| Summary: | Even with "UserDir disabled" still searches all home dirs for public_html (mod_dnssdd) | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Colin.Simpson |
| Component: | mod_dnssd | Assignee: | Lennart Poettering <lpoetter> |
| Status: | CLOSED WONTFIX | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 6.0 | CC: | jwest, ngalvin, prc, syeghiay |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-06-26 18:41:17 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unfortunately unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux. If you would like it considered as an exception in the current release, please ask your support representative. |
Description of problem: Even when the user had set <IfModule mod_userdir.c> # # UserDir is disabled by default since it can confirm the presence # of a username on the system (depending on home directory # permissions). # UserDir disabled on starting httpd it looks in every homedir. On a network with a large number of automounted homedirs this is a nightmare, as it will automount every single one. This behaviour will be unexpected as the user appears to have explicitly disabled it. It may also be a security issue, as the user thinks they have turned this feature off yet they have in fact still got apache looking for public_htmls After some investigation, it appears that this is caused by the mod_dnssd.so, if installed, by default it goes looking for public_html directories in every homedir. This can be fixed by: yum remove mod_dnssd gnome-user-share But I guess the questions are: 1/ Not sure where in the installer this comes from, but it probably shouldn't be any sort of default, if it is? 2/ Should it maybe come out of the box "off"? 3/ Or should it be documented somewhere. This also seems to make the cluster service unhappy on some of our intranet boxes. This is because as it makes the shutdown slower (leaves behind httpd's if not finished it's home dir trawl) so the cluster service won't fail it over. This is the same bug from Fedora that I've added to Bug 545055