Closed
Bug 1223790
Opened 9 years ago
Closed 9 years ago
"AllowOverride AuthConfig" is required to use the "Require" directive in .htaccess
Categories
(Bugzilla :: Documentation, defect)
Tracking
()
RESOLVED
FIXED
Bugzilla 4.4
People
(Reporter: LpSolit, Assigned: LpSolit)
References
Details
Attachments
(1 file, 1 obsolete file)
1.48 KB,
patch
|
gerv
:
review+
|
Details | Diff | Splinter Review |
In bug 1133690 comment 18 and following, several admins reported errors with their Apache configuration:
.htaccess: Require not allowed here
The reason is that in order to use "Require" in .htaccess, we must whitelist this directive in httpd.conf using "AllowOverride AuthConfig". Admins using Apache 2.2 are not affected, because "Allow" and "Deny" are controlled by "AllowOverride Limit".
I wonder if this also explains why things were going wrong with mod_perl. If yes, this would make our code in .htaccess *much* simpler.
Assignee | ||
Comment 1•9 years ago
|
||
@dkl: could you test this for me? If you add AuthConfig to the AllowOverride list in httpd.conf and remove all these hacks about mod_perl from .htaccess, does mod_perl still work correctly?
Flags: needinfo?(dkl)
Assignee | ||
Comment 2•9 years ago
|
||
Apache 2.2 supports 5 directives for AllowOverride: AuthConfig, FileInfo, Indexes, Limit and Options, and we need them all to run Bugzilla, so instead of listing them all, I simply replaced them by "AllowOverride All". Apache 2.4 supports a new Nonfatal directive, which we don't need, but it doesn't hurt to use "All" anyway.
Assignee | ||
Comment 3•9 years ago
|
||
Must fix mod_perl.pl too.
Attachment #8686057 -
Attachment is obsolete: true
Attachment #8686057 -
Flags: review?(gerv)
Attachment #8686076 -
Flags: review?(gerv)
Updated•9 years ago
|
Attachment #8686076 -
Flags: review?(gerv) → review+
Assignee | ||
Comment 4•9 years ago
|
||
Requesting approval due to changes in mod_perl.pl.
Flags: approval5.0?
Flags: approval4.4?
Updated•9 years ago
|
Flags: needinfo?(dkl)
Flags: approval5.0?
Flags: approval5.0+
Flags: approval4.4?
Flags: approval4.4+
Assignee | ||
Comment 5•9 years ago
|
||
To ssh://gitolite3@git.mozilla.org/bugzilla/bugzilla.git
56d18c6..2363a2c master -> master
To ssh://gitolite3@git.mozilla.org/bugzilla/bugzilla.git
5919408..a42b958 5.0 -> 5.0
To ssh://gitolite3@git.mozilla.org/bugzilla/bugzilla.git
042a03b..fab04c6 4.4 -> 4.4
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Comment 7•9 years ago
|
||
Is there any chance a mention of this could be added to the release notes for 5.0.2 at https://www.bugzilla.org/releases/5.0.2/release-notes.html - I needed to add the “AuthConfig” to the AllowOverride line in my sites-available/bugzilla.conf file to get back to a working installation after following the instructions in the 5.0.2 release notes to rebuild my .htaccess files (which left me with the “Require not allowed” problem mentioned in bug 1133690 comment 27, which I found only by searching, ending at the message https://groups.google.com/d/msg/mozilla.support.bugzilla/haygZT3rZ7Y/jOgdvuEECAAJ , which is a bit of an obscure route to have to follow to get things working again! :) ).
Assignee | ||
Comment 8•9 years ago
|
||
(In reply to William Gallafent from comment #7)
> Is there any chance a mention of this could be added to the release notes
> for 5.0.2
Note that what 5.0.2 fixes are broken mod_perl installations, because the Apache directives are controlled by our mod_perl.pl script. 5.0.2 doesn't fix anything specifically for other (non mod_perl) installations, so I'm not sure this is a good place for this. This would IMO confuse some admins because we would be mixing instructions for both non mod_perl and mod_perl installations.
At most could a link pointing to http://bugzilla.readthedocs.org/en/5.0/installing/apache.html be added as a reminder.
You need to log in
before you can comment on or make changes to this bug.
Description
•