Can't get DBM Authentization to work!

Can't get DBM Authentization to work!

Post by Gil Vidal » Tue, 18 Nov 1997 04:00:00



--------------309311C78BB028D999A8E7BF
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Has anyone successfully set up a protected directory in Apache on a
LINUX box, so that when a user wants to access a restricted URL within a
web site, they have to enter the correct userid and password?

I  need to set up a DBM password file instead of the default flat file,
"htpasswd".  I can't access the DBM file I created. Instead, I receive
the following error in the error_log file:

     access to /usr/www/truepath/htdocs/passwd_file failed for
192.168.123.3, reason:
     could not open dbm auth file
     access to /usr/www/truepath/htdocs failed for 192.168.123.3,
reasons: DBM user gil not found

My httpd.conf file contains:
<Directory /usr/www/truepath/htdocs>
AuthName               "Truepath Members Only"
AuthType                Basic
AuthDBMUserFile   /usr/www/truepath/htdocs/passwd_file
require                     valid-user
</Directory>

(I plan on moving the password file out of the document root before
going live.)

My OS is LINUX 2.0.3, and I successfully compiled Apache 1.2.4 with
LIBS1= -ldbm and EXTRA_LIBS= -lgdbm. I also included mod_auth_dbm.o and
commented out mod_auth_db.o since I my goal is to use a GNU dbm password
file. (I'm not using Berkeley DB, as far as I can tell).

I produced the passwd_file by using dbmmanage, a Perl program that comes
with Apache 1.2.4. I ran the program as follows:

          dbmmanage /usr/www/truepath/htdocs/passwd_file adduser gil gil

The output of dbmmanage is:

          User gil added with password gil, encrypted to yHPSsbD3h3Q/c

The file has the following permissions:

          -rw-r--r--    1 root     root            12304 Nov 17 14:03
passwd_file

I added "use GDBM_File;" to the dbmmanage program since I want to use a
GNU dbm password file.

I tried various permissions on the passwd_file including,  777, 664,
644, but this hasn't helped any :-(

I red the bug report PR#708 in the apache bug database and decided to
try out the latest version of dbmmanage for apache version 1.3, and the
result is two files:

          -rw-r--r--    1 root     root            12304 Nov 17 14:06
passwd_file.dir
          -rw-r--r--    1 root     root            12304 Nov 17 14:06
passwd_file.pag

I'm not sure what to do with these two files?

The code the produces the error is in mod_auth_dbm.c and is included
below:

module dbm_auth_module;

char *get_dbm_pw(request_rec *r, char *user, char *auth_dbmpwfile) {
    DBM *f;
    datum d, q;
    char *pw = NULL;

    q.dptr = user;
    q.dsize = strlen(q.dptr);

    if(!(f=dbm_open(auth_dbmpwfile,O_RDONLY,0664))) {
        log_reason ("could not open dbm auth file", auth_dbmpwfile, r);
        return NULL;
    }

PLEASE HELP!

Gil

--------------309311C78BB028D999A8E7BF
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit

<HTML>
Has anyone successfully set up a protected directory in Apache on a LINUX
box, so that when a user wants to access a restricted URL within a web
site, they have to enter the correct userid and password?

<P>I&nbsp; need to set up a DBM password file instead of the default flat
file, "htpasswd".&nbsp; I can't access the DBM file I created. Instead,
I receive the following error in the error_log file:

<P>&nbsp;&nbsp;&nbsp;&nbsp; access to /usr/www/truepath/htdocs/passwd_file
failed for 192.168.123.3, reason:
<BR><B>&nbsp;&nbsp;&nbsp;&nbsp; could not open dbm auth file</B>
<BR>&nbsp;&nbsp;&nbsp;&nbsp; access to /usr/www/truepath/htdocs failed
for 192.168.123.3, reasons: DBM user gil not found

<P><B>My httpd.conf file contains:</B>
<BR>&lt;Directory /usr/www/truepath/htdocs>
<BR>AuthName&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
"Truepath Members Only"
<BR>AuthType&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
Basic
<BR>AuthDBMUserFile&nbsp;&nbsp; /usr/www/truepath/htdocs/passwd_file
<BR>require&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
valid-user
<BR>&lt;/Directory>

<P>(I plan on moving the password file out of the document root before
going live.)

<P>My OS is LINUX 2.0.3, and I successfully compiled Apache 1.2.4 with
<B>LIBS1= -ldbm</B> and <B>EXTRA_LIBS= -lgdbm</B>. I also included <B>mod_auth_dbm.o</B>
and commented out mod_auth_db.o since I my goal is to use a GNU dbm password
file. (I'm not using Berkeley DB, as far as I can tell).

<P>I produced the passwd_file by using dbmmanage, a Perl program that comes
with Apache 1.2.4. I ran the program as follows:

<P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <B>dbmmanage
/usr/www/truepath/htdocs/passwd_file adduser gil gil</B>

<P>The output of dbmmanage is:

<P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <B>User gil added
with password gil, encrypted to yHPSsbD3h3Q/c</B>

<P>The file has the following permissions:

<P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <B>-rw-r--r--&nbsp;&nbsp;&nbsp;
1 root&nbsp;&nbsp;&nbsp;&nbsp; root&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
12304 Nov 17 14:03 passwd_file</B>

<P>I added "<B>use GDBM_File</B>;" to the dbmmanage program since I want
to use a GNU dbm password file.

<P>I tried various permissions on the passwd_file including,&nbsp; 777,
664, 644, but this hasn't helped any :-(

<P>I red the bug report PR#708 in the apache bug database and decided to
try out the latest version of dbmmanage for apache version 1.3, and the
result is two files:

<P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <B>-rw-r--r--&nbsp;&nbsp;&nbsp;
1 root&nbsp;&nbsp;&nbsp;&nbsp; root&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
12304 Nov 17 14:06 passwd_file.dir</B>
<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <B>-rw-r--r--&nbsp;&nbsp;&nbsp;
1 root&nbsp;&nbsp;&nbsp;&nbsp; root&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
12304 Nov 17 14:06 passwd_file.pag</B>

<P>I'm not sure what to do with these two files?

<P>The code the produces the error is in mod_auth_dbm.c and is included
below:

<P>module dbm_auth_module;

<P>char *get_dbm_pw(request_rec *r, char *user, char *auth_dbmpwfile) {
<BR>&nbsp;&nbsp;&nbsp; DBM *f;
<BR>&nbsp;&nbsp;&nbsp; datum d, q;
<BR>&nbsp;&nbsp;&nbsp; char *pw = NULL;
<BR>&nbsp;
<BR>&nbsp;&nbsp;&nbsp; q.dptr = user;
<BR>&nbsp;&nbsp;&nbsp; q.dsize = strlen(q.dptr);
<BR>&nbsp;
<BR>&nbsp;&nbsp;&nbsp; if(!(f=dbm_open(auth_dbmpwfile,O_RDONLY,0664)))
{
<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; log_reason ("<B>could not
open dbm auth file</B>", auth_dbmpwfile, r);
<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return NULL;
<BR>&nbsp;&nbsp;&nbsp; }
<BR>&nbsp;

<P>PLEASE HELP!

<P>Gil</HTML>

--------------309311C78BB028D999A8E7BF--

 
 
 

1. some dbm passwords don't work anymore

i'm running apache 1.3.1 with mod_auth_dbm on a sparc 5 running solaris

i had a system of DBM username/passwords that were working fine until
today, some of them stopped working.  when th suer tries to log in, they
get authorization failed.  the error log says: DBM user <username> not found.
But the users are there and the passwords are correct.  I confirmed this
with dbmmange.  Can someone suggest what may be causing this or
how to fix it?  Thanks.

--
Howard Goldstein
Technical Director, New Media Group
Thirteen/WNET
356 West 58th Street
New York, NY 10019
(212) 560-6924

http://www.wnet.org

2. DMA problems w/ PIIX3 IDE, 2.4.20-pre4-ac2

3. It's not bad canned meat...

4. kde 3.0.1 - slow login

5. restricting access of a group to certain directories

6. Apache mod_auth_dbm err:'can't open dbm file'

7. Network server upgrade for 25 clients

8. Getting XLock 'swirl' mode working:

9. Help getting 'mirror' to work

10. getting 'at' to work

11. Getting 'htpasswd' to work w/Apache & FreeBSD

12. +!+how to install DBM in Solaris , Is there a need to install DBM in solaris