need some help with base httpd

Sun, 17 Feb 2008 23:37:39 -0800 

After spending the weekend testing this every which way and searching 
the net and archives to no avail, I need a few more eyes to help 
determine whether this is a bug, a feature, or some minor stupidity on 
my part...

First the environment:

OpenBSD 4.2-stable (GENERIC) #1: Fri Feb  1 02:28:33 EST 2008

 - kernel patched and rebuilt by meticulously following the FAQ on 
performing CVS patch-branch update and rebuild.

 - using base httpd with no additional packages.

Now, the problem:

I need to secure a few distinct directories on this server, and to 
simplify config file maintenance decided to put the common directives 
into a file to be 'Include'd - reproduced further below. Here is an 
example of such an 'Include' in the main httpd.conf:
        <Directory "/var/www/cgi-bin">
            AllowOverride None
            Options None
            Include conf/admins.conf
        </Directory>

conf/admins.conf:

        # May use password auth
        AuthType Basic
        AuthName "By Invitation Only"
        AuthUserFile conf/passwords
        Require valid-user

        # Or must come from known IP
        Order allow,deny

        # Special address
        Allow from a.b.c.d

        # Internal LAN
        Allow from 192.168.1.0/24

        # Bitwise NOC
        Allow from 204.97.222.0/26

        # Remote site 1
        Allow from x.y.z.w/28

        # Remote site 2
        Allow from j.k.l.m/29

        # Either/Or is okay
        Satisfy any

Notes:
 1) there is a blank line at the top and the bottom of the file.
 2) remote addresses are obfuscated, rest of file is shown intact.

Running 'apachectl configtest' generates the following error:
        root:18# apachectl configtest
        Syntax error on line 3 of /var/www/conf/admins.conf:
        AuthType not allowed here

My dilemma is that actually including the directives instead of using 
the 'Include' above works perfectly as expected. I even tried 
transferring only some of the directives from the include file into the 
main httpd.conf, and invariably configtest complains about the very 
first active directive in the include file.

Every clue is welcome,

-Jacob.

---------------------------------------------------------
System Administrator                    [EMAIL PROTECTED]
Bitwise Internet Technologies, Inc.
22 Drydock Avenue                     tel: (617) 737-1837
Boston, MA 02210                      fax: (617) 439-4941

Reply via email to