httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Stone <dan...@sfarc.net>
Subject Re: Apache 2.0.27 and 2.0.28 RPM available
Date Thu, 22 Nov 2001 22:38:30 GMT
On Tue, Nov 20, 2001 at 09:29:19AM +0100, GOMEZ Henri wrote:
> >Comparing with my Debian packages, the patches from which I will post
> >after my exam:
> 
> Hope you'll be successfull :)

Thanks; I actually prepared for something much harder, so I was very
much relieved (it was Physics). Now I'm finished, and have holidays for
3 months! Whoohoo!
	
> >On Mon, Nov 19, 2001 at 01:40:55PM +0100, GOMEZ Henri wrote:
> >> BTW: From my RPM works I detect many stuff which could (should)
> >>      be added :
> >> 
> >>      - Modify apachectl and apxs to use @sbindir@/@progname@ instead
> >>        of @prefix@/bin/@progname@. A security concert on 
> >many distrib 
> >>        (ie Redhat which use /usr/sbin for httpd)
> >
> >Check.	
> 
> Ditto, but borred...

Sorry? Borred?

Anyway, ours is a much more stupid and less generic hack - we hardcode
paths.

> >>      - add a --with-ssl-port as we have --with-port
> >
> >Nope, could you please send this to dev@httpd?
> 
> Requirement sent yesterday.

Cool :)

> >>      - have httpd-std.conf supporting datadir and config.layout.
> >>        For example, htdocs location in conf file, still 
> >didn't follow what
> >> has
> >>        been set in config.layout.
> >
> >Hm, I just have a very minimalistic apache2.conf that I distribute,
> >users can make changes in httpd.conf (simplifies packaging).
> 
> Do you put your own copy of apache2.conf (we're using httpd2.conf) or
> do you put a patched version from distro ? The latest release expand
> nicely with @@LoadModule@@, and I'd like if they could add a @@AddModule@@
> to make <IfModule xxx> works.

I stripped down the base config. Here's how the modules work:
Every module puts a <modulename>.load file in /etc/apache2/modules. If
it has module-specific configuration directives (i.e. <IfModule foo.c>),
they go in <modulename>.conf. To enable a module, a small shell script
just symlinks the .load file (and the .conf file, if it exists) to
/etc/apache2/mods-enabled. That way, we just have to include
/etc/apache2/mods-enabled from apache2.conf - much easier!

Anyway, we have a very stripped-down version of the httpd.conf-dist
called apache2.conf, hopefully users should not need to change this. One
of the main issues with the apache package is dpkg prompting you every
time because httpd.conf changed, even though you had to. This way,
apache2.conf should only get upgraded when upstream makes a large
change. httpd.conf is empty by default, and just gets Include'd from
apache2.conf - users and packages put their changes in httpd.conf.

> >>      The general goal is to try to have Apache 2.0 more FHS compliant
> >> without having 
> >>      to make huge patchs (or perl replace) at each release ;)
> >
> >Well, my package manages to fit into Debian FHS, and only has 
> >11 patches
> >all up.
> 
> FYI, here is a part of what should be patched or change via perl to make
> apache 2 fit better on FHS from my spec file :

I've included my debian/rules (and it does ;) file below - I've
commented here where necessary.

> # set ssl port to 8093
> perl -pi -e "s|443|%{ssllport}|g;" docs/conf/ssl-std.conf

I believe this is a major difference between Debian and RedHat. You guys
aren't allowed to have your packages interacting with the user, no? In
Debian, we have Debconf, which asks questions, remembers them for next
time, has priorities (so you can say you only want to see critical
questions if you want), etc.

In apache2's config (no, I lie - vhost-base's, but I'll explain that in
a sec), we ask the user what port they want.

So, OK, that isn't entirely accurate. I'm aiming to get very
comprehensive and generic virtual host support in Debian, and apache2
was the first package I made that used it. So, apache2 has no hosts by
default, but virtual hosts *can* be added by means of vhost-base. But
that's beside the point, sort of. 

> # change userid from nobody to apache2
> perl -pi -e "s|nobody|%{name}|g;" docs/conf/httpd-std.conf

We have www-data.www-data standard across all webservers.

> CFLAGS="$RPM_OPT_FLAGS" ./configure \
> 	--with-program-name=httpd2 \

We call ours "apache2", because if we followed that naming scheme,
postfix, sendmail, exim, etc, would all be called "smtpd". ;)
	
> 	--with-port=8092 \

Prompted for.

> 	--with-mpm=threaded \

Which one's the best to use? We're just running with prefork right now.
	
>     --prefix=%{_prefix} \
> [a lot of stuff stripped]

Why not just use a layout?

> 	--enable-layout=RedHat6 \

But wait, you do - why the duplication?
	
> The patches are attached :
> 
> 
> I'll be very interesting in getting your patches and build file (.apt ?)
> to see how I differ from Debian ;)

Our build file is debian/rules, which is just a Makefile. By default,
the .PHONY target gets used to build a package.

I've attached my .diff.gz, I recommend you apply that with a -p1, and
have a poke around the debian/* directory - that's what I use for my
package building.

> To be quick I use :
> 
> /etc/httpd2/conf 		=> config

/etc/apache2

> /etc/httpd2/build 		=> make config (damn't I just so this one,
>                                             I'll remove
> /usr/lib/apache2/config_vars.mk !!!)

Yeah, we've got the same in /etc/apache2/build - it's nasty. :\

> /etc/httpd2/conf/ssl.crl
> /etc/httpd2/conf/ssl.crt
> /etc/httpd2/conf/ssl.csr
> /etc/httpd2/conf/ssl.key
> /etc/httpd2/conf/ssl.pem   => ssl stuff (preloaded with Snake Oil dummy cert
> since the 
>                                          make cert is still not present in
> distro)

We don't provide a key. We do, however, provide a README-SSL for those
users who want to create their own keys. Hm, I've just had a thought to
automate this with Debconf. :)

> /var/www2/manual		=> manual pages

/usr/share/doc/apache2-doc/manual, aliased (our /usr/share/doc is your
/usr/doc, and we have a separate apache2-doc package).

> /var/www2/error		=> error pages

? There are that many?

> /var/www2/html		=> HTML stuff for http://localhost:/

It's not constant, since we use virtual hosting, but is
/var/vhosts/<hostname>/htdocs-<port>

> /var/www2/cgi			=> cgi

/var/vhosts/<hostname>/cgi-bin-<port>

> /var/log/httpd2/		=> all logs live in

/var/log/apache2 for the bare-bones log, most logs are kept under the
logs/ directory, per virtual host.

> I've got some questions for Apache2 developpers :
> 
> What prefix represent, a basedir for conf, or binary,
> or data ?

All of the above.

> Should I set $prefix to /etc/httpd2 instead of /usr ?

Keep it as /usr, since that's where your binaries are. I have mine as /.

> If may fit better with my layout where ALL config,
> and particulary the one for build subdir live in /etc/httpd2/

*nod*.

:) d

-- 
Daniel Stone						    <daniel@sfarc.net>
"Thus, despite the Gates bravado, Windows NT on any platform cannot
yet compete with the high-end Unix/RISC machines.  Result: Prong two
bent back, poking Microsoft in the other eye."

Mime
View raw message