koji 1.8.0-1 'toplink' Apache configuration
Mike McLean
mikem at redhat.com
Wed Jun 19 04:03:07 UTC 2013
On 06/15/2013 02:39 PM, John Morris wrote:
> Hi list,
>
> Updated to koji-1.8.0-1 over here.
>
> Koji repos reference local package URLs under the /kojifiles directory.
> Since the previous version installed here, symlinks named 'toplink'
> have been placed in generated repos' top level directories. The symlink
> is included package URL paths, and without 'FollowSymLinks' added to
> Apache's /kojifiles directory options, package URLs break.
Using toplink allows koji to create yum repos without a fixed baseurl
(rpm paths remain relative to the repo itself). This makes koji's repos
much more sane.
> Of course the Apache 'FollowSymLinks' behavior is disabled by default
> because of security implications. There may be a more secure
> configuration, but we're not worried about that in our environment. If
> others don't chime in with advice for more secure options, do your
> homework when security is a consideration in your environment!
Actually, FollowSymlinks is the default in the current apache httpd.
http://httpd.apache.org/docs/current/mod/core.html#options
"""
FollowSymLinks
The server will follow symbolic links in this directory. This is
the default setting.
"""
This may be new in 2.4.
> The line in question in the provided koji-hub httpd.conf example:
>
> https://git.fedorahosted.org/cgit/koji/tree/hub/httpd.conf?id=da6dd0b1832e9929565a1ab03ab844aacedaf755#n29
>
> Thanks-
>
> John
> --
> buildsys mailing list
> buildsys at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/buildsys
>
More information about the buildsys
mailing list