This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
packages:apache [2013-06-11 20:02] glen |
packages:apache [2015-02-12 17:06] (current) glen [Known Issues] links |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Apache httpd ====== | ====== Apache httpd ====== | ||
+ | |||
+ | ===== Known Issues ===== | ||
+ | |||
+ | [[http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2014-October/024055.html|Problem]]: Apache fails to do ''restart'', but succeeds if you do ''stop'' followed by ''start''. | ||
+ | <code> | ||
+ | # service httpd restart | ||
+ | Checking Apache 2.4 Web Server configuration.................................[ DONE ] | ||
+ | Stopping Apache 2.4 Web Server service.......................................[ DONE ] | ||
+ | Starting Apache 2.4 Web Server service.......................................[ FAIL ] | ||
+ | (98)Address already in use: AH00072: make_sock: could not bind to address [::]:8080 | ||
+ | (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:8080 | ||
+ | no listening sockets available, shutting down | ||
+ | AH00015: Unable to open logs | ||
+ | </code> | ||
+ | |||
+ | It's [[http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2014-October/024061.html|php]] [[http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2014-October/024062.html|session]] to blame, however, ''/etc/sysconfig/httpd'' has [[http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2014-October/024065.html|some]] [[http://git.pld-linux.org/?p=packages/apache.git;a=commitdiff;h=00ab488f59c5aacbcab9708a1c70b142520264d2|variable]] where you can adjust sleep between stop and start | ||
+ | |||
+ | You should try enabling and increasing it | ||
+ | |||
+ | ===== Apache 2.4 ===== | ||
Apache 2.4 has landed in Th on June 7, 2013. See [[http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2013-June/023560.html|announcement]]. | Apache 2.4 has landed in Th on June 7, 2013. See [[http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2013-June/023560.html|announcement]]. | ||
Line 13: | Line 33: | ||
</note> | </note> | ||
- | ===== Upgrading ===== | + | ==== Upgrading ==== |
Detailed information about upgrading and all changes between apache 2.2 and 2.4 can be found [[https://httpd.apache.org/docs/2.4/upgrading.html|here]] | Detailed information about upgrading and all changes between apache 2.2 and 2.4 can be found [[https://httpd.apache.org/docs/2.4/upgrading.html|here]] | ||
+ | |||
+ | as for more complex examples, require ip or password: | ||
+ | |||
+ | <code apache Apache 2.x> | ||
+ | Order Deny,Allow | ||
+ | Deny from all | ||
+ | |||
+ | Allow from my.lan | ||
+ | Allow from 2001:1234:5678::/64 | ||
+ | |||
+ | AuthType Basic | ||
+ | AuthName www.my.lan | ||
+ | AuthBasicProvider ldap | ||
+ | AuthLDAPURL "ldap://server:389/ou=People,dc=example,dc=com?uid?sub?(objectClass=*)" | ||
+ | Require valid-user | ||
+ | |||
+ | Satisfy Any | ||
+ | </code> | ||
+ | |||
+ | The solution is very simple, just list the requirements and 2.4 somehow magically knows what you mean: | ||
+ | |||
+ | <code apache Apache 2.4> | ||
+ | Require host my.lan | ||
+ | Require ip 2001:1234:5678::/64 | ||
+ | |||
+ | AuthType Basic | ||
+ | AuthName www.my.lan | ||
+ | AuthBasicProvider ldap | ||
+ | AuthLDAPURL "ldap://server:389/ou=People,dc=example,dc=com?uid?sub?(objectClass=*)" | ||
+ | |||
+ | Require valid-user | ||
+ | </code> | ||
+ | |||
+ | Source: http://blog.hqcodeshop.fi/archives/63-Migrating-access-control-into-Apache-2.4.html | ||
+ | |||
+ | If you need to ''AND'' multiple requires, wrap them inside [[http://httpd.apache.org/docs/current/mod/mod_authz_core.html#requireall|<RequireAll></RequireAll>]] | ||
+ | |||
+ | ===== Apache 2.2 and 2.4 compatible configs ===== | ||
+ | |||
+ | If you need to support both Apache 2.2 and 2.4, then, for example, if Apache 2.2 config contained: | ||
+ | |||
+ | <code apache> | ||
+ | Allow from all | ||
+ | </code> | ||
+ | |||
+ | you need to use: | ||
+ | |||
+ | <code apache> | ||
+ | # Apache 2.x | ||
+ | <IfModule !mod_authz_core.c> | ||
+ | Order allow,deny | ||
+ | Allow from all | ||
+ | </IfModule> | ||
+ | # Apache 2.4 | ||
+ | <IfModule mod_authz_core.c> | ||
+ | Require all granted | ||
+ | </IfModule> | ||
+ | </code> | ||