Mantis package bombs

Todd Zullinger tmz at pobox.com
Wed Aug 29 05:11:20 UTC 2007 

Tim wrote:
> On Tue, 2007-08-28 at 00:47 -0400, Todd Zullinger wrote:
>> I'm not sure what I've got wrong then.  If I change /etc/hosts to:
>> 
>> 127.0.0.1      localhost localhost.localdomain
>> 
>> it works.  If localhost.localdomain is the canonical name in
>> /etc/hosts, I get denied.
> 
> Using your examples, I found the same.

Thank you much for checking this. :)

> I've not done this with FC7's Apache before, but I've certainly used
> localhost without any problems, with Apache on prior Fedora
> releases.  I keep forgetting that the server is still on FC4.

Yeah, I don't use the "allow from" with a name anywhere that I can
recall, so I'd never run into this.  I'll have to try it on some older
Apache servers to see if it behaves differently.  It sure seems like a
bug somewhere.

RFC1912 (the text of which can be found in the caching-nameserver rpm
docs as rfc1912.txt, or at http://www.ietf.org/rfc/rfc1912.txt), says
this about localhost:

   The "localhost" address is a "special" address which always refers to
   the local host.  It should contain the following line:

           localhost.      IN      A       127.0.0.1

   The "127.0" file should contain the line:

           1    PTR     localhost.

   There has been some extensive discussion about whether or not to
   append the local domain to it.  The conclusion is that "localhost."
   would be the best solution.  The reasons given include:

      "localhost" by itself is used and expected to work in some
      systems.

      Translating 127.0.0.1 into "localhost.dom.ain" can cause some
      software to connect back to the loopback interface when it didn't
      want to because "localhost" is not equal to "localhost.dom.ain".

Now, I may very well be overlooking other relevant RFC's, but the
above reads to me like the default /etc/hosts entry which sets
127.0.0.1 to localhost.localdomain is causing the sort of problems
that they're warning about.  I don't know.  Maybe Apache tightened up
some of the rules used to process names used in "allow from"
directives.

>> I added a localhost.localdomain zone to my local DNS and things
>> still wouldn't work.  (I'd previously only had a localhost zone.)
> 
> I've got both, I've had them that way since my nameserver was set up
> on FC4.

I hadn't changed mine since sometime in 2001.  So I figured times must
have changed and I updated my zone info. :)

> I don't know if IPv6 muddies the waters...

I have IPv6 disabled here, with neither any zones configured in DNS
nor entries in /etc/hosts.  Funny enough, one of the mantis
maintainers wondered if that might have some affect on things as well.

Thanks again for taking the time to test this out and confirm that it
breaks for you as well as it does for Charles and me.

-- 
Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Be who you are and say what you feel because those who mind don't
matter and those who matter don't mind.
    -- Dr Seuss, "Oh the Places You'll Go"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 542 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20070829/1be7d733/attachment-0001.sig>

More information about the fedora-list mailing list