[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#619408: apache2.2-common: mod_authnz_ldap require directives unrecognized if loaded after mod_authnz_default



reassign 619408 libapache2-mod-auth-plain
thanks


> Fixed your grep up and did this instead:
> 
> # for pid in `pgrep apache2`; do for so in `cat /proc/$pid/maps |
> fgrep .so | awk '{ print $6 }' | sort -u`; do strings $so | grep
> -qi 'unknown require directive:' && echo $so; done; done
> 
> Which turned up this:
> /usr/lib/apache2/modules/mod_auth_plain.so
> 
> This is in this package:
> # dpkg -S /usr/lib/apache2/modules/mod_auth_plain.so
> libapache2-mod-auth-plain:
> /usr/lib/apache2/modules/mod_auth_plain.so

The bug is in libapache2-mod-auth-plain, reassigning.

From the source, it looks like a possible workaround may be to use 
"AuthPlainAuthoritative off" in the directory where you want to use 
ldap.

As for the module, it still uses the 2.0.x hooks which I am not very 
familiar with. Maybe adding

    if (!conf->auth_pwfile) {
        return DECLINED;
    }

near the beginning of plain_check_user_access() does the trick. But 
this should be tested for unintended side effects.

In principle, I would recommend to update the module to use the 2.2.x 
authn provider interface. OTOH, for wheezy, I hope that we will have 
Apache httpd 2.4.x which will change the interface again.



Reply to: