[TriLUG] apache passwd management strategies (subversion)

Timothy Chagnon tachagnon at gmail.com
Thu Sep 22 15:57:50 EDT 2005


Since apache2 or thereabouts, htpasswd entries can use MD5 hashes just
like the /etc/shadow file.  And they're both colon delimited, so you
just need to take the first two columns from the shadow file.  So you
can simply use a command like the following to create the htpasswd
file:

cut -d: -f1-2 /etc/shadow

Of course that includes some system only users like root,apache... So
pipe the above to a tail +n command to skip those first n lines of
input:

cut -d: -f1-2 /etc/shadow | tail +25 >/etc/httpd/conf/htpasswd

And apache will respect !! passwords for disabled accounts.  So just
put the above command into a hourly, 5 minute, or whatever your
preference cron entry and it will sync HTTP users with their system
passwords.

On 9/22/05, Scott Lundgren <trilug at capitalfellow.com> wrote:
>
> What are your suggestions for managing htpasswd entries for individual users?
> Ideally, I'd like to keep a user's login passwd in sync with their
> htpasswd entry, and do it automagically like samba does it.
>



More information about the TriLUG mailing list