Re: Bug#245940: apache-ssl: htpasswd user not found
I have apache-ssl version 184.108.40.206.2-4
The only thing in README.debian about authentication is this.
* Authentication problems:
Some users have experienced some authentication problems recently.
We were able to spot the problem for apache installations that happened
between version 1.3.28 and 220.127.116.11 due to a wrong default setup.
For a mistake mod_auth_sys was enabled by default. Unfortunatly
we cannot automatically remove the module since it would affect users
that are actually using it.
* mod_auth_system needs www-data to be in the shadow group to work
correctly. mod_auth_system itself is *BAD BAD BAD BAD* since it
sends system passwords over http. use SSL encryption if you have
to do this, otherwise don't!
Is something missing in README.Debian? What can I do to correct this?
> On Thu, 13 May 2004, Randy Belk wrote:
>> Package: apache-ssl
>> Version: 18.104.22.168.2-4
>> Severity: important
>> Followup-For: Bug #245940
>> After my stable upgrade to testing, .htpasswd's stopped working.
>> Apache (non-ssl) seems to work ok, but the SSL variant doesn't.
>> The error.log shows:
>> [Thu May 13 16:02:17 2004] [error] [client XXX.XXX.XX.XXX] user not
>> found: /~rbelk/private/
>> Notice the two spaces after "user".
>> Randy Belk
> As you might have noticed the bug it self is not a bug but a document
> behaviour change from upstream. All relevant notes are alredy in
> <user> fajita: step one
> <fajita> Whatever the problem, step one is always to look in the error
> log. <user> fajita: step two
> <fajita> When in danger or in doubt, step two is to scream and shout.
---------------------------------[ http://www.onlybsd.com/~rbelk/ ]--