+ +
+Scott Harrison -
--Last updated: 02/10/2001 -
-+
++Last updated: 09/30/2001 +
+This file describes issues associated with authenticating passwords on a LON-CAPA system. -
-+
++I am just now adding information on how to configure a LON-CAPA +system to work with shadow passwords. +
+The following section of perl code illustrates the different ways passwords can be evaluated. -
--
+ ++ ++
my ($howpwd,$contentpwd)=split(/:/,$realpasswd); my $pwdcorrect=0; if ($howpwd eq 'internal') { @@ -41,8 +45,37 @@ different ways passwords can be evaluate } else { print $client "non_authorized\n"; } -- - - +
+1. Login as user=sysadm. +2. cd ~ +3. mkdir install +4. cd install +5. wget http://www.wwnet.net/~janc/software/mod_auth_external-2.1.15.tar.gz +6. tar xzvf mod_auth_external-2.1.15.tar.gz +7. cd mod_auth_external/pwauth +8. alter the config.h file line to match the UID of www +#define SERVER_UIDS 500 /* user "www" */ +9. make +10. sudo emacs -nw /etc/pam.d/pwauth + If you have a /etc/pam.d directory, you need to create a file named + "pwauth" inside it. To authenticate out of the Unix Shadow file + under Redhat 6.x, the /etc/pam.d/pwauth file should look something like + this: + + auth required /lib/security/pam_pwdb.so shadow nullok + auth required /lib/security/pam_nologin.so + account required /lib/security/pam_pwdb.so +11. +Place ~/mod_auth_external/pwauth/pwauth in /usr/local/sbin/ with +setuid permissions. +sudo cp /home/sysadm/install/mod_auth_external/pwauth/pwauth /usr/local/sbin/. +sudo chmod 6755 /usr/local/sbin/pwauth ++ +