Learnings on Solaris™: Apache 2.2

This posts follows the AMP stack installation. But of course in terms of infrastructure it's almost certain that the installation should have been done on a non-global zone and most probably on an immutable zone, as well as on dedicated ZFS file systems and with some sort of role assignment and so on and on... But for now the focus is just bringing Apache 2.2 on-line for serving some static (basic) content over HTTP.

Let's now check a few changes (additions to the system) that the AMP stack installation does in terms of the Apache 2.2 installation.

The most fundamental man page that gets installed is apache22(1M), which among other things reminds us about the following:

Both 32-bit and 64-bit versions of the servers are installed. It also includes two of the most popular MPMs - Prefork and Worker. By the time you read this, maybe the following link will still point or redirect you to the original authors' full documentation of this version: https://archive.apache.org/dist/httpd/docs/httpd-docs-2.2.31.en.pdf.

A new credential is created:

# grep web /etc/passwd /etc/group
/etc/passwd:webservd:x:80:80:WebServer Reserved UID:/:
/etc/group:webservd::80:

# passwd -s webservd
webservd LK

# id -p webservd
uid=80(webservd) gid=80(webservd) projid=3(default)

A new dedicated SMF service gets installed:

# svcs -a | grep apache
disabled       18:59:49 svc:/network/http:apache22

# svccfg -s apache22 listprop httpd/*
httpd/enable_64bit        boolean     false
httpd/server_type         astring     prefork
httpd/stability           astring     Evolving
httpd/startup_options     astring
...

Three important directories are created:

/etc/apache2/2.2/
/usr/apache2/2.2/
/var/apache2/2.2/

# tree -d /etc/apache2/2.2/
/etc/apache2/2.2/
├── conf.d
│   └── php
├── original
└── samples-conf.d

4 directories

# tree -d /usr/apache2/2.2/
/usr/apache2/2.2/
├── bin
│   ├── 64 -> amd64
│   └── amd64
├── build
│   ├── 64 -> amd64
│   └── amd64
├── include
├── libexec
│   ├── 64 -> amd64
│   └── amd64
├── man
│   ├── man1
│   └── man8
└── manual
    └── mod

15 directories

# tree -d /var/apache2/2.2/
/var/apache2/2.2/
├── cgi-bin
├── error
│   └── include
├── htdocs
├── icons
│   └── small
├── libexec
│   ├── 64 -> amd64
│   └── amd64
├── logs
└── proxy

11 directories

And here is the "full listing" of their initial contents:
(apache22(1M) describe each of them in more detail)

# ll -R /etc/apache2/2.2/
/etc/apache2/2.2/:
total 172
-rw-r--r-- 1 root bin ... mime.types
-rw-r--r-- 1 root bin ... magic
-rw-r--r-- 1 root bin ... httpd.conf
-rw-r--r-- 1 root bin ... envvars
drwxr-xr-x 2 root sys ... original
drwxr-xr-x 3 root sys ... conf.d
drwxr-xr-x 2 root sys ... samples-conf.d

/etc/apache2/2.2/original:
total 35
-r--r--r-- 1 root bin ... httpd.conf

/etc/apache2/2.2/conf.d:
total 30
-rw-r--r-- 1 root bin ... modules-64.load
-rw-r--r-- 1 root bin ... modules-32.load
-rw-r--r-- 1 root bin ... fcgid.conf
-rw-r--r-- 1 root bin ... dtrace.conf
-r--r--r-- 1 root bin ... php.conf
drwxr-xr-x 2 root sys ... php

/etc/apache2/2.2/conf.d/php:
total 5
-rw-r--r-- 1 root bin ... php5.3.conf
lrwxrwxrwx 1 root root ... php.conf -> php5.3.conf

/etc/apache2/2.2/samples-conf.d:
total 92
-r--r--r-- 1 root bin ... vhosts.conf
-r--r--r-- 1 root bin ... userdir.conf
-r--r--r-- 1 root bin ... ssl.conf
-r--r--r-- 1 root bin ... reqtimeout.conf
-r--r--r-- 1 root bin ... proxy_scgi.conf
-r--r--r-- 1 root bin ... multilang-errordoc.conf
-r--r--r-- 1 root bin ... mpm.conf
-r--r--r-- 1 root bin ... manual.conf
-r--r--r-- 1 root bin ... languages.conf
-r--r--r-- 1 root bin ... info.conf
-r--r--r-- 1 root bin ... default.conf
-r--r--r-- 1 root bin ... dav.conf
-r--r--r-- 1 root bin ... autoindex.conf
-rw-r--r-- 1 root bin ... php5.3-apc-stats.conf
-rw-r--r-- 1 root bin ... php5.3-memcache-stats.conf

# ll -R /usr/apache2/2.2/
/usr/apache2/2.2/:
total 22
drwxr-xr-x 4 root sys ... man
drwxr-xr-x 2 root sys ... include
drwxr-xr-x 3 root sys ... bin
drwxr-xr-x 3 root sys ... build
drwxr-xr-x 3 root sys ... manual
drwxr-xr-x 3 root sys ... libexec

/usr/apache2/2.2/man:
total 6
drwxr-xr-x 2 root sys ... man8
drwxr-xr-x 2 root sys ... man1

/usr/apache2/2.2/man/man8:
total 101
...

/usr/apache2/2.2/man/man1:
total 61
...

/usr/apache2/2.2/include:
total 1059
...

/usr/apache2/2.2/bin:
total 3168
-r-x------ 1 root bin ... suexec.disabled
-r-xr-xr-x 1 root bin ... rotatelogs
-r-xr-xr-x 1 root bin ... logresolve
-r-xr-xr-x 1 root bin ... httxt2dbm
-r-xr-xr-x 1 root bin ... httpd.worker
-r-xr-xr-x 1 root bin ... httpd
-r-xr-xr-x 1 root bin ... htpasswd
-r-xr-xr-x 1 root bin ... htdigest
-r-xr-xr-x 1 root bin ... htdbm
-r-xr-xr-x 1 root bin ... htcacheclean
-r-xr-xr-x 1 root bin ... envvars-std
-r-xr-xr-x 1 root bin ... envvars
-r-xr-xr-x 1 root bin ... dbmmanage
-r-xr-xr-x 1 root bin ... checkgid
-r-xr-xr-x 1 root bin ... apxs
-r-xr-xr-x 1 root bin ... apachectl
-r-xr-xr-x 1 root bin ... ab
drwxr-xr-x 2 root sys ... amd64
lrwxrwxrwx 1 root root ... 64 -> amd64

/usr/apache2/2.2/bin/amd64:
total 4013
...

/usr/apache2/2.2/build:
total 57
-r--r--r-- 1 root bin ... special.mk
-r--r--r-- 1 root bin ... rules.mk
-r--r--r-- 1 root bin ... program.mk
-r-xr-xr-x 1 root bin ... mkdir.sh
-r--r--r-- 1 root bin ... tlib.mk
-r--r--r-- 1 root bin ... ibrary.mk
-r-xr-xr-x 1 root bin ... instdso.sh
-r-xr-xr-x 1 root bin ... config.nice
-r--r--r-- 1 root bin ... config_vars.mk
drwxr-xr-x 2 root sys ... amd64
lrwxrwxrwx 1 root root ... 64 -> amd64

/usr/apache2/2.2/build/amd64:
total 53
...

/usr/apache2/2.2/manual:
total 3
drwxr-xr-x 2 root sys ... mod

/usr/apache2/2.2/manual/mod:
total 162
-r--r--r-- 1 root bin ... mod_fcgid.html
-r--r--r-- 1 root bin ... mod_fcgid.html.en

/usr/apache2/2.2/libexec:
total 72283
-r--r--r-- 1 root bin ... mod_wsgi-2.7.so
-r--r--r-- 1 root bin ... mod_wsgi-2.6.so
-r--r--r-- 1 root bin ... mod_version.so
-r--r--r-- 1 root bin ... mod_usertrack.so
-r--r--r-- 1 root bin ... mod_userdir.so
-r--r--r-- 1 root bin ... mod_unique_id.so
-r--r--r-- 1 root bin ... mod_suexec.so
-r--r--r-- 1 root bin ... mod_substitute.so
-r--r--r-- 1 root bin ... mod_status.so
-r--r--r-- 1 root bin ... mod_ssl.so
-r--r--r-- 1 root bin ... mod_speling.so
-r--r--r-- 1 root bin ... mod_setenvif.so
-r--r--r-- 1 root bin ... mod_rewrite.so
-r--r--r-- 1 root bin ... mod_reqtimeout.so
-r--r--r-- 1 root bin ... mod_proxy.so
-r--r--r-- 1 root bin ... mod_proxy_scgi.so
-r--r--r-- 1 root bin ... mod_proxy_http.so
-r--r--r-- 1 root bin ... mod_proxy_ftp.so
-r--r--r-- 1 root bin ... mod_proxy_connect.so
-r--r--r-- 1 root bin ... mod_proxy_balancer.so
-r--r--r-- 1 root bin ... mod_proxy_ajp.so
-r--r--r-- 1 root bin ... mod_negotiation.so
-r--r--r-- 1 root bin ... mod_mime.so
-r--r--r-- 1 root bin ... mod_mime_magic.so
-r--r--r-- 1 root bin ... mod_mem_cache.so
-r--r--r-- 1 root bin ... mod_logio.so
-r--r--r-- 1 root bin ... mod_log_forensic.so
-r--r--r-- 1 root bin ... mod_log_config.so
-r--r--r-- 1 root bin ... mod_ldap.so
-r--r--r-- 1 root bin ... mod_info.so
-r--r--r-- 1 root bin ... mod_include.so
-r--r--r-- 1 root bin ... mod_imagemap.so
-r--r--r-- 1 root bin ... mod_ident.so
-r--r--r-- 1 root bin ... mod_headers.so
-r--r--r-- 1 root bin ... mod_filter.so
-r--r--r-- 1 root bin ... mod_file_cache.so
-r--r--r-- 1 root bin ... mod_ext_filter.so
-r--r--r-- 1 root bin ... mod_expires.so
-r--r--r-- 1 root bin ... mod_env.so
-r--r--r-- 1 root bin ... mod_dumpio.so
-r--r--r-- 1 root bin ... mod_disk_cache.so
-r--r--r-- 1 root bin ... mod_dir.so
-r--r--r-- 1 root bin ... mod_deflate.so
-r--r--r-- 1 root bin ... mod_dbd.so
-r--r--r-- 1 root bin ... mod_dav.so
-r--r--r-- 1 root bin ... mod_dav_fs.so
-r--r--r-- 1 root bin ... mod_cgid.so
-r--r--r-- 1 root bin ... mod_cgi.so
-r--r--r-- 1 root bin ... mod_cern_meta.so
-r--r--r-- 1 root bin ... mod_cache.so
-r--r--r-- 1 root bin ... mod_autoindex.so
-r--r--r-- 1 root bin ... mod_authz_user.so
-r--r--r-- 1 root bin ... mod_authz_owner.so
-r--r--r-- 1 root bin ... mod_authz_host.so
-r--r--r-- 1 root bin ... mod_authz_groupfile.so
-r--r--r-- 1 root bin ... mod_authz_default.so
-r--r--r-- 1 root bin ... mod_authz_dbm.so
-r--r--r-- 1 root bin ... mod_authnz_ldap.so
-r--r--r-- 1 root bin ... mod_authn_file.so
-r--r--r-- 1 root bin ... mod_authn_dbm.so
-r--r--r-- 1 root bin ... mod_authn_dbd.so
-r--r--r-- 1 root bin ... mod_authn_anon.so
-r--r--r-- 1 root bin ... mod_auth_gss.so
-r--r--r-- 1 root bin ... mod_auth_digest.so
-r--r--r-- 1 root bin ... mod_auth_basic.so
-r--r--r-- 1 root bin ... mod_asis.so
-r--r--r-- 1 root bin ... mod_alias.so
-r--r--r-- 1 root bin ... mod_actions.so
-r--r--r-- 1 root bin ... httpd.exp
-r--r--r-- 1 root bin ... mod_vhost_alias.so
-r--r--r-- 1 root bin ... mod_authn_default.so
lrwxrwxrwx 1 root root ... mod_wsgi.so -> mod_wsgi-2.7.so
lrwxrwxrwx 1 root root ... m64 -> amd64
-r--r--r-- 1 root bin ... mod_php5.3.so
-r--r--r-- 1 root bin ... mod_fcgid.so
drwxr-xr-x 2 root sys ... amd64
-r--r--r-- 1 root bin ... mod_dtrace.so

/usr/apache2/2.2/libexec/amd64:
total 42809
...

# ll -R /var/apache2/2.2/
/var/apache2/2.2/:
total 25
drwxr-xr-x 2 webservd webservd ... proxy
drwx------ 2 root bin ... logs
drwxr-xr-x 2 root sys ... htdocs
drwxr-xr-x 2 root sys ... cgi-bin
drwxr-xr-x 3 root sys ... icons
drwxr-xr-x 3 root sys ... error
drwxr-xr-x 3 root sys ... libexec

/var/apache2/2.2/proxy:
total 0

/var/apache2/2.2/logs:
total 0

/var/apache2/2.2/htdocs:
total 2
-r--r--r-- 1 root bin ... index.html

/var/apache2/2.2/cgi-bin:
total 5
-r--r--r-- 1 root bin ... test-cgi
-r--r--r-- 1 root bin ... printenv

/var/apache2/2.2/icons:
total 459
...

/var/apache2/2.2/icons/small:
total 139
...

/var/apache2/2.2/error:
total 366
-r--r--r-- 1 root bin ... HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
-r--r--r-- 1 root bin ... HTTP_UNAUTHORIZED.html.var
-r--r--r-- 1 root bin ... HTTP_SERVICE_UNAVAILABLE.html.var
-r--r--r-- 1 root bin ... HTTP_REQUEST_URI_TOO_LARGE.html.var
-r--r--r-- 1 root bin ... HTTP_REQUEST_TIME_OUT.html.var
-r--r--r-- 1 root bin ... HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
-r--r--r-- 1 root bin ... HTTP_PRECONDITION_FAILED.html.var
-r--r--r-- 1 root bin ... HTTP_NOT_IMPLEMENTED.html.var
-r--r--r-- 1 root bin ... HTTP_NOT_FOUND.html.var
-r--r--r-- 1 root bin ... HTTP_METHOD_NOT_ALLOWED.html.var
-r--r--r-- 1 root bin ... HTTP_LENGTH_REQUIRED.html.var
-r--r--r-- 1 root bin ... HTTP_INTERNAL_SERVER_ERROR.html.var
-r--r--r-- 1 root bin ... HTTP_GONE.html.var
-r--r--r-- 1 root bin ... HTTP_FORBIDDEN.html.var
-r--r--r-- 1 root bin ... HTTP_BAD_REQUEST.html.var
-r--r--r-- 1 root bin ... HTTP_BAD_GATEWAY.html.var
-r--r--r-- 1 root bin ... README
-r--r--r-- 1 root bin ... HTTP_VARIANT_ALSO_VARIES.html.var
-r--r--r-- 1 root bin ... contact.html.var
drwxr-xr-x 2 root sys ... include

/var/apache2/2.2/error/include:
total 7
-r--r--r-- 1 root bin ... top.html
-r--r--r-- 1 root bin ... spacer.html
-r--r--r-- 1 root bin ... bottom.html

/var/apache2/2.2/libexec:
total 4
drwxr-xr-x 2 root bin ... amd64
lrwxrwxrwx 1 root root ... 64 -> amd64

/var/apache2/2.2/libexec/amd64:
total 0

Just for a quick-start (but be warned: do not keep using those configurations unless you really know what you're doing and intend so) we can accept the defaults in /etc/apache2/2.2/httpd.conf which among other things set the IP address of the server (ServerName) to 127.0.0.1 (localhost) which is reasonable at first.

Now it should be possible to start the HTTP web server:

# svcadm -v enable apache22
svc:/network/http:apache22 enabled.

# svcs apache22
STATE          STIME    FMRI
online         22:33:30 svc:/network/http:apache22

# svcs -l apache22
fmri         svc:/network/http:apache22
name         Apache 2.2 HTTP server
enabled      true
state        online
next_state   none
state_time   April 12, 2017 10:33:30 PM BRT
logfile      /var/svc/log/network-http:apache22.log
...

# svcs -vL apache22
[ Apr 12 22:33:28 Enabled. ]
[ Apr 12 22:33:28 Executing start method ... ]
Apache version is 2.2
[ Apr 12 22:33:30 Method "start" exited with status 0. ]

On a headless host, a quick verification could be as follows:

# wget -nv -P /tmp http://localhost
... URL:http://localhost/ [44/44] -> "/tmp/index.html" [1]

Otherwise, if GNOME is installed on the web server host itself, then pointing a web browser to http://localhost should display the following (contents of the original bare bones index.html for the main/default site):

# cat /var/apache2/2.2/logs/access_log
... - - [...22:34:33...] "GET / HTTP/1.1" 200 44
... - - [...22:34:33...] "GET /favicon.ico HTTP/1.1" 404 209

# cat /var/apache2/2.2/logs/error_log
[...22:33:29...] [warn] Init: Session Cache is not configured
                              [hint: SSLSessionCache]
[...]            [notice] Digest: generating secret ...
[...22:33:31...] [notice] Digest: done
[...22:33:32...] [notice] Apache/2.2.31 (Unix)
                          mod_ssl/2.2.31 OpenSSL/1.0.1p
                          DAV/2 PHP/5.3.29 mod_fcgid/2.3.9
                          configured --
                          resuming normal operations
[...] [error] [client...] File does not exist: .../favicon.ico

Beyond the basic installation, for better resource control management, I strongly recommend adjusting the project (for instance, www) under which the server will be running, that is, achieve something like the following:

# ps -o user,pid,ppid,project -p "`pgrep -f httpd`"
    USER   PID PPID PROJECT
    root   559     1 www
webservd   577   559 www
webservd   591   559 www
webservd   593   559 www
webservd   604   559 www
webservd   607   559 www
webservd   616   559 www

And that's all folks!

Learnings on Solaris™

Wednesday, April 12, 2017

Apache 2.2 - 1st steps