Hi all, I just joined the list, so be gentle ;^) I'm trying to get a web-based application to authenticate using PAM (via perl's Authen::PAM module). My test scripts work fine, as long as I'm authenticating the same user that the scripts are running under. When I plug my stuff into a cgi script however (apache web server running as user 'nobody' on Linux, with PAM 0.75), authentication fails. Reading through this thread: http://archives.neohapsis.com/archives/pam-list/2001-02/0100.html I realize that the /sbin/unix_chkpwd script is likely disallowing lookups for uids not matching the effective uid of the requesting process. The thread suggests cobbling together a version of unix_chkpwd that allows this type of lookup for the web server user. I'm not certain that my typical customer will want to accept (nor, be able to correctly compile it, for that matter...) this as a solution. So, anyone have a generic solution that solves this? Or should I just hack up a version of unix_chkpwd and try to include as detailed building instructions as possible? Thanks. -- Steve Reppucci sgr@logsoft.com | Logical Choice Software http://logsoft.com/ | =-=-=-=-=-=-=-=-=-=- My God! What have I done? -=-=-=-=-=-=-=-=-=-=
