Last Modified: Tue, 02 Aug 2016 14:51:29 +0000 ; Created: Mon, 17 Mar 2014 16:42:42 +0000
These are my instructions for building Apache 2.4 on Linux and including mod_ssl. OpenSSL is assumed to be available already and is thus not compiled from source.
Platform Versions used:
Prerequisites:
Build:I will give a script example that downloads, verifies, and builds everything. It grabs the latest stable version of all needed packages automatically. #!/bin/bash set -e set -o verbose HTTPD_DOWNLOAD_MIRROR=$(curl --silent http://www.apache.org/dyn/closer.cgi/httpd/ | grep 'We suggest the following mirror' -A 2 | grep -Po 'a href="[^"]+' | cut -c 9-) HTTPD_CURR_VERSION=$(curl --silent ${HTTPD_DOWNLOAD_MIRROR} | grep -Po 'CURRENT-IS-\d+\.\d+\.\d+"' | grep -Po '\d+\.\d+\.\d+') APR_DOWNLOAD_MIRROR=$(curl --silent http://www.apache.org/dyn/closer.cgi/apr/ | grep 'We suggest the following mirror' -A 2 | grep -Po 'a href="[^"]+' | cut -c 9-) APR_CURR_VERSION=$(curl --silent ${APR_DOWNLOAD_MIRROR} | grep -Po 'APR \d+\.\d+\.\d+ is the latest available version' | grep -Po '\d+\.\d+\.\d+' | head -n 1) APR_UTIL_CURR_VERSION=$(curl --silent $APR_DOWNLOAD_MIRROR | grep -Po 'APR-util \d+\.\d+\.\d+ is the latest available version' | grep -Po '\d+\.\d+\.\d+' | head -n 1) # Download the files curl --remote-name ${HTTPD_DOWNLOAD_MIRROR}httpd-${HTTPD_CURR_VERSION}.tar.bz2 # Always direct over secure channel from apache.org and never from a mirror curl --output KEYS--httpd https://www.apache.org/dist/httpd/KEYS curl --remote-name https://www.apache.org/dist/httpd/httpd-${HTTPD_CURR_VERSION}.tar.bz2.asc curl --output KEYS--apr https://www.apache.org/dist/apr/KEYS curl --remote-name ${APR_DOWNLOAD_MIRROR}apr-${APR_CURR_VERSION}.tar.bz2 curl --remote-name https://www.apache.org/dist/apr/apr-${APR_CURR_VERSION}.tar.bz2.asc curl --remote-name ${APR_DOWNLOAD_MIRROR}apr-util-${APR_UTIL_CURR_VERSION}.tar.bz2 curl --remote-name https://www.apache.org/dist/apr/apr-util-${APR_UTIL_CURR_VERSION}.tar.bz2.asc # Verify hash integrity gpg --allow-non-selfsigned-uid --import KEYS--httpd if ! gpg --verify httpd-${HTTPD_CURR_VERSION}.tar.bz2.asc; then echo "DOWNLOAD FILE INVALID/CORRUPT/MALICOIUS" 1>&2 exit 255 fi gpg --allow-non-selfsigned-uid --import KEYS--apr if ! gpg --verify apr-${APR_CURR_VERSION}.tar.bz2.asc; then echo "DOWNLOAD FILE INVALID/CORRUPT/MALICOIUS" 1>&2 exit 255 fi if ! gpg --verify apr-util-${APR_UTIL_CURR_VERSION}.tar.bz2.asc; then echo "DOWNLOAD FILE INVALID/CORRUPT/MALICOIUS" 1>&2 exit 255 fi # Extract everything tar -xf httpd-${HTTPD_CURR_VERSION}.tar.bz2 tar -xf apr-${APR_CURR_VERSION}.tar.bz2 -C httpd-${HTTPD_CURR_VERSION}/srclib/ mv httpd-${HTTPD_CURR_VERSION}/srclib/apr-${APR_CURR_VERSION}/ httpd-${HTTPD_CURR_VERSION}/srclib/apr tar -xf apr-util-${APR_UTIL_CURR_VERSION}.tar.bz2 -C httpd-${HTTPD_CURR_VERSION}/srclib/ mv httpd-${HTTPD_CURR_VERSION}/srclib/apr-util-${APR_UTIL_CURR_VERSION}/ httpd-${HTTPD_CURR_VERSION}/srclib/apr-util cd httpd-${HTTPD_CURR_VERSION}/ ./configure --with-included-apr --sbindir=/usr/local/apache2/sbin --enable-ssl=shared --enable-mods-shared=all # Note that --enable-so is no longer required in Apache 2.4 as it gets auto-included # --with-included-apr (Uses downloaded APR for building) # --sbindir=/usr/local/apache2/sbin # Fixes bug in Apache 2.4.0-2.4.12 (possibly later) where default config.layout uses /bin instead of /sbin # Bug 56250 - sbindir in config.layout for Apache has bin instead of sbin # --enable-ssl=shared (Ensures mod_ssl is included) # --enable-mods-shared=all (Adds loadable modules for almost everything) # Start build process make # Install and fix permissions part sudo make install echo Fix Security Permissions echo Because the build process and make install does not always set an appropriate owner, group membership, or permission on files copied into the install directory you should always verify the appropriate security permissions. sudo chown -R root:root /usr/local/apache2/ sudo chmod -R go-rwx,a-w /usr/local/apache2/ # Allow entrance into sub-folders under apache2/ folder later sudo chmod o+x /usr/local/apache2/ echo On Ubuntu "daemon" is the default generic account available sudo chgrp daemon /usr/local/apache2/htdocs/ sudo chmod g+x /usr/local/apache2/htdocs/ sudo chmod -R g+r /usr/local/apache2/htdocs/ sudo chgrp daemon /usr/local/apache2/cgi-bin/ sudo chmod g+x /usr/local/apache2/cgi-bin/ sudo chmod -R g+r /usr/local/apache2/cgi-bin/ sudo chmod -R u+w /usr/local/apache2/conf/ /usr/local/apache2/logs/ echo You will need to adjust other permissions according to the features you use for your Apache server. Re-package options:You could simply tarball the directory or you could use something like checkinstall to easily create a distro package. You could also roll your own distro flavor package that includes package metadata like description, size, and dependencies.PHP 5.x Addition:You will probably want to also include your own build of PHP with some extensions like zlib.
|
|