--- doc/build/Attic/loncapapasswordauthentication.html 2001/02/15 15:58:38 1.3 +++ doc/build/Attic/loncapapasswordauthentication.html 2002/02/27 00:19:47 1.6 @@ -1,26 +1,30 @@ - - -LON-CAPA Password authentication - - -

LON-CAPA Password authentication

-

+ + +LON-CAPA Password authentication + + +

LON-CAPA Password authentication

+

Scott Harrison -

-

-Last updated: 02/15/2001 -

-

+

+

+Last updated: 09/30/2001 +

+

This file describes issues associated with authenticating passwords on a LON-CAPA system. -

-

Latest HOWTO

-

+

+

+I am just now adding information on how to configure a LON-CAPA +system to work with shadow passwords. +

+

Latest HOWTO

+

The following section of perl code illustrates the different ways passwords can be evaluated. -

-

-

+

+

+

                           my ($howpwd,$contentpwd)=split(/:/,$realpasswd);
                           my $pwdcorrect=0;
                           if ($howpwd eq 'internal') {
@@ -41,8 +45,37 @@ different ways passwords can be evaluate
                           } else {
                              print $client "non_authorized\n";
                           }  
-
-

- - +
+

+
+Making a LON-CAPA system work with shadow passwords (in five steps; +assuming that the linux system is configured for shadow passwords) +
+1. Login as user=sysadm.
+2. cd ~
+3. mkdir install
+4. cd install
+5. wget http://www.wwnet.net/~janc/software/mod_auth_external-2.1.15.tar.gz
+6. tar xzvf mod_auth_external-2.1.15.tar.gz
+7. cd mod_auth_external/pwauth
+8. alter the config.h file line to match the UID of www
+#define SERVER_UIDS 500         /* user "www" */
+9. make
+10. sudo emacs -nw /etc/pam.d/pwauth
+      If you have a /etc/pam.d directory, you need to create a file named
+      "pwauth" inside it.  To authenticate out of the Unix Shadow file
+      under Redhat 6.x, the /etc/pam.d/pwauth file should look something like
+      this:
+
+        auth       required     /lib/security/pam_pwdb.so shadow nullok
+        auth       required     /lib/security/pam_nologin.so
+        account    required     /lib/security/pam_pwdb.so
+11.
+Place ~/mod_auth_external/pwauth/pwauth in /usr/local/sbin/ with
+setuid permissions.
+sudo cp /home/sysadm/install/mod_auth_external/pwauth/pwauth /usr/local/sbin/.
+sudo chmod 6755 /usr/local/sbin/pwauth
+
+ +