[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-developers] Two updates pending, Anyone have feedback on them? (raq550)
- Subject: RE: [cobalt-developers] Two updates pending, Anyone have feedback on them? (raq550)
- From: BSmith@xxxxxxxxxxx
- Date: Fri Dec 6 06:39:01 2002
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
-----Original Message-----
From: David Smulsky
Subject: [cobalt-developers] Two updates pending, Anyone have feedback
on them? (raq550)
RaQ550-All-Update-0.0.2-15983
RaQ550-All-Security-0.0.1-15787
I know initially there was problems with .htaccess and alike, did SUN
re-release the patches, so I dont bust a production box?
Thanks
Dave
_______________________________________________
Dave,
I installed the "15983". I ran into that "mod_auth_pam" problem.
But, I fixed it. I posted the fix on the user's list, I will include
it with this email.
I can run the 15787 one, and let the list know if it brakes my box.
I run a semi-production unit, so I do not care if it goes down for
periods of times.
~Brian
How you can test to see if it messes you up:
CLI to your server
cd /home/sites/<yoursite>/web
mkdir private
cd private
echo "#Access file" > .htaccess
echo "order allow,deny" >> .htaccess
echo "allow from all" >> .htaccess
echo "require group site2" >> .htaccess
echo "Authname WebStats" >> .htaccess
echo "Authtype Basic" >> .htaccess
echo "AuthAuthoritative off" >> .htaccess
echo "AuthPAM_Enabled on" >> .htaccess
Then try via the web to authenticate. You can either use
"admin" / <password> or your <siteadmin> / <password>
If you can authenticate, you are fine ... if it says "Internal Server
Error" or something like that, apply the patch!
Enjoy!
~Brian N. Smith
_________________________________________________
The mysterious .htaccess fix:
Edit /etc/httpd/conf/httpd.conf
Very first line, (after the upgrade) should read like this:
LoadModule pam_external_auth_module modules/mod_auth_pam_external.so
Now, the problem is the placement of the LoadModule ... If you look down
your screen you will see "ClearModuleList". Oh wait, then you just
whipped out what you loaded.
That is NOT good!!!! The fix?
Well, remove the
"LoadModule pam_external_auth_module modules/mod_auth_pam_external.so"
from the very first line, and then look down a ways, you should see that
same line again, but with a comment. So, just uncomment that line out
... and restart apache.
***** NOTICE ******
If you haven't seen, the Cobalt 550 uses PAM authentication for it's users.
They are stored in a database. If you remove the "AuthPAM_Enabled on", you
will NOT be able to authenticate against the system.
Do not remove anything that references "AuthPAM", you could have an adverse
reaction, and actually cause some damage somewhere, somehow ...