I think the scenario I have is liek this:
mydomain.co.uk=domain
Content=Primary
Description=Primary domain
Nameservers=localhost
Removable=no
SystemPrimaryDomain=yes
letsencryptSSLcert=enabled
crm.mydomain.co.uk=domain
Content=crm
Description=CRM direct
Nameservers=localhost
letsencryptSSLcert=enabled
I think that is done to fool the system to set the crm ibay as the 'Primary' ibay for that domain with the correct doc_root etc so you can go to crm.mydomain.co.uk and not mydomain.co.uk/crm
However, it seems from looking at the config that the port 80 alias for that domain does redirect to 'Primary'
So the suggested change may not affect it.
However, I agree with Dan - I can't see a good enough reason to change it.
Also I don't understand this :
"This would avoid customized chmod or chown on the Primary ibay to prevent apache to read the content of .well-known."
The only 'customisation' is during install (this is in the spec file) and should then not require changing? No one has picked this up before. If it does then it is just a change in the spec file
chmod -R 0775 /home/e-smith/files/ibays/Primary/html/.well-known
chown -R apache:shared /home/e-smith/files/ibays/Primary/html/.well-known
The thing is that apache will not be able to access to the folder as soon as somebody play with the folder pr any parent folder. Let's say i do not use the primary folder, so i decided to chmod go-rwx /home/e-smith/files/ibays/Primary/html to prevent users to sneak there. Then apache is not able to serve anymore .well-known even if its rights and ownership are right, just because the parent directory does not let him in.
Again this was a very easy and convenient way to put it there when developping the contrib, but this is not the best place, would you put the apache icon folder in Primary? Would you put the folder of phpmyadmin and the one of phpldapadmin? Yea it could work there, but it has no need to be in the way of what should be the primary website. It would quickly start to be messy, and you never know what subtility the webmaster or admin will have the idea to do :
- deleteting the folder
- messing the rights
- messing the parent directory right
- hacking the content if any
- let your imagination get wild for more possibilities...