Author: krejzi Date: Fri Jan 25 12:03:43 2013 New Revision: 10978 Log: Rework Apache HTTPD instructions.
Modified: trunk/BOOK/server/major/apache.xml trunk/bootscripts/blfs/init.d/httpd Modified: trunk/BOOK/server/major/apache.xml ============================================================================== --- trunk/BOOK/server/major/apache.xml Fri Jan 25 10:12:00 2013 (r10977) +++ trunk/BOOK/server/major/apache.xml Fri Jan 25 12:03:43 2013 (r10978) @@ -5,13 +5,13 @@ %general-entities; <!ENTITY apache-download-http - "http://archive.apache.org/dist/httpd/httpd-&apache-version;.tar.bz2";> + "http://archive.apache.org/dist/httpd/httpd-&apache-version;.tar.bz2";> <!ENTITY apache-download-ftp - "ftp://apache.mirrors.pair.com/httpd/httpd-&apache-version;.tar.bz2";> + "ftp://apache.mirrors.pair.com/httpd/httpd-&apache-version;.tar.bz2";> <!ENTITY apache-md5sum "87aaf7bc7e8715f0455997bb8c6791aa"> <!ENTITY apache-size "4.4 MB"> - <!ENTITY apache-buildsize "66 MB"> - <!ENTITY apache-time "0.7 SBU"> + <!ENTITY apache-buildsize "100 MB"> + <!ENTITY apache-time "0.5 SBU"> ]> <sect1 id="apache" xreflabel="Apache-&apache-version;"> @@ -29,10 +29,10 @@ </indexterm> <sect2 role="package"> - <title>Introduction to Apache</title> + <title>Introduction to Apache HTTPD</title> <para> - The <application>Apache</application> package contains an open-source HTTP + The <application>Apache HTTPD</application> package contains an open-source HTTP server. It is useful for creating local intranet web sites or running huge web serving operations. </para> @@ -73,24 +73,38 @@ </listitem> </itemizedlist> - <bridgehead renderas="sect3">Apache Dependencies</bridgehead> + <bridgehead renderas="sect3">Additional Downloads</bridgehead> + <itemizedlist spacing="compact"> + <listitem> + <para> + Required patch: + <ulink url="&patch-root;/httpd-&apache-version;-blfs_layout-1.patch"/> + </para> + </listitem> + </itemizedlist> + + <bridgehead renderas="sect3">Apache HTTPD Dependencies</bridgehead> <bridgehead renderas="sect4">Required</bridgehead> <para role="required"> <xref linkend="apr-util"/> </para> + <bridgehead renderas="sect4">Recommended</bridgehead> + <para role="recommended"> + <xref linkend="openssl"/> + </para> + <bridgehead renderas="sect4">Optional</bridgehead> <para role="optional"> + <xref linkend="db"/>, + <xref linkend="doxygen"/>, + <xref linkend="lynx"/>, <xref linkend="openldap"/>, - <xref linkend="db"/>, - <xref linkend="expat"/>, - <xref linkend="openssl"/>, <xref linkend="pcre"/>, <xref linkend="rsync"/>, - <xref linkend="doxygen"/>, - <xref linkend="lynx"/> and - <ulink url="http://www.distcache.org/";>distcache</ulink> + <ulink url="http://www.distcache.org/";>Distcache</ulink> and + <ulink url="http://www.lua.org/";>Lua (5.1)</ulink> </para> <para condition="html" role="usernotes"> @@ -99,7 +113,7 @@ </sect2> <sect2 role="installation"> - <title>Installation of Apache</title> + <title>Installation of Apache HTTPD</title> <para> For security reasons, running the server as an unprivileged user and group @@ -108,51 +122,27 @@ </para> <screen role="root"><userinput>groupadd -g 25 apache && -useradd -c "Apache Server" -d /dev/null -g apache \ +useradd -c "Apache Server" -d /srv/www -g apache \ -s /bin/false -u 25 apache</userinput></screen> - <note> - <para> - The above command directs the <application>Apache</application> user's - home directory to <filename>/dev/null</filename>. This may not work - for some add-ons such as - <ulink url='http://www.viewvc.org/'><application>ViewVC</application></ulink>, - a browser interface for CVS and Subversion version control repositories. - See the User Notes for details for specific applications. - </para> - </note> - <para> - Build and install <application>Apache</application> by running the + Build and install <application>Apache HTTPD</application> by running the following commands: </para> -<screen><userinput>cat >> config.layout << "HERE_DOC" && -# BLFS FHS layout -<Layout FHS> - prefix: /usr - exec_prefix: ${prefix} - bindir: ${exec_prefix}/bin - sbindir: ${exec_prefix}/sbin - libdir: ${exec_prefix}/lib - libexecdir: ${exec_prefix}/libexec/apache - mandir: ${prefix}/share/man - sysconfdir: /etc/apache - datadir: /srv/www - installbuilddir: ${libexecdir}/build - errordir: ${datadir}/error - iconsdir: ${datadir}/icons - htdocsdir: ${datadir}/htdocs - manualdir: ${datadir}/manual - cgidir: ${datadir}/cgi-bin - includedir: ${prefix}/include/apache - localstatedir: ${datadir} - runtimedir: /var/run - logfiledir: /var/log/apache - proxycachedir: /var/cache/apache/proxy -</Layout> -HERE_DOC -./configure --enable-layout=FHS --enable-mods-shared=all && +<screen><userinput>patch -Np1 -i ../httpd-&apache-version;-blfs_layout-1.patch && +./configure --enable-layout=BLFS \ + --enable-mods-shared="all cgi" \ + --enable-mpms-shared=all \ + --with-apr=/usr/bin/apr-1-config \ + --with-apr-util=/usr/bin/apu-1-config \ + --enable-suexec=shared \ + --with-suexec-bin=/usr/lib/httpd/suexec \ + --with-suexec-docroot=/srv/www \ + --with-suexec-caller=apache \ + --with-suexec-userdir=public_html \ + --with-suexec-logfile=/var/log/httpd/suexec.log \ + --with-suexec-uidmin=100 && make</userinput></screen> <para> @@ -165,57 +155,50 @@ <screen role="root"><userinput>make install && -chown -v root:root /usr/bin/{apxs,dbmmanage} \ - /usr/sbin/{apachectl,envvars{,-std}} \ - /usr/libexec/apache/httpd.exp \ - /usr/share/man/man1/{ab,apxs,dbmmanage,ht{dbm,digest,passwd,txt2dbm},logresolve}.1 \ - /usr/share/man/man8/{apachectl,htcacheclean,httpd,rotatelogs,suexec}.8 && +mv -v /usr/sbin/suexec /usr/lib/httpd/suexec && +chgrp apache /usr/lib/httpd/suexec && +chmod 4754 /usr/lib/httpd/suexec && chown -v -R apache:apache /srv/www</userinput></screen> - <para> - Also as the <systemitem class="username">root</systemitem> user, - optionally install the html docs: - </para> - -<screen role="root"><userinput>mkdir -p /usr/share/doc/httpd-&apache-version;/style && -for thing in docs/manual/*.html.en -do - tmp=${thing%.en} - cp ${thing} /usr/share/doc/httpd-&apache-version;/${tmp##*/} -done - -cp -rf docs/manual/images /usr/share/doc/httpd-&apache-version; && -cp -rf docs/manual/style/css /usr/share/doc/httpd-&apache-version;/style && - -for directory in developer faq howto misc mod platform programs rewrite ssl vhosts -do - mkdir -p /usr/share/doc/httpd-&apache-version;/${directory} - for thing in docs/manual/${directory}/*.html.en - do - tmp=${thing%.en} - cp ${thing} /usr/share/doc/httpd-&apache-version;/${directory}/${tmp##*/} - done -done - -sed -i \ - '/developer\|faq\|misc\|mod\|programs\|rewrite\|ssl\|vhosts/s#/"#/index.html"#' \ - /usr/share/doc/httpd-&apache-version;/index.html</userinput></screen> </sect2> <sect2 role="commands"> <title>Command Explanations</title> <para> - <parameter>--enable-mods-shared=all</parameter>: The modules should be + <parameter>--enable-mods-shared="all cgi"</parameter>: The modules should be compiled and used as Dynamic Shared Objects (DSOs) so they can be included and excluded from the server using the run-time configuration directives. </para> <para> - <command>chown root:root ...</command>: This command changes the ownership - of some installed files, the result of building the package as a user - other than <systemitem class="username">root</systemitem>. + <parameter>--enable-mpm-shared=all</parameter>: This switch ensures that all + MPM (Multi Processing Modules) are built as Dynamic Shared Objects (DSOs), + so the user can choose which one to use at runtime. + </para> + + <para> + <parameter>--enable-suexec</parameter>: This switch enables building of the + <application>Apache</application> suEXEC module which can be used to allow + users to run CGI and SSI scripts under user IDs different from the user ID + of the calling web server. + </para> + + <para> + <parameter>--with-suexec-*</parameter>: These switches control suEXEC module + behavior, such as default document root, minimal UID that can be used to + run the script under the suEXEC. Please note that with minimal UID 100, you + can't run CGI or SSI scripts under suEXEC as the + <systemitem class="username">apache</systemitem> user. + </para> + + <para> + <command>... /usr/lib/httpd/suexec</command>: These commands put + <command>suexec</command> wrapper into proper location, since it + is not meant to be run directly. They also adjust proper + permissions of the binary, making it segid + <systemitem class="username">apache</systemitem>. </para> <para> @@ -228,6 +211,7 @@ process with (r-x) permissions and files need to be readable (r--) by the <systemitem class="username">apache</systemitem> user. </para> + </sect2> <sect2 role="configuration"> @@ -237,34 +221,29 @@ <title>Config Files</title> <para> - <filename>/etc/apache/*</filename> + <filename>/etc/httpd/httpd.conf</filename> and + <filename>/etc/httpd/extra/*</filename> </para> <indexterm zone="apache apache-config"> - <primary sortas="e-etc-apache">/etc/apache/*</primary> + <primary sortas="e-etc-httpd-httpd.conf">/etc/httpd/httpd.conf</primary> </indexterm> <indexterm zone="apache apache-config"> - <primary sortas="e-etc-apache-httpd.conf">/etc/apache/httpd.conf</primary> + <primary sortas="e-etc-httpd-extra-star">/etc/httpd/extra/*</primary> </indexterm> + </sect3> <sect3> <title>Configuration Information</title> <para> - The main configuration file is named - <filename>/etc/apache/httpd.conf</filename>. Modify it so that the HTTP - server runs as the dedicated user and group: - </para> - -<screen role="root"><userinput>sed -i "s/daemon$/apache/" /etc/apache/httpd.conf</userinput></screen> - - <para> - See <ulink url="/usr/share/doc/httpd-&apache-version;/configuring.html"/> + See <ulink url="/usr/share/httpd/manual/configuring.html"/> for detailed instructions on customising your <application>Apache</application> HTTP server configuration file. </para> + </sect3> <sect3 id="httpd-init"> @@ -272,10 +251,10 @@ <para> If you want the <application>Apache</application> server to - start automatically when the system is booted, install the - <filename>/etc/rc.d/init.d/httpd</filename> init script included - in the <xref linkend="bootscripts"/> package. - </para> + start automatically when the system is booted, install the + <filename>/etc/rc.d/init.d/httpd</filename> init script included + in the <xref linkend="bootscripts"/> package. + </para> <indexterm zone="apache httpd-init"> <primary sortas="f-apache">apache</primary> @@ -295,15 +274,20 @@ <seglistitem> <seg> - ab, apachectl, apxs, checkgid, dbmmanage, htcacheclean, htdbm, - htdigest, htpasswd, httpd, httxt2dbm, logresolve and rotatelogs + ab, apachectl, apxs, checkgid, dbmmanage, fcgistarter, htcacheclean, + htdbm, htdigest, htpasswd, httpd, httxt2dbm, logresolve and rotatelogs </seg> <seg> None </seg> <seg> - /etc/apache, /srv/www, /usr/include/apache, /usr/libexec/apache, - and /var/log/apache. + /etc/httpd, + /srv/www, + /usr/include/httpd, + /usr/lib/httpd, + /usr/share/httpd + /var/log/httpd and + /var/run/httpd </seg> </seglistitem> </segmentedlist> @@ -480,6 +464,9 @@ </indexterm> </listitem> </varlistentry> + </variablelist> + </sect2> + </sect1> Modified: trunk/bootscripts/blfs/init.d/httpd ============================================================================== --- trunk/bootscripts/blfs/init.d/httpd Fri Jan 25 10:12:00 2013 (r10977) +++ trunk/bootscripts/blfs/init.d/httpd Fri Jan 25 12:03:43 2013 (r10978) @@ -31,19 +31,19 @@ case "$1" in start) - log_info_msg "Starting Apache daemon..." + log_info_msg "Starting Apache HTTP daemon..." start_daemon /usr/sbin/apachectl -k start evaluate_retval ;; stop) - log_info_msg "Stopping Apache daemon..." + log_info_msg "Stopping Apache HTTP daemon..." start_daemon /usr/sbin/apachectl -k stop evaluate_retval ;; restart) - log_info_msg "Restarting Apache daemon..." + log_info_msg "Restarting Apache HTTP daemon..." start_daemon /usr/sbin/apachectl -k restart evaluate_retval ;; -- http://linuxfromscratch.org/mailman/listinfo/blfs-book FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
