mod_auth_shadow - An Apache module for authentication using /etc/shadow.

by Brian Duggan <bduggan@matatu.org>

This software may be distributed under the terms of the GNU General Public License (GPL).

Contents:
    README      - this file
    INSTALL     - installation instructions
    CHANGES     - release notes
    makefile    - the makefile
    mod_auth_shadow.c - source for the module
    validate.c        - source for validate
    validate.h        - configurable #define's for validate.c
    testvalidate.c    - A program to test validate.
    mod_auth_shadow.spec - an rpm spec file

Description:

    mod_auth_shadow is an Apache module for authenticating
    users via an /etc/shadow file.

    When performing this task one encounters one fundamental
    difficulty: The /etc/shadow file is supposed to be
    read/writeable only by root.  However, the webserver is
    supposed to run under a non-root user, such as "nobody".

    mod_auth_shadow addresses this difficulty by opening a pipe
    to an suid root program, validate, which does the actual
    validation.  When there is a failure, validate writes an
    error message to the system log, and waits three seconds
    before exiting.

Adapted for Apache 2 by Bernard du Breuil <bernard.l.dubreuil@erdc.usace.army.mil>.

Thanks to Jeff Moore <jbm@oven.com> and Bennett Todd <bet@rahul.net>
for helping tackle this problem.

Thanks to Otto Wehrheim for help with the require group directive.

Thanks to Marcin Owsiany for several bug fixes.
