Context Navigation

source: server/major/apache.xml@ 3ff7901

Visit:

12.1 ken/TL2024 ken/tuningfonts lazarus plabs/newcss python3.11 rahul/power-profiles-daemon trunk xry111/llvm18

Last change on this file since 3ff7901 was 1c8e374, checked in by Bruce Dubbs <bdubbs@…>, 8 months ago
Update to httpd-2.4.58.
Property mode set to `100644`
File size: 17.8 KB

Line
1	<?xml version="1.0" encoding="ISO-8859-1"?>
2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4	<!ENTITY % general-entities SYSTEM "../../general.ent">
5	%general-entities;
6
7	<!ENTITY apache-download-http
8	"https://archive.apache.org/dist/httpd/httpd-&apache-version;.tar.bz2">
9	<!ENTITY apache-download-ftp " ">
10	<!ENTITY apache-md5sum "30377ec4d7fb8361e1d1f2ab3158b467">
11	<!ENTITY apache-size "7.1 MB">
12	<!ENTITY apache-buildsize "88 MB">
13	<!ENTITY apache-time "0.3 SBU (Using parallelism=4)">
14	]>
15
16	<sect1 id="apache" xreflabel="Apache-&apache-version;">
17	<?dbhtml filename="apache.html"?>
18
19
20	<title>Apache-&apache-version;</title>
21
22	<indexterm zone="apache">
23	<primary sortas="a-Apache">Apache</primary>
24	</indexterm>
25
26	<sect2 role="package">
27	<title>Introduction to Apache HTTPD</title>
28
29	<para>
30	The <application>Apache HTTPD</application> package contains an open-source HTTP
31	server. It is useful for creating local intranet web sites or running huge
32	web serving operations.
33	</para>
34
35	&lfs120_checked;
36
37	<bridgehead renderas="sect3">Package Information</bridgehead>
38	<itemizedlist spacing="compact">
39	<listitem>
40	<para>
41	Download (HTTP): <ulink url="&apache-download-http;"/>
42	</para>
43	</listitem>
44	<listitem>
45	<para>
46	Download (FTP): <ulink url="&apache-download-ftp;"/>
47	</para>
48	</listitem>
49	<listitem>
50	<para>
51	Download MD5 sum: &apache-md5sum;
52	</para>
53	</listitem>
54	<listitem>
55	<para>
56	Download size: &apache-size;
57	</para>
58	</listitem>
59	<listitem>
60	<para>
61	Estimated disk space required: &apache-buildsize;
62	</para>
63	</listitem>
64	<listitem>
65	<para>
66	Estimated build time: &apache-time;
67	</para>
68	</listitem>
69	</itemizedlist>
70
71	<bridgehead renderas="sect3">Additional Downloads</bridgehead>
72	<itemizedlist spacing="compact">
73	<listitem>
74	<para>
75	Required patch:
76	<ulink url="&patch-root;/httpd-&apache-version;-blfs_layout-1.patch"/>
77	</para>
78	</listitem>
79	</itemizedlist>
80
81	<bridgehead renderas="sect3">Apache HTTPD Dependencies</bridgehead>
82
83	<bridgehead renderas="sect4">Required</bridgehead>
84	<para role="required">
85	<xref linkend="apr-util"/> and
86	<xref linkend="pcre2"/>
87	</para>
88
89	<bridgehead renderas="sect4">Optional</bridgehead>
90	<para role="optional">
91	<xref linkend="brotli"/>,
92	<xref linkend="db"/>,
93	<xref linkend="doxygen"/>,
94	<xref linkend="jansson"/>,
95	<xref linkend="libxml2"/>,
96	<xref linkend="lua"/>,
97	<xref linkend="lynx"/> or
98	<xref linkend="Links"/> or
99	<ulink url="&elinks-url;">ELinks</ulink>,
100	<xref linkend="nghttp2"/>,
101	<xref linkend="openldap"/> (<xref linkend="apr-util"/> needs to be
102	installed with ldap support),
103	<xref linkend="rsync"/>, and
104	<ulink url="https://sourceforge.net/projects/distcache">Distcache</ulink>
105	</para>
106
107	<para condition="html" role="usernotes">
108	Editor Notes: <ulink url="&blfs-wiki;/apache"/>
109	</para>
110	</sect2>
111
112	<sect2 role="installation">
113	<title>Installation of Apache HTTPD</title>
114
115	<para>
116	For security reasons, running the server as an unprivileged user and group
117	is strongly encouraged. Create the following group and user using the
118	following commands as <systemitem class="username">root</systemitem>:
119	</para>
120
121	<screen role="root"><userinput>groupadd -g 25 apache &&
122	useradd -c "Apache Server" -d /srv/www -g apache \
123	-s /bin/false -u 25 apache</userinput></screen>
124
125	<para>
126	Build and install <application>Apache HTTPD</application> by running the
127	following commands:
128	</para>
129
130	<screen><userinput>patch -Np1 -i ../httpd-&apache-version;-blfs_layout-1.patch &&
131
132	sed '/dir.*CFG_PREFIX/s@^@#@' -i support/apxs.in &&
133
134	sed -e '/HTTPD_ROOT/s:${ap_prefix}:/etc/httpd:' \
135	-e '/SERVER_CONFIG_FILE/s:${rel_sysconfdir}/::' \
136	-e '/AP_TYPES_CONFIG_FILE/s:${rel_sysconfdir}/::' \
137	-i configure &&
138
139	./configure --enable-authnz-fcgi \
140	--enable-layout=BLFS \
141	--enable-mods-shared="all cgi" \
142	--enable-mpms-shared=all \
143	--enable-suexec=shared \
144	--with-apr=/usr/bin/apr-1-config \
145	--with-apr-util=/usr/bin/apu-1-config \
146	--with-suexec-bin=/usr/lib/httpd/suexec \
147	--with-suexec-caller=apache \
148	--with-suexec-docroot=/srv/www \
149	--with-suexec-logfile=/var/log/httpd/suexec.log \
150	--with-suexec-uidmin=100 \
151	--with-suexec-userdir=public_html &&
152	make</userinput></screen>
153
154	<para>
155	This package does not come with a test suite.
156	</para>
157
158	<para>
159	Now, as the <systemitem class="username">root</systemitem> user:
160	</para>
161	<!-- changing the patch allows doing DESTDIR install as a normal user
162	<note>
163	<para>
164	This package does not install properly using <envar>DESTDIR</envar>
165	techniques as an unpriviledged user.
166	</para>
167	</note>
168	-->
169	<screen role="root"><userinput>make install &&
170
171	mv -v /usr/sbin/suexec /usr/lib/httpd/suexec &&
172	chgrp apache /usr/lib/httpd/suexec &&
173	chmod 4754 /usr/lib/httpd/suexec &&
174
175	chown -v -R apache:apache /srv/www</userinput></screen>
176
177	</sect2>
178
179	<sect2 role="commands">
180	<title>Command Explanations</title>
181
182	<para>
183	<command>sed '/dir.*CFG_PREFIX/s@^@#@'...</command>: Forces the
184	<application>apxs</application> utility to use absolute pathnames for
185	modules, when instructed to do so.
186	</para>
187
188	<para>
189	<parameter>--enable-authnz-fcgi</parameter>: Build FastCGI
190	authorizer-based authentication and authorization (mod_authnz_fcgi.so
191	fast CGI module).
192	</para>
193
194	<para>
195	<parameter>--enable-mods-shared="all cgi"</parameter>: The modules should be
196	compiled and used as Dynamic Shared Objects (DSOs) so they can be included
197	and excluded from the server using the run-time configuration directives.
198	</para>
199
200	<para>
201	<parameter>--enable-mpms-shared=all</parameter>: This switch ensures that
202	all MPM (Multi Processing Modules) are built as Dynamic Shared Objects
203	(DSOs), so the user can choose which one to use at runtime.
204	</para>
205
206	<para>
207	<parameter>--enable-suexec</parameter>: This switch enables building of the
208	<application>Apache</application> suEXEC module which can be used to allow
209	users to run CGI and SSI scripts under user IDs different from the user ID
210	of the calling web server.
211	</para>
212
213	<para>
214	<parameter>--with-suexec-*</parameter>: These switches control suEXEC module
215	behavior, such as default document root, minimal UID that can be used to
216	run the script under the suEXEC. Please note that with minimal UID 100, you
217	can't run CGI or SSI scripts under suEXEC as the
218	<systemitem class="username">apache</systemitem> user.
219	</para>
220
221	<para>
222	<command>... /usr/lib/httpd/suexec</command>: These commands put
223	<command>suexec</command> wrapper into proper location, since it
224	is not meant to be run directly. They also adjust proper
225	permissions of the binary, making it setgid
226	<systemitem class="username">apache</systemitem>.
227	</para>
228
229	<para>
230	<command>chown -R apache:apache /srv/www</command>: By default, the
231	installation process installs files (documentation, error messages,
232	default icons, etc.) with the ownership of the user that extracted the
233	files from the tar file. If you want to change the ownership to another
234	user, you should do so at this point. The only requirement is that the
235	document directories need to be accessible by the <command>httpd</command>
236	process with (r-x) permissions and files need to be readable (r--) by the
237	<systemitem class="username">apache</systemitem> user.
238	</para>
239
240	</sect2>
241
242	<sect2 role="configuration">
243	<title>Configuring Apache</title>
244
245	<sect3 id="apache-config">
246	<title>Config Files</title>
247
248	<para>
249	<filename>/etc/httpd/httpd.conf</filename> and
250	<filename>/etc/httpd/extra/*</filename>
251	</para>
252
253	<indexterm zone="apache apache-config">
254	<primary sortas="e-etc-httpd-httpd.conf">/etc/httpd/httpd.conf</primary>
255	</indexterm>
256
257	<indexterm zone="apache apache-config">
258	<primary sortas="e-etc-httpd-extra-star">/etc/httpd/extra/*</primary>
259	</indexterm>
260
261	</sect3>
262
263	<sect3>
264	<title>Configuration Information</title>
265
266	<para>
267	See <ulink url="file:///usr/share/httpd/manual/configuring.html"/>
268	for detailed instructions on customising your
269	<application>Apache</application> HTTP server configuration file.
270	</para>
271
272	<para>
273	There is no reason, at least for internet facing sites, not
274	to use SSL encryption. Setting up a secured website does not cost
275	anything except installing one additional small tool and a few
276	minutes of configuration work. Use this guideline at
277	<ulink url="&blfs-wiki;/Securing_a_website"/> to create
278	world-wide accepted certificates and renew them on a regular basis.
279	</para>
280
281	</sect3>
282
283	<sect3 id="httpd-init">
284	<title><phrase revision="sysv">Boot Script</phrase>
285	<phrase revision="systemd">Systemd Unit</phrase></title>
286
287	<para>
288	If you want the <application>Apache</application> server to
289	start automatically when the system is booted, install the
290	<phrase revision="sysv"><filename>/etc/rc.d/init.d/httpd</filename>
291	init script</phrase>
292	<phrase revision="systemd"><filename>httpd.service</filename>
293	unit</phrase> included in the
294	<xref linkend="bootscripts" revision="sysv"/>
295	<xref linkend="systemd-units" revision="systemd"/> package:
296	</para>
297
298	<indexterm zone="apache httpd-init">
299	<primary sortas="f-apache">apache</primary>
300	</indexterm>
301
302	<screen role="root"><userinput>make install-httpd</userinput></screen>
303
304	</sect3>
305
306	</sect2>
307
308	<sect2 role="content">
309	<title>Contents</title>
310
311	<segmentedlist>
312	<segtitle>Installed Programs</segtitle>
313	<segtitle>Installed Libraries</segtitle>
314	<segtitle>Installed Directories</segtitle>
315
316	<seglistitem>
317	<seg>
318	ab, apachectl, apxs, checkgid, dbmmanage, fcgistarter,
319	htcacheclean, htdbm, htdigest, htpasswd, httpd,
320	httxt2dbm, logresolve, and rotatelogs
321	<!-- not executable from path, and suexec -->
322	</seg>
323	<seg>
324	Several libraries under /usr/lib/httpd/modules/
325	</seg>
326	<seg>
327	/etc/httpd,
328	/srv/www,
329	/usr/include/httpd,
330	/usr/lib/httpd,
331	/usr/share/httpd,
332	/var/log/httpd, and
333	/var/run/httpd
334	</seg>
335	</seglistitem>
336	</segmentedlist>
337
338	<variablelist>
339	<bridgehead renderas="sect3">Short Descriptions</bridgehead>
340	<?dbfo list-presentation="list"?>
341	<?dbhtml list-presentation="table"?>
342
343	<varlistentry id="ab">
344	<term><command>ab</command></term>
345	<listitem>
346	<para>
347	is a tool for benchmarking your <application>Apache</application>
348	HTTP server
349	</para>
350	<indexterm zone="apache ab">
351	<primary sortas="b-ab">ab</primary>
352	</indexterm>
353	</listitem>
354	</varlistentry>
355
356	<varlistentry id="apachectl">
357	<term><command>apachectl</command></term>
358	<listitem>
359	<para>
360	is a front end to the <application>Apache</application> HTTP server
361	which is designed to help the administrator control the functioning
362	of the <application>Apache</application> httpd daemon
363	</para>
364	<indexterm zone="apache apachectl">
365	<primary sortas="b-apachectl">apachectl</primary>
366	</indexterm>
367	</listitem>
368	</varlistentry>
369
370	<varlistentry id="apxs">
371	<term><command>apxs</command></term>
372	<listitem>
373	<para>
374	is a tool for building and installing extension modules for the
375	<application>Apache</application> HTTP server
376	</para>
377	<indexterm zone="apache apxs">
378	<primary sortas="b-apxs">apxs</primary>
379	</indexterm>
380	</listitem>
381	</varlistentry>
382
383	<varlistentry id="checkgid">
384	<term><command>checkgid</command></term>
385	<listitem>
386	<para>
387	is a program that checks whether it can setgid to the group
388	specified. This is to see if it is a valid group for Apache2 to use
389	at runtime. If the user (should be run as superuser) is in that
390	group, or can setgid to it, it will return 0
391	</para>
392	<indexterm zone="apache checkgid">
393	<primary sortas="b-checkgid">checkgid</primary>
394	</indexterm>
395	</listitem>
396	</varlistentry>
397
398	<varlistentry id="dbmmanage">
399	<term><command>dbmmanage</command></term>
400	<listitem>
401	<para>
402	is used to create and update the DBM format files used to store
403	usernames and passwords for basic authentication of HTTP users
404	</para>
405	<indexterm zone="apache dbmmanage">
406	<primary sortas="b-dbmmanage">dbmmanage</primary>
407	</indexterm>
408	</listitem>
409	</varlistentry>
410
411	<varlistentry id="fcgistarter">
412	<term><command>fcgistarter</command></term>
413	<listitem>
414	<para>
415	is a tool to start a FastCGI program
416	</para>
417	<indexterm zone="apache fcgistarter">
418	<primary sortas="b-fcgistarter">fcgistarter</primary>
419	</indexterm>
420	</listitem>
421	</varlistentry>
422
423	<varlistentry id="htcacheclean">
424	<term><command>htcacheclean</command></term>
425	<listitem>
426	<para>
427	is used to clean up the disk cache
428	</para>
429	<indexterm zone="apache htcacheclean">
430	<primary sortas="b-htcacheclean">htcacheclean</primary>
431	</indexterm>
432	</listitem>
433	</varlistentry>
434
435	<varlistentry id="htdbm">
436	<term><command>htdbm</command></term>
437	<listitem>
438	<para>
439	is used to manipulate the DBM password databases
440	</para>
441	<indexterm zone="apache htdbm">
442	<primary sortas="b-htdbm">htdbm</primary>
443	</indexterm>
444	</listitem>
445	</varlistentry>
446
447	<varlistentry id="htdigest">
448	<term><command>htdigest</command></term>
449	<listitem>
450	<para>
451	is used to create and update the flat-files used to store usernames,
452	realms and passwords for digest authentication of HTTP users
453	</para>
454	<indexterm zone="apache htdigest">
455	<primary sortas="b-htdigest">htdigest</primary>
456	</indexterm>
457	</listitem>
458	</varlistentry>
459
460	<varlistentry id="htpasswd">
461	<term><command>htpasswd</command></term>
462	<listitem>
463	<para>
464	is used to create and update the flat-files used to store usernames
465	and passwords for basic authentication of HTTP users
466	</para>
467	<indexterm zone="apache htpasswd">
468	<primary sortas="b-htpasswd">htpasswd</primary>
469	</indexterm>
470	</listitem>
471	</varlistentry>
472
473	<varlistentry id="httpd">
474	<term><command>httpd</command></term>
475	<listitem>
476	<para>
477	is the <application>Apache</application> HTTP server program
478	</para>
479	<indexterm zone="apache httpd">
480	<primary sortas="b-httpd">httpd</primary>
481	</indexterm>
482	</listitem>
483	</varlistentry>
484
485	<varlistentry id="httxt2dbm">
486	<term><command>httxt2dbm</command></term>
487	<listitem>
488	<para>
489	is used to generate DBM files from text, for use in RewriteMap
490	</para>
491	<indexterm zone="apache httxt2dbm">
492	<primary sortas="b-httxt2dbm">httxt2dbm</primary>
493	</indexterm>
494	</listitem>
495	</varlistentry>
496
497	<varlistentry id="logresolve">
498	<term><command>logresolve</command></term>
499	<listitem>
500	<para>
501	is a post-processing program to resolve IP-addresses in
502	<application>Apache</application>'s access log files
503	</para>
504	<indexterm zone="apache logresolve">
505	<primary sortas="b-logresolve">logresolve</primary>
506	</indexterm>
507	</listitem>
508	</varlistentry>
509
510	<varlistentry id="rotatelogs">
511	<term><command>rotatelogs</command></term>
512	<listitem>
513	<para>
514	is a simple program for use in conjunction with
515	<application>Apache</application>'s piped log file feature
516	</para>
517	<indexterm zone="apache rotatelogs">
518	<primary sortas="b-rotatelogs">rotatelogs</primary>
519	</indexterm>
520	</listitem>
521	</varlistentry>
522
523	<varlistentry id="suexec">
524	<term><command>suexec</command></term>
525	<listitem>
526	<para>
527	allows users to run CGI and SSI applications as a different user
528	</para>
529	<indexterm zone="apache suexec">
530	<primary sortas="b-suexec">suexec</primary>
531	</indexterm>
532	</listitem>
533	</varlistentry>
534
535	</variablelist>
536
537	</sect2>
538
539	</sect1>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: