Package: libapache2-mod-auth-shadow
Version: 2.1-2
Severity: important
After setting up shadow auth as described in README.debian, authentication
does not work. It seems that 'validate' gets called, but with wrong arguments
(the server waits 3 seconds before re-asking for authentication). On an
older system running apache 2.2.4-1, the same setup runs fine.
The relevant part of the apache2 configuration:
<Directory /usr/share/backuppc/cgi-bin/>
AllowOverride None
Options ExecCGI FollowSymlinks
AddHandler cgi-script .cgi
DirectoryIndex index.cgi
# For shadow auth
AuthShadow on
AuthBasicAuthoritative off
# For htpasswd auth
#AuthGroupFile /etc/backuppc/htgroup
#AuthUserFile /etc/backuppc/htpasswd
AuthType basic
AuthName "BackupPC admin"
require valid-user
SSLrequireSSL
</Directory>
/var/log/apache/error.log says:
[Mon Dec 10 14:16:26 2007] [error] Internal error: pcfg_openfile() called with
NULL filename
[Mon Dec 10 14:16:26 2007] [error] [client 127.0.1.1] (9)Bad file descriptor:
Could not open password file: (null)
[Mon Dec 10 14:16:29 2007] [error] [client 127.0.1.1] PAM: user 'backuppc' -
not authenticated: Authentication failure
'validate' works as expected:
sh-3.1$ whoami
www-data
sh-3.1$ pwd
/usr/lib/libapache2-mod-auth-shadow
sh-3.1$ ./validate
backuppc
(wrong password)
./validate: User backuppc: authentication failure
sh-3.1$ ./validate
backuppc
(right password)
sh-3.1$ exit
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.22-3-k7 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libapache2-mod-auth-shadow depends on:
ii apache2.2-common 2.2.6-2 Next generation, scalable, extenda
ii libc6 2.7-4 GNU C Library: Shared libraries
libapache2-mod-auth-shadow recommends no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
