• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

php logon - using local unix user accounts?

Red Squirrel

Red Squirrel

No Lifer
This should be simple but can't seem to find much on google. I found this function but when I try to find what I need to install to make it work it seems to all lead to it being depricated:

pam_auth();


Basically I want to create a form where the user authenticates, and it checks the /etc/passwd to authenticate the user. Idealy I want to check if the user is in a certain group too, but I don't need this for my specific purpose.

How would I go about doing this? Long story short, I'm setting up a SVN server, I don't want to leave the SVN port wide open to all the internet, so I just want to create a basic form that you need to authenticate to first, if you pass authentication it will add your IP to the firewall for like a day.

As a side note, is there a way to make SVN authenticate against /etc/passwd as well? I want to make it so I only have 1 account to manage per user.
 
Can you write a little command-line applet in any other language and call that from a shell / backquotes in PHP? If you know how to do it in C++, Perl, shell script, whatever that's one approach.
 
Was thinking that too, hoping there's a php way of doing it but if not I may get better luck finding stuff on how to do it in c++ then just use that as a cgi or something.
 
Apache can be configured to run HTTP Authentication backed by PAM, this would work regardless of the language your site is written in.
 
Crusty said:
Apache can be configured to run HTTP Authentication backed by PAM, this would work regardless of the language your site is written in.
Click to expand...

That's kinda what I'm asking how to do. I think there's a module or something, just not sure what I have to do to make it work. I found something to the effect of installing pam via pear but don't think that alone is enough. There's probably a module string in the apache config file I have to include or something.
 
Oh wait, no sorry that's not the type of auth I'm asking for, I know how to do that. I want to actually code it in php to check the /etc/passwd file, not password protect a folder.

Basically, I want to make the pam_auth() function work. I just don't know what I have to do to make it work, as it says it's not a valid command. Guessing I have to load a module or something but not sure what.
 
Perfect

extension=pam.so

That was what I needed to do and now the function is recognized. Having other issues but reading further into it it looks like I need to give apache access to /etc/passwd and /etc/shadow which is obviously a security risk, so I might rethink my approach.
 
Red Squirrel said:
Perfect

extension=pam.so

That was what I needed to do and now the function is recognized. Having other issues but reading further into it it looks like I need to give apache access to /etc/passwd and /etc/shadow which is obviously a security risk, so I might rethink my approach.
Click to expand...

^^^ using apache's mod_auth and mod_proxy you can isolate the set of processes that can access those files so that your app which could processing unknown input won't have to be concerned with it.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top