[CentOS] How can I prevent apache from mounting all home directories?
Mike Burger
mburger at bubbanfriends.org
Mon Nov 19 20:22:01 UTC 2012
> On Nov 19, 2012, at 11:20, Nux! wrote:
>
>> Instead of omitting LoadModule you could try to leave it enabled, but
>> specify a different userdir, i.e. not under /home.
>
> There is no reference to /home anywhere that I can find. I assume that
> apache just expands ~ to list all home directories and then it mounts
> them.
Unless you've removed it from each and every Linux system (desktop
included), /etc/httpd/conf/httpd.conf contains the following:
<IfModule mod_userdir.c>
#
# UserDir is disabled by default since it can confirm the presence
# of a username on the system (depending on home directory
# permissions).
#
#UserDir disable
#
# To enable requests to /~user/ to serve the user's public_html
# directory, remove the "UserDir disable" line above, and uncomment
# the following line instead:
#
UserDir public_html
</IfModule>
#
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
<Directory /home/*/public_html>
AllowOverride FileInfo AuthConfig Limit
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
<Limit GET POST OPTIONS>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST OPTIONS>
Order deny,allow
Deny from all
</LimitExcept>
</Directory>
The <Directory> directive pointing at /home/*/public_html is likely your
issue.
--
Mike Burger
http://www.bubbanfriends.org
"It's always suicide-mission this, save-the-planet that. No one ever just
stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1
More information about the CentOS
mailing list