[Solved] Pam auth module - howto
I'm trying to configure lighttp with PAM auth using the mod_authn_pam and would really appretate some instructions (like the ones for LDAP, file etc) Are they available? Could you point me to them?
Thank you very much, in advance.
RE: Pam auth module - howto - Added by gstrauss 4 months ago
What have you tried? You will not find instructions how to configure PAM here, just how to configure lighttpd to use PAM.
There are no required options for lighttpd mod_authn_pam directive
auth.backend.pam.opts. The default service name used by lighttpd is "http" (so your PAM config should have PAM config in a file named something like /etc/pam.d/http) You can specify a different PAM service name with
auth.backend.pam.opts = ("service" => "my-PAM-service-name")
RE: Pam auth module - howto - Added by sudarski 3 months ago
Thank you very much for the feedback.
Unfortunately, I already tried the exact configuration that you suggested and I'm still having issues authenticating using this module. (I did not know how to change the service name, maybe I can try to configure a different service name in PAM, but I doubt that will help me.)
Here is a snippet from my conf file:
server.modules += ("mod_authn_pam")
auth.backend = "pam"
auth.require = ( "/" =>
"method" => "basic",
"realm" => "Password protected area",
"require" => "valid-user"
And here is my PAM service config (/etc/pam.d/http), it is very simple: ====
And this is what I get in my lighttp error log:
2019-02-09 12:14:15: (mod_authn_pam.c.160) pam: Authentication failure
2019-02-09 12:14:15: (mod_auth.c.517) password doesn't match for / username: user2, IP: 10.255.0.6
I will try a couple of more configuration modification, maybe that will help. Possibly I should play around with adding /etc/shadow to the group that lighttpd user belong to, or something.
Thank you very much for your help!
RE: Pam auth module - howto - Added by gstrauss 3 months ago
Repeating what was posted above:
You will not find instructions how to configure PAM here, just how to configure lighttpd to use PAM.