Hey. I'm using apache2 with mod_auth_pam, and would like to be able to check shadow passwords without having to have the webserver run as a user with permission to read the shadow password file... I've read about using mod_auth_external and so on, but I'd rather have a clean configurable interface like PAM. Does anyone know any PAM modules that will enable me to do this (for example, they internally use a suid binary that takes a username *and* a password, rather than the password-and-calling-user method of pam_unix). I've found talk online about pam_unix-new, but I now can't find it anywhere (links on the Linux-PAM page lead to a nonexistent host). Anyone have any suggestions? Sam PS: I'm only allowing it over SSL, so I'm comfortable using system passwords, and will be using fallthrough to enable other users to have access to that part of my site, without having system accounts. _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
