Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
This should be a simple thing, but as anything in *nix, it's complex and non-intuitive.
All I want to do in CentOS is password protect a directory under the webroot.
I have already done the following, please read this carefully:
- setup the account I want to use using ADDUSER
- added the account to the appropriate groups
- created the directory and CHMOD'd it with the correct groups and owner
- ran HTPASSWD to create the apache account file, and placed it where I wanted it
- I AM NOT USING .HTACCESS, I am using a directory entry in HTTPD.CONF
- Added the following entry in my HTTPD.CONF file:
Options +Indexes -Includes -FollowSymLinks
-SymLinksifOwnerMatch -ExecCGI -MultiViews
Require group wheel
Allow from all
...even after all this, and restarting apache, it STILL will not work.
What I need is a step-by-step-by-step procedure for password protecting an Apache webfolder on CentOS, NOT using a .htaccess file. I'm going to start all over again from scratch.
Require group wheel
Using a .htpasswd containing users and their encrypted passwords must be followed by either one of the following
Require user user1
In your config above you try to use a group to authenticate your user(s). In this case you need to define a wheel group and a group file (Note: here wheel group not the same as the system wheel group):
Require group wheel
To my knowledge, I think bathory touched on a very important point
(Note: here wheel group not the same as the system wheel group)
System users and visitors of a website are not the same thing. If you want password protection of web pages so visitors are required to provide credentials, you configure apache and there is no need to create system users.
Basicly, you have no security enforcable. As soon as you allow users to put CGI scripts in the directory they can do anything they want to any directory on the system. Recent CentOS systems have some control - SELinux does compartmentalize apache separating it from the rest of the system, it can't separate apache from itself.
You don't list what errors you got, and that makes guessing what is wrong difficult.
It could be that you haven't enabled Apache with the SELinux boolean values you want. It could be that the files you want accessed are not accessable to apache - either through the usual Linux access permissions and/or SELinux labels (which may be invalid). It could be the password is incorrect.
It could even be that apache doesn't have access to the .htaccess file.
@chrism01: I tried that, no luck. But thanx for everyone's help so far, it is appreciated
@jpollard: Thanx for your input. I'm going to start all over.
OK...suppose I have a clean Apache HTTPD.CONF file.
I then run the following command in the document root:
> md test
...What would be the best-practice, step-by-step procedure for password-protecting this TEST directory with digest authentication, assuming that the appropriate apache module entry has been added to httpd.conf?
Thanx in advance everyone your help is appreciated
Note: the link provided is for debian, however since it relates to apache it is almost exactly the same as in redhat/centos. Just replace the paths such as /etc/apache2/ with /etc/httpd/ and /etc/apache2/mods-enabled/ is not the same. You would just add the LoadModule line to your /etc/httpd/conf/httpd.conf or in a seperate config file in /etc/httpd/conf.d/ if you have any questions on this let me know.