Howto: Running a webserver with Apache
The NetBSD Project
Status: Closed
Time to complete: 144 hrs
Mentors: blymn, Julian Coleman, Julian Fagir
As well as the aforementioned task with OpenLDAP and Kerberos, a howto what to do with Apache in NetBSD would be good. How do you install and activate modules within the base Apache distribution, within pkgsrc, and outside?
This should also include a reference to the already included bozohttpd, which may be suited better in some cases.
Uploaded Work
| File name/URL | File size | Date submitted | |
|---|---|---|---|
| NetBSD Installing Apache.csv | 4.1 KB | November 29 2012 23:07 UTC | |
| Win7.zip | 171.6 KB | December 27 2012 03:54 UTC | |
| apache-v1.markdown | 10.7 KB | January 08 2013 08:04 UTC | |
| apache-v1.markdown | 10.7 KB | January 08 2013 08:04 UTC | |
| apache-v2.markdown | 13.1 KB | January 08 2013 13:49 UTC | |
| apache-v3.markdown | 13.1 KB | January 09 2013 04:35 UTC | |
| apache-v4.markdown | 14.1 KB | January 09 2013 12:34 UTC | |
| apache-v5.markdown | 12.3 KB | January 10 2013 02:03 UTC | |
| apache-v6.markdown | 12.4 KB | January 10 2013 10:25 UTC | |
| apache-v6_fixed.markdown | 12.5 KB | January 10 2013 10:42 UTC | |
| apache-v7.markdown | 12.2 KB | January 10 2013 11:51 UTC |
I would like to work on this task.
This task has been assigned to A. Long. You have 144 hours to complete this task, good luck!
Is there an image for Virtualbox I can use? The 6.0 i386 iso doesn't seem to work. Also, can I get in contact with any of my mentors?
Yes, there are images available here:
ftp://ftp.netbsd.org/pub/NetBSD/misc/GCi
You can contact your mentors via this page.
Hope that helps.
Just in time, my second comp just died, so I can't run it natively. Sorry.
I'll stick with the default page for the Apache server. Virtualization has the added benefit of screenshots; should I use screenshots?
Hi,
the usage of a virtual machine is fine, a real machine is not needed. In reality, many webservers are also only virtual machines themselves.
The configuration of a webserver will mostly be plain-text anyway, without graphics. Maybe you could try to paste parts of the configuration or just copy what you did and what you got as output (tip: If you use ssh to connect to the virtual machine, you can just copy&paste the information from the ssh client).
Images are less handy than just plain text. I.e. just take a "dump" of the screen in text instead of a screenshot as an image.
Regards, Julian
The claim on this task has been removed, someone else can claim it now.
I would like to work on this task.
This task has been assigned to aak1998. You have 144 hours to complete this task, good luck!
This task has been Reopened.
Hi,
I'm sorry I assigned this task to you and took it back. I just saw afterwards that he already uploaded something.
A. Long: What happened to this task? You already had a fairly large document, don't you?
A. Long: You uploaded something, but you didn't mark it for review.
If you upload something and want us to review your work, you have to mark it for review. Now, you unclaimed that task, i.e. it is not assigned to you anymore. Please claim this task again, then we can review your work.
Until that, this task will not be assigned to anybody else
A. Long, you were doing great!
The only thing I'd like to see in your document, is a kind of smoke test.
Just describe how I check if WebDAV works in simple terms like open browser, do this, do that, check that some file in some directory appears/disappears.
I was able to load and set up the WebDAV module, but I didn't understand it. I don't think that constitutes a completed how-to. Actually, I have the screenshots for the client setup on a Windows XP machine. I'll upload the screenshots.
Completion criteria are not strict here.
I suggest that you finish the work you've done.
You have almost done what was required, all you need is to address minor issue or two.
Try loading and testing some another module or two, to make sure that what you did with WebDAV applies.
You do not need to choose something complex like TLS/SSL for that. (The latter deserves its own task, I think, we'll discuss it.)
I would like to work on this task.
There is an automated technique for installing to rc.d directory automatically. But cp is fine too.
Also suggest using /etc/rc.conf.d/apache instead of /etc/rc.conf. But it is fine as is.
Please use real quotes " instead of maybe some fancy quotes so they can be copy and pasted.
Some think we should use binary packages for tutorials but building using pkgsrc is fine. (My preference is to suggest binary package tools, like pkgin.)
It says"require user admin" then later says "DAV-upload" .. is that okay?
Probably should not put uploads nor user.passwd in the /usr/pkg level.
Resetting ownership of /usr/pkg/var/ is bad. That will not be accepted for instructions. (Some software or real user may have access to some file or directory under /usr/pkg/var and if it is changed to www it may break it -- no longer able to read or write for example).
Maybe a typo or missing something from line that starts with "Sh "
The claim on this task has been removed, someone else can claim it now.
I would like to work on this task.
sorry how to open " NetBSD Installing Apache.csv" file?
i using libre office
but it's prints very uncomfortable
need your help!
Author has removed claim for technical reasons, we're working on issue.
i downloading NetBSD VM image.
i downloading NetBSD VM image.
Hello.
This task is considered suspended, your application is not going to be processed until issue with A. Long is resolved or a reasonable time passes to consider him disappeared.
I suggest that you wait until we create separate task or two related to running web servers.
This task has been Reopened.
I would like to work on this task.
The claim on this task has been removed, someone else can claim it now.
I would like to work on this task.
This task has been Reopened.
I would like to work on this task.
The claim on this task has been removed, someone else can claim it now.
I would like to work on this task.
The claim on this task has been removed, someone else can claim it now.
I would like to work on this task.
The claim on this task has been removed, someone else can claim it now.
I would like to work on this task.
This task has been assigned to A. Long. You have 144 hours to complete this task, good luck!
Resetting ownership of /usr/pkg/var/ is bad. That will not be accepted for instructions. (Some software or real user may have access to some file or directory under /usr/pkg/var and if it is changed to www it may break it -- no longer able to read or write for example).
Should I just remove the lines:
chown -R www /usr/pkg/var/
chgrp -R www /usr/pkg/var/
Probably should not put uploads nor user.passwd in the /usr/pkg level.
Should I put them in a /home/ directory of some sort?
You can use user(8) to extract information on user accounts.
Yes, I'd rather see web data belonging to some user, e.g. "www". This is (or was once, at least) usual practice.
In any case, you ought not to change or reset permissions on files that you don't create yourself.
The deadline of the task has been extended with 1 days and 0 hours.
The deadline of the task has been extended with 0 days and 12 hours.
Melange has detected that the initial deadline has passed and it has set the task status to ActionNeeded. The student has 24 hours to submit the work before the task is reopened and sent back to the pool for other students to claim.
I added the user 'admin' and tried a
htdigest -c “/home/admin/user.passwd” DAV-upload admin
However, when logging in, it still uses the user-password combination in user.passwd in /usr/pkg/.
However, I did manage to get screenshots of WebDAV drive mapping in Windows 7 in the meantime.
The deadline of the task has been extended with 0 days and 12 hours.
Melange has detected that the final deadline has passed and it has reopened the task.
I don't have any idea how to change where the user.passwd and /uploads/ directory is supposed to be, would it be okay to just symlink those files and driectories to /home/admin; for example, /usr/pkg/user.passwd would be a symlink to /home/admin/user.passwd, or would that not really be a solution at all?
A symlink is not likely to work as, by default, apache will not follow symlinks for security reasons.
I am not entirely sure what you mean by "where the user.passwd and /uploads/ directory" perhaps you are looking for the Apache configuration directive "Directory" ? This allows you to set up access controls over directory trees.
I would like to work on this task.
This task has been assigned to michael addi. You have 144 hours to complete this task, good luck!
Hi, is my task basically to add more details to this file: NetBSD Installing Apache.csv ? Why is it a csv file?
Am I to just write a how to for nstall and activate modules within the base Apache distribution, within pkgsrc, and outside.
Your task is to write an instruction as per the task description. The file you mention is an attempt by another student which contains errors and is incomplete so you should not use that for your own work. I don't know why it is a .csv, the contents are not comma separated.
> Am I to just write a how to for nstall and activate modules within the base Apache distribution, within pkgsrc, and outside.
Yes, this is your task.
Melange has detected that the initial deadline has passed and it has set the task status to ActionNeeded. The student has 24 hours to submit the work before the task is reopened and sent back to the pool for other students to claim.
Melange has detected that the final deadline has passed and it has reopened the task.
I would like to work on this task.
This task has been assigned to wmzhere. You have 144 hours to complete this task, good luck!
The work on this task is ready to be reviewed.
One of the mentors has sent this task back for more work. Talk to the mentor(s) assigned to this task to satisfy the requirements needed to complete this task, submit your work again and mark the task as complete once you re-submit your work.
The work on this task is ready to be reviewed.
1. I suggest changing places for "installation" and "layout" sections when you're talking about Apache.
Currently, it is a bit confusing, since there's no /etc/rc.d/apache file, system administrator should copy it manually there.
2. The following text is confusing:
`apachectl` is invoked by the script. It checks whether the environment variable `apache` is set to `yes`. If so, Apache daemon is executed.
"It" in the second sentence can refer to "apachectl", it is better to restructure it around rc script (e.g. "rc script checks variable content and invokes apachectl, as needed").
3. Currently, setups are inconsistent: you suggest starting base httpd from inetd and starting Apache as standalone service. It would be nice to consider both modes, standalone and inetd, for both servers.
4. It is strongly advised to prefer package installation by HTTP rather than by FTP. Please, adapt your URLs correspondingly.
One of the mentors has sent this task back for more work. Talk to the mentor(s) assigned to this task to satisfy the requirements needed to complete this task, submit your work again and mark the task as complete once you re-submit your work.
Hi,
Thank you for your suggesions. I have a few questions here.
The work on this task is ready to be reviewed.
This is better. It reads a bit better too.
1. Sure, if Apache doesn't support inetd mode, then you can't describe it. It would be nice to mention this though, since a user can find instructions how to configure Apache with inetd in Internet and wonder.
2. The decision to avoid URL argumens to pkg_add is good. I suggest that you quote arguments though, since unquoted "ap24-php5*" may be expanded unexpectedly. While this isn't of high probability, it is better to always quote enough.
3. I still suggest that you replace "ftp" schema with "http" in all your URLs. Even if it isn't consistent with what one can see in default "/root/.profile". This decision was made after there appeared PKG_PATH comment, still this decision should be enforced.
4. You description of inetd process is wrong. I suggest that you read the man page and correct it.
5. It would be nice to describe standalone operation mode for bozohttpd. Even if we don't have rc script for it, one can easily write one or use rc.local
6. I suggest that you describe how to control Apache with rc.subr commands as well as with apachectl. The main reason is that rc.subr commands provide more uniform approach to control daemons.
One of the mentors has sent this task back for more work. Talk to the mentor(s) assigned to this task to satisfy the requirements needed to complete this task, submit your work again and mark the task as complete once you re-submit your work.
The work on this task is ready to be reviewed.
Hi,
Thank you for your suggesions. Your carefulness and the attitude towards this task really impress me deeply.
I read the manual of inetd and checked this document, but I couldn't find anything wrong. Would you please show me the error? I asked you by IRC, and you didn't response. I'm sorry that I have to submit the unfinished task.
Here's the issue explained.
You write,
"When a client requests a web page from the server, `inetd` parses the data on transport layer, found this is a TCP packet and the destination port is 80..."
inetd doesn't perform any parsing, the latter is done in TCP stack. What inetd does is accepting connections, spawning processes, and redirecting file descriptors as described in documentation. (It does a bit more, but lets' neglect it here.)
This is almost finished. Except for minor nits.
Besides inetd and spelling ("deamon" and similar minor mistakes), could you try to remove explanation of rc system? I think that mentioning that rc script is started, then it checks for variable, then the said script executes some control process or spawns a daemon, all this is superfluous. Perhaps, only a small part of it is really useful (e.g. setting variable in rc.conf.d file and common start-stop-reload-status set of commands). Though, if you cannot edit the text the way or if you prefer not to lose information about invocation chain, it's fine.
Please, remove "conclusions" about performance of inetd and standalone operation modes. They are way too non-trivial and may be wrong. Plus, you're writing instructions rather than research report. If you want to leave the information on responsibility of connection handling, then write it simple, straightforward like "inetd (or httpd) handles incoming connections."
One of the mentors has sent this task back for more work. Talk to the mentor(s) assigned to this task to satisfy the requirements needed to complete this task, submit your work again and mark the task as complete once you re-submit your work.
The work on this task is ready to be reviewed.
Hi!
You have to correct this in some way:
`bozohttpd` is able to process HTTP requests only and it can not handle sockets, thus `bozohttpd` needs the help of `inetd`
It contradicts the text below (besides not being true).
Sorry for overlooking it in previous review.
One of the mentors has sent this task back for more work. Talk to the mentor(s) assigned to this task to satisfy the requirements needed to complete this task, submit your work again and mark the task as complete once you re-submit your work.
The work on this task is ready to be reviewed.
Congratulations, this task has been completed successfully.