httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André <>
Subject [users@httpd] On access decrypted svn repository served through apache autenticated through pam - I'm stuck
Date Tue, 04 Apr 2006 01:31:00 GMT
Hi all,
I really like apache, subversion and encryption. Maintaining files 
through subversion + apache already works very well, but sensitive files 
have to be encrypted. Encrypting files before check-in is cumbersome and 
makes your respository a binary mess.

I thought apache could help decrypting files (like a svn repository) on 
authentication.  Unfortunately I could not find a working solution 
anywhere and nothing about impersonation, thus I tried it myself. This 
is what I tried:

encfs (encrypted user land file system) + libpam_encfs (decrypts home 
directories on the fly) + libapache2-mod-auth-pam (autentication with pam)

1. automatic mounting of the encrypted directory (/var/www/encrypted) on 
login (from shell) works
2. autentification through pam on a website (through apache) works
3. both combined - does not work:
reading the supposedly  mounted directory from apache does not work, the 
file does not appear in directory listings

I tried many user/group/permission combinations and now I am a bit stuck.
What I did not yet try is to recompile apache with -DBIG_SECURITY_HOLE 
to access everything from root, I guess this is discouraged :-)

I guess this might have to with privilege seperation:
Would that patch help me? Is there anything like that for Apache2?
Does anyone know of any alternative?


ps. My /etc/pam.d/apache2
@include common-auth
@include common-account
auth required
session required

Snipplet from enabled site:
AuthType Basic
AuthName "Secure"
Require user encrypted
AuthPAM_Enabled on

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message