Context Navigation

source: server/major/apache.xml

Visit:

trunk

Last change on this file was e1db83f, checked in by Bruce Dubbs <bdubbs@…>, 2 weeks ago
Update to httpd-2.4.59.
Property mode set to `100644`
File size: 18.0 KB

Line
1	<?xml version="1.0" encoding="UTF-8"?>
2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4	<!ENTITY % general-entities SYSTEM "../../general.ent">
5	%general-entities;
6
7	<!ENTITY apache-download-http
8	"https://archive.apache.org/dist/httpd/httpd-&apache-version;.tar.bz2">
9	<!ENTITY apache-download-ftp " ">
10	<!ENTITY apache-md5sum "9f77eb01b2fddfb4b32d469af90fb01b">
11	<!ENTITY apache-size "7.2 MB">
12	<!ENTITY apache-buildsize "88 MB">
13	<!ENTITY apache-time "0.4 SBU (Using parallelism=4)">
14	]>
15
16	<sect1 id="apache" xreflabel="Apache-&apache-version;">
17	<?dbhtml filename="apache.html"?>
18
19
20	<title>Apache-&apache-version;</title>
21
22	<indexterm zone="apache">
23	<primary sortas="a-Apache">Apache</primary>
24	</indexterm>
25
26	<sect2 role="package">
27	<title>Introduction to Apache HTTPD</title>
28
29	<para>
30	The <application>Apache HTTPD</application> package contains an open-source HTTP
31	server. It is useful for creating local intranet web sites or running huge
32	web serving operations.
33	</para>
34
35	&lfs121_checked;
36
37	<bridgehead renderas="sect3">Package Information</bridgehead>
38	<itemizedlist spacing="compact">
39	<listitem>
40	<para>
41	Download (HTTP): <ulink url="&apache-download-http;"/>
42	</para>
43	</listitem>
44	<listitem>
45	<para>
46	Download (FTP): <ulink url="&apache-download-ftp;"/>
47	</para>
48	</listitem>
49	<listitem>
50	<para>
51	Download MD5 sum: &apache-md5sum;
52	</para>
53	</listitem>
54	<listitem>
55	<para>
56	Download size: &apache-size;
57	</para>
58	</listitem>
59	<listitem>
60	<para>
61	Estimated disk space required: &apache-buildsize;
62	</para>
63	</listitem>
64	<listitem>
65	<para>
66	Estimated build time: &apache-time;
67	</para>
68	</listitem>
69	</itemizedlist>
70
71	<bridgehead renderas="sect3">Additional Downloads</bridgehead>
72	<itemizedlist spacing="compact">
73	<listitem>
74	<para>
75	Required patch:
76	<ulink url="&patch-root;/httpd-&apache-version;-blfs_layout-1.patch"/>
77	</para>
78	</listitem>
79	</itemizedlist>
80
81	<bridgehead renderas="sect3">Apache HTTPD Dependencies</bridgehead>
82
83	<bridgehead renderas="sect4">Required</bridgehead>
84	<para role="required">
85	<xref linkend="apr-util"/> and
86	<xref linkend="pcre2"/>
87	</para>
88
89	<bridgehead renderas="sect4">Optional</bridgehead>
90	<para role="optional">
91	<xref linkend="brotli"/>,
92	<xref linkend="doxygen"/>,
93	<xref linkend="jansson"/>,
94	<xref linkend="libxml2"/>,
95	<xref linkend="lua"/>,
96	<xref linkend="lynx"/> or
97	<xref linkend="Links"/> or
98	<ulink url="&elinks-url;">ELinks</ulink>,
99	<xref linkend="nghttp2"/>,
100	<xref linkend="openldap"/> (<xref linkend="apr-util"/> needs to be
101	installed with ldap support),
102	<xref linkend="rsync"/>,
103	&berkeley-db;, and
104	<ulink url="https://sourceforge.net/projects/distcache">Distcache</ulink>
105	</para>
106
107	</sect2>
108
109	<sect2 role="installation">
110	<title>Installation of Apache HTTPD</title>
111
112	<para>
113	For security reasons, running the server as an unprivileged user and group
114	is strongly encouraged. Create the following group and user using the
115	following commands as <systemitem class="username">root</systemitem>:
116	</para>
117
118	<screen role="root"><userinput>groupadd -g 25 apache &&
119	useradd -c "Apache Server" -d /srv/www -g apache \
120	-s /bin/false -u 25 apache</userinput></screen>
121
122	<para>
123	Build and install <application>Apache HTTPD</application> by running the
124	following commands:
125	</para>
126
127	<screen><userinput>patch -Np1 -i ../httpd-&apache-version;-blfs_layout-1.patch &&
128
129	sed '/dir.*CFG_PREFIX/s@^@#@' -i support/apxs.in &&
130
131	sed -e '/HTTPD_ROOT/s:${ap_prefix}:/etc/httpd:' \
132	-e '/SERVER_CONFIG_FILE/s:${rel_sysconfdir}/::' \
133	-e '/AP_TYPES_CONFIG_FILE/s:${rel_sysconfdir}/::' \
134	-i configure &&
135
136	sed -e '/encoding.h/a # include <libxml/xmlstring.h>' \
137	-i modules/filters/mod_xml2enc.c &&
138
139	./configure --enable-authnz-fcgi \
140	--enable-layout=BLFS \
141	--enable-mods-shared="all cgi" \
142	--enable-mpms-shared=all \
143	--enable-suexec=shared \
144	--with-apr=/usr/bin/apr-1-config \
145	--with-apr-util=/usr/bin/apu-1-config \
146	--with-suexec-bin=/usr/lib/httpd/suexec \
147	--with-suexec-caller=apache \
148	--with-suexec-docroot=/srv/www \
149	--with-suexec-logfile=/var/log/httpd/suexec.log \
150	--with-suexec-uidmin=100 \
151	--with-suexec-userdir=public_html &&
152	make</userinput></screen>
153
154	<para>
155	This package does not come with a test suite.
156	</para>
157
158	<para>
159	Now, as the <systemitem class="username">root</systemitem> user:
160	</para>
161	<!-- changing the patch allows doing DESTDIR install as a normal user
162	<note>
163	<para>
164	This package does not install properly using <envar>DESTDIR</envar>
165	techniques as an unpriviledged user.
166	</para>
167	</note>
168	-->
169	<screen role="root"><userinput>make install &&
170
171	mv -v /usr/sbin/suexec /usr/lib/httpd/suexec &&
172	chgrp apache /usr/lib/httpd/suexec &&
173	chmod 4754 /usr/lib/httpd/suexec &&
174
175	chown -v -R apache:apache /srv/www</userinput></screen>
176
177	</sect2>
178
179	<sect2 role="commands">
180	<title>Command Explanations</title>
181
182	<para>
183	<command>sed '/dir.*CFG_PREFIX/s@^@#@'...</command>: Forces the
184	<application>apxs</application> utility to use absolute pathnames for
185	modules, when instructed to do so.
186	</para>
187
188	<para>
189	<command>sed -e '/HTTPD_ROOT/s ...</command>: Fixes some paths.
190	</para>
191
192	<para>
193	<command>sed -e '/encoding.h/a ...</command>; Fix building against
194	libxml-2.12.x.
195	</para>
196
197	<para>
198	<parameter>--enable-authnz-fcgi</parameter>: Build FastCGI
199	authorizer-based authentication and authorization (mod_authnz_fcgi.so
200	fast CGI module).
201	</para>
202
203	<para>
204	<parameter>--enable-mods-shared="all cgi"</parameter>: The modules should be
205	compiled and used as Dynamic Shared Objects (DSOs) so they can be included
206	and excluded from the server using the run-time configuration directives.
207	</para>
208
209	<para>
210	<parameter>--enable-mpms-shared=all</parameter>: This switch ensures that
211	all MPM (Multi Processing Modules) are built as Dynamic Shared Objects
212	(DSOs), so the user can choose which one to use at runtime.
213	</para>
214
215	<para>
216	<parameter>--enable-suexec</parameter>: This switch enables building of the
217	<application>Apache</application> suEXEC module which can be used to allow
218	users to run CGI and SSI scripts under user IDs different from the user ID
219	of the calling web server.
220	</para>
221
222	<para>
223	<parameter>--with-suexec-*</parameter>: These switches control suEXEC module
224	behavior, such as default document root, minimal UID that can be used to
225	run the script under the suEXEC. Please note that with minimal UID 100, you
226	can't run CGI or SSI scripts under suEXEC as the
227	<systemitem class="username">apache</systemitem> user.
228	</para>
229
230	<para>
231	<command>... /usr/lib/httpd/suexec</command>: These commands put
232	<command>suexec</command> wrapper into proper location, since it
233	is not meant to be run directly. They also adjust proper
234	permissions of the binary, making it setgid
235	<systemitem class="username">apache</systemitem>.
236	</para>
237
238	<para>
239	<command>chown -R apache:apache /srv/www</command>: By default, the
240	installation process installs files (documentation, error messages,
241	default icons, etc.) with the ownership of the user that extracted the
242	files from the tar file. If you want to change the ownership to another
243	user, you should do so at this point. The only requirement is that the
244	document directories need to be accessible by the <command>httpd</command>
245	process with (r-x) permissions and files need to be readable (r--) by the
246	<systemitem class="username">apache</systemitem> user.
247	</para>
248
249	</sect2>
250
251	<sect2 role="configuration">
252	<title>Configuring Apache</title>
253
254	<sect3 id="apache-config">
255	<title>Config Files</title>
256
257	<para>
258	<filename>/etc/httpd/httpd.conf</filename> and
259	<filename>/etc/httpd/extra/*</filename>
260	</para>
261
262	<indexterm zone="apache apache-config">
263	<primary sortas="e-etc-httpd-httpd.conf">/etc/httpd/httpd.conf</primary>
264	</indexterm>
265
266	<indexterm zone="apache apache-config">
267	<primary sortas="e-etc-httpd-extra-star">/etc/httpd/extra/*</primary>
268	</indexterm>
269
270	</sect3>
271
272	<sect3>
273	<title>Configuration Information</title>
274
275	<para>
276	See <ulink url="file:///usr/share/httpd/manual/configuring.html"/>
277	for detailed instructions on customising your
278	<application>Apache</application> HTTP server configuration file.
279	</para>
280
281	<para>
282	There is no reason, at least for internet facing sites, not
283	to use SSL encryption. Setting up a secured website does not cost
284	anything except installing one additional small tool and a few
285	minutes of configuration work. Use this guideline at
286	<ulink url="&blfs-wiki;/Securing_a_website"/> to create
287	world-wide accepted certificates and renew them on a regular basis.
288	</para>
289
290	</sect3>
291
292	<sect3 id="httpd-init">
293	<title><phrase revision="sysv">Boot Script</phrase>
294	<phrase revision="systemd">Systemd Unit</phrase></title>
295
296	<para>
297	If you want the <application>Apache</application> server to
298	start automatically when the system is booted, install the
299	<phrase revision="sysv"><filename>/etc/rc.d/init.d/httpd</filename>
300	init script</phrase>
301	<phrase revision="systemd"><filename>httpd.service</filename>
302	unit</phrase> included in the
303	<xref linkend="bootscripts" revision="sysv"/>
304	<xref linkend="systemd-units" revision="systemd"/> package:
305	</para>
306
307	<indexterm zone="apache httpd-init">
308	<primary sortas="f-apache">apache</primary>
309	</indexterm>
310
311	<screen role="root"><userinput>make install-httpd</userinput></screen>
312
313	</sect3>
314
315	</sect2>
316
317	<sect2 role="content">
318	<title>Contents</title>
319
320	<segmentedlist>
321	<segtitle>Installed Programs</segtitle>
322	<segtitle>Installed Libraries</segtitle>
323	<segtitle>Installed Directories</segtitle>
324
325	<seglistitem>
326	<seg>
327	ab, apachectl, apxs, checkgid, dbmmanage, fcgistarter,
328	htcacheclean, htdbm, htdigest, htpasswd, httpd,
329	httxt2dbm, logresolve, and rotatelogs
330	<!-- not executable from path, and suexec -->
331	</seg>
332	<seg>
333	Several libraries under /usr/lib/httpd/modules/
334	</seg>
335	<seg>
336	/etc/httpd,
337	/srv/www,
338	/usr/include/httpd,
339	/usr/lib/httpd,
340	/usr/share/httpd,
341	/var/log/httpd, and
342	/var/run/httpd
343	</seg>
344	</seglistitem>
345	</segmentedlist>
346
347	<variablelist>
348	<bridgehead renderas="sect3">Short Descriptions</bridgehead>
349	<?dbfo list-presentation="list"?>
350	<?dbhtml list-presentation="table"?>
351
352	<varlistentry id="ab">
353	<term><command>ab</command></term>
354	<listitem>
355	<para>
356	is a tool for benchmarking your <application>Apache</application>
357	HTTP server
358	</para>
359	<indexterm zone="apache ab">
360	<primary sortas="b-ab">ab</primary>
361	</indexterm>
362	</listitem>
363	</varlistentry>
364
365	<varlistentry id="apachectl">
366	<term><command>apachectl</command></term>
367	<listitem>
368	<para>
369	is a front end to the <application>Apache</application> HTTP server
370	which is designed to help the administrator control the functioning
371	of the <application>Apache</application> httpd daemon
372	</para>
373	<indexterm zone="apache apachectl">
374	<primary sortas="b-apachectl">apachectl</primary>
375	</indexterm>
376	</listitem>
377	</varlistentry>
378
379	<varlistentry id="apxs">
380	<term><command>apxs</command></term>
381	<listitem>
382	<para>
383	is a tool for building and installing extension modules for the
384	<application>Apache</application> HTTP server
385	</para>
386	<indexterm zone="apache apxs">
387	<primary sortas="b-apxs">apxs</primary>
388	</indexterm>
389	</listitem>
390	</varlistentry>
391
392	<varlistentry id="checkgid">
393	<term><command>checkgid</command></term>
394	<listitem>
395	<para>
396	is a program that checks whether it can setgid to the group
397	specified. This is to see if it is a valid group for Apache2 to use
398	at runtime. If the user (should be run as superuser) is in that
399	group, or can setgid to it, it will return 0
400	</para>
401	<indexterm zone="apache checkgid">
402	<primary sortas="b-checkgid">checkgid</primary>
403	</indexterm>
404	</listitem>
405	</varlistentry>
406
407	<varlistentry id="dbmmanage">
408	<term><command>dbmmanage</command></term>
409	<listitem>
410	<para>
411	is used to create and update the DBM format files used to store
412	usernames and passwords for basic authentication of HTTP users
413	</para>
414	<indexterm zone="apache dbmmanage">
415	<primary sortas="b-dbmmanage">dbmmanage</primary>
416	</indexterm>
417	</listitem>
418	</varlistentry>
419
420	<varlistentry id="fcgistarter">
421	<term><command>fcgistarter</command></term>
422	<listitem>
423	<para>
424	is a tool to start a FastCGI program
425	</para>
426	<indexterm zone="apache fcgistarter">
427	<primary sortas="b-fcgistarter">fcgistarter</primary>
428	</indexterm>
429	</listitem>
430	</varlistentry>
431
432	<varlistentry id="htcacheclean">
433	<term><command>htcacheclean</command></term>
434	<listitem>
435	<para>
436	is used to clean up the disk cache
437	</para>
438	<indexterm zone="apache htcacheclean">
439	<primary sortas="b-htcacheclean">htcacheclean</primary>
440	</indexterm>
441	</listitem>
442	</varlistentry>
443
444	<varlistentry id="htdbm">
445	<term><command>htdbm</command></term>
446	<listitem>
447	<para>
448	is used to manipulate the DBM password databases
449	</para>
450	<indexterm zone="apache htdbm">
451	<primary sortas="b-htdbm">htdbm</primary>
452	</indexterm>
453	</listitem>
454	</varlistentry>
455
456	<varlistentry id="htdigest">
457	<term><command>htdigest</command></term>
458	<listitem>
459	<para>
460	is used to create and update the flat-files used to store usernames,
461	realms and passwords for digest authentication of HTTP users
462	</para>
463	<indexterm zone="apache htdigest">
464	<primary sortas="b-htdigest">htdigest</primary>
465	</indexterm>
466	</listitem>
467	</varlistentry>
468
469	<varlistentry id="htpasswd">
470	<term><command>htpasswd</command></term>
471	<listitem>
472	<para>
473	is used to create and update the flat-files used to store usernames
474	and passwords for basic authentication of HTTP users
475	</para>
476	<indexterm zone="apache htpasswd">
477	<primary sortas="b-htpasswd">htpasswd</primary>
478	</indexterm>
479	</listitem>
480	</varlistentry>
481
482	<varlistentry id="httpd">
483	<term><command>httpd</command></term>
484	<listitem>
485	<para>
486	is the <application>Apache</application> HTTP server program
487	</para>
488	<indexterm zone="apache httpd">
489	<primary sortas="b-httpd">httpd</primary>
490	</indexterm>
491	</listitem>
492	</varlistentry>
493
494	<varlistentry id="httxt2dbm">
495	<term><command>httxt2dbm</command></term>
496	<listitem>
497	<para>
498	is used to generate DBM files from text, for use in RewriteMap
499	</para>
500	<indexterm zone="apache httxt2dbm">
501	<primary sortas="b-httxt2dbm">httxt2dbm</primary>
502	</indexterm>
503	</listitem>
504	</varlistentry>
505
506	<varlistentry id="logresolve">
507	<term><command>logresolve</command></term>
508	<listitem>
509	<para>
510	is a post-processing program to resolve IP-addresses in
511	<application>Apache</application>'s access log files
512	</para>
513	<indexterm zone="apache logresolve">
514	<primary sortas="b-logresolve">logresolve</primary>
515	</indexterm>
516	</listitem>
517	</varlistentry>
518
519	<varlistentry id="rotatelogs">
520	<term><command>rotatelogs</command></term>
521	<listitem>
522	<para>
523	is a simple program for use in conjunction with
524	<application>Apache</application>'s piped log file feature
525	</para>
526	<indexterm zone="apache rotatelogs">
527	<primary sortas="b-rotatelogs">rotatelogs</primary>
528	</indexterm>
529	</listitem>
530	</varlistentry>
531
532	<varlistentry id="suexec">
533	<term><command>suexec</command></term>
534	<listitem>
535	<para>
536	allows users to run CGI and SSI applications as a different user
537	</para>
538	<indexterm zone="apache suexec">
539	<primary sortas="b-suexec">suexec</primary>
540	</indexterm>
541	</listitem>
542	</varlistentry>
543
544	</variablelist>
545
546	</sect2>
547
548	</sect1>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: