glfs/server/major/apache.xml
Ken Moffat c4d5919cb8 tags
git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@15551 af4574ff-66df-0310-9fd7-8a98e5e911e0
2015-02-22 20:36:46 +00:00

502 lines
16 KiB
XML

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % general-entities SYSTEM "../../general.ent">
%general-entities;
<!ENTITY apache-download-http
"https://archive.apache.org/dist/httpd/httpd-&apache-version;.tar.bz2">
<!ENTITY apache-download-ftp " ">
<!ENTITY apache-md5sum "b8dc8367a57a8d548a9b4ce16d264a13">
<!ENTITY apache-size "4.9 MB">
<!ENTITY apache-buildsize "93 MB">
<!ENTITY apache-time "0.8 SBU">
]>
<sect1 id="apache" xreflabel="Apache-&apache-version;">
<?dbhtml filename="apache.html"?>
<sect1info>
<othername>$LastChangedBy$</othername>
<date>$Date$</date>
</sect1info>
<title>Apache-&apache-version;</title>
<indexterm zone="apache">
<primary sortas="a-Apache">Apache</primary>
</indexterm>
<sect2 role="package">
<title>Introduction to Apache HTTPD</title>
<para>
The <application>Apache HTTPD</application> package contains an open-source HTTP
server. It is useful for creating local intranet web sites or running huge
web serving operations.
</para>
&lfs77_checked;
<bridgehead renderas="sect3">Package Information</bridgehead>
<itemizedlist spacing="compact">
<listitem>
<para>
Download (HTTP): <ulink url="&apache-download-http;"/>
</para>
</listitem>
<listitem>
<para>
Download (FTP): <ulink url="&apache-download-ftp;"/>
</para>
</listitem>
<listitem>
<para>
Download MD5 sum: &apache-md5sum;
</para>
</listitem>
<listitem>
<para>
Download size: &apache-size;
</para>
</listitem>
<listitem>
<para>
Estimated disk space required: &apache-buildsize;
</para>
</listitem>
<listitem>
<para>
Estimated build time: &apache-time;
</para>
</listitem>
</itemizedlist>
<bridgehead renderas="sect3">Additional Downloads</bridgehead>
<itemizedlist spacing="compact">
<listitem>
<para>
Required patch:
<ulink url="&patch-root;/httpd-&apache-version;-blfs_layout-1.patch"/>
</para>
</listitem>
</itemizedlist>
<bridgehead renderas="sect3">Apache HTTPD Dependencies</bridgehead>
<bridgehead renderas="sect4">Required</bridgehead>
<para role="required">
<xref linkend="apr-util"/> and
<xref linkend="pcre"/>
</para>
<bridgehead renderas="sect4">Recommended</bridgehead>
<para role="recommended">
<xref linkend="openssl"/>
</para>
<bridgehead renderas="sect4">Optional</bridgehead>
<para role="optional">
<xref linkend="db"/>,
<xref linkend="doxygen"/>,
<xref linkend="libxml2"/>,
<xref linkend="lynx"/> or
<xref linkend="Links"/> or
<ulink url="http://elinks.or.cz/">ELinks</ulink>,
<xref linkend="openldap"/> (<xref linkend="apr-util"/> needs to be
installed with ldap suport),
<xref linkend="rsync"/>,
<ulink url="http://www.distcache.org/">Distcache</ulink>, and
<xref linkend="lua"/>
</para>
<para condition="html" role="usernotes">
User Notes: <ulink url="&blfs-wiki;/apache"/>
</para>
</sect2>
<sect2 role="installation">
<title>Installation of Apache HTTPD</title>
<para>
For security reasons, running the server as an unprivileged user and group
is strongly encouraged. Create the following group and user using the
following commands as <systemitem class="username">root</systemitem>:
</para>
<screen role="root"><userinput>groupadd -g 25 apache &amp;&amp;
useradd -c "Apache Server" -d /srv/www -g apache \
-s /bin/false -u 25 apache</userinput></screen>
<para>
Build and install <application>Apache HTTPD</application> by running the
following commands:
</para>
<screen><userinput>patch -Np1 -i ../httpd-&apache-version;-blfs_layout-1.patch &amp;&amp;
sed 's/ldump_writer, &amp;b/&amp;, NULL/' -i modules/lua/mod_lua.c &amp;&amp;
sed '/dir.*CFG_PREFIX/s@^@#@' -i support/apxs.in &amp;&amp;
./configure --enable-authnz-fcgi \
--enable-layout=BLFS \
--enable-mods-shared="all cgi" \
--enable-mpms-shared=all \
--enable-suexec=shared \
--with-apr=/usr/bin/apr-1-config \
--with-apr-util=/usr/bin/apu-1-config \
--with-suexec-bin=/usr/lib/httpd/suexec \
--with-suexec-caller=apache \
--with-suexec-docroot=/srv/www \
--with-suexec-logfile=/var/log/httpd/suexec.log \
--with-suexec-uidmin=100 \
--with-suexec-userdir=public_html &amp;&amp;
make</userinput></screen>
<para>
This package does not come with a test suite.
</para>
<para>
Now, as the <systemitem class="username">root</systemitem> user
(notice that DESTDIR does not work properly as unpriviledged user):
</para>
<screen role="root"><userinput>make install &amp;&amp;
mv -v /usr/sbin/suexec /usr/lib/httpd/suexec &amp;&amp;
chgrp apache /usr/lib/httpd/suexec &amp;&amp;
chmod 4754 /usr/lib/httpd/suexec &amp;&amp;
chown -v -R apache:apache /srv/www</userinput></screen>
</sect2>
<sect2 role="commands">
<title>Command Explanations</title>
<para>
<command>sed 's/ldump_writer, &amp;b/&amp;, NULL/'...</command>: This sed
fixes compilation with <application>lua</application> 5.3.
</para>
<para>
<command>sed '/dir.*CFG_PREFIX/s@^@#@'...</command>: Forces the
<application>apxs</application> utility to use absolute pathnames for
modules, when instructed to do so.
</para>
<para>
<parameter>--enable-authnz-fcgi</parameter>: Build FastCGI
authorizer-based authentication and authorization (mod_authnz_fcgi.so
fast CGI module).
</para>
<para>
<parameter>--enable-mods-shared="all cgi"</parameter>: The modules should be
compiled and used as Dynamic Shared Objects (DSOs) so they can be included
and excluded from the server using the run-time configuration directives.
</para>
<para>
<parameter>--enable-mpm-shared=all</parameter>: This switch ensures that all
MPM (Multi Processing Modules) are built as Dynamic Shared Objects (DSOs),
so the user can choose which one to use at runtime.
</para>
<para>
<parameter>--enable-suexec</parameter>: This switch enables building of the
<application>Apache</application> suEXEC module which can be used to allow
users to run CGI and SSI scripts under user IDs different from the user ID
of the calling web server.
</para>
<para>
<parameter>--with-suexec-*</parameter>: These switches control suEXEC module
behavior, such as default document root, minimal UID that can be used to
run the script under the suEXEC. Please note that with minimal UID 100, you
can't run CGI or SSI scripts under suEXEC as the
<systemitem class="username">apache</systemitem> user.
</para>
<para>
<command>... /usr/lib/httpd/suexec</command>: These commands put
<command>suexec</command> wrapper into proper location, since it
is not meant to be run directly. They also adjust proper
permissions of the binary, making it setgid
<systemitem class="username">apache</systemitem>.
</para>
<para>
<command>chown -R apache:apache /srv/www</command>: By default, the
installation process installs files (documentation, error messages,
default icons, etc.) with the ownership of the user that extracted the
files from the tar file. If you want to change the ownership to another
user, you should do so at this point. The only requirement is that the
document directories need to be accessible by the <command>httpd</command>
process with (r-x) permissions and files need to be readable (r--) by the
<systemitem class="username">apache</systemitem> user.
</para>
</sect2>
<sect2 role="configuration">
<title>Configuring Apache</title>
<sect3 id="apache-config">
<title>Config Files</title>
<para>
<filename>/etc/httpd/httpd.conf</filename> and
<filename>/etc/httpd/extra/*</filename>
</para>
<indexterm zone="apache apache-config">
<primary sortas="e-etc-httpd-httpd.conf">/etc/httpd/httpd.conf</primary>
</indexterm>
<indexterm zone="apache apache-config">
<primary sortas="e-etc-httpd-extra-star">/etc/httpd/extra/*</primary>
</indexterm>
</sect3>
<sect3>
<title>Configuration Information</title>
<para>
See <ulink url="file:///usr/share/httpd/manual/configuring.html"/>
for detailed instructions on customising your
<application>Apache</application> HTTP server configuration file.
</para>
</sect3>
<sect3 id="httpd-init">
<title>Boot Script</title>
<para>
If you want the <application>Apache</application> server to
start automatically when the system is booted, install the
<filename>/etc/rc.d/init.d/httpd</filename> init script included
in the <xref linkend="bootscripts"/> package.
</para>
<indexterm zone="apache httpd-init">
<primary sortas="f-apache">apache</primary>
</indexterm>
<screen role="root"><userinput>make install-httpd</userinput></screen>
</sect3>
</sect2>
<sect2 role="content">
<title>Contents</title>
<segmentedlist>
<segtitle>Installed Programs</segtitle>
<segtitle>Installed Libraries</segtitle>
<segtitle>Installed Directories</segtitle>
<seglistitem>
<seg>
ab, apachectl, apxs, checkgid, dbmmanage, fcgistarter,
htcacheclean, htdbm, htdigest, htpasswd, httpd,
httxt2dbm, logresolve, rotatelogs, and suexec
</seg>
<seg>
Several libraries under /usr/lib/httpd/modules/
</seg>
<seg>
/etc/httpd,
/srv/www,
/usr/include/httpd,
/usr/lib/httpd,
/usr/share/httpd,
/var/log/httpd, and
/var/run/httpd
</seg>
</seglistitem>
</segmentedlist>
<variablelist>
<bridgehead renderas="sect3">Short Descriptions</bridgehead>
<?dbfo list-presentation="list"?>
<?dbhtml list-presentation="table"?>
<varlistentry id="ab">
<term><command>ab</command></term>
<listitem>
<para>
is a tool for benchmarking your <application>Apache</application>
HTTP server.
</para>
<indexterm zone="apache ab">
<primary sortas="b-ab">ab</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="apachectl">
<term><command>apachectl</command></term>
<listitem>
<para>
is a front end to the <application>Apache</application> HTTP server
which is designed to help the administrator control the functioning
of the <application>Apache</application> httpd daemon.
</para>
<indexterm zone="apache apachectl">
<primary sortas="b-apachectl">apachectl</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="apxs">
<term><command>apxs</command></term>
<listitem>
<para>
is a tool for building and installing extension modules for the
<application>Apache</application> HTTP server.
</para>
<indexterm zone="apache apxs">
<primary sortas="b-apxs">apxs</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="checkgid">
<term><command>checkgid</command></term>
<listitem>
<para>
is a program that checks whether it can setgid to the group
specified. This is to see if it is a valid group for Apache2 to use
at runtime. If the user (should be run as superuser) is in that
group, or can setgid to it, it will return 0.
</para>
<indexterm zone="apache checkgid">
<primary sortas="b-checkgid">checkgid</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="dbmmanage">
<term><command>dbmmanage</command></term>
<listitem>
<para>
is used to create and update the DBM format files used to store
usernames and passwords for basic authentication of HTTP users.
</para>
<indexterm zone="apache dbmmanage">
<primary sortas="b-dbmmanage">dbmmanage</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="htcacheclean">
<term><command>htcacheclean</command></term>
<listitem>
<para>
is used to clean up the disk cache.
</para>
<indexterm zone="apache htcacheclean">
<primary sortas="b-htcacheclean">htcacheclean</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="htdbm">
<term><command>htdbm</command></term>
<listitem>
<para>
is used to manipulate the DBM password databases.
</para>
<indexterm zone="apache htdbm">
<primary sortas="b-htdbm">htdbm</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="htdigest">
<term><command>htdigest</command></term>
<listitem>
<para>
is used to create and update the flat-files used to store usernames,
realms and passwords for digest authentication of HTTP users.
</para>
<indexterm zone="apache htdigest">
<primary sortas="b-htdigest">htdigest</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="htpasswd">
<term><command>htpasswd</command></term>
<listitem>
<para>
is used to create and update the flat-files used to store usernames
and passwords for basic authentication of HTTP users.
</para>
<indexterm zone="apache htpasswd">
<primary sortas="b-htpasswd">htpasswd</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="httpd">
<term><command>httpd</command></term>
<listitem>
<para>
is the <application>Apache</application> HTTP server program.
</para>
<indexterm zone="apache httpd">
<primary sortas="b-httpd">httpd</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="httxt2dbm">
<term><command>httxt2dbm</command></term>
<listitem>
<para>
is used to generate DBM files from text, for use in RewriteMap.
</para>
<indexterm zone="apache httxt2dbm">
<primary sortas="b-httxt2dbm">httxt2dbm</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="logresolve">
<term><command>logresolve</command></term>
<listitem>
<para>
is a post-processing program to resolve IP-addresses in
<application>Apache</application>'s access log files.
</para>
<indexterm zone="apache logresolve">
<primary sortas="b-logresolve">logresolve</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="rotatelogs">
<term><command>rotatelogs</command></term>
<listitem>
<para>
is a simple program for use in conjunction with
<application>Apache</application>'s piped log file feature.
</para>
<indexterm zone="apache rotatelogs">
<primary sortas="b-rotatelogs">rotatelogs</primary>
</indexterm>
</listitem>
</varlistentry>
</variablelist>
</sect2>
</sect1>