[BackupPC] Broken configuration for httpd 2.4 (bz #871353)
Bernard Johnson
bjohnson at fedoraproject.org
Mon Dec 24 23:46:24 UTC 2012
commit 1166e6406e9e63af33eba9bde6618bf203a8cec3
Author: Bernard Johnson <bjohnson at symetrix.com>
Date: Mon Dec 24 16:42:24 2012 -0700
Broken configuration for httpd 2.4 (bz #871353)
BackupPC.htaccess | 25 +++++++++++++++++++------
BackupPC.spec | 1 +
2 files changed, 20 insertions(+), 6 deletions(-)
---
diff --git a/BackupPC.htaccess b/BackupPC.htaccess
index 1538502..1ebc77e 100644
--- a/BackupPC.htaccess
+++ b/BackupPC.htaccess
@@ -1,4 +1,4 @@
-<Directory /usr/share/BackupPC/sbin/>
+<Directory /usr/share/BackupPC/>
# BackupPC requires valid authentication in order for the web interface to
# function properly. One can view the web interface without authentication
# though all functionality is disabled.
@@ -6,15 +6,28 @@
# htpasswd -c /etc/BackupPC/apache.users yourusername
#
-order deny,allow
-deny from all
-allow from 127.0.0.1
-allow from ::1
AuthType Basic
AuthUserFile /etc/BackupPC/apache.users
AuthName "BackupPC"
-require valid-user
+<IfModule mod_authz_core.c>
+ # Apache 2.4
+ <RequireAll>
+ Require valid-user
+ <RequireAny>
+ Require local
+ </RequireAny>
+ </RequireAll>
+</IfModule>
+<IfModule !mod_authz_core.c>
+ # Apache 2.2
+ order deny,allow
+ deny from all
+ allow from 127.0.0.1
+ allow from ::1
+ require valid-user
+</IfModule>
+
</Directory>
diff --git a/BackupPC.spec b/BackupPC.spec
index 130706f..f89378e 100644
--- a/BackupPC.spec
+++ b/BackupPC.spec
@@ -339,6 +339,7 @@ fi
- fix deprecated qw messages (partial fix for bz #755076)
- CVE-2011-5081 BackupPC: XSS flaw in RestoreFile.pm
(bz #795017, #795018, #795019)
+- Broken configuration for httpd 2.4 (bz #871353)
* Sun Dec 6 2012 Peter Robinson <pbrobinson at fedoraproject.org> 3.2.1-9
- Fix FTBFS on F-18+
More information about the scm-commits
mailing list