nginx doesn't seem to recognize "auth_pam" directive

Question

I'm trying to set up a basic http auth using the linux system credentials using pam. I installed the nginx-extras package and i can see that the pam dynamic module is getting loaded into nginx. My "nginx -V" output contains this:

--add-dynamic-module=/build/nginx-STHBxL/nginx-1.10.1/debian/modules/nginx-auth-pam

I created an nginx file in /etc/pam.d which simply contains:

@include common-auth

My sites-enabled file under /etc/nginx looks like this:

server { listen 80; server_name localhost; root /home/admin/Apps/seaWeb; location /{ auth_pam "Secure Zone"; auth_pam_service_name "nginx"; try_files $uri $uri/ /index.html; } }

Now, whenever i try to restart nginx, i keep getting this from the error log:

2016/12/07 12:35:10 [emerg] 2980#2980: unknown directive "auth_pam" in /etc/nginx/sites-enabled/seaWeb:1

I basically tried to follow all the instructions under here: http://www.doublecloud.org/2014/01/nginx-with-pam-authentication/

Looked online and here, but couldn't find any clues. Someone suggested that extra newlines may be an issue but doesn't look that way.

Any suggestions on what i'm missing here.

Answer 1

The 1.10 version of nginx now supports loadable modules. If you install the libnginx-mod-http-auth-pam package you will get the auth_pam module.

So, you need to do the following:

sudo apt-get install libnginx-mod-http-auth-pam
sudo ln -s /usr/share/nginx/modules-available/mod-http-auth-pam.conf /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf
# Add 'include /etc/nginx/modules-enabled/*.conf;' near the top of /etc/nginx/nginx.conf if it isn't there already
sudo systemctl restart nginx

That will install the module and configure it to be loaded when nginx starts.