PLD Linux Distribution

User Tools

Site Tools

Trace:
packages:apache

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
packages:apache [2013-06-11 19:32] – [Apache] glenpackages:apache [2015-02-12 17:06] (current) – [Known Issues] links glen
Line 1: Line 1:
-====== Apache ======+====== Apache httpd ====== 
 + 
 +===== Known Issues ===== 
 + 
 +[[http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2014-October/024055.html|Problem]]: Apache fails  to do ''restart'', but succeeds if you do ''stop'' followed by ''start''
 +<code> 
 +# service httpd restart 
 +Checking Apache 2.4 Web Server configuration.................................[ DONE ] 
 +Stopping Apache 2.4 Web Server service.......................................[ DONE ] 
 +Starting Apache 2.4 Web Server service.......................................[ FAIL ] 
 +(98)Address already in use: AH00072: make_sock: could not bind to address [::]:8080 
 +(98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:8080 
 +no listening sockets available, shutting down 
 +AH00015: Unable to open logs 
 +</code> 
 + 
 +It's [[http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2014-October/024061.html|php]] [[http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2014-October/024062.html|session]] to blame, however, ''/etc/sysconfig/httpd'' has [[http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2014-October/024065.html|some]] [[http://git.pld-linux.org/?p=packages/apache.git;a=commitdiff;h=00ab488f59c5aacbcab9708a1c70b142520264d2|variable]] where you can adjust sleep between stop and start 
 + 
 +You should try enabling and increasing it 
 + 
 +===== Apache 2.4 =====
  
 Apache 2.4 has landed in Th on June 7, 2013. See [[http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2013-June/023560.html|announcement]]. Apache 2.4 has landed in Th on June 7, 2013. See [[http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2013-June/023560.html|announcement]].
  
 +<note important>
 +**Access control incompatible changes**
  
-===== Authz compat =====+All webapps have been migrated to new [[https://httpd.apache.org/docs/2.4/mod/mod_authz_host.html|mod_authz_host]] access syntax and usage of [[https://httpd.apache.org/docs/2.4/mod/mod_access_compat.html|mod_access_compat]] is strongly discouraged. 
 +The rationale for it is that //access_compat// and //authz_host// are independent of each other and operate on separate namespaces. Main httpd configs contain only //authz_host// directives and enabling //access_compat// means allowing access to all locations/directories that are not explicitly denied by //authz_host//
 + 
 +**Note:** 
 +In case there exist both //authz_host// **and** //access_compat// directives for a location, the **Deny** clause of **ANY** of them takes precedence (in short: **deny** always wins, regardless where it comes from). 
 +</note> 
 + 
 +==== Upgrading ==== 
 + 
 +Detailed information about upgrading and all changes between apache 2.2 and 2.4 can be found [[https://httpd.apache.org/docs/2.4/upgrading.html|here]] 
 + 
 +as for more complex examples, require ip or password: 
 + 
 +<code apache Apache 2.x> 
 +Order Deny,Allow 
 +Deny from all 
 + 
 +Allow from my.lan 
 +Allow from 2001:1234:5678::/64 
 + 
 +AuthType Basic 
 +AuthName www.my.lan 
 +AuthBasicProvider ldap 
 +AuthLDAPURL "ldap://server:389/ou=People,dc=example,dc=com?uid?sub?(objectClass=*)" 
 +Require valid-user 
 + 
 +Satisfy Any 
 +</code> 
 + 
 +The solution is very simple, just list the requirements and 2.4 somehow magically knows what you mean: 
 + 
 +<code apache Apache 2.4> 
 +Require host my.lan 
 +Require ip 2001:1234:5678::/64 
 + 
 +AuthType Basic 
 +AuthName www.my.lan 
 +AuthBasicProvider ldap 
 +AuthLDAPURL "ldap://server:389/ou=People,dc=example,dc=com?uid?sub?(objectClass=*)" 
 + 
 +Require valid-user 
 +</code> 
 + 
 +Source: http://blog.hqcodeshop.fi/archives/63-Migrating-access-control-into-Apache-2.4.html 
 + 
 +If you need to ''AND'' multiple requires, wrap them inside [[http://httpd.apache.org/docs/current/mod/mod_authz_core.html#requireall|<RequireAll></RequireAll>]] 
 + 
 +===== Apache 2.2 and 2.4 compatible configs ===== 
 + 
 +If you need to support both Apache 2.2 and 2.4, then, for example, if Apache 2.2 config contained:
  
-If in Apache 2.0/2.2, you would write: 
 <code apache> <code apache>
 Allow from all Allow from all
 </code> </code>
  
-Then having apache 2.4 and 2.x support, you can write:+you need to use: 
 <code apache> <code apache>
-<IfModule mod_authz_core.c> +# Apache 2.x
-    # Apache 2.+
-    Require all granted +
-</IfModule>+
 <IfModule !mod_authz_core.c> <IfModule !mod_authz_core.c>
     Order allow,deny     Order allow,deny
     Allow from all     Allow from all
 +</IfModule>
 +# Apache 2.4
 +<IfModule mod_authz_core.c>
 +    Require all granted
 </IfModule> </IfModule>
 </code> </code>
 +
packages/apache.1370971922.txt.gz · Last modified: 2013-06-11 19:32 by glen
Except where otherwise noted, content on this wiki is licensed under the following license: Public Domain
Public Domain Donate Powered by PHP Valid HTML5 Valid CSS PLD Linux Driven by DokuWiki