Package: libapache2-mod-auth-shadow Version: 2.1-2 Severity: important After setting up shadow auth as described in README.debian, authentication does not work. It seems that 'validate' gets called, but with wrong arguments (the server waits 3 seconds before re-asking for authentication). On an older system running apache 2.2.4-1, the same setup runs fine.
The relevant part of the apache2 configuration: <Directory /usr/share/backuppc/cgi-bin/> AllowOverride None Options ExecCGI FollowSymlinks AddHandler cgi-script .cgi DirectoryIndex index.cgi # For shadow auth AuthShadow on AuthBasicAuthoritative off # For htpasswd auth #AuthGroupFile /etc/backuppc/htgroup #AuthUserFile /etc/backuppc/htpasswd AuthType basic AuthName "BackupPC admin" require valid-user SSLrequireSSL </Directory> /var/log/apache/error.log says: [Mon Dec 10 14:16:26 2007] [error] Internal error: pcfg_openfile() called with NULL filename [Mon Dec 10 14:16:26 2007] [error] [client 127.0.1.1] (9)Bad file descriptor: Could not open password file: (null) [Mon Dec 10 14:16:29 2007] [error] [client 127.0.1.1] PAM: user 'backuppc' - not authenticated: Authentication failure 'validate' works as expected: sh-3.1$ whoami www-data sh-3.1$ pwd /usr/lib/libapache2-mod-auth-shadow sh-3.1$ ./validate backuppc (wrong password) ./validate: User backuppc: authentication failure sh-3.1$ ./validate backuppc (right password) sh-3.1$ exit -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.22-3-k7 (SMP w/1 CPU core) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages libapache2-mod-auth-shadow depends on: ii apache2.2-common 2.2.6-2 Next generation, scalable, extenda ii libc6 2.7-4 GNU C Library: Shared libraries libapache2-mod-auth-shadow recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]