User Tools

Site Tools


handbook:handbook:apache

Compiling and Installing Apache 1.3

Downloading Apache

Information on the latest version of Apache can be found on the Apache web server at http://www.apache.org/. This will list the current release, any more recent beta-test release, together with details of mirror web and anonymous ftp sites.

If you downloaded a binary distribution, skip to Installing Apache. Otherwise read the next section for how to compile the server.

Compiling Apache

Compiling Apache consists of three steps: Firstly select which Apache modules you want to include into the server. Secondly create a configuration for your operating system. Thirdly compile the executable.

All configuration of Apache is performed in the src directory of the Apache distribution. Change into this directory.

(1) Select modules to compile into Apache in the Configuration file. Uncomment lines corresponding to those optional modules you wish to include (among the Module lines at the bottom of the file), or add new lines corresponding to additional modules you have downloaded or written. (See API.html for preliminary docs on how to write Apache modules). Advanced users can comment out some of the default modules if they are sure they will not need them (be careful though, since many of the default modules are vital for the correct operation and security of the server). You should also read the instructions in the Configuration file to see if you need to set any of the Rule lines.

(2) Configure Apache for your operating system. Normally you can just type run the Configure script as given below. However if this fails or you have any special requirements (e.g. to include an additional library required by an optional module) you might need to edit one or more of the following options in the Configuration file: EXTRA_CFLAGS, LIBS, LFLAGS, INCLUDES.

    Run the Configure script:
  % Configure
  Using 'Configuration' as config file
   + configured for <whatever> platform
   + setting C compiler to <whatever> *
   + setting C compiler optimization-level to <whatever> *
  %
 
    (*: Depending on Configuration and your system, Configure make not print these lines. That's OK).

This generates a Makefile for use in stage 3. It also creates a Makefile in the support directory, for compilation of the optional support programs. (If you want to maintain multiple configurations, you can give a option to Configure to tell it to read an alternative Configuration file, such as Configure -file Configuration.ai).

(3) Type make. The modules we place in the Apache distribution are the ones we have tested and are used regularly by various members of the Apache development group. Additional modules contributed by members or third parties with specific needs or functions are available at <URL:http://www.apache.org/dist/contrib/modules/>. There are instructions on that page for linking these modules into the core Apache code.

Installing Apache

You will have a binary file called httpd in the src directory. A binary distribution of Apache will supply this file.

The next step is to install the program and configure it. Apache is designed to be configured and run from the same set of directories where it is compiled. If you want to run it from somewhere else, make a directory and copy the conf, logs and icons directories into it.

The next step is to edit the configuration files for the server. This consists of setting up various directives in up to three central configuration files. By default, these files are located in the conf directory and are called srm.conf, access.conf and httpd.conf. To help you get started there are same files in the conf directory of the distribution, called srm.conf-dist, access.conf-dist and httpd.conf-dist. Copy or rename these files to the names without the -dist. Then edit each of the files. Read the comments in each file carefully. Failure to setup these files correctly could lead to your server not working or being insecure. You should also have an additional file in the conf directory called mime.types. This file usually does not need editing.

First edit httpd.conf. This sets up general attributes about the server: the port number, the user it runs as, etc. Next edit the srm.conf file; this sets up the root of the document tree, special functions like server-parsed HTML or internal imagemap parsing, etc. Finally, edit the access.conf file to at least set the base cases of access.

In addition to these three files, the server behavior can be configured on a directory-by-directory basis by using .htaccess files in directories accessed by the server.

Starting and Stopping the Server

To start the server, simply run httpd. This will look for httpd.conf in the location compiled into the code (by default /usr/locale/etc/httpd/conf/httpd.conf). If this file is somewhere else, you can give the real location with the -f argument. For example:

  /usr/local/etc/apache/src/httpd -f /usr/local/etc/apache/conf/httpd.conf

If all goes well this will return to the command prompt almost immediately. This indicates that the server is now up and running. If anything goes wrong during the initialization of the server you will see an error message on the screen. If the server started ok, you can now use your browser to connect to the server and read the documentation. If you are running the browser on the same machine as the server and using the default port of 80, a suitable URL to enter into your browser is

  http://localhost/

Note that when the server starts it will create a number of child processes to handle the requests. If you started Apache as the root user, the parent process will continue to run as root while the children will change to the user as given in the httpd.conf file.

If when you run httpd it complained about being unable to “bind” to an address, then either some other process is already using the port you have configured Apache to use, or you are running httpd as a normal user but trying to use port below 1024 (such as the default port 80).

If the server is not running, read the error message displayed when you run httpd. You should also check the server error_log for additional information (with the default configuration, this will be located in the file error_log in the logs directory).

If you want your server to continue running after a system reboot, you should add a call to httpd to your system startup files (typically rc.local or a file in an rc.N directory). This will start Apache as root. Before doing this ensure that your server is properly configured for security and access restrictions.

To stop Apache send the parent process a TERM signal. The PID of this process is written to the file httpd.pid in the logs directory (unless configured otherwise). Do not attempt to kill the child processes because they will be renewed by the parent. A typical command to stop the server is:

  kill -TERM `cat /usr/local/etc/apache/logs/httpd.pid`

Compiling Support Programs

In addition to the main httpd server which is compiled and configured as above, Apache includes a number of support programs. These are not compiled by default. The support programs are in the support directory of the distribution. To compile the support programs, change into this directory and type

  make

Starting Apache

Invoking Apache

The httpd program is usually run as a daemon which executes continuously, handling requests. It is possible to invoke Apache by the Internet daemon inetd each time a connection to the HTTP service is made (use the ServerType directive) but this is not recommended.

Command line options

The following options are recognized on the httpd command line:

  • -d serverroot | Set the initial value for the ServerRoot variable to serverroot. This can be overridden by the ServerRoot command in the configuration file. The default is /usr/local/etc/httpd.
  • -f config | Execute the commands in the file config on startup. If config does not begin with a /, then it is taken to be a path relative to the ServerRoot. The default is conf/httpd.conf.
  • -X | Run in single-process mode, for internal debugging purposes only; the daemon does not detach from the terminal or fork any children. Do NOT use this mode to provide ordinary web service.
  • -v | Print the version of httpd, and then exit.
  • -h | Give a list of directives together with expected arguments and places where the directive is valid. (New in Apache 1.2)
  • -l | Give a list of all modules compiled into the server.
  • -? | Print a list of the httpd options, and then exit.

Configuration files

The server will read three files for configuration directives. Any directive may appear in any of these files. The the names of these files are taken to be relative to the server root; this is set by the ServerRoot directive, or the -d command line flag. Conventionally, the files are:

conf/httpd.conf Contains directives that control the operation of the server daemon. The filename may be overridden with the -f command line flag. conf/srm.conf Contains directives that control the specification of documents that the server can provide to clients. The filename may be overridden with the ResourceConfig directive. conf/access.conf Contains directives that control access to documents. The filename may be overridden with the AccessConfig directive. However, these conventions need not be adhered to.

The server also reads a file containing mime document types; the filename is set by the TypesConfig directive, and is conf/mime.types by default.

Log files

security warning

Anyone who can write to the directory where Apache is writing a log file can almost certainly gain access to the uid that the server is started as, which is normally root. Do NOT give people write access to the directory the logs are stored in without being aware of the consequences

pid file

On daemon startup, it saves the process id of the parent httpd process to the file logs/httpd.pid. This filename can be changed with the PidFile directive. The process-id is for use by the administrator in restarting and terminating the daemon; A HUP or USR1 signal causes the daemon to re-read its configuration files and a TERM signal causes it to die gracefully.

Error log

The server will log error messages to a log file, logs/error_log by default. The filename can be set using the ErrorLog directive; different error logs can be set for different virtual hosts.

Transfer log

The server will typically log each request to a transfer file, logs/access_log by default. The filename can be set using a TransferLog directive; different transfer logs can be set for different virtual hosts.

Stopping and Restarting Apache

You will notice many httpd executables running on your system, but you should not send signals to any of them except the parent, whose pid is in the PidFile. That is to say you shouldn't ever need to send signals to any process except the parent. There are three signals that you can send the parent: TERM, HUP, and USR1, which will be described in a moment.

To send a signal to the parent you should issue a command such as:

  kill -TERM `cat /usr/local/etc/httpd/logs/httpd.pid`

You can read about its progress by issuing:

  tail -f /usr/local/etc/httpd/logs/error_log

Modify those examples to match your ServerRoot and PidFile settings.

TERM Signal: stop now

Sending the TERM signal to the parent causes it to immediately attempt to kill off all of its children. It may take it several seconds to complete killing off its children. Then the parent itself exits. Any requests in progress are terminated, and no further requests are served.

HUP Signal: restart now

Sending the HUP signal to the parent causes it to kill off its children like in TERM but the parent doesn't exit. It re-reads its configuration files, and re-opens any log files. Then it spawns a new set of children and continues serving hits.

Users of the status module will notice that the server statistics are set to zero when a HUP is sent.

Note: If your configuration file has errors in it when you issue a restart then your parent will not restart, it will exit with an error. See below for a method of avoiding this.

USR1 Signal: graceful restart

Note: prior to release 1.2b9 this code is quite unstable and shouldn't be used at all.

The USR1 signal causes the parent process to advise the children to exit after their current request (or to exit immediately if they're not serving anything). The parent re-reads its configuration files and re-opens its log files. As each child dies off the parent replaces it with a child from the new generation of the configuration, which begins serving new requests immediately.

This code is designed to always respect the MaxClients, MinSpareServers, and MaxSpareServers settings. Furthermore, it respects StartServers in the following manner: if after one second at least StartServers new children have not been created, then create enough to pick up the slack. This is to say that the code tries to maintain both the number of children appropriate for the current load on the server, and respect your wishes with the StartServers parameter.

Users of the status module will notice that the server statistics are not set to zero when a USR1 is sent. The code was written to both minimize the time in which the server is unable to serve new requests (they will be queued up by the operating system, so they're not lost in any event) and to respect your tuning parameters. In order to do this it has to keep the scoreboard used to keep track of all children across generations.

The status module will also use a G to indicate those children which are still serving requests started before the graceful restart was given.

At present there is no way for a log rotation script using USR1 to know for certain that all children writing the pre-restart log have finished. We suggest that you use a suitable delay after sending the USR1 signal before you do anything with the old log. For example if most of your hits take less than 10 minutes to complete for users on low bandwidth links then you could wait 15 minutes before doing anything with the old log.

Note: If your configuration file has errors in it when you issue a restart then your parent will not restart, it will exit with an error. In the case of graceful restarts it will also leave children running when it exits. (These are the children which are “gracefully exiting” by handling their last request.) This will cause problems if you attempt to restart the server – it will not be able to bind to its listening ports. At present the only work around is to check the syntax of your files before doing a restart. The easiest way is to just run httpd as a non-root user. If there are no errors it will attempt to open its sockets and logs and fail because it's not root (or because the currently running httpd already has those ports bound). If it fails for any other reason then it's probably a config file error and the error should be fixed before issuing the graceful restart.

Appendix: signals and race conditions

Prior to Apache 1.2b9 there were several race conditions involving the restart and die signals (a simple description of race condition is: a time-sensitive problem, as in if something happens at just the wrong time it won't behave as expected). For those architectures that have the “right” feature set we have eliminated as many as we can. But it should be noted that there still do exist race conditions on certain architectures.

Architectures that use an on disk ScoreBoardFile have the potential to corrupt their scoreboards. This can result in the “bind: Address already in use” (after HUP) or “long lost child came home!” (after USR1). The former is a fatal error, while the latter just causes the server to lose a scoreboard slot. So it might be advisable to use graceful restarts, with an occasional hard restart. These problems are very difficult to work around, but fortunately most architectures do not require a scoreboard file. See the ScoreBoardFile documentation for a method to determine if your architecture uses it.

NEXT and MACHTEN (68k only) have small race conditions which can cause a restart/die signal to be lost, but should not cause the server to do anything otherwise problematic.

All architectures have a small race condition in each child involving the second and subsequent requests on a persistent HTTP connection (KeepAlive). It may exit after reading the request line but before reading any of the request headers. There is a fix that was discovered too late to make 1.2. In theory this isn't an issue because the KeepAlive client has to expect these events because of network latencies and server timeouts. In practice it doesn't seem to affect anything either – in a test case the server was restarted twenty times per second and clients successfully browsed the site without getting broken images or empty documents. Index

handbook/handbook/apache.txt · Last modified: 2010/04/15 21:18 (external edit)