Context Navigation

source: server/major/apache.xml@ ae30a94

Visit:

12.1 ken/TL2024 lazarus plabs/newcss python3.11 rahul/power-profiles-daemon trunk xry111/llvm18

Last change on this file since ae30a94 was ae30a94, checked in by Pierre Labastie <pierre.labastie@…>, 6 months ago
Fix apache for libxml-2.12.x
Property mode set to `100644`
File size: 18.1 KB

Line
1	<?xml version="1.0" encoding="ISO-8859-1"?>
2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4	<!ENTITY % general-entities SYSTEM "../../general.ent">
5	%general-entities;
6
7	<!ENTITY apache-download-http
8	"https://archive.apache.org/dist/httpd/httpd-&apache-version;.tar.bz2">
9	<!ENTITY apache-download-ftp " ">
10	<!ENTITY apache-md5sum "30377ec4d7fb8361e1d1f2ab3158b467">
11	<!ENTITY apache-size "7.1 MB">
12	<!ENTITY apache-buildsize "88 MB">
13	<!ENTITY apache-time "0.3 SBU (Using parallelism=4)">
14	]>
15
16	<sect1 id="apache" xreflabel="Apache-&apache-version;">
17	<?dbhtml filename="apache.html"?>
18
19
20	<title>Apache-&apache-version;</title>
21
22	<indexterm zone="apache">
23	<primary sortas="a-Apache">Apache</primary>
24	</indexterm>
25
26	<sect2 role="package">
27	<title>Introduction to Apache HTTPD</title>
28
29	<para>
30	The <application>Apache HTTPD</application> package contains an open-source HTTP
31	server. It is useful for creating local intranet web sites or running huge
32	web serving operations.
33	</para>
34
35	&lfs120_checked;
36
37	<bridgehead renderas="sect3">Package Information</bridgehead>
38	<itemizedlist spacing="compact">
39	<listitem>
40	<para>
41	Download (HTTP): <ulink url="&apache-download-http;"/>
42	</para>
43	</listitem>
44	<listitem>
45	<para>
46	Download (FTP): <ulink url="&apache-download-ftp;"/>
47	</para>
48	</listitem>
49	<listitem>
50	<para>
51	Download MD5 sum: &apache-md5sum;
52	</para>
53	</listitem>
54	<listitem>
55	<para>
56	Download size: &apache-size;
57	</para>
58	</listitem>
59	<listitem>
60	<para>
61	Estimated disk space required: &apache-buildsize;
62	</para>
63	</listitem>
64	<listitem>
65	<para>
66	Estimated build time: &apache-time;
67	</para>
68	</listitem>
69	</itemizedlist>
70
71	<bridgehead renderas="sect3">Additional Downloads</bridgehead>
72	<itemizedlist spacing="compact">
73	<listitem>
74	<para>
75	Required patch:
76	<ulink url="&patch-root;/httpd-&apache-version;-blfs_layout-1.patch"/>
77	</para>
78	</listitem>
79	</itemizedlist>
80
81	<bridgehead renderas="sect3">Apache HTTPD Dependencies</bridgehead>
82
83	<bridgehead renderas="sect4">Required</bridgehead>
84	<para role="required">
85	<xref linkend="apr-util"/> and
86	<xref linkend="pcre2"/>
87	</para>
88
89	<bridgehead renderas="sect4">Optional</bridgehead>
90	<para role="optional">
91	<xref linkend="brotli"/>,
92	<xref linkend="doxygen"/>,
93	<xref linkend="jansson"/>,
94	<xref linkend="libxml2"/>,
95	<xref linkend="lua"/>,
96	<xref linkend="lynx"/> or
97	<xref linkend="Links"/> or
98	<ulink url="&elinks-url;">ELinks</ulink>,
99	<xref linkend="nghttp2"/>,
100	<xref linkend="openldap"/> (<xref linkend="apr-util"/> needs to be
101	installed with ldap support),
102	<xref linkend="rsync"/>,
103	&berkeley-db;, and
104	<ulink url="https://sourceforge.net/projects/distcache">Distcache</ulink>
105	</para>
106
107	<para condition="html" role="usernotes">
108	Editor Notes: <ulink url="&blfs-wiki;/apache"/>
109	</para>
110	</sect2>
111
112	<sect2 role="installation">
113	<title>Installation of Apache HTTPD</title>
114
115	<para>
116	For security reasons, running the server as an unprivileged user and group
117	is strongly encouraged. Create the following group and user using the
118	following commands as <systemitem class="username">root</systemitem>:
119	</para>
120
121	<screen role="root"><userinput>groupadd -g 25 apache &&
122	useradd -c "Apache Server" -d /srv/www -g apache \
123	-s /bin/false -u 25 apache</userinput></screen>
124
125	<para>
126	Build and install <application>Apache HTTPD</application> by running the
127	following commands:
128	</para>
129
130	<screen><userinput>patch -Np1 -i ../httpd-&apache-version;-blfs_layout-1.patch &&
131
132	sed '/dir.*CFG_PREFIX/s@^@#@' -i support/apxs.in &&
133
134	sed -e '/HTTPD_ROOT/s:${ap_prefix}:/etc/httpd:' \
135	-e '/SERVER_CONFIG_FILE/s:${rel_sysconfdir}/::' \
136	-e '/AP_TYPES_CONFIG_FILE/s:${rel_sysconfdir}/::' \
137	-i configure &&
138
139	sed -e '/encoding.h/a # include <libxml/xmlstring.h>' \
140	-i modules/filters/mod_xml2enc.c &&
141
142	./configure --enable-authnz-fcgi \
143	--enable-layout=BLFS \
144	--enable-mods-shared="all cgi" \
145	--enable-mpms-shared=all \
146	--enable-suexec=shared \
147	--with-apr=/usr/bin/apr-1-config \
148	--with-apr-util=/usr/bin/apu-1-config \
149	--with-suexec-bin=/usr/lib/httpd/suexec \
150	--with-suexec-caller=apache \
151	--with-suexec-docroot=/srv/www \
152	--with-suexec-logfile=/var/log/httpd/suexec.log \
153	--with-suexec-uidmin=100 \
154	--with-suexec-userdir=public_html &&
155	make</userinput></screen>
156
157	<para>
158	This package does not come with a test suite.
159	</para>
160
161	<para>
162	Now, as the <systemitem class="username">root</systemitem> user:
163	</para>
164	<!-- changing the patch allows doing DESTDIR install as a normal user
165	<note>
166	<para>
167	This package does not install properly using <envar>DESTDIR</envar>
168	techniques as an unpriviledged user.
169	</para>
170	</note>
171	-->
172	<screen role="root"><userinput>make install &&
173
174	mv -v /usr/sbin/suexec /usr/lib/httpd/suexec &&
175	chgrp apache /usr/lib/httpd/suexec &&
176	chmod 4754 /usr/lib/httpd/suexec &&
177
178	chown -v -R apache:apache /srv/www</userinput></screen>
179
180	</sect2>
181
182	<sect2 role="commands">
183	<title>Command Explanations</title>
184
185	<para>
186	<command>sed '/dir.*CFG_PREFIX/s@^@#@'...</command>: Forces the
187	<application>apxs</application> utility to use absolute pathnames for
188	modules, when instructed to do so.
189	</para>
190
191	<para>
192	<command>sed -e '/HTTPD_ROOT/s ...</command>: Fixes some paths.
193	</para>
194
195	<para>
196	<command>sed -e '/encoding.h/a ...</command>; Fix building against
197	libxml-2.12.x.
198	</para>
199
200	<para>
201	<parameter>--enable-authnz-fcgi</parameter>: Build FastCGI
202	authorizer-based authentication and authorization (mod_authnz_fcgi.so
203	fast CGI module).
204	</para>
205
206	<para>
207	<parameter>--enable-mods-shared="all cgi"</parameter>: The modules should be
208	compiled and used as Dynamic Shared Objects (DSOs) so they can be included
209	and excluded from the server using the run-time configuration directives.
210	</para>
211
212	<para>
213	<parameter>--enable-mpms-shared=all</parameter>: This switch ensures that
214	all MPM (Multi Processing Modules) are built as Dynamic Shared Objects
215	(DSOs), so the user can choose which one to use at runtime.
216	</para>
217
218	<para>
219	<parameter>--enable-suexec</parameter>: This switch enables building of the
220	<application>Apache</application> suEXEC module which can be used to allow
221	users to run CGI and SSI scripts under user IDs different from the user ID
222	of the calling web server.
223	</para>
224
225	<para>
226	<parameter>--with-suexec-*</parameter>: These switches control suEXEC module
227	behavior, such as default document root, minimal UID that can be used to
228	run the script under the suEXEC. Please note that with minimal UID 100, you
229	can't run CGI or SSI scripts under suEXEC as the
230	<systemitem class="username">apache</systemitem> user.
231	</para>
232
233	<para>
234	<command>... /usr/lib/httpd/suexec</command>: These commands put
235	<command>suexec</command> wrapper into proper location, since it
236	is not meant to be run directly. They also adjust proper
237	permissions of the binary, making it setgid
238	<systemitem class="username">apache</systemitem>.
239	</para>
240
241	<para>
242	<command>chown -R apache:apache /srv/www</command>: By default, the
243	installation process installs files (documentation, error messages,
244	default icons, etc.) with the ownership of the user that extracted the
245	files from the tar file. If you want to change the ownership to another
246	user, you should do so at this point. The only requirement is that the
247	document directories need to be accessible by the <command>httpd</command>
248	process with (r-x) permissions and files need to be readable (r--) by the
249	<systemitem class="username">apache</systemitem> user.
250	</para>
251
252	</sect2>
253
254	<sect2 role="configuration">
255	<title>Configuring Apache</title>
256
257	<sect3 id="apache-config">
258	<title>Config Files</title>
259
260	<para>
261	<filename>/etc/httpd/httpd.conf</filename> and
262	<filename>/etc/httpd/extra/*</filename>
263	</para>
264
265	<indexterm zone="apache apache-config">
266	<primary sortas="e-etc-httpd-httpd.conf">/etc/httpd/httpd.conf</primary>
267	</indexterm>
268
269	<indexterm zone="apache apache-config">
270	<primary sortas="e-etc-httpd-extra-star">/etc/httpd/extra/*</primary>
271	</indexterm>
272
273	</sect3>
274
275	<sect3>
276	<title>Configuration Information</title>
277
278	<para>
279	See <ulink url="file:///usr/share/httpd/manual/configuring.html"/>
280	for detailed instructions on customising your
281	<application>Apache</application> HTTP server configuration file.
282	</para>
283
284	<para>
285	There is no reason, at least for internet facing sites, not
286	to use SSL encryption. Setting up a secured website does not cost
287	anything except installing one additional small tool and a few
288	minutes of configuration work. Use this guideline at
289	<ulink url="&blfs-wiki;/Securing_a_website"/> to create
290	world-wide accepted certificates and renew them on a regular basis.
291	</para>
292
293	</sect3>
294
295	<sect3 id="httpd-init">
296	<title><phrase revision="sysv">Boot Script</phrase>
297	<phrase revision="systemd">Systemd Unit</phrase></title>
298
299	<para>
300	If you want the <application>Apache</application> server to
301	start automatically when the system is booted, install the
302	<phrase revision="sysv"><filename>/etc/rc.d/init.d/httpd</filename>
303	init script</phrase>
304	<phrase revision="systemd"><filename>httpd.service</filename>
305	unit</phrase> included in the
306	<xref linkend="bootscripts" revision="sysv"/>
307	<xref linkend="systemd-units" revision="systemd"/> package:
308	</para>
309
310	<indexterm zone="apache httpd-init">
311	<primary sortas="f-apache">apache</primary>
312	</indexterm>
313
314	<screen role="root"><userinput>make install-httpd</userinput></screen>
315
316	</sect3>
317
318	</sect2>
319
320	<sect2 role="content">
321	<title>Contents</title>
322
323	<segmentedlist>
324	<segtitle>Installed Programs</segtitle>
325	<segtitle>Installed Libraries</segtitle>
326	<segtitle>Installed Directories</segtitle>
327
328	<seglistitem>
329	<seg>
330	ab, apachectl, apxs, checkgid, dbmmanage, fcgistarter,
331	htcacheclean, htdbm, htdigest, htpasswd, httpd,
332	httxt2dbm, logresolve, and rotatelogs
333	<!-- not executable from path, and suexec -->
334	</seg>
335	<seg>
336	Several libraries under /usr/lib/httpd/modules/
337	</seg>
338	<seg>
339	/etc/httpd,
340	/srv/www,
341	/usr/include/httpd,
342	/usr/lib/httpd,
343	/usr/share/httpd,
344	/var/log/httpd, and
345	/var/run/httpd
346	</seg>
347	</seglistitem>
348	</segmentedlist>
349
350	<variablelist>
351	<bridgehead renderas="sect3">Short Descriptions</bridgehead>
352	<?dbfo list-presentation="list"?>
353	<?dbhtml list-presentation="table"?>
354
355	<varlistentry id="ab">
356	<term><command>ab</command></term>
357	<listitem>
358	<para>
359	is a tool for benchmarking your <application>Apache</application>
360	HTTP server
361	</para>
362	<indexterm zone="apache ab">
363	<primary sortas="b-ab">ab</primary>
364	</indexterm>
365	</listitem>
366	</varlistentry>
367
368	<varlistentry id="apachectl">
369	<term><command>apachectl</command></term>
370	<listitem>
371	<para>
372	is a front end to the <application>Apache</application> HTTP server
373	which is designed to help the administrator control the functioning
374	of the <application>Apache</application> httpd daemon
375	</para>
376	<indexterm zone="apache apachectl">
377	<primary sortas="b-apachectl">apachectl</primary>
378	</indexterm>
379	</listitem>
380	</varlistentry>
381
382	<varlistentry id="apxs">
383	<term><command>apxs</command></term>
384	<listitem>
385	<para>
386	is a tool for building and installing extension modules for the
387	<application>Apache</application> HTTP server
388	</para>
389	<indexterm zone="apache apxs">
390	<primary sortas="b-apxs">apxs</primary>
391	</indexterm>
392	</listitem>
393	</varlistentry>
394
395	<varlistentry id="checkgid">
396	<term><command>checkgid</command></term>
397	<listitem>
398	<para>
399	is a program that checks whether it can setgid to the group
400	specified. This is to see if it is a valid group for Apache2 to use
401	at runtime. If the user (should be run as superuser) is in that
402	group, or can setgid to it, it will return 0
403	</para>
404	<indexterm zone="apache checkgid">
405	<primary sortas="b-checkgid">checkgid</primary>
406	</indexterm>
407	</listitem>
408	</varlistentry>
409
410	<varlistentry id="dbmmanage">
411	<term><command>dbmmanage</command></term>
412	<listitem>
413	<para>
414	is used to create and update the DBM format files used to store
415	usernames and passwords for basic authentication of HTTP users
416	</para>
417	<indexterm zone="apache dbmmanage">
418	<primary sortas="b-dbmmanage">dbmmanage</primary>
419	</indexterm>
420	</listitem>
421	</varlistentry>
422
423	<varlistentry id="fcgistarter">
424	<term><command>fcgistarter</command></term>
425	<listitem>
426	<para>
427	is a tool to start a FastCGI program
428	</para>
429	<indexterm zone="apache fcgistarter">
430	<primary sortas="b-fcgistarter">fcgistarter</primary>
431	</indexterm>
432	</listitem>
433	</varlistentry>
434
435	<varlistentry id="htcacheclean">
436	<term><command>htcacheclean</command></term>
437	<listitem>
438	<para>
439	is used to clean up the disk cache
440	</para>
441	<indexterm zone="apache htcacheclean">
442	<primary sortas="b-htcacheclean">htcacheclean</primary>
443	</indexterm>
444	</listitem>
445	</varlistentry>
446
447	<varlistentry id="htdbm">
448	<term><command>htdbm</command></term>
449	<listitem>
450	<para>
451	is used to manipulate the DBM password databases
452	</para>
453	<indexterm zone="apache htdbm">
454	<primary sortas="b-htdbm">htdbm</primary>
455	</indexterm>
456	</listitem>
457	</varlistentry>
458
459	<varlistentry id="htdigest">
460	<term><command>htdigest</command></term>
461	<listitem>
462	<para>
463	is used to create and update the flat-files used to store usernames,
464	realms and passwords for digest authentication of HTTP users
465	</para>
466	<indexterm zone="apache htdigest">
467	<primary sortas="b-htdigest">htdigest</primary>
468	</indexterm>
469	</listitem>
470	</varlistentry>
471
472	<varlistentry id="htpasswd">
473	<term><command>htpasswd</command></term>
474	<listitem>
475	<para>
476	is used to create and update the flat-files used to store usernames
477	and passwords for basic authentication of HTTP users
478	</para>
479	<indexterm zone="apache htpasswd">
480	<primary sortas="b-htpasswd">htpasswd</primary>
481	</indexterm>
482	</listitem>
483	</varlistentry>
484
485	<varlistentry id="httpd">
486	<term><command>httpd</command></term>
487	<listitem>
488	<para>
489	is the <application>Apache</application> HTTP server program
490	</para>
491	<indexterm zone="apache httpd">
492	<primary sortas="b-httpd">httpd</primary>
493	</indexterm>
494	</listitem>
495	</varlistentry>
496
497	<varlistentry id="httxt2dbm">
498	<term><command>httxt2dbm</command></term>
499	<listitem>
500	<para>
501	is used to generate DBM files from text, for use in RewriteMap
502	</para>
503	<indexterm zone="apache httxt2dbm">
504	<primary sortas="b-httxt2dbm">httxt2dbm</primary>
505	</indexterm>
506	</listitem>
507	</varlistentry>
508
509	<varlistentry id="logresolve">
510	<term><command>logresolve</command></term>
511	<listitem>
512	<para>
513	is a post-processing program to resolve IP-addresses in
514	<application>Apache</application>'s access log files
515	</para>
516	<indexterm zone="apache logresolve">
517	<primary sortas="b-logresolve">logresolve</primary>
518	</indexterm>
519	</listitem>
520	</varlistentry>
521
522	<varlistentry id="rotatelogs">
523	<term><command>rotatelogs</command></term>
524	<listitem>
525	<para>
526	is a simple program for use in conjunction with
527	<application>Apache</application>'s piped log file feature
528	</para>
529	<indexterm zone="apache rotatelogs">
530	<primary sortas="b-rotatelogs">rotatelogs</primary>
531	</indexterm>
532	</listitem>
533	</varlistentry>
534
535	<varlistentry id="suexec">
536	<term><command>suexec</command></term>
537	<listitem>
538	<para>
539	allows users to run CGI and SSI applications as a different user
540	</para>
541	<indexterm zone="apache suexec">
542	<primary sortas="b-suexec">suexec</primary>
543	</indexterm>
544	</listitem>
545	</varlistentry>
546
547	</variablelist>
548
549	</sect2>
550
551	</sect1>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: