[mythtv-users] mythweb not asking for passwords
Joe Ripley
vitaminjoe at gmail.com
Thu Aug 20 15:48:41 UTC 2009
On Thu, Aug 20, 2009 at 12:04 AM, Scott Macdonell<genius9976 at yahoo.com> wrote:
> I followed the instructions for securing mythweb from http://www.mythtv.org/wiki/MythWeb#Apache_Configuration to the T. I just reinstalled this backend about 2 weeks ago, and I thought I'd had mythweb password protected. I could have been wrong, but I also first noticed my problem suspiciously soon after an update. At first I just noticed it was only asking for a password when I tried to use mythweb on my backend machine. It would NOT require a password to log from any other remote location. I've done a bunch of messing with the Directory settings under httpd.conf, and nothing seems to have made any difference. Now I am even further from where I started as it doesn't even ask for a password when I log on from localhost. Anyway the stuff I added to /etc/httpd/conf/httpd.conf is below. I included some of the stuff that was already there so that somebody could tell me if I had put it in the wrong place.
>
>
> <Directory "/var/www/html">
>
> #
> # Possible values for the Options directive are "None", "All",
> # or any combination of:
> # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
> #
> # Note that "MultiViews" must be named *explicitly* --- "Options All"
> # doesn't give it to you.
> #
> # The Options directive is both complicated and important. Please see
> # http://httpd.apache.org/docs/2.2/mod/core.html#options
> # for more information.
> #
> Options Indexes FollowSymLinks
>
> #
> # AllowOverride controls what directives may be placed in .htaccess files.
> # It can be "All", "None", or any combination of the keywords:
> # Options FileInfo AuthConfig Limitasking
> #
> AllowOverride All
>
> #
> # Controls who can get stuff from this server.
> #
> Order allow,deny
> Allow from all
>
> </Directory>
>
> <Directory "/var/www/html/mythweb">
> Options Indexes FollowSymLinks
> AuthType Basic
> AuthName "MythTV"
> AuthUserFile /etc/httpd/conf/httpd-passwords
> Require user scott
> Order allow,deny
> Allow from all
> </Directory>
>
> Also, when I restart apache i get
>
> [root at mythback scott]# service httpd restart
> Stopping httpd: [ OK ]
> Starting httpd: httpd: apr_sockaddr_info_get() failed for mythback
> httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
> [ OK ]
>
>
> I'm not sure if those are problems or not. Also, Nothing really jumps out at me in /var/log/httpd/error_log It all just looks like:
>
> [Thu Aug 20 00:41:16 2009] [notice] caught SIGTERM, shutting down
> [Thu Aug 20 00:41:32 2009] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
> [Thu Aug 20 00:41:47 2009] [notice] Digest: generating secret for digest authentication ...
> [Thu Aug 20 00:41:47 2009] [notice] Digest: done
> [Thu Aug 20 00:41:47 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
> [Thu Aug 20 00:41:47 2009] [notice] mod_python: using mutex_directory /tmp
> [Thu Aug 20 00:41:48 2009] [notice] Apache/2.2.11 (Unix) DAV/2 PHP/5.2.9 mod_python/3.3.1 Python/2.6 mod_ssl/2.2.11 OpenSSL/0.9.8k-fips mod_perl/2.0.4 Perl/v5.10.0 configured -- resuming normal operations
>
> Thanks for any help you can give.
It probably has something to do with that 'Allow from all' directive
in your <Directory "/var/www/html/mythweb"> block. Try removing that
line...
--
Joe Ripley
vitaminjoe at gmail.com
More information about the mythtv-users
mailing list