Installation of Apache
For security reasons, running the server as an unprivileged user
and group is strongly encouraged. Create the following group and
user using the following commands (as root):
groupadd -g 25 apache &&
useradd -c "Apache Server" -d /dev/null -g apache \
-s /bin/false -u 25 apache
![[Note]](../images/note.png)
Note
The above command directs the Apache user's home directory to /dev/null. This may not work for some add-ons
such as ViewVC, a browser interface for CVS and
Subversion version control repositories. See the User Notes for
details for specific applications.
The following patch modifies the layout of destination directories
and among them, the build directory at /usr/lib/apache/build. This will allow the
modules added to Apache to be
configured without errors. Apply the patch:
patch -Np1 -i ../httpd-2.2.11-config-1.patch
Note
You may wish to review the output from ./configure --help and include
whatever parameters are necessary to the configure command below to
build the modules required for your installation. There are as
many as 62 additional parameters you can add to the configure command to build
additional modules. Some of the extra parameters which aren't
described or mentioned in the --help information are listed in
the “Command Explanations”
section below.
If you are using the bundled version of APR-util and you are going to install
Subversion with Berkeley DB back-end support, ensure you use
the parameters shown in the “Command
Explanations” section below.
While it is not built by default when using the following
commands, the ISAPI DSO module can be created by adding the
--enable-isapi option. Even the
module will compile, install and load fine, the module is
only supported and
functional in Win32 environments.
Build and install Apache by
running the following commands:
./configure --enable-layout=FHS --enable-mods-shared=all &&
make
This package does not come with a test suite.
Now, as the root user:
make install &&
chown -v root:root /usr/lib/apache/httpd.exp \
/usr/sbin/{apxs,apachectl,dbmmanage,envvars{,-std}} \
/usr/share/man/man1/{dbmmanage,ht{dbm,digest,passwd}}.1 \
/usr/share/man/man8/{ab,apachectl,apxs,htcacheclean,httpd}.8 \
/usr/share/man/man8/{logresolve,rotatelogs,suexec}.8 &&
chown -v -R apache:apache /srv/www
Command Explanations
--enable-mods-shared=all:
The modules should be compiled and used as Dynamic Shared Objects
(DSOs) so they can be included and excluded from the server using
the run-time configuration directives.
--enable-ssl: Use this parameter to
create the mod_ssl module and enable
SSL support. This parameter is mentioned as one of many parameters
which can be passed to the configure command to create
additional DSO modules.
--with-pcre: Add this parameter to use
the system installed version of the PCRE library.
--with-z: Add this parameter to use the
system installed version of the Zlib library.
--with-ldap: This parameter is required
if you passed the --enable-authnz-ldap
or --enable-ldap options to
configure and enabled
the OpenLDAP modules.
--with-dbm=db45 --with-berkeley-db: Use
these parameters if you require Berkeley
DB support in the bundled version of APR-util (required for Berkeley DB back-end support in Subversion).
chown root:root ...:
This command changes the ownership of some installed files, the
result of building the package as a user other than root.
chown -R apache:apache
/srv/www: By default, the installation process
installs files (documentation, error messages, default icons, etc.)
with the ownership of the user that extracted the files from the
tar file. If you want to change the ownership to another user, you
should do so at this point. The only requirement is that the
document directories need to be accessible by the httpd process with (r-x)
permissions and files need to be readable (r--) by the apache user.