Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Roger Dunk (rogerat.com.au)
Date: Mon Feb 19 2001 - 20:14:33 CST
I have tracked down the problem I was having with Apache and PAM not working
as they should. It appears that unless a particular application is running
as root, pam_pwdb (or pam_unix etc) won't authenticate as they don't have
access to read /etc/shadow. If I chmod o+r /etc/shadow it works as expected.
There is no way I am going to run httpd as root, so what is the solution?
FWIW, until I installed a new copy of the pam libs, everything worked fine.
I also assumed that if I used pam_unix.so and gave /sbin/unix_chkpwd +s file
privelidges, it would be able to properly read /etc/shadow. But again, this
doesn't seem to work. What do I have to do so that /etc/shadow doesn't have
to be world readable?
Pam-list mailing list