Oracle Linux/Apache httpd
Contents[hide] |
Installing Apache HTTPD from source
More recently CVEs have been discovered in the latest versions of httpd available from the repos, which presents a problem for administrators since they cannot easily upgrade to a patched version. For such cases, sometimes manually compiling httpd from source is the only temporary solution until the repositories are updated or backported.
Remove if already installed
If you already have httpd installed, remove it.
~$ sudo yum remove httpd -y
Install dependencies, download and unpack source
Install the epel repo, then grab some needed packages.
~$ sudo yum install epel-release -y ~$ sudo yum install autoconf expat-devel libtool libnghttp2-devel pcre-devel -y
Next we need to download apache httpd and (2) of apache's runtime libraries.
~$ curl -L https://github.com/apache/httpd/archive/2.4.35.tar.gz -o /tmp/apache/2.4.35.tar.gz --create-dirs ~$ curl -L https://github.com/apache/apr/archive/1.6.5.tar.gz -o /tmp/apache/1.6.5.tar.gz --create-dirs ~$ curl -L https://github.com/apache/apr-util/archive/1.6.1.tar.gz -o /tmp/apache/1.6.1.tar.gz --create-dirs
untar them
~$ tar -zxvf 2.4.35.tar.gz -C /tmp/apache/ ~$ tar -zxvf 1.6.5.tar.gz -C /tmp/apache/ ~$ tar -zxvf 1.6.1.tar.gz -C /tmp/apache/
Move APR libraries into place. Make sure the new directory names do not have a version number.
~$ cp -r /tmp/apache/apr-1.6.5 /tmp/apache/httpd-2.4.35/srclib/apr ~$ cp -r /tmp/apache/apr-util-1.6.1 /tmp/apache/httpd-2.4.35/srclib/apr-util
Compile time
It's easiest just to be within the directory.
~$ cd /tmp/apache/httpd-2.4.35
Now lets build the conf and then compile including SSL support (mod-ssl)
~$ ./buildconf ~$ ./configure --enable-ssl --enable-so --enable-http2 --with-mpm=event --with-included-apr --with-ssl=/usr/local/openssl --prefix=/usr/local/apache2 ~$ make ~$ sudo make install
Add to /usr/bin
So that we can execute httpd
, we need to add a symlink to /usr/bin
:
~$ sudo ln -s /usr/local/apache2/bin/httpd /usr/bin/httpd
Verify version
~$ httpd -v Server version: Apache/2.4.35 (Unix) Server built: Oct 8 2018 15:11:53
Add init.d script
Pulled from this github source.
~$ sudo vim /etc/init.d/httpd #!/bin/bash # # Startup script for the Apache Web Server # # chkconfig: - 85 15 # description: Apache is a World Wide Web server. It is used to serve \ # HTML files and CGI. # processname: httpd # pidfile: /usr/local/apache2/logs/httpd.pid # config: /usr/local/apache2/conf/httpd.conf # Source function library. . /etc/rc.d/init.d/functions if [ -f /etc/sysconfig/httpd ]; then . /etc/sysconfig/httpd fi # This will prevent initlog from swallowing up a pass-phrase prompt if # mod_ssl needs a pass-phrase from the user. INITLOG_ARGS="" # Path to the apachectl script, server binary, and short-form for messages. apachectl=/usr/local/apache2/bin/apachectl httpd=/usr/local/apache2/bin/httpd pid=$httpd/logs/httpd.pid prog=httpd RETVAL=0 # The semantics of these two functions differ from the way apachectl does # things -- attempting to start while running is a failure, and shutdown # when not running is also a failure. So we just do it the way init scripts # are expected to behave here. start() { echo -n $"Starting $prog: " daemon $httpd $OPTIONS RETVAL=$? echo [ $RETVAL = 0 ] && touch /var/lock/subsys/httpd return $RETVAL } stop() { echo -n $"Stopping $prog: " killproc $httpd RETVAL=$? echo [ $RETVAL = 0 ] && rm -f /var/lock/subsys/httpd $pid } reload() { echo -n $"Reloading $prog: " killproc $httpd -HUP RETVAL=$? echo } # See how we were called. case "$1" in start) start ;; stop) stop ;; status) status $httpd RETVAL=$? ;; restart) stop start ;; condrestart) if [ -f $pid ] ; then stop start fi ;; reload) reload ;; graceful|help|configtest|fullstatus) $apachectl $@ RETVAL=$? ;; *) echo $"Usage: $prog {start|stop|restart|condrestart|reload|status" echo $"|fullstatus|graceful|help|configtest}" exit 1 esac exit $RETVAL
Add to startup
~$ sudo chkconfig --level 345 httpd on