Does anyone have any experience compiling Apache as a drop-in replacement for the one used by the OS?
I have read in the Httpd Apache manual that minor version upgrades: To upgrade across minor versions, start by finding the file config.nice in the build directory of your installed server or at the root of the source tree for your old install. This will contain the exact configure command line that you used to configure the source tree.
I have been unable to find any “config.nice” file on the server.
Currently I am on Httpd 2.4.6 but would like to be up to date, 2.4.12 . I am fully aware that if I upgrade manually then I will have to continue to track the upgrades manually which I am happy to to.
It is my understanding that prior to Httpd 2.4 upgrading was awkward and should be avoided but since then it is designed in a way that allows upgrading to be seamless.
If you have swapped from an RPM provided Httpd to compiling manually then I would like to hear about it, what you did and what the outcome was.
You may understand this already, but I just wanted to mention that RHEL/CentOS backport bugfixes and security updates into the Apache version they ship – so although the Apache version isn’t current, it’s still fully patched.
But if you’re already familiar with that, I don’t have much experience trying to keep the Apache version current by manually compiling it… however, I’d be curious if it were as simple as grabbing the source RPM for Apache, and just updating the Apache version it’s compiling.
Note that the Apache version Virtualmin ships with has the suexec path changed, so that it points to /home.
Thanks for the reply Eric. I am using CentOS so bug-fixes and security updates will be done by Apache, then back-ported to RHEL, then CentOS will follow and then Virtualmin will update it’s RPM and I will be able to receive the update. I think this is how it works.
A while back there was Drupal patch issued and 7 hours after the patch was issued sites which had not applied the patch were seeing real life intrusions.
Please do not take this as a dig(as Vmin is part of the chain) but I a worried that with so many parts to the chain I will not able able to apply vulnerability fixes in a timely manner.
I am also just curious about compiling so think I will give it a go, it does sound very straight forward, and thanks for reminder about /home .
Is there any chance you could provide the spec.httpd that you guys use when creating the CentOS HTTPD RPM?
I am not sure if you are changing –with-suexec-docroot=%{contentdir} / to –with-suexec-docroot=/home </code> or changing the %define contentdir /var/www.
If I had the spec.httpd that you used when creating the RPMS the it would be really helpful. Thanks!
Thanks Eric, I have checked the .spec and will definitely not be recompiling! There is a lot going on in there compared to the basic Apache base and it will take forever to learn what each of these customizations mean.
Was fun learning about RPM’s, SPRMS and compile but I best leave it there (for now!). Thanks for your help.