Apache Installation | UNIX: The Complete Reference, Second Edition (Complete Reference Series)

Before we start looking at the installation process, you will need to do several things. The two most important steps are to obtain a valid IP address and a hostname for your web server machine. Without a valid hostname no one will be able to access your web site, so make sure that your web server machine is added to the Domain Name Service (DNS) before you deploy your web site. You may need to contact your network administrator to have this done. Please see the section on the DNS in Chapter 10.

Another important consideration is to determine the primary type of content that your web server will be serving. If you want to support CGI programs, Java servlets, or file downloads, consider getting a separate machine to use as a web server. A common option used for many intranet web servers is to reuse an older workstation or server as a web server. You should dedicate this machine to web serving, since CGI programs, Java servlets, and such can make heavy demands on your machine’s resources.

If you are installing a UNIX variant or Linux distribution, you will most likely find the Apache web server, or some Apache-based web server, as an install-time option. If you want to install Apache on a machine on which it has not already been installed, you can either install a precompiled binary package or compile the source code yourself and install it. Though the first option is a faster and more assured way of successfully installing Apache, there are advantages and disadvantages associated with both approaches.

Binary Package Installation

When first installing most Linux distributions, the option to install Apache or a “Web Server” is a likely installation step. “Web Server” here is usually Apache. If Apache was not installed with Linux, Apache httpd and associated packages are easily installable in precompiled binary form on most popular distributions. The world of Linux binary packages is now divided into two widely used package formats, the Red Hat package management system format (RPM) and the Debian package management system format (DEB). The Apache packages on Linux also tend to be split up with the intent to make the installation more modular. For instance, there may be separate Apache packages for the core HTTP server, documentation, utilities, Perl support, SSL support, and so on.

Installing Apache Binary Packages in the Red Hat rpm Format

Apache binary packages in the RPM format generally have names that begin with httpd. So to install the core Apache package on RPM-based Linux distributions, you would need to install the httpd package. The httpd RPM packages are usually available for the newer 2.x branch of Apache only A widely used, automated package management system for RPMbased distributions is YUM. YUM contains commands to search for a package, to download a package and other packages that it depends on, and to install the package and associated dependencies. Usage of the YUM commands to find and install httpd and any associated packages is shown next for a Red Hat-like Linux system. These commands must be run as root:

 # yum search httpd | less

This search command is piped to the less command because it is likely to return many pages of information about packages (not only Apache-related) that contain the search string httpd. After the desired httpd packages have been identified, the command to install the core httpd package, man pages, and httpd system configuration utility is as follows:

 # yum install httpd httpd-manual system-config-httpd [Extraneous output not shown.] Install      3 Package(s) Update       0 Package(s) Remove       0 Package(s) Total download size: 2.5 M Is this ok [Y/N]:

After you answer Y to the prompt, the Apache packages should be downloaded from a package repository on the Internet or loaded from CD and installed. At the conclusion of the install, the Apache web server program will also be started in the background with a default configuration.

Installing Apache Binary Packages in the Debian DEB format

Linux distributions that use the DEB format for precompiled packages also have a higher level package management system called APT that simplifies the job of installing DEB package files. APT contains commands to search for a package, to download a package and other packages that it depends on, and to install the package and associated dependencies. Usage of two of the APT system commands is demonstrated next for a Debian-derived Linux system. These commands must be run as root:

 # apt-cache search apache | less

This apt-cache command searches the APT DEB package database for package descriptors that contain “apache.” The list of packages returned can be quite large, so we’ve piped the output to less. The available apache httpd packages should be listed first. On a recent version of a Debian-derived Linux system, some of the packages of interest were output as follows:

 apache2 - next generation, scalable, extendable web server apache2-common - next generation, scalable, extendable web server apache2-doc - documentation for apache2 apache2-utils - utility programs for webservers

The command to install Apache 2 is shown here:

 # apt-get install apache2 [Extraneous output not shown.] The following NEW packages will be installed apache2 apache2-common apache2-mpm-worker apache2-utils libapr0 [Extraneous output not shown.] Do you want to continue [Y/n]?

The apt-get package management command has automatically resolved which other packages, the apache2 package, depends on (apache2-common, apache2-mpm-worker, apache2-utils, and libapr0). After you answer Y to the prompt, this apt-get command will download the five listed packages from an APT DEB package repository on the Internet or from the installation CD, will install them, and finally will start the Apache web server using a default configuration.

This is as painless as an initial installation of Apache can get on a Linux OS, or any OS for that matter. The use of high-level package management tools such as APT or YUM also makes it easy to upgrade Apache and any other package as the need arises, such as when a security fix is issued. When the apt-get or yum install of Apache has finished, you can usually launch a web browser and connect to the newly installed and running instance of Apache. If you run the web browser on the same machine, you can view the URL, http://localhost. If the machine that you installed Apache on has a fully qualified domain name, for example, pryor.acme.com, on the Internet or an intranet, you would point your web browser to http://pryor.acme.com/. The resulting default home page should look similar to Figure 16–1.

image from book
Figure 16–1: A default Apache home page

You may have seen this default Apache start page during your web browsing. There are many such installations on the Internet that have unconfigured Apache installations due to either negligence or unawareness on the part of administrators that they even have Apache installed. If you don’t actually need to use Apache, then please don’t install it. It can become a security risk.

Directory Structure for Linux Apache Packages

Though Apache binary packages make the installation simple, there will probably be some configuration work to be done afterward; this configuration work is discussed later in this chapter. When installed from Red Hat RPM packages, the Apache configuration files are placed in /etc/httpd. When installed from Debian DEB packages, the Apache configuration directory is /etc/apache or /etc/apache2. Figure 16–2 shows the additional directories and files created by a typical Apache installation on Linux.

image from book
Figure 16–2: Directories and files created by typical Apache packages on Linux

The document root directory is the default location of the HTML documents that Apache will serve. An Apache-served web site will be built in the document root and its subdirectories. The modules directory contains dynamic modules that can be loaded by Apache to provide add-on functionality in addition to Apache’s core functions. The logs directory contains log files that track the status of the web server, logging the HTML pages and objects that are requested from the web server and also any errors generated by the web server. The system startup files are the SysV init scripts that can be used to start Apache when the system boots, stop Apache when the system shuts down, and restart Apache when you change its configuration. The status files with the .pid extension contain Apache’s main process ID (PID) when it is running as a daemon. The PID is used by the system startup scripts when stopping or restarting Apache.

Binary Package Installation on UNIX

The Apache Project makes compiled source packages available for download for several UNIX platforms from its web site and mirrors (see http://archive.apache.org/dist/httpd/binaries/). These packages contain versions of the Apache source code that has been precompiled with common features enabled. They also contain an installation shell script, install-bindist.sh, that needs to be run with root privileges to install the compiled binaries and configuration files to an installation directory, typically /usr/local/apache-<version number>. This method of installation is actually very close to the “do-it-yourself” method of compiling and installing Apache described in the next section. These compiled binary packages have the drawback that most of these packages are community-contributed and generally lag the current releases of Apache by several versions. For example, the last available Apache Projectsupplied binary packages for HP-UX and AIX were uploaded in 2002 and 2003, respectively The more assured way of installing the latest version of Apache-which should contain patches for past serious security bugs-is to obtain the source code and compile it yourself.

In the Solaris Freeware project (http://www.sunfreeware.com/), an outgrowth of the SunSITE project, the Solaris user community has a volunteer-maintained source for up-todate Solaris-format binary packages for most common open-source software, including Apache. The packages downloaded from http://www.sunfreeware.com/ are in the Solaris pkg format and can be installed and removed using the Solaris pkgadd and pkgrm commands, respectively The latest Apache packages from Solaris Freeware (version 2.2) have been built to install completely into the /usr/local/apache2 file system tree and are a good alternative method of installing Apache on all versions of Solaris, especially if attempts to compile it yourself fail.

Source Installation of Apache on UNIX

The Apache project, being an open-source project, makes the httpd source code downloadable from its web site, http://httpd.apache.org/. Thanks to the GNU autoconf system, Apache is simple to compile on most UNIX platforms, including Linux. Compiling Apache yourself is the surest way to use the latest version of the web server. This ensures that you can quickly apply any new critical security fixes for Apache without waiting for a vendor or Linux distribution to issue fixed Apache packages. Another advantage of compiling Apache yourself is better performance as the Apache executables will be tuned to your server hardware. Another advantage is that you have finer control over what features are compiled into Apache. Still another advantage, in the opinion of some, is that you can install Apache into its own subdirectory and not have its components scattered into the UNIX file system hierarchy as shown in Figure 16–2. A disadvantage of manually compiling Apache is that you may need to know the various configuration options for building Apache.

The following steps outline how to manually compile and install the latest version of the Apache httpd. Unless otherwise noted, you should be able to perform these steps as a normal (nonroot) user.

Step 1: Obtain the httpd Source Code

A trusted source for the source code is http://httpd.apache.org/, or one of its mirrors. As of mid-2006, the latest bzip2-compressed tar archive for Apache was httpd-2.2.0.tar.bz2. Once you have downloaded and saved httpd-2.2.0.tar.bz2 to a source directory, it needs to be unarchived. A command to uncompress and untar the archive is as follows:

 $ bzip2 −dc httpd-2.2.0.tar.bz2 | tar −vxf

This will extract the contents of the tar.bz2 archive into a new subdirectory called httpd-2.2.0.

Step 2: Configure the Source Code and Build

You should enter the new httpd-2.2.0 subdirectory that was just created and read the files there that begin with “README.” In particular, you should read the README.platforms file for any special instructions that may apply to your UNIX platform. Also, read the INSTALL file. After that, you can begin the build process by first configuring the source code. The Apache build process begins with the included GNU autoconf system’s configure script. The configure script’s options can be viewed as follows:

 $ ./configure --help | less

This runs the configure script in the httpd source directory and lists the command line options that can be passed to it. Here is an actual run of the configure script to configure certain important Apache options:

 $ ./configure --prefix=/usr/local/apache-2.2.0 -enable-suexec \ --with-suexec-caller=nobody --with-suexec-gidmin=51 \ --with-suexec-umask=022 --enable-so --enable-dav --enable-dav-fs \ --enable-auth-digest

Here is a much simpler invocation of the configure script if this is your first time compiling Apache manually:

 $ ./configure --prefix=/usr/local/apache-2.2.0

The --prefix=/usr/local/apache-2.2.0 command line switch specifies the installation root directory for Apache. The conclusion of a successful run of configure should produce output that looks like the following:

 creating Makefile creating modules/Makefile creating srclib/Makefile creating os/Makefile creating server/Makefile creating support/Makefile creating srclib/pcre/Makefile creating test/Makefile [Extraneous output deleted.] config.status: executing default commands

A successful run of configure will generate Makefiles to build and install Apache. After this it is a matter of running the make command:

 $ make

The make command will process the Makefiles and build Apache and its modules. This may take several minutes depending on the speed of the computer. Next run make install. The make install and all the following commands create files and directories that are only root-accessible, so you will need to become root:

 (as root) # make install

The make install command will copy the compiled Apache executables, directory structure, and data files into the installation root directory that you specified in the configure --prefix command and option described previously, for example, /usr/local/apache-2.2.0. The output of the following ls command shows the directories that were created by make install in /usr/local/apache-2.2.0:

 # ls −1 /usr/local/apache-2 .2 . 0 total 22 drwxr-xr-x    2 root     other         512 Apr 20 16 29 bin drwxr-xr-x    2 root     other         512 Apr 20 16 29 build drwxr-xr-x    2 root     other         512 Apr 20 16 27 cgi-bin drwxr-xr-x    4 root     other         512 Apr 20 16 27 conf drwxr-xr-x    3 root     other        1024 Apr 20 16 27 error drwxr-xr-x    2 root     other         512 Nov 29 03 13 htdocs drwxr-xr-x    3 root     other        3584 Apr 20 16 27 icons drwxr-xr-x    2 root     other        2560 Apr 20 16 29 include drwxr-xr-x    3 root     other         512 Apr 20 16 27 lib drwxr-xr-x    2 root     other         512 Apr 20 16 27 logs drwxr-xr-x    4 root     other         512 Apr 20 16 29 man drwxr-xr-x   14 root     other        4608 Nov 29 03 20 manual drwxr-xr-x    2 root     other         512 Apr 20 16 27 modules

As you can see from the directory structure, Apache has been installed into its own “sandbox,” its own directory The bin subdirectory contains the httpd executables, conf contains the httpd configuration files, htdocs is the default document root where HTML files will be stored, and logs will contain log files generated while Apache is running. At this point you should be able to do a test run of Apache with the just-installed apachectl script in bin:

 # /usr/local/apache-2.2.0/bin/apachect1 start

This will start Apache httpd on the default HTTP service port 80 using the default home page, /usr/local/apache-2.2.0/htdocs/index.html. You can confirm this by starting a web browser on the same machine and viewing the URL, http://localhost. You can also confirm this by searching for running httpd processes with ps –ef | grep httpd or ps −aux | grep httpd.

Step 3: Set Up the Apache System Startup Script

The manually compiled source installation is not quite finished. You need to set up Apache to start when the system boots. A recommended step is to create the symbolic link, /usr/local/apache2, that points to the just-installed apache-2.2.0 directory To do this, use the following ln command:

 # cd /usr/local ; ln −s apache-2.2.0 apache2

When you manually compile and install future versions of Apache, you need to merely move the apache2 symbolic link to point to the newly installed Apache directory This simplifies administration. Assuming that the version of UNIX or Linux that you use boots using SysV-type init scripts, you need an init script for Apache in the /etc/init.d directory

That init script already exists in the form of the apachectl command that now exists in /usr/local/apache2/bin. Another symbolic link, /etc/init.d/apache2, needs to be created using the following command:

 # cd /etc/init.d ; ln −s /usr/local/apache2/bin/apachect1 apache2

Next, a symbolic link in the appropriate SysV run level init directory needs to be created. On a system such as Solaris in which the default run level on bootup is run level 3, you would need to issue the following ln command:

 # cd /etc/rc3.d ; ln −s ../init.d/apache2 S85apache2

The effect of creating the /etc/rc3.d/S85apache2 symbolic link is that Apache will be started when the system reaches run level 3 (normally during system bootup). Finally, you should create a symbolic link in /etc/rc2.d with the following command:

 # cd /etc/rc2.d ; ln −s ../init.d/apache2 K15apache2

The /etc/rc2.d/K15apache2 symbolic link ensures that the Apache processes are terminated properly when the system reaches run level 2 (normally during system reboot or system shutdown). The symbolic links in /etc/init.d, /etc/rc3.d, and /etc/rc2.d need only to be created once if you ensure that the /usr/local/apache2 link points to a newly installed Apache directory when upgrading to newer Apache versions.

Note that on some versions of UNIX, notably HP-UX, you will need to substitute the /sbin/init.d directory for /etc/init.d. Also, you will need to use /sbin/rc3.d and /sbin/rc2.d instead of /etc/rc3.d and /etc/rc2.d.

On BSD variants such as NetBSD and FreeBSD, the process of downloading, compiling, and installing Apache from source code is automated through the pkgsrc and the related ports package management systems, respectively

Apache Modules

Whether installed as Linux packages or compiled from the source code, the Apache web server is a relatively small engine designed to handle web requests for static HTML pages quickly and efficiently All of the other features in Apache are provided by the add-on components known as modules. The modules provide features such as access control, logging, Common Gateway Interface program execution (more on this later), and directory indexing. The standard Apache distribution comes with over 35 modules. There are also several third-party modules that can be compiled against Apache to enable features such as support for certain programming languages. Modules can either be statically compiled into the Apache httpd or dynamically loaded as needed. To see what modules are statically compiled into Apache, you can use the –1 command line option with the httpd executable. On a Red Hat-derived Linux distribution, the typical output of httpd –1 is shown here:

 # /usr/sbin/httpd −1 Compiled in modules:   core.c   prefork.c   http_core.c   mod so.c

As you can see from the output, only the core modules have been compiled in. The Apache modules in the same Linux distribution are stored in /usr/lib/httpd/modules/ to be loaded as needed through the httpd configuration file. On a Solaris system on which Apache was manually compiled with default compile-time options, the output of httpd –1 is shown here:

 # /usr/local/apache2/bin/httpd −1 Compiled in modules:   core.c   mod_authn_file.c   mod_authn_default.c   mod_authz_host.c   mod_authz_groupfile.c   mod_authz_user.c   mod_authz_default.c   mod_auth_basic.c   mod_include.c   mod_filter.c   mod_log_config.c   mod_env.c   mod_setenvif.c   prefork.c   http_core.c   mod_mime.c   mod_status.c   mod_autoindex.c   mod_asis.c   mod_cgi.c   mod_negotiation.c   mod_dir.c   mod_actions.c   mod_userdir.c   mod_alias.c   mod_so.c

These modules have been compiled because it is thought that the features enabled by these modules will satisfy the needs for features of most web sites. Modules not on this list need to be specified when running the configure script to configure the Apache source code before it is compiled. A complete listing of modules that are included in the latest distribution of Apache httpd can be found in the official Apache documentation at http://httpd.apache.org/docs/22/mod/.