Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Web sharing and mod_hfs in 10.1 UNIX
Some users have reported problems when they try to enable Web Sharing (which launches the Apache web server) in OS X 10.1. The issue is apparently related to the "mod_hfs_apple" file, which Apple created to work around an HFS-related security hole.

You can either disable mod_hfs until Apple fixes this (not recommended due to the security issues) or patch it, thanks to Stepwise. The disabling instructions are in the remainder of this article. To patch it, simply do the following in a terminal session:
cd /tmp
curl -O
sudo tar -xzf mod_hfs_apple.tgz -C /
Make sure you stop Apache and restart it after the change. These commands install the new mod_hfs module from the Developer Tools, which are not yet publicly released.

If you click the "Enable web sharing" button and nothing happens, you may have to edit your Apache configuration file. Start a terminal session and type the following:
cd /etc/httpd/
cp httpd.conf httpd.conf.mybackup
sudo pico httpd.conf
This will launch the Pico text editor as root on the configuration file (after creating a backup). Use ^W (Whereis) to search for mod_hfs. There are two lines that you'll be changing, and they're close to one another in the file:
LoadModule mod_hfs_apple.c
AddModule mod_hfs_apple.c
Simply insert a "#" in front of each of these lines (this turns the command into a comment), and then save your changes and quit Pico.

You should now be able to launch Web Sharing, but the security hole related to capitalization is no longer patched. I have not been able to verify this problem on my own machine yet, however it has been reported by a few people and is discussed in this MacNN forum thread.
  • Currently 4.00 / 5
  You rated: 4 / 5 (1 vote cast)

Web sharing and mod_hfs in 10.1 | 1 comments | Create New Account
Click here to return to the 'Web sharing and mod_hfs in 10.1' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Make it work but keep it secure!
Authored by: theolog on Feb 03, '02 03:37:18PM
there's a snafoo in the httpd.conf file . . . check out this StepWise article. They'll set you straight and keep you secure!

[ Reply to This | # ]