From 1cea85804ebefef02319be31c135c27f2013109e Mon Sep 17 00:00:00 2001 From: Petr Bokoc Date: Nov 07 2019 14:44:27 +0000 Subject: Issue 23 - remove old references to F19 and a useless changelog from httpd section --- diff --git a/modules/system-administrators-guide/pages/_partials/servers/The_Apache_HTTP_Server.adoc b/modules/system-administrators-guide/pages/_partials/servers/The_Apache_HTTP_Server.adoc index c4edf37..5696d12 100644 --- a/modules/system-administrators-guide/pages/_partials/servers/The_Apache_HTTP_Server.adoc +++ b/modules/system-administrators-guide/pages/_partials/servers/The_Apache_HTTP_Server.adoc @@ -2,120 +2,7 @@ [[s1-The_Apache_HTTP_Server]] == The Apache HTTP Server indexterm:[httpd,Apache HTTP Server] -The web server available in {MAJOROS} is the Apache HTTP server daemon, `httpd`, an open source web server developed by the link:++https://www.apache.org/++[Apache Software Foundation]. In Fedora 19 the Apache server was updated to [application]*Apache HTTP Server 2.4*. This section describes the basic configuration of the `httpd` service, and covers some advanced topics such as adding server modules, setting up virtual hosts, or configuring the secure HTTP server. - -There are important differences between the Apache HTTP Server 2.4 and version 2.2, and if you are upgrading from a release prior to Fedora 19, you will need to update the `httpd` service configuration accordingly. This section reviews some of the newly added features, outlines important changes, and guides you through the update of older configuration files. - -[[s2-apache-changes]] -=== Notable Changes -indexterm:[Apache HTTP Server,version 2.4,changes] -The Apache HTTP Server version 2.4 has the following changes compared to version 2.2: - -httpd Service Control:: With the migration away from SysV init scripts, server administrators should switch to using the [command]#apachectl# and [command]#systemctl# commands to control the service, in place of the [command]#service# command. The following examples are specific to the `httpd` service. - -The command: - -[subs="quotes"] ----- -service httpd graceful ----- - -is replaced by - -[subs="quotes"] ----- -systemctl reload httpd ----- - -The `systemd` unit file for `httpd` has different behavior from the init script as follows: - -** A graceful restart is used by default when the service is reloaded. - -** A graceful stop is used by default when the service is stopped. - -The command: - -[subs="quotes"] ----- -service httpd configtest ----- - -is replaced by - -[subs="quotes"] ----- -apachectl configtest ----- - -Private /tmp:: To enhance system security, the `systemd` unit file runs the `httpd` daemon using a private `/tmp` directory, separate to the system `/tmp` directory. - -Configuration Layout:: Configuration files which load modules are now placed in the `/etc/httpd/conf.modules.d` directory. Packages that provide additional loadable modules for `httpd`, such as [package]*php*, will place a file in this directory. Any configuration files in the `conf.modules.d` directory are processed before the main body of `httpd.conf`. Configuration files in the `/etc/httpd/conf.d` directory are now processed after the main body of `httpd.conf`. - -Some additional configuration files are provided by the [package]*httpd* package itself: - -** `/etc/httpd/conf.d/autoindex.conf` — This configures mod_autoindex directory indexing. - -** `/etc/httpd/conf.d/userdir.conf` — This configures access to user directories, for example, `http://example.com/~username/`pass:attributes[{blank}]; such access is disabled by default for security reasons. - -** `/etc/httpd/conf.d/welcome.conf` — As in previous releases, this configures the welcome page displayed for `http://localhost/` when no content is present. - -Default Configuration:: A minimal `httpd.conf` file is now provided by default. Many common configuration settings, such as `Timeout` or `KeepAlive` are no longer explicitly configured in the default configuration; hard-coded settings will be used instead, by default. The hard-coded default settings for all configuration directives are specified in the manual. See xref:Web_Servers.adoc#bh-The_Apache_HTTP_Server-Installable_Documentation[Installable Documentationindexterm:[Apache HTTP Server,additional resources,installable documentation]] for more information. - -Incompatible Syntax Changes:: If migrating an existing configuration from [application]*httpd 2.2* to [application]*httpd 2.4*, a number of backwards-incompatible changes to the `httpd` configuration syntax were made which will require changes. See the following Apache document for more information on upgrading link:++https://httpd.apache.org/docs/2.4/upgrading.html++[] - -Processing Model:: In previous releases of {MAJOROS}, different _multi-processing models_ (*MPM*) were made available as different `httpd` binaries: the forked model, "prefork", as `/usr/sbin/httpd`, and the thread-based model "worker" as `/usr/sbin/httpd.worker`. - -In {MAJOROSVER}, only a single `httpd` binary is used, and three MPMs are available as loadable modules: worker, prefork (default), and event. Edit the configuration file `/etc/httpd/conf.modules.d/00-mpm.conf` as required, by adding and removing the comment character `#` so that only one of the three MPM modules is loaded. - -Packaging Changes:: The LDAP authentication and authorization modules are now provided in a separate sub-package, [package]*mod_ldap*. The new module [application]*mod_session* and associated helper modules are provided in a new sub-package, [package]*mod_session*. The new modules [application]*mod_proxy_html* and [application]*mod_xml2enc* are provided in a new sub-package, [package]*mod_proxy_html*. - -Packaging Filesystem Layout:: The `/var/cache/mod_proxy/` directory is no longer provided; instead, the `/var/cache/httpd/` directory is packaged with a `proxy` and `ssl` subdirectory. - -Packaged content provided with `httpd` has been moved from `/var/www/` to `/usr/share/httpd/`: - -** `/usr/share/httpd/icons/` — The directory containing a set of icons used with directory indices, previously contained in `/var/www/icons/`, has moved to `/usr/share/httpd/icons`. Available at `http://localhost/icons/` in the default configuration; the location and the availability of the icons is configurable in the `/etc/httpd/conf.d/autoindex.conf` file. - -** `/usr/share/httpd/manual/` — The `/var/www/manual/` has moved to `/usr/share/httpd/manual/`. This directory, contained in the [package]*httpd-manual* package, contains the HTML version of the manual for `httpd`. Available at `http://localhost/manual/` if the package is installed, the location and the availability of the manual is configurable in the `/etc/httpd/conf.d/manual.conf` file. - -** `/usr/share/httpd/error/` — The `/var/www/error/` has moved to `/usr/share/httpd/error/`. Custom multi-language HTTP error pages. Not configured by default, the example configuration file is provided at `/usr/share/doc/httpd-_VERSION_pass:attributes[{blank}]/httpd-multilang-errordoc.conf`. - -Authentication, Authorization and Access Control:: The configuration directives used to control authentication, authorization and access control have changed significantly. Existing configuration files using the `Order`, `Deny` and `Allow` directives should be adapted to use the new `Require` syntax. See the following Apache document for more information link:++https://httpd.apache.org/docs/2.4/howto/auth.html++[] - -suexec:: To improve system security, the [application]*suexec* binary is no longer installed as if by the `root` user; instead, it has file system capability bits set which allow a more restrictive set of permissions. In conjunction with this change, the [application]*suexec* binary no longer uses the `/var/log/httpd/suexec.log` logfile. Instead, log messages are sent to [application]*syslog*pass:attributes[{blank}]; by default these will appear in the `/var/log/secure` log file. - -Module Interface:: Third-party binary modules built against [application]*httpd 2.2* are not compatible with [application]*httpd 2.4* due to changes to the `httpd` module interface. Such modules will need to be adjusted as necessary for the [application]*httpd 2.4* module interface, and then rebuilt. A detailed list of the API changes in version `2.4` is available here: link:++https://httpd.apache.org/docs/2.4/developer/new_api_2_4.html++[]. - -The [application]*apxs* binary used to build modules from source has moved from `/usr/sbin/apxs` to `/usr/bin/apxs`. - -Removed modules:: List of `httpd` modules removed in {MAJOROSVER}: - -mod_auth_mysql, mod_auth_pgsql::: [application]*httpd 2.4* provides SQL database authentication support internally in the [application]*mod_authn_dbd* module. - -mod_authz_ldap::: [application]*httpd 2.4* provides LDAP support in sub-package [package]*mod_ldap* using [application]*mod_authnz_ldap*. - -[[s2-apache-version2-migrating]] -=== Updating the Configuration -indexterm:[Apache HTTP Server,version 2.4,updating from version 2.2] -To update the configuration files from the Apache HTTP Server version 2.2, take the following steps: - -. Make sure all module names are correct, since they may have changed. Adjust the [option]`LoadModule` directive for each module that has been renamed. - -. Recompile all third party modules before attempting to load them. This typically means authentication and authorization modules. - -. indexterm:[Apache HTTP Server,modules,mod_userdir] -If you use the `mod_userdir` module, make sure the [option]`UserDir` directive indicating a directory name (typically `public_html`) is provided. - -. If you use the Apache HTTP Secure Server, edit the `/etc/httpd/conf.d/ssl.conf` to enable the Secure Sockets Layer (SSL) protocol. - -Note that you can check the configuration for possible errors by using the following command: - -[subs="attributes"] ----- -#{nbsp}apachectl configtest -Syntax OK ----- - -For more information on upgrading the Apache HTTP Server configuration from version 2.2 to 2.4, see link:++https://httpd.apache.org/docs/2.4/upgrading.html++[]. +The web server available in {MAJOROS} is the Apache HTTP server daemon, `httpd`, an open source web server developed by the link:++https://www.apache.org/++[Apache Software Foundation]. This section describes the basic configuration of the `httpd` service, and covers some advanced topics such as adding server modules, setting up virtual hosts, or configuring the secure HTTP server. [[s2-apache-running]] === Running the httpd Service