View Single Post
  #1   (View Single Post)  
Old 22nd June 2016
ed.n1n2 ed.n1n2 is offline
Port Guard
 
Join Date: Mar 2015
Posts: 30
Question Nginx w/ basic auth fails due to permissions

Hello,

Running 5.9 with nginx installed. Runs just fine under normal conditions with root:www, but utterly refuses to load the basic auth file regardless of permissions.

I'm presented with the opportunity to log in with a test user name and password, but I'm presented with a 403 afterwards for all requests. Looking in the errors log I find:

Code:
[error] 28120#0: *1 open() "/etc/nginx/auth_acs" failed (2: No such file or directory), client: 10.0.0.50, server: 10.0.0.2, request: "GET /gs/index.html HTTP/1.1", host: "10.0.0.2"
In my location directive I have some basic limitations by IP address (working just fine), and then two lines for the auth:

Code:
auth_basic           "Dev ACS Server";
auth_basic_user_file auth_acs;
The auth_acs file was populated with openssl passwd (w and w/o -apr1), as well as htpasswd, with no differences in 403 responses.

Permissions:
Code:
drwxr-xr-x  26 root    wheel    2.0K Jun 21 19:05 etc
drwxrwxr-x   2 root  www         512B Jun 22 14:49 nginx
-rwxrwxrwx   1 root  www     209B Jun 22 15:00 auth_acs
The moment I comment out the auth directives, everything is working again just fine. It seems that nginx cannot load the password file, even with that password file having 777 permissions.

While it's a very bad idea, I can't even change the user name of the nginx process to root to see if it work. Nginx refuses to start with it, which is probably a good thing.

Any advice on getting HTTP auth up and running?
Reply With Quote