Tim wrote: > On Tue, 2007-08-28 at 00:47 -0400, Todd Zullinger wrote: >> I'm not sure what I've got wrong then. If I change /etc/hosts to: >> >> 127.0.0.1 localhost localhost.localdomain >> >> it works. If localhost.localdomain is the canonical name in >> /etc/hosts, I get denied. > > Using your examples, I found the same. Thank you much for checking this. :) > I've not done this with FC7's Apache before, but I've certainly used > localhost without any problems, with Apache on prior Fedora > releases. I keep forgetting that the server is still on FC4. Yeah, I don't use the "allow from" with a name anywhere that I can recall, so I'd never run into this. I'll have to try it on some older Apache servers to see if it behaves differently. It sure seems like a bug somewhere. RFC1912 (the text of which can be found in the caching-nameserver rpm docs as rfc1912.txt, or at http://www.ietf.org/rfc/rfc1912.txt), says this about localhost: The "localhost" address is a "special" address which always refers to the local host. It should contain the following line: localhost. IN A 127.0.0.1 The "127.0" file should contain the line: 1 PTR localhost. There has been some extensive discussion about whether or not to append the local domain to it. The conclusion is that "localhost." would be the best solution. The reasons given include: "localhost" by itself is used and expected to work in some systems. Translating 127.0.0.1 into "localhost.dom.ain" can cause some software to connect back to the loopback interface when it didn't want to because "localhost" is not equal to "localhost.dom.ain". Now, I may very well be overlooking other relevant RFC's, but the above reads to me like the default /etc/hosts entry which sets 127.0.0.1 to localhost.localdomain is causing the sort of problems that they're warning about. I don't know. Maybe Apache tightened up some of the rules used to process names used in "allow from" directives. >> I added a localhost.localdomain zone to my local DNS and things >> still wouldn't work. (I'd previously only had a localhost zone.) > > I've got both, I've had them that way since my nameserver was set up > on FC4. I hadn't changed mine since sometime in 2001. So I figured times must have changed and I updated my zone info. :) > I don't know if IPv6 muddies the waters... I have IPv6 disabled here, with neither any zones configured in DNS nor entries in /etc/hosts. Funny enough, one of the mantis maintainers wondered if that might have some affect on things as well. Thanks again for taking the time to test this out and confirm that it breaks for you as well as it does for Charles and me. -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Be who you are and say what you feel because those who mind don't matter and those who matter don't mind. -- Dr Seuss, "Oh the Places You'll Go"
Attachment:
pgpNUX6LA5Ruw.pgp
Description: PGP signature