Communicator e3000 MPE/iX Express 1 Based on Release 7.0
> Chapter 3 New NetworkingApache 1.3.14 for MPE/iX |
||||||||||||||||
|
Commercial Systems Division Apache 1.3.14 for MPE/iX is based on Apache 1.3.14 from the Apache Software Foundation. It is the latest version of Apache for MPE/iX and provides the same powerful features that were part of Apache 1.3.9 for MPE/iX in addition to minor base enhancements, several important security fixes, and a new installation scheme. Release InformationApache 1.3.14 for MPE/iX is part of MPE/iX Release 7.0 Express 1. System Requirements and PatchesApache 1.3.14 for MPE/iX requires the following:
SupportApache 1.3.14 for MPE/iX is supported through the HP Response Center as part of MPE/iX FOS support. Product DescriptionApache 1.3.14 for MPE/iX is an upgrade to earlier versions of Apache. It consists of the Apache 1.3.14 base version from the Apache Software Foundation, the major features and functionality first introduced in Apache 1.3.9, and a new installation structure.Apache 1.3.14 for MPE/iX includes these features introduced in Apache 1.3.9 for MPE/iX:
Feature SetDynamic Shared Objects (DSOs)DSOs are add-on modules that extend the functionality of Apache. These modules are self-contained code that can provide a wide-range of additional Apache capabilities such as custom authentication and authorization, custom logging, or new configuration directives. Users can create their own Apache modules or use those written by others. For instance, the Apache Module Registry (http://modules.apache.org/) is a web site with downloadable Apache modules. Some of these modules are freely available while others have various license restrictions. DSOs on MPE/iX can utilize Apache's full Application Programming Interface (API) as well as Apache's full Extended Application Programming Interface (EAPI). A DSO is an Apache module with the same structure as the modules compiled into the Apache binary. But instead of being statically linked into the Apache program, the DSO module is created as a shared library (NMXL). DSOs are loaded at Apache startup into Apache's process space. No recompilation of Apache is necessary to use DSOs. However, DSOs require a DSO-enabled Apache such as Apache 1.3.9 or Apache 1.3.14 for MPE/iX or HP WebWise MPE/iX Secure Web Server. Using DSO modules keeps Apache memory usage low by running an Apache binary with core features only and adding additional features with DSOs. DSOs also provide flexibility. An installation can pick and choose which features to include in their web server. Apache DSOs can be written in either the C programming language or in the Perl scripting language. DSOs written in Perl require the mod_perl module to be linked either statically or dynamically (DSO) into Apache. Since mod_perl is not currently part of Apache for MPE/iX, DSO modules for Apache 1.3.9 for MPE/iX,and Apache 1.3.14 for MPE/iX, must be written in C. Mod_perl is part of the HP WebWise MPE/iX Secure Web Server product version 2so DSOs for Secure WebServer can be written in either C or Perl. Information on creating and installing DSOs for Apache on MPE/iX is provided in the "Configuring and Managing Internet Services" manual for Release 7.0 Express 1.EAPIApache 1.3.14 for MPE/iX is built with an extended set of Apache APIs. That means that this version also expects these EAPIs to be built into any module it calls, including DSOs. This EAPI feature is included in Apache 1.3.14 or MPE/iX so that a commom DSO can be used by both Apache and WebWise without the need to recompile the module. When creating DSOs, you must compile with the -DEAPI option. This will include the necessary EAPI header files. These header files are part of the Apache 1.3.14 for MPE/iX distribution and reside in the/APACHE/PUB/include directory. The include directory also contains the README.EAPI file. The README.EAPI file describes the additional functionality that is available with EAPI such as more features in the mod_rewrite, mod_status, and mod_proxy modules. DSOs created with the apxs utility will automatically include the -DEAPI option. DSOs created without -DEAPI may work but may generate an error message in the error_log file.Additional ModulesThe Apache 1.3.14 for MPE/iX contains the same static modules that are part of Apache 1.3.9 for MPE/iX. To view the complete set of modules, execute the Apache binary with the "-l" option:shell/iX>/APACHE/PUB/HTTPD -l The following modules were introduced in Apache 1.3.9 and are also included in Apache 1.3.14:
File Creation MaskA file creation mask, umask 007, is set in the start-up stream job, JHTTPD, for increased security. With this change, files created by Apache cannot be accessed by anyone outside of the APACHE account. Files in this category are log files, files created in the proxy directory, /APACHE (when Apache is used as a proxy server) and any files created by CGI scripts.Apache 1.3.14 Base FeaturesAn overview of the new Apache 1.3.14 base features is described in the online Apache newsletter, Apacheweek, at http://www.apacheweek.com/issues/00-10-13. The Apache 1.3.14 base provides a few new features and bug fixes. A new feature in Apache 1.3.14 is additional media types in the mime.types file. Media types are configured for WAP so that wireless documents and applications can be handled by Apache.Security FixesThere are several important fixes for security vulnerabilities that were discovered in mod_vhost_alias and mod_rewrite. These vulnerabilities are exposed under certain situations that are described in the Apacheweek article, http://www.apacheweek.com/issues/00-10-13New Installation SchemeWith this release begins a new installation scheme for Apache. This scheme allows for easier migration to new Apache releases.In previous Apache for MPE/iX releases, Apache was always installed in the same location, PUB.APACHE. This was inconvenient when rolling to new versions. The new Apache installation strategy will provide the following advantages:
New Installation ImplementationStarting with Apache 1.3.14 for MPE/iX, new releases will reside in their own version-specific group under the APACHE account. A version-specific group corresponds to Apache's MPE version number. Symbolic links point to the new version-specific files.
shell/iX> ll /APACHE/PUB total 23488 -rwx------ 1 MANAGER.SYS SYS 1188864 Mar 22 00:26 HFSFILES lrwxrwxrwx 1 MGR.APACHE APACHE 21 Apr 6 18:55 HTTPD -> /APACHE/CURRENT/HTTPD -rwxr-xr-x 1 MGR.APACHE APACHE 931328 Mar 22 00:26 HTTPD.bak -rwxr-xr-x 1 MGR.APACHE APACHE 308 Apr 6 17:41 JHTTPD lrwxrwxrwx 1 MGR.APACHE APACHE 29 Apr 16 15:37 JHTTPD.sample -> /APACHE/CURRENT/JHTTPD.sample lrwxrwxrwx 1 MGR.APACHE APACHE 22 Apr 6 18:55 README -> /APACHE/CURRENT/README -rw-r--r-- 1 MGR.APACHE APACHE 6226 Mar 22 00:26 README.bak lrwxrwxrwx 1 MGR.APACHE APACHE 19 Apr 6 18:55 bin -> /APACHE/CURRENT/bin drwxr-xr-x 2 MGR.APACHE APACHE 1184 Mar 22 17:18 bin.bak drwxr-xr-x 2 MGR.APACHE APACHE 800 Mar 22 17:18 cgi-bin drwxr-xr-x 2 MGR.APACHE APACHE 2144 Apr 6 17:40 conf drwxr-x--- 2 MGR.APACHE APACHE 1472 Apr 16 15:37 conf.bak drwxr-xr-x 3 MGR.APACHE APACHE 608 Apr 6 18:55 htdocs drwxr-xr-x 3 MGR.APACHE APACHE 7616 Mar 22 17:18 icons lrwxrwxrwx 1 MGR.APACHE APACHE 23 Apr 6 18:55 include -> /APACHE/CURRENT/include drwxr-xr-x 2 MGR.APACHE APACHE 3296 Mar 22 17:18 include.bak drwxrwx--- 2 MGR.APACHE APACHE 224 Jan 20 1999 libexec drwxrwxr-x 2 MGR.APACHE APACHE 512 Apr 6 17:47 logs lrwxrwxrwx 1 MGR.APACHE APACHE 19 Apr 6 18:55 man -> /APACHE/CURRENT/man drwxr-xr-x 4 MGR.APACHE APACHE 416 Jan 20 1999 man.bak drwxrwx--- 2 MGR.APACHE APACHE 224 Jan 20 1999 proxy drwxr-x--- 2 MGR.APACHE APACHE 416 Mar 22 17:18 public_html drwxr-xr-x 2 MGR.APACHE APACHE 320 Mar 22 17:18 ssi shell/iX> ll htdocs total 17 -rw-r--r-- 1 MGR.APACHE APACHE 2326 Mar 21 16:26 apache_pb.gif -rw-r--r-- 1 MGR.APACHE APACHE 1622 Mar 21 16:26 index.html lrwxrwxrwx 1 MGR.APACHE APACHE 29 Apr 6 11:55 manual -> /APACHE/CURRENT/htdocs/manual drwxr-xr-x 6 MGR.APACHE APACHE 3872 Mar 22 09:18 manual.bak Product ConfigurationThe /APACHE/A0200/conf directory contains the Apache configuration files. After installation, create your own copies of these under the /APACHE/PUB directory. The Apache installation job sets up links to /APACHE/A0200 so that the copy command gets the new conf files. The sample files are derived from the default files with modifications for Apache on MPE/iX. Make sure to log on as MGR.APACHE before beginning configuration. :HELLO MGR.APACHE :xeq sh.hpbin.sys -L shell/iX> cd conf shell/iX> cp httpd.conf.sample httpd.conf shell/iX> cp mime.types.sample mime.types shell/iX> cp magic.sample magic shell/iX> cp access.conf.sample access.conf (optional) shell/iX> cp srm.conf.sample srm.conf (optional)The access.conf.sample file and the srm.conf.sample file need not be copied. These files were used in earlier versions of Apache but their content is now included in the httpd.conf file. However, if these files exist, Apache will read and process them after processing the conf/httpd.conf file. httpd.confEdit the httpd.conf file with your own server name. You may also wish to change other default values. For information about configuration directives, visit the online Apache documentation at http://www.apache.org/docs. Httpd.conf is a bytestream file that can be edited on the e3000 using "vi" or modified from a PC if Samba is installed on the server. Modify the following httpd.conf directives by replacing "yourserver.com" with your own server name:
JHTTPD Job Stream FileJHTTPD.sample is provided as an Apache start-up job. Copy the sample file from /APACHE/A0200 to /APACHE/PUB using the copy command below then change the timezone variable, TZ, to the local timezone if necessary. JHTTPD is a bytestream file unlike previous versions that were in MPE file format. Note that the file mask is set to 007. This means that any files created by Apache will have no permissions for "other." This feature tightens security so Apache-created files are accessible only within the APACHE account.shell/iX> cd /APACHE/PUB shell/iX> cp JHTTPD.sample JHTTPD shell/iX> cat JHTTPD !job jhttpd,www.apache,pub;outclass=,2 !setvar TZ 'PST8PDT !xeq sh.hpbin.sys "-c 'umask 007;./HTTPD -f conf/httpd.conf'" !eoj Version IdentificationApache 1.3.14 for MPE/iX has the product number A.02.00. This is viewable by running the Apache binary with the "-v" option. shell/iX> /APACHE/PUB/HTTPD -v Server version: Apache/1.3.14 (HP MPE/iX A.02.00) Server built: Apr 2 2001 11:58:16 Running ApacheStartupApache can be started from either the CI or the POSIX shell. :STREAM JHTTPD.PUB.APACHE or shell/iX>callci stream JHTTPD.PUB.APACHEVerifying StartupSuccessful installation and startup of Apache 1.3.14 can be verified by
shell/iX>cd /APACHE/PUB/logs shell/iX>tail error_logIf the JHTTPD job is running, try accessing Apache's home page, http://yourserver.com If Apache does not start, more information is available in the Configuring and Managing MPE/iX Internet Services manual for Release 7.0 Express 1. Or, try consulting the online Apache Troubleshooting Guide for tips on debugging the problem, http://jazz.external.hp.com/src/apache. ShutdownApache can be shut down by issuing an :ABORTJOB or kill. Using kill (which defaults to kill -TERM) is the preferred method since it uses Apache's internal routines to clean up open resources. Kill can be issued by users WWW.APACHE, MGR.APACHE, and MANAGER.SYS. Using :ABORTJOB will result in leaked SVIPC semaphores. The CI command file IPCS.HPBIN.SYS displays SVIPC semaphores and the CI command file IPCRM.HPBIN.SYS frees leaked semphores. To shut down Apache,shell/iX>kill `cat /APACHE/PUB/logs/httpd.pid`or: ABORTJOB JHTTPD,WWW.APACHE RestartApache can be restarted by issuing a kill -HUP. A restart will cause Apache to reread its configuration files without having to stop and restream the Apache job stream file. Restart is useful for making configuration changes without disrupting web users. After a restart, Apache continues running with the new configuration settings. To restart Apache,shell/iX>kill -HUP `cat /APACHE/PUB/logs/httpd.pid`or :XEQ SH.HPBIN.SYS "-c 'kill -HUP `cat /APACHE/PUB/logs/httpd.pid`'"Stopping or restarting Apache using kill may cause the error_log to contain numerous warning messages about the child processes not exiting properly. Additional ResourcesFor general Apache information, the official Apache web site, http://www.apache.org, contains documentation on configuration and functionality, FAQ's, a list of books, and more. Apacheweek, http://www.apacheweek.com, is a weekly digest of Apache activities, book reviews, and in-depth articles on Apache features. After installing Apache, your manual directory contains a User's Guide, Reference Manual, and other information which pertains to the installed version of Apache, http://yourserver.com/manual. The following are platform-independent resources on Apache dynamic modules (DSOs):
|