svn/trac/first_pro>
SetHandler mod_python
PythonHandler trac.web.modpython_frontend
PythonOption TracEnv /svn/trac/first_pro
PythonOption TracUriRoot /svn/trac/first_pro
AuthType Basic
AuthName "trac browser"
AuthPAM_Enabled on
AllowOverride None
Require group svnaccess
Require valid-user
</Location>
so when i try to browse it asking username and password after that is
is giving 401 authorization required.
in /http/log/error.log
i found
[Sun Jul 19 18:22:00 2009] [error] [client 192.168.2.42] PAM: user
'balu' - invalid account: Permission denied
but i was given full permissions for trac and svn folder.
like
drwxrwxrwx 10 root svnaccess 4096 Jul 19 17:05 first_pro
(for testing) even it is not working and balu is member of svnaccess
group.
so iam not able to locate problem may be
#account required pam_login_access.so
commenting this is giving problem if so how to get pam_login_access.so
this one.
please help me.
Olemis Lang
>
>
> hi,
Hi !
>
> and trac.conf is
> <Location /svn/trac/first_pro>
> SetHandler mod_python
> PythonHandler trac.web.modpython_frontend
> PythonOption TracEnv /svn/trac/first_pro
> PythonOption TracUriRoot /svn/trac/first_pro
> AuthType Basic
> AuthName "trac browser"
> AuthPAM_Enabled on
> AllowOverride None
> Require group svnaccess
> Require valid-user
> </Location>
>
Here it is possible that you be missing the following line [1]_ :
{{{
AuthBasicProvider "pam"
}}}
> so when i try to browse it asking username and password after that is
> is giving 401 authorization required.
>
> in /http/log/error.log
> i found
> [Sun Jul 19 18:22:00 2009] [error] [client 192.168.2.42] PAM: user
> 'balu' - invalid account: Permission denied
>
This seems to be that the user account is not found by Apache (and not
file permissions IMHO)
> but i was given full permissions for trac and svn folder.
> like
> drwxrwxrwx 10 root svnaccess 4096 Jul 19 17:05 first_pro
> (for testing) even it is not working and balu is member of svnaccess
> group.
>
Hmmmm ... the fact is that the user accessing those files is the one
used to run Apache (www-data in Ubuntu AFAIK)
> please help me.
>
Yes I'm on my way :)
.. [1] mod_authn_pam - Apache HTTP Server
(http://mod-auth.sourceforge.net/docs/mod_authn_pam/)
--
Regards,
Olemis.
Blog ES: http://simelo-es.blogspot.com/
Blog EN: http://simelo-en.blogspot.com/
Featured article:
balu phani
after adding AuthBasicProvider "pam" i got bellow error.
Syntax error on line 11 of /etc/httpd/conf.d/trac.conf:
Unknown Authn provider: pam
iam using apache 2.2.3 on centos.
from last 4 days iam trying with different configurations
please if u know any standard way (which is already implemented please
let me know)
i am not able to predict where problem exits
balu phani kumar
for apache .2.2.3
<Location /trac/l2tp>
SetHandler mod_python
PythonHandler trac.web.modpython_frontend
PythonOption TracEnv /trac/l2tp
PythonOption TracUriRoot /trac/l2tp
AuthType Basic
AuthName "trac browser"
AllowOverride None
Require group svn_access
Require valid-user
</Location>