Working on the ownCloud package today, it occurred to me that we
probably have quite a lot of packages carrying Apache access control
snippets around, like these:
(allow only local)
<IfModule mod_authz_core.c>
# Apache 2.4
Require local
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from ::1
</IfModule>
(allow all)
<IfModule mod_authz_core.c>
# Apache 2.4
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Allow from all
</IfModule>
(deny all)
<IfModule mod_authz_core.c>
# Apache 2.4
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from all
</IfModule>
would it make sense to provide these in some common package as
'snippets' that could be included into configuration files? Then we
could have something like:
<Directory /usr/share/owncloud/>
Include auth-local.inc
</Directory>
instead of schlepping the boilerplate around. And if we have any more
2.2/2.4 situations in future we can handle them by changing just a
handful of files. And whenever EL 6 finally dies, we can drop the 2.2
bits easily.
Thoughts? Should we have a standard location for 'snippets' like this?
(Some packages might want to have their own snippets to include in
multiple <Directory> sections or whatever). Just in /etc/http/conf.d
with .inc instead of .conf extensions? In /etc/httpd/conf.d/inc/ ?
Somewhere else?
Thanks!
Obviously if nginx has similar mechanisms we could do something along
the same lines there too.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
