Configuring for PAM authentication

[caldodge]

The documentation says that an examination of auth_conf.xml gives the best examples of authentication configuration. But nowhere do I see documentation on actually configuring auth_conf.xml to use PAM. We've already done the hard part in system authentication, determining all the tweaks needed to get the system to authenticate. How can we tell galaxy "use system authentication"?

[nsoranzo]

@caldodge I am not an expert on PAM, but I think the best documentation is at the start of this Python module: https://github.com/galaxyproject/galaxy/blob/dev/lib/galaxy/auth/providers/pam_auth.py

When you manage to sort this out, pull requests to update the sample auth config and/or the auth documentation are welcome!

[caldodge]

@nsoranzo , thanks! It appears the pam_auth.py file has exactly what I need.

But I can't test this, because I can't connect to the service. I followed the basic instructions (git clone version, run "sh run.sh" in the resulting folder), and it's listening to port 8080, but pointing a browser to the system on that port gets me "404 not found".

I looked at the log files, but none seem to mention a failed URL, as I would see with Apache. Are the instructions missing a critical step?

[caldodge]

@nsoranzo - Kindly ignore my last note. I discovered the source of the problem.

[caldodge]

@nsoranzo I will do the indicated request to update the documentation eventually. For now, note that it has one error. The PAM service referenced should be "sshd", rather than "ssh", at least on Red Hat and similar systems.