Andrei's questions

I'm trying to set up HTTP Basic auth with PAM on Apache (running on Ubuntu 10.04).

I have a VirtualHost setup with SSL and the options below for HTTP Basic authentication:

AuthBasicAuthoritative off
AuthPAM_Enabled On
AuthType Basic
AuthName "PAM"
require valid-user

However, PAM refuses to log me in, despite having the right credentials.

Here's what I have in auth.log:

unix_chkpwd[25522]: password check failed for user (test)
apache2: pam_unix(apache2:auth): authentication failure; logname= uid=33 euid=33 tty= ruser= rhost=XX.XX.XX.XX user=test

Could this be related to HTTPS sending the encrypted password to Apache, and Apache failing to decrypt it somehow, instead sending it directly to PAM?

Help is greatly appreciated.

My company will be working on restructuring/rethinking the whole IT infrastructure for a small company (about 25 employees). A part of this is a migration to Google Apps for email, calendar, etc. That leaves many other things to think about (file sharing, business processes, etc.).

Is there any "best practice" way to gathering data from users about what are the actual pain points, what needs to be improved, of a more "scientific" way than simply asking/guessing?

I was thinking of running a software usage monitor such as RescueTime for each employee (with their approval), during, say, a week.

What are the other means of assessing user needs when given the opportunity to make as many changes as needed to IT infrastructure?

We have a small 768mb RAM VPS running Ubuntu 10.04 server, hosting a few low-traffic websites and an Etherpad instance. We've been running this setup for more than 6 months, and very recently have begun experiencing problems with the MySQL server (or, at least, noticed it).

We've been getting random MySQL connection errors on our DB-driven sites and apps, that seem to resolve naturally in around 3 to 5 minutes, during witch the server is unresponsive (barely can login with SSH). When that happens, restarting Apache seems to fix the problem, but things that don't use MySQL don't seem to be affected.

I have enough experience with servers to setup and keep running when things are OK, but I'm not a sysadmin and altough I'm fairly confortable with Linux, I don't know where to begin looking for this problem. I've seen things about iotop, we have Munin and our VPS's provider (Linode) monitoring tools installed, but I don't see how to get from the data to identifying the culprit.

How would one begin diagnosing such a problem, and what would be your suppositions as to what the root cause is ?

Thanks !

[UPDATE]

Here's the output I'm getting from vmstat 5

procs -----------memory---------- ---swap-- -----io---- -system-- ----cpu----
 r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa
 0  1 262136  54516   3052  54844    0    0     0     0    0    0  1  0 98  1
 0  3 262136   9404   3324  96600    0    0  8167    18 4104 2284  3  2 70 25
 0  3 262136  22492   3232  81932    0    0  3651     8 1646  998  1  1 51 48
 1  0 262136   9540   3392  93048    6    2  4130    21 2047 1089  1  1 69 30
 2  0 262136   9804   3392  90996    0    0  2517     2 5527 3171  5  5 75 15
 2  0 262136  10036   3400  91000    0    0     1    10 7136 4402  7  8 85  0
 0  0 262136  10112   3544  91328    0    0    94     3 3319 1991  3  4 92  2
 0  0 262136   9720   3560  92144    0    0   165    30  272  312  0  0 99  1
 0  0 262136  10008   3560  92164    0    0     4     1  252  305  0  0 100  0
 0  0 262136  10852   3624  92584    0    0    99     0  302  338  0  0 87 13
 0  1 262136  10728   3636  92724    0    0    28     5  245  307  0  0 97  3
 0  0 262136  10480   3652  93124    0    0    81     1  270  315  0  0 94  6

I have a VirtualHost set to proxy all requests to another server running on port 9000.

What I have :

ProxyPass / http://localhost:9000/
ProxyPassReverse / http://localhost:9000/

What I've tried :

! ProxyPass /test.html http://localhost:9000/
ProxyPass /test.html ! http://localhost:9000/
ProxyPassMatch !^/(.*\.html)$ http://localhost:9000/$1 

None of which worked...

I'd like to exclude a file or a set of files from being proxied, the documentation says something about "The ! directive is useful in situations where you don't want to reverse-proxy a subdirectory.", but there are no examples for that situation.

I have a script that executes several commands in a user's home directory. The files are owned by the user and Apache (the www-data group) only has read privileges to them. The script needs to be executed on demand by PHP via exec(), and performs some deletions / untarring of files, which fail since Apache doesn't have write permissions to the directories.

I've tried editing the sudoers file like this :

www-data ALL=(user) NOPASSWD: /bin/su user -c /home/user/bin/script.sh

but it prompts me for the user's password

I've also tried

www-data ALL=(root) NOPASSWD: /usr/bin/sudo su user -c /home/user/bin/script.sh

but that prompts for www-data's sudo password

How to I get this to work without a password ?