Right I cant get this to work, it used to work on one of my machines but then stopped working about 6 months ago and at the time I gave up trying to get it to work again. Now I need it on another server, after emerging I did the following according to the instructions provided... ran: groupadd shadow gpasswd -a apache shadow chgrp shadow /etc/shadow chmod 640 /etc/shadow Edited the options in /etc/conf.d/apache2: APACHE2_OPTS="-D DEFAULT_VHOST -D PHP5 -D AUTH_PAM" Created a folder called test in /var/www/localhost/htdocs/ Created a .htaccess file in the following location /var/www/localhost/htdocs/test/.htaccess with the following inside: <IfModule > AuthPAM_Enabled on AuthType Basic AuthName "secure area" Require user sjcarr </IfModule> Restarted Apache Fired up lynx: lynx http://localhost/temp Falls straight through to give directory listing :(
IfModule should read: IfModule mod_auth_pam.c somehow it got stripped out?
> Falls straight through to give directory listing :( Uhm, sorry, not really apparent what you mean. What error yout get in the logs?
It falls straight through as in it doesnt prompt for authentication, it just goes on to show the directory listing for /test/ There is nothing appearing in the log files: access_log: 127.0.0.1 - - [09/Aug/2006:22:36:32 +0100] "GET /test HTTP/1.0" 301 289 127.0.0.1 - - [09/Aug/2006:22:36:34 +0100] "GET /test/ HTTP/1.0" 200 532 127.0.0.1 - - [09/Aug/2006:22:38:57 +0100] "GET /test HTTP/1.0" 301 289 127.0.0.1 - - [09/Aug/2006:22:38:59 +0100] "GET /test/ HTTP/1.0" 200 532 error_log: [Wed Aug 09 22:38:35 2006] [notice] caught SIGTERM, shutting down [Wed Aug 09 22:38:37 2006] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec2) [Wed Aug 09 22:38:37 2006] [notice] Digest: generating secret for digest authentication ... [Wed Aug 09 22:38:57 2006] [notice] Digest: done [Wed Aug 09 22:38:57 2006] [notice] Apache configured -- resuming normal operations the mod_auth_pam just doesnt seem to either be loading in the first place or working if it has loaded. ------------ Emerge --info ------------ hermod ~ # emerge --info Portage 2.1-r1 (default-linux/x86/2006.0, gcc-3.4.6, glibc-2.3.6-r4, 2.6.17-gentoo-r4 i686) ================================================================= System uname: 2.6.17-gentoo-r4 i686 Intel(R) Pentium(R) D CPU 2.80GHz Gentoo Base System version 1.6.15 app-admin/eselect-compiler: [Not Present] dev-lang/python: 2.4.3-r1 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: [Not Present] dev-util/confcache: [Not Present] sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.59-r7 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.13-r3 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=prescott -O2 -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config /var/bind" CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-march=prescott -O2 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig distlocks metadata-transfer sandbox sfperms strict" GENTOO_MIRRORS="http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_EXTRA_OPTS="--timeout=600" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude='/distfiles' --exclude='/local' --exclude='/packages'" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X alsa apache2 apm arts avi berkdb bitmap-fonts cgi clamav cli crypt cups curl dlloader dri dvd dvdr eds emboss encode esd fam firefox foomaticdb fortran freetds gdbm gif gnome gpm gstreamer gtk gtk2 iconv imap imlib ipv6 isdnlog java jpeg kerberos ldap libg++ libwww lm_sensors mad mikmod mono motif mp3 mpeg mysql ncurses nls nptl objc odbc ogg opengl oss pam pcre pdf pdflib perl php png pppd python qt3 qt4 quicktime readline reflection samba sdl session spell spl ssl tcpd truetype truetype-fonts type1-fonts udev usb vorbis x86 xml xmms xorg xv zlib elibc_glibc input_devices_keyboard input_devices_mouse kernel_linux userland_GNU video_cards_radeon video_cards_vesa video_cards_nvidia video_cards_i810 video_cards_fbdev" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTDIR_OVERLAY
.htaccess is not enabled by default for apache on gentoo. Make sure you have set AllowOverride AuthConfig or AllowOverride All in a <Directory> section for the areas you want to use .htaccess in the main httpd.conf.
Still no joy.... I've changed the following in the httpd.conf file: <Directory /> Options FollowSymLinks AllowOverride All </Directory> Even placing the .htaccess in the root website doesn't have any effect. Though adding the AuthPAM_Enabled... into the httpd.conf file does work but this isnt what I want to do, I'd prefer to do it at the .htaccess level: <Directory /> Options FollowSymLinks AllowOverride All AuthPAM_Enabled on AuthType Basic AuthName "secure area" Require group users </Directory> Like I said this used to work perfectly until an apache update, and I cant remember seeing any documentation on the fact that .htaccess would be disabled by default (as I had never had to do anything the first time round to get it working)
vhosts.d/00_default_vhost.conf contains a <Directory "/var/www/localhost/htdocs"> section that includes AllowOverride None. This will overwrite your setting in <Directory /> and disable .htaccess files. Fix this directive and you will be able to use .htaccess files.
Fixed but the documentation for mod_auth_pam needs to make the admin aware to remove the block on htaccess.