[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Apache User Authentication



Hi Eric,

> I am trying to setup user authentication on my SUSE 9.0 box and I keep=20
> running into 500 errors, or the username and password will not work in=20
> the pop up window.  The errors I get in the logs are:
>=20
> [Thu Sep 09 12:00:24 2004] [error] [client 192.168.1.103] (2)No such=20
> file or directory: Could not open password file: /etc/apache/.htaccess
> [Thu Sep 09 12:00:24 2004] [error] [client 192.168.1.103] user admin not=
=20
> found: /
>
--> Just a thought: have you check the ownership and access rights of
/etc/apache/.htaccess ?

On my SuSE 9.0 system, the process "httpd" runs as user "wwwrun". So=20
/etc/apache/.htaccess should be readable by user "wwwrun" and probably=20
not by anyone else (to protect from local users).

HTH,
Armin

--=20
Am Hasenberg 26         office: Institut f=FCr Atmosph=E4renphysik
D-18209 Bad Doberan             Schloss-Stra=DFe 6
Tel. ++49-(0)38203/42137        D-18225 K=FChlungsborn / GERMANY
Email: schoech@xxxxxxxxxxxx     Tel. +49-(0)38293-68-102
WWW: http://armins.cjb.net/     Fax. +49-(0)38293-68-50


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here