1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
mod_auth_shadow - An Apache module for authentication using /etc/shadow.
by Brian Duggan <bduggan@oven.com>
Copyright 2000 OVEN Digital
This software may be distributed under the terms of the GNU General Public License (GPL).
Contents:
README - this file
INSTALL - installation instructions
CHANGES - release notes
Makefile - the makefile
mod_auth_shadow.c - source for the module
validate.c - source for validate
validate.h - configurable #define's for validate.c
testvalidate.c - A program to test validate.
mod_auth_shadow.spec - an rpm spec file
Description:
mod_auth_shadow is an Apache module for authenticating
users via an /etc/shadow file.
When performing this task one encounters one fundamental
difficulty: The /etc/shadow file is supposed to be
read/writeable only by root. However, the webserver is
supposed to run under a non-root user, such as "nobody".
mod_auth_shadow addresses this difficulty by opening a pipe
to an suid root program, validate, which does the actual
validation. When there is a failure, validate writes an
error message to the system log, and waits three seconds
before exiting.
Thanks to Jeff Moore <jbm@oven.com> and Bennett Todd <bet@rahul.net>
for helping tackle this problem.
Thanks to Otto Wehrheim for help with the require group directive.
Thanks to Marcin Owsiany for the account expiration checking portion.
|
