[PATCH] files: Tell Apache to let clients follow symlinks
Mike McLean
mikem at redhat.com
Fri May 15 15:48:54 UTC 2015
On 05/15/2015 10:17 AM, Mathieu Bridon wrote:
> On Fri, 2015-05-15 at 09:13 -0500, Dennis Gilmore wrote:
>> On Friday, May 15, 2015 03:14:59 PM Mathieu Bridon wrote:
>>> On Wed, 2015-05-13 at 12:11 -0500, Pat Riehecky wrote:
>>>> Could we use +SymLinksIfOwnerMatch instead of +FollowSymLinks ?
>>>
>>> Not sure.
>>>
>>> Here, /mnt/koji belongs to root:root, so SymLinksIfOwnerMatch would not
>>> allow clients to follow the "toplink" link.
>>>
>>> How is it in other deployments? Do people usually give /mnt/koji itself
>>> to apache:apache? (or whatever the user under which Koji runs)
>> most if not all of /mnt/koji needs to be owned by apache for koji to work.
>> koji does assume that it owns all of /mnt/koji
>
> Here, stuff in /mnt/koji is owned by apache:apache, but /mnt/koji itself
> is owned by root:root.
>
> But I'm happy to just change the ownership, and then resend a patch that
> does what Pat was suggesting. :)
FollowSymLinks is the default in apache 2.4, so unnecessary there.
https://httpd.apache.org/docs/current/mod/core.html#options
For the folks still on 2.2 (which is probably a lot given that rhel6 has
2.2), I think setting either should be fine.
This is just the default config, so users can adjust it as needed.
More information about the buildsys
mailing list