How to make Lighttpd Web Server to use /etc/shadow file

vikasumit · 05-01-2006, 01:03 AM

Hi,

I am running lighttpd web server, now I need to secure the application by using mod_auth for lighttpd. I did that and Lighttpd runs fine with htpasswd style files, But now my client want me to use /etc/shadow password file for authentication. But Lighty is not picking the Password from this file.

Please any help me , tell me how to configure Lighttpd to use /etc/passwd or /etc/shadow for user authentication.

cs-cam · 05-01-2006, 07:11 PM

Third party programs should never access those files, repeat after me...

For lighttpd to do authentication that way you'll want it to talk to PAM. I've only just played with lighttpd so maybe look at the docs or Google "lighttpd pam"

vikasumit · 05-02-2006, 01:00 AM

Hi,

I repeat ... Third party programs should never access those files

But I saw that Cpanel make use of it ... It allow login using System login account only... Maybe they have make a patch for it...

Can you tell me more about PAM what it is...I didn't understand what exactly PAM is..

cs-cam · 05-02-2006, 02:51 AM

Cpanel is a bit more in-grained into the OS thn most, and /etc/passwd is okay I was exaggerating, /etc/shadow is pretty important though.

PAM is an authentication system, I can't explain it any better than this page can

vikasumit · 05-06-2006, 01:51 AM

Hi,

Thanks for your reply, I found PAM a useful stuff, but unable to use it, and my client is ready to leave Shadow authentication...

) So, I don't need it for now as well...

But I will try it out some day....

Thanks a Lot for referring such a piece of software