ProFTPD module mod_auth_unix



This module is contained in the mod_auth_unix.c file for ProFTPD 1.3.x, and is compiled by default.

Directives


Syntax: AuthUnixOptions opt1 ...
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_auth_unix
Compatibility: 1.3.3rc2

The AuthUnixOptions directive is used to tweak various Unix-specific authentication behaviors in mod_auth_unix. The currently implemented options are:


Syntax: PersistentPasswd on|off
Default: None
Context: server config, <VirtualHost>, <Global>
Module: mod_auth_unix
Compatibility: 1.2.0

The PersistentPasswd directive controls how mod_auth_unix handles authentication, user/group lookups, and user/group to name mapping. If set to on, mod_auth_unix will attempt to open the system-wide /etc/passwd, /etc/group (and potentially /etc/shadow) files itself, holding them open even during a chroot()ed login. (Note that /etc/shadow is never held open, for security reasons).

On some platforms, you must turn this option on, as the libc functions are incapable of accessing these databases from inside of a chroot(). At compile-time, the configure script will attempt to detect whether or not you need this support, and set the default accordingly.. However, such "guessing" may fail, and you will have to manually enable/disable the feature. If you cannot see user or group names when performing a directory listing inside a chroot()ed login, this indicates you must enable the directive. Use of the AuthUserFile or AuthGroupFile directives will force partial support for persistent user or group database files, regardless of PersistentPasswd's setting.

Note: NIS/NIS+ and NSS users will most likely want to disable this feature, regardless of proftpd's detected configuration defaults. Failure to disable this will make your NIS/NIS+ maps and NSS lookups not work! On certain systems, you may also need to use the --enable-autoshadow option in order to authenticate both users from NIS maps or NSS lookups, and local users.


Installation

The mod_auth_unix module is compiled by default.



Author: $Author: castaglia $
Last Updated: $Date: 2010/06/23 00:03:26 $


© Copyright 2010
All Rights Reserved