On Tue, 2007-08-28 at 00:47 -0400, Todd Zullinger wrote:
I'm not sure what I've got wrong then. If I change
/etc/hosts to:
127.0.0.1 localhost localhost.localdomain
it works. If localhost.localdomain is the canonical name in
/etc/hosts, I get denied.
Using your examples, I found the same. I've not done this with FC7's
Apache before, but I've certainly used localhost without any problems,
with Apache on prior Fedora releases. I keep forgetting that the server
is still on FC4.
There's something screwy, here. With that line, if I try to find the IP
for either name, I should be told it. And I am, either will resolve.
If I try to find the name for that IP, I'll be told the first one.
Apache acts like it's doing a double lookup (names to IPs and back
again).
The expected behaviour:
Set Apache to allow from localhost.
Try browsing
http://localhost/ from localhost.localdomain.
The check should find out the IP for the localhost.localdomain and see
if it's the same IP for localhost.
I added a localhost.localdomain zone to my local DNS and things
still
wouldn't work. (I'd previously only had a localhost zone.)
I've got both, I've had them that way since my nameserver was set up on
FC4.
I don't know if IPv6 muddies the waters...
[root@bigblack conf]# host localhost
localhost has address 127.0.0.1
localhost has IPv6 address ::1
[root@bigblack conf]# host localhost.localdomain
localhost.localdomain has address 127.0.0.1
Commenting out the localhost entry in /etc/hosts didn't work
either.
Care to test this out and let me know if it's just me (and Charles)
with this problem? I created /etc/httpd/conf.d/test.conf with the
following content:
Alias /tmp /tmp
<Directory /tmp>
Options Indexes
Order deny,allow
Deny from all
#Allow from 127.0.0.1
#Allow from localhost
#Allow from localhost.
#Allow from localhost.localdomain
</Directory>
In /etc/hosts:
127.0.0.1 localhost.localdomain localhost
I am able to browse to
http://localhost/tmp/ with either the 127.0.0.1
or localhost.localdomain allow lines uncommented. Neither the
localhost nor localhost. allowed me to access the URL.
Confirmed.
Personally, I've always avoided using localhost. About the only time I
do is when browsing the CUPS configuration server. Otherwise, I
normally use the name of the machine to browse to, and IPs in the Apache
restrictions.
--
[tim@bigblack ~]$ uname -ipr
2.6.22.1-41.fc7 i686 i386
Using FC 4, 5, 6 & 7, plus CentOS 5. Today, it's FC7.
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.