Context Navigation

source: server/major/apache.xml@ 53d0e62a

Visit:

lazarus

Last change on this file since 53d0e62a was de61ab1, checked in by Thomas Trepl <thomas@…>, 7 weeks ago
Merge trunk
Property mode set to `100644`
File size: 18.3 KB

Rev	Line
[ab4fdfc]	1	<?xml version="1.0" encoding="UTF-8"?>
[6732c094]	2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
	3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
[08254fc]	4	<!ENTITY % general-entities SYSTEM "../../general.ent">
	5	%general-entities;
	6
[6041710]	7	<!ENTITY apache-download-http
[18715a85]	8	"https://archive.apache.org/dist/httpd/httpd-&apache-version;.tar.bz2">
[4890200]	9	<!ENTITY apache-download-ftp " ">
[2ec10c4]	10	<!ENTITY apache-md5sum "cded7afa23c13c4854008d95a69ce016">
[e1db83f]	11	<!ENTITY apache-size "7.2 MB">
[2ec10c4]	12	<!ENTITY apache-buildsize "85 MB">
[e1db83f]	13	<!ENTITY apache-time "0.4 SBU (Using parallelism=4)">
[08254fc]	14	]>
	15
[7c7fa7d]	16	<sect1 id="apache" xreflabel="Apache-&apache-version;">
[ab3a3af7]	17	<?dbhtml filename="apache.html"?>
	18
	19
	20	<title>Apache-&apache-version;</title>
	21
	22	<indexterm zone="apache">
	23	<primary sortas="a-Apache">Apache</primary>
	24	</indexterm>
	25
	26	<sect2 role="package">
[efe28817]	27	<title>Introduction to Apache HTTPD</title>
[ab3a3af7]	28
[6041710]	29	<para>
[efe28817]	30	The <application>Apache HTTPD</application> package contains an open-source HTTP
[6041710]	31	server. It is useful for creating local intranet web sites or running huge
	32	web serving operations.
	33	</para>
[ab3a3af7]	34
[fc87c5a0]	35	&lfs122_checked;
[20e6cade]	36
[ab3a3af7]	37	<bridgehead renderas="sect3">Package Information</bridgehead>
	38	<itemizedlist spacing="compact">
	39	<listitem>
[6041710]	40	<para>
	41	Download (HTTP): <ulink url="&apache-download-http;"/>
	42	</para>
[ab3a3af7]	43	</listitem>
	44	<listitem>
[6041710]	45	<para>
	46	Download (FTP): <ulink url="&apache-download-ftp;"/>
	47	</para>
[ab3a3af7]	48	</listitem>
	49	<listitem>
[6041710]	50	<para>
	51	Download MD5 sum: &apache-md5sum;
	52	</para>
[ab3a3af7]	53	</listitem>
	54	<listitem>
[6041710]	55	<para>
	56	Download size: &apache-size;
	57	</para>
[ab3a3af7]	58	</listitem>
	59	<listitem>
[6041710]	60	<para>
	61	Estimated disk space required: &apache-buildsize;
	62	</para>
[ab3a3af7]	63	</listitem>
	64	<listitem>
[6041710]	65	<para>
	66	Estimated build time: &apache-time;
	67	</para>
[3ae60ba7]	68	</listitem>
[ab3a3af7]	69	</itemizedlist>
	70
[efe28817]	71	<bridgehead renderas="sect3">Additional Downloads</bridgehead>
	72	<itemizedlist spacing="compact">
	73	<listitem>
	74	<para>
	75	Required patch:
[5ad1120]	76	<ulink url="&patch-root;/httpd-&apache-version;-blfs_layout-1.patch"/>
[efe28817]	77	</para>
	78	</listitem>
	79	</itemizedlist>
	80
	81	<bridgehead renderas="sect3">Apache HTTPD Dependencies</bridgehead>
[ab3a3af7]	82
[6041710]	83	<bridgehead renderas="sect4">Required</bridgehead>
	84	<para role="required">
[4049347a]	85	<xref linkend="apr-util"/> and
[45bc955]	86	<xref linkend="pcre2"/>
[6041710]	87	</para>
[5ad1120]	88
[6041710]	89	<bridgehead renderas="sect4">Optional</bridgehead>
	90	<para role="optional">
[47d5a9e5]	91	<xref linkend="brotli"/>,
[efe28817]	92	<xref linkend="doxygen"/>,
[c56bd8b]	93	<xref linkend="jansson"/>,
[fd69a62]	94	<xref linkend="libxml2"/>,
[0ecaac7]	95	<xref linkend="lua"/>,
[c41d6d5]	96	<xref linkend="lynx"/> or
	97	<xref linkend="Links"/> or
[7d5122e6]	98	<ulink url="&elinks-url;">ELinks</ulink>,
[0c702b61]	99	<xref linkend="nghttp2"/>,
[fd69a62]	100	<xref linkend="openldap"/> (<xref linkend="apr-util"/> needs to be
[18716b22]	101	installed with ldap support),
[dcd5a063]	102	<xref linkend="rsync"/>,
	103	&berkeley-db;, and
[0ecaac7]	104	<ulink url="https://sourceforge.net/projects/distcache">Distcache</ulink>
[6041710]	105	</para>
	106
[ab3a3af7]	107	</sect2>
	108
	109	<sect2 role="installation">
[efe28817]	110	<title>Installation of Apache HTTPD</title>
[ab3a3af7]	111
[6041710]	112	<para>
	113	For security reasons, running the server as an unprivileged user and group
	114	is strongly encouraged. Create the following group and user using the
	115	following commands as <systemitem class="username">root</systemitem>:
	116	</para>
[ab3a3af7]	117
[b785ab29]	118	<screen role="root"><userinput>groupadd -g 25 apache &&
[efe28817]	119	useradd -c "Apache Server" -d /srv/www -g apache \
[b785ab29]	120	-s /bin/false -u 25 apache</userinput></screen>
[ab3a3af7]	121
[6041710]	122	<para>
[efe28817]	123	Build and install <application>Apache HTTPD</application> by running the
[6041710]	124	following commands:
	125	</para>
	126
[3aec06b]	127	<screen><userinput>patch -Np1 -i ../httpd-&apache-version;-blfs_layout-1.patch &&
[a4f37269]	128
	129	sed '/dir.*CFG_PREFIX/s@^@#@' -i support/apxs.in &&
	130
[68995df]	131	sed -e '/HTTPD_ROOT/s:${ap_prefix}:/etc/httpd:' \
	132	-e '/SERVER_CONFIG_FILE/s:${rel_sysconfdir}/::' \
	133	-e '/AP_TYPES_CONFIG_FILE/s:${rel_sysconfdir}/::' \
	134	-i configure &&
	135
[ae30a94]	136	sed -e '/encoding.h/a # include <libxml/xmlstring.h>' \
	137	-i modules/filters/mod_xml2enc.c &&
	138
[a4f37269]	139	./configure --enable-authnz-fcgi \
	140	--enable-layout=BLFS \
	141	--enable-mods-shared="all cgi" \
	142	--enable-mpms-shared=all \
	143	--enable-suexec=shared \
	144	--with-apr=/usr/bin/apr-1-config \
	145	--with-apr-util=/usr/bin/apu-1-config \
	146	--with-suexec-bin=/usr/lib/httpd/suexec \
	147	--with-suexec-caller=apache \
	148	--with-suexec-docroot=/srv/www \
	149	--with-suexec-logfile=/var/log/httpd/suexec.log \
	150	--with-suexec-uidmin=100 \
	151	--with-suexec-userdir=public_html &&
[ab3a3af7]	152	make</userinput></screen>
	153
[6041710]	154	<para>
	155	This package does not come with a test suite.
	156	</para>
[ab3a3af7]	157
[6041710]	158	<para>
[3add494]	159	Now, as the <systemitem class="username">root</systemitem> user:
[6041710]	160	</para>
[710cd22]	161	<!-- changing the patch allows doing DESTDIR install as a normal user
[4472e923]	162	<note>
	163	<para>
	164	This package does not install properly using <envar>DESTDIR</envar>
[06643a68]	165	techniques as an unprivileged user.
[4472e923]	166	</para>
	167	</note>
[710cd22]	168	-->
[a4f37269]	169	<screen role="root"><userinput>make install &&
[63aeb2c]	170
[efe28817]	171	mv -v /usr/sbin/suexec /usr/lib/httpd/suexec &&
[0a2b9de8]	172	chgrp apache /usr/lib/httpd/suexec &&
	173	chmod 4754 /usr/lib/httpd/suexec &&
[63aeb2c]	174
[f165eea]	175	chown -v -R apache:apache /srv/www</userinput></screen>
[08254fc]	176
[ab3a3af7]	177	</sect2>
[08254fc]	178
[ab3a3af7]	179	<sect2 role="commands">
	180	<title>Command Explanations</title>
[08254fc]	181
[68c04ad]	182	<para>
	183	<command>sed '/dir.*CFG_PREFIX/s@^@#@'...</command>: Forces the
	184	<application>apxs</application> utility to use absolute pathnames for
	185	modules, when instructed to do so.
	186	</para>
	187
[ae30a94]	188	<para>
	189	<command>sed -e '/HTTPD_ROOT/s ...</command>: Fixes some paths.
	190	</para>
	191
	192	<para>
	193	<command>sed -e '/encoding.h/a ...</command>; Fix building against
	194	libxml-2.12.x.
	195	</para>
	196
[14dc4b73]	197	<para>
	198	<parameter>--enable-authnz-fcgi</parameter>: Build FastCGI
	199	authorizer-based authentication and authorization (mod_authnz_fcgi.so
	200	fast CGI module).
	201	</para>
	202
[6041710]	203	<para>
[efe28817]	204	<parameter>--enable-mods-shared="all cgi"</parameter>: The modules should be
[6041710]	205	compiled and used as Dynamic Shared Objects (DSOs) so they can be included
	206	and excluded from the server using the run-time configuration directives.
	207	</para>
	208
	209	<para>
[f7841987]	210	<parameter>--enable-mpms-shared=all</parameter>: This switch ensures that
	211	all MPM (Multi Processing Modules) are built as Dynamic Shared Objects
	212	(DSOs), so the user can choose which one to use at runtime.
[efe28817]	213	</para>
	214
	215	<para>
	216	<parameter>--enable-suexec</parameter>: This switch enables building of the
	217	<application>Apache</application> suEXEC module which can be used to allow
	218	users to run CGI and SSI scripts under user IDs different from the user ID
	219	of the calling web server.
	220	</para>
	221
	222	<para>
	223	<parameter>--with-suexec-*</parameter>: These switches control suEXEC module
	224	behavior, such as default document root, minimal UID that can be used to
	225	run the script under the suEXEC. Please note that with minimal UID 100, you
	226	can't run CGI or SSI scripts under suEXEC as the
	227	<systemitem class="username">apache</systemitem> user.
	228	</para>
	229
	230	<para>
	231	<command>... /usr/lib/httpd/suexec</command>: These commands put
	232	<command>suexec</command> wrapper into proper location, since it
	233	is not meant to be run directly. They also adjust proper
[0a2b9de8]	234	permissions of the binary, making it setgid
[efe28817]	235	<systemitem class="username">apache</systemitem>.
[6041710]	236	</para>
	237
	238	<para>
	239	<command>chown -R apache:apache /srv/www</command>: By default, the
	240	installation process installs files (documentation, error messages,
	241	default icons, etc.) with the ownership of the user that extracted the
	242	files from the tar file. If you want to change the ownership to another
	243	user, you should do so at this point. The only requirement is that the
	244	document directories need to be accessible by the <command>httpd</command>
	245	process with (r-x) permissions and files need to be readable (r--) by the
	246	<systemitem class="username">apache</systemitem> user.
	247	</para>
[efe28817]	248
[ab3a3af7]	249	</sect2>
[08254fc]	250
[ab3a3af7]	251	<sect2 role="configuration">
	252	<title>Configuring Apache</title>
[08254fc]	253
[ab3a3af7]	254	<sect3 id="apache-config">
	255	<title>Config Files</title>
[08254fc]	256
[6041710]	257	<para>
[efe28817]	258	<filename>/etc/httpd/httpd.conf</filename> and
	259	<filename>/etc/httpd/extra/*</filename>
[6041710]	260	</para>
[08254fc]	261
[ab3a3af7]	262	<indexterm zone="apache apache-config">
[efe28817]	263	<primary sortas="e-etc-httpd-httpd.conf">/etc/httpd/httpd.conf</primary>
[ab3a3af7]	264	</indexterm>
[08254fc]	265
[ab3a3af7]	266	<indexterm zone="apache apache-config">
[efe28817]	267	<primary sortas="e-etc-httpd-extra-star">/etc/httpd/extra/*</primary>
[ab3a3af7]	268	</indexterm>
[efe28817]	269
[ab3a3af7]	270	</sect3>
	271
	272	<sect3>
	273	<title>Configuration Information</title>
	274
[6041710]	275	<para>
[a1083b4]	276	See <ulink url="file:///usr/share/httpd/manual/configuring.html"/>
[6041710]	277	for detailed instructions on customising your
	278	<application>Apache</application> HTTP server configuration file.
	279	</para>
[efe28817]	280
[c84b1301]	281	<para>
[bcfaad0]	282	There is no reason, at least for internet facing sites, not
	283	to use SSL encryption. Setting up a secured website does not cost
[c84b1301]	284	anything except installing one additional small tool and a few
	285	minutes of configuration work. Use this guideline at
	286	<ulink url="&blfs-wiki;/Securing_a_website"/> to create
	287	world-wide accepted certificates and renew them on a regular basis.
	288	</para>
	289
[ab3a3af7]	290	</sect3>
	291
[f856738]	292	<sect3 id="httpd-init">
[1258125]	293	<title><phrase revision="sysv">Boot Script</phrase>
	294	<phrase revision="systemd">Systemd Unit</phrase></title>
[ab3a3af7]	295
[6041710]	296	<para>
	297	If you want the <application>Apache</application> server to
[efe28817]	298	start automatically when the system is booted, install the
[1258125]	299	<phrase revision="sysv"><filename>/etc/rc.d/init.d/httpd</filename>
	300	init script</phrase>
	301	<phrase revision="systemd"><filename>httpd.service</filename>
	302	unit</phrase> included in the
	303	<xref linkend="bootscripts" revision="sysv"/>
[4472e923]	304	<xref linkend="systemd-units" revision="systemd"/> package:
[efe28817]	305	</para>
[ab3a3af7]	306
[f856738]	307	<indexterm zone="apache httpd-init">
[ab3a3af7]	308	<primary sortas="f-apache">apache</primary>
	309	</indexterm>
	310
[f856738]	311	<screen role="root"><userinput>make install-httpd</userinput></screen>
[4890200]	312
[a774a7f3]	313	<para>To secure the applications served by <application>Apache</application>
	314	it is recommended to use SSL encyption (https). To create SSL
	315	certificated for this web server, see <xref linkend="uacme"/> for
	316	an easy-to-use tool to create LetsEncrypt certificates.</para>
	317
[ab3a3af7]	318	</sect3>
[4890200]	319
[ab3a3af7]	320	</sect2>
	321
	322	<sect2 role="content">
	323	<title>Contents</title>
	324
	325	<segmentedlist>
	326	<segtitle>Installed Programs</segtitle>
[c3c56b2]	327	<segtitle>Installed Libraries</segtitle>
[ab3a3af7]	328	<segtitle>Installed Directories</segtitle>
	329
	330	<seglistitem>
[6041710]	331	<seg>
[0a2b9de8]	332	ab, apachectl, apxs, checkgid, dbmmanage, fcgistarter,
	333	htcacheclean, htdbm, htdigest, htpasswd, httpd,
[48b59802]	334	httxt2dbm, logresolve, and rotatelogs
	335	<!-- not executable from path, and suexec -->
[6041710]	336	</seg>
[c3c56b2]	337	<seg>
[fd69a62]	338	Several libraries under /usr/lib/httpd/modules/
[c3c56b2]	339	</seg>
[6041710]	340	<seg>
[efe28817]	341	/etc/httpd,
	342	/srv/www,
	343	/usr/include/httpd,
	344	/usr/lib/httpd,
[fd69a62]	345	/usr/share/httpd,
[0a2b9de8]	346	/var/log/httpd, and
[efe28817]	347	/var/run/httpd
[6041710]	348	</seg>
[ab3a3af7]	349	</seglistitem>
	350	</segmentedlist>
	351
	352	<variablelist>
	353	<bridgehead renderas="sect3">Short Descriptions</bridgehead>
	354	<?dbfo list-presentation="list"?>
	355	<?dbhtml list-presentation="table"?>
	356
	357	<varlistentry id="ab">
	358	<term><command>ab</command></term>
	359	<listitem>
[6041710]	360	<para>
	361	is a tool for benchmarking your <application>Apache</application>
[4c24eb0a]	362	HTTP server
[6041710]	363	</para>
[ab3a3af7]	364	<indexterm zone="apache ab">
	365	<primary sortas="b-ab">ab</primary>
	366	</indexterm>
	367	</listitem>
	368	</varlistentry>
	369
	370	<varlistentry id="apachectl">
	371	<term><command>apachectl</command></term>
	372	<listitem>
[6041710]	373	<para>
	374	is a front end to the <application>Apache</application> HTTP server
	375	which is designed to help the administrator control the functioning
[4c24eb0a]	376	of the <application>Apache</application> httpd daemon
[6041710]	377	</para>
[ab3a3af7]	378	<indexterm zone="apache apachectl">
	379	<primary sortas="b-apachectl">apachectl</primary>
	380	</indexterm>
	381	</listitem>
	382	</varlistentry>
	383
	384	<varlistentry id="apxs">
	385	<term><command>apxs</command></term>
	386	<listitem>
[6041710]	387	<para>
	388	is a tool for building and installing extension modules for the
[4c24eb0a]	389	<application>Apache</application> HTTP server
[6041710]	390	</para>
[ab3a3af7]	391	<indexterm zone="apache apxs">
	392	<primary sortas="b-apxs">apxs</primary>
	393	</indexterm>
	394	</listitem>
	395	</varlistentry>
	396
[8961d128]	397	<varlistentry id="checkgid">
	398	<term><command>checkgid</command></term>
	399	<listitem>
[6041710]	400	<para>
	401	is a program that checks whether it can setgid to the group
	402	specified. This is to see if it is a valid group for Apache2 to use
	403	at runtime. If the user (should be run as superuser) is in that
[4c24eb0a]	404	group, or can setgid to it, it will return 0
[6041710]	405	</para>
[8961d128]	406	<indexterm zone="apache checkgid">
	407	<primary sortas="b-checkgid">checkgid</primary>
	408	</indexterm>
	409	</listitem>
	410	</varlistentry>
	411
[de2551f]	412	<varlistentry id="dbmmanage">
	413	<term><command>dbmmanage</command></term>
[ab3a3af7]	414	<listitem>
[6041710]	415	<para>
	416	is used to create and update the DBM format files used to store
[4c24eb0a]	417	usernames and passwords for basic authentication of HTTP users
[6041710]	418	</para>
[de2551f]	419	<indexterm zone="apache dbmmanage">
	420	<primary sortas="b-dbmmanage">dbmmanage</primary>
[ab3a3af7]	421	</indexterm>
	422	</listitem>
	423	</varlistentry>
	424
[28370fe]	425	<varlistentry id="fcgistarter">
	426	<term><command>fcgistarter</command></term>
	427	<listitem>
	428	<para>
[4c24eb0a]	429	is a tool to start a FastCGI program
[28370fe]	430	</para>
	431	<indexterm zone="apache fcgistarter">
	432	<primary sortas="b-fcgistarter">fcgistarter</primary>
	433	</indexterm>
	434	</listitem>
	435	</varlistentry>
	436
[8961d128]	437	<varlistentry id="htcacheclean">
	438	<term><command>htcacheclean</command></term>
	439	<listitem>
[6041710]	440	<para>
[4c24eb0a]	441	is used to clean up the disk cache
[6041710]	442	</para>
[8961d128]	443	<indexterm zone="apache htcacheclean">
	444	<primary sortas="b-htcacheclean">htcacheclean</primary>
	445	</indexterm>
	446	</listitem>
	447	</varlistentry>
	448
	449	<varlistentry id="htdbm">
	450	<term><command>htdbm</command></term>
	451	<listitem>
[6041710]	452	<para>
[4c24eb0a]	453	is used to manipulate the DBM password databases
[6041710]	454	</para>
[8961d128]	455	<indexterm zone="apache htdbm">
	456	<primary sortas="b-htdbm">htdbm</primary>
	457	</indexterm>
	458	</listitem>
	459	</varlistentry>
	460
[ab3a3af7]	461	<varlistentry id="htdigest">
	462	<term><command>htdigest</command></term>
	463	<listitem>
[6041710]	464	<para>
	465	is used to create and update the flat-files used to store usernames,
[4c24eb0a]	466	realms and passwords for digest authentication of HTTP users
[6041710]	467	</para>
[ab3a3af7]	468	<indexterm zone="apache htdigest">
	469	<primary sortas="b-htdigest">htdigest</primary>
	470	</indexterm>
	471	</listitem>
	472	</varlistentry>
	473
	474	<varlistentry id="htpasswd">
	475	<term><command>htpasswd</command></term>
	476	<listitem>
[6041710]	477	<para>
	478	is used to create and update the flat-files used to store usernames
[4c24eb0a]	479	and passwords for basic authentication of HTTP users
[6041710]	480	</para>
[ab3a3af7]	481	<indexterm zone="apache htpasswd">
	482	<primary sortas="b-htpasswd">htpasswd</primary>
	483	</indexterm>
	484	</listitem>
	485	</varlistentry>
	486
	487	<varlistentry id="httpd">
	488	<term><command>httpd</command></term>
	489	<listitem>
[6041710]	490	<para>
[4c24eb0a]	491	is the <application>Apache</application> HTTP server program
[6041710]	492	</para>
[ab3a3af7]	493	<indexterm zone="apache httpd">
	494	<primary sortas="b-httpd">httpd</primary>
	495	</indexterm>
	496	</listitem>
	497	</varlistentry>
	498
[8961d128]	499	<varlistentry id="httxt2dbm">
	500	<term><command>httxt2dbm</command></term>
[ab3a3af7]	501	<listitem>
[6041710]	502	<para>
[4c24eb0a]	503	is used to generate DBM files from text, for use in RewriteMap
[6041710]	504	</para>
[8961d128]	505	<indexterm zone="apache httxt2dbm">
	506	<primary sortas="b-httxt2dbm">httxt2dbm</primary>
[ab3a3af7]	507	</indexterm>
	508	</listitem>
	509	</varlistentry>
	510
	511	<varlistentry id="logresolve">
	512	<term><command>logresolve</command></term>
	513	<listitem>
[6041710]	514	<para>
	515	is a post-processing program to resolve IP-addresses in
[4c24eb0a]	516	<application>Apache</application>'s access log files
[6041710]	517	</para>
[ab3a3af7]	518	<indexterm zone="apache logresolve">
	519	<primary sortas="b-logresolve">logresolve</primary>
	520	</indexterm>
	521	</listitem>
	522	</varlistentry>
	523
	524	<varlistentry id="rotatelogs">
	525	<term><command>rotatelogs</command></term>
	526	<listitem>
[6041710]	527	<para>
	528	is a simple program for use in conjunction with
[4c24eb0a]	529	<application>Apache</application>'s piped log file feature
[6041710]	530	</para>
[ab3a3af7]	531	<indexterm zone="apache rotatelogs">
	532	<primary sortas="b-rotatelogs">rotatelogs</primary>
	533	</indexterm>
	534	</listitem>
	535	</varlistentry>
[efe28817]	536
[28370fe]	537	<varlistentry id="suexec">
	538	<term><command>suexec</command></term>
	539	<listitem>
	540	<para>
[4c24eb0a]	541	allows users to run CGI and SSI applications as a different user
[28370fe]	542	</para>
	543	<indexterm zone="apache suexec">
	544	<primary sortas="b-suexec">suexec</primary>
	545	</indexterm>
	546	</listitem>
	547	</varlistentry>
	548
[ab3a3af7]	549	</variablelist>
[efe28817]	550
[ab3a3af7]	551	</sect2>
[efe28817]	552
[f45b1953]	553	</sect1>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: