I have tracked down the problem I was having with Apache and PAM not working as they should. It appears that unless a particular application is running as root, pam_pwdb (or pam_unix etc) won't authenticate as they don't have access to read /etc/shadow. If I chmod o+r /etc/shadow it works as expected. There is no way I am going to run httpd as root, so what is the solution? FWIW, until I installed a new copy of the pam libs, everything worked fine. I also assumed that if I used pam_unix.so and gave /sbin/unix_chkpwd +s file privelidges, it would be able to properly read /etc/shadow. But again, this doesn't seem to work. What do I have to do so that /etc/shadow doesn't have to be world readable? Thanks, Roger
