Apache 2.2.13 Install (rpm)


Apache 2.2.13をインストールした時のメモ。

  • Vine Linux 5.0
  • Apache 2.2.13

まずはApacheのソースを落とす。

$ apt-get source apache2
$ rpm -ivh apache2-2.2.13-1vl5.src.rpm

VineのデフォルトではPreforkで動くので、後でPHPも合わせてWorkerで動かす為にspecファイルをいじる。

$ cd ~/rpm/SPECS
$ vi apache2-vl.spec
%define contentdir /path/to/directory
%define suexec_caller apache
%define mmn 20020903
%define pkgname apache2

Summary: Apache HTTP Server
Name: %{pkgname}
Version: 2.2.13
Release: 1%{_dist_release}
URL: http://httpd.apache.org/

Vendor: Project Vine
Distribution: Vine Linux
Packager: daisuke

Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
Source1: index.html.ja
Source3: apache2.logrotate
Source4: apache2.init
Source5: README.confd
Source6: vine.png
Source10: httpd.conf
Source11: ssl.conf
Source12: migration.html
Source13: migration.css
Source14: mod_ssl-Makefile.crt
Source14: mod_ssl-Makefile.crl
# add vine entry to config.layout
Source100: vine-config.layout
# man files 
Source101: apache2.8
Source102: apache2ctl.8
#Source103: config_vars.mk
# build/scripts patches
Patch1: httpd-2.1.10-apctl.patch
Patch2: httpd-2.2.3-apxs.patch
Patch3: httpd-2.0.45-deplibs.patch
Patch4: httpd-2.1.10-disablemods.patch
# features/functional changes
Patch21: httpd-2.0.40-xfsz.patch
Patch22: httpd-2.1.10-pod.patch
Patch23: httpd-2.0.45-export.patch
Patch24: httpd-2.0.48-corelimit.patch
# Bug fixes
Patch54: httpd-2.2.0-authnoprov.patch
Patch60: httpd-2.2.3-sslusername.patch

# Security fixes


License: Apache Software License
Group: System Environment/Daemons
BuildRoot: %{_tmppath}/%{name}-%{version}-root
BuildRequires: db4-devel, expat-devel
BuildRequires: findutils, perl, openldap-devel, zlib-devel
BuildRequires: apr-devel, apr-util-devel
BuildRequires: pcre-devel, sqlite3-devel
Requires: mailcap, gawk, file, findutils, apr, apr-util
Prereq: chkconfig, mktemp, fileutils
Prereq: sh-utils, textutils, shadow-utils
Provides: webserver
Provides: httpd = %{version}
Provides: httpd-mmn = %{mmn}
Conflicts: thttpd
Obsoletes: secureweb
Obsoletes: apache2-apr, apache2-apr-devel

%description
Apache is a powerful, full-featured, efficient, and freely-available
Web server. Apache is also the most popular Web server on the
Internet.

%package devel
Group: Development/Libraries
Summary: Development tools for the Apache HTTP server.
Obsoletes: secureweb-devel
Requires: libtool, httpd = %{version}
Requires: apr-devel, apr-util-devel

%description devel
The httpd-devel package contains the APXS binary and other files
that you need to build Dynamic Shared Objects (DSOs) for Apache.

If you are installing the Apache HTTP server and you want to be
able to compile or develop additional modules for Apache, you need
to install this package.

%package manual
Group: Applications/Documentation
Summary: Documentation for the Apache HTTP server.
Obsoletes: secureweb-manual

%description manual
The httpd-manual package contains the complete manual and
reference guide for the Apache HTTP server. The information can
also be found at http://httpd.apache.org/docs/.

%package -n mod_ssl-apache2
Group: System Environment/Daemons
Summary: SSL/TLS module for the Apache HTTP server
Epoch: 1
BuildPrereq: openssl-devel
Prereq: openssl, dev, /bin/cat
Requires: httpd, make, httpd-mmn = %{mmn}

%description -n mod_ssl-apache2
The mod_ssl module provides strong cryptography for the Apache Web
server via the Secure Sockets Layer (SSL) and Transport Layer
Security (TLS) protocols.

%prep
%setup -q -n httpd-%{version}

%patch1 -p1 -b .apctl
%patch2 -p1 -b .apxs
#patch3 -p1 -b .deplibs
%patch4 -p1 -b .disablemods

%patch21 -p0 -b .xfsz
%patch22 -p1 -b .pod
%patch23 -p1 -b .export
%patch24 -p1 -b .corelimit

%patch54 -p1 -b .authnoprov
%patch60 -p1 -b .sslusername


# copy across the migration guide and sed it's location into apachectl
cp $RPM_SOURCE_DIR/migration.{html,css} .
%{__perl} -pi -e "s:\@docdir\@:%{_docdir}/%{name}-%{version}:g" \
	support/apachectl.in


# add Vine configure's option to config.layout
sed -e "s|${prefix}/lib|${prefix}/%{_lib}|" \
  < $RPM_SOURCE_DIR/vine-config.layout >> config.layout

# regenerate configure scripts
./buildconf

%build
# remove bundled apr, apr-util, pcre
rm -rf srclib/{apr,apr-util,pcre}

#CFLAGS="$RPM_OPT_FLAGS -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"
#AP_LIBS="-lssl -lcrypto"
#export CFLAGS AP_LIBS
CFLAGS="$RPM_OPT_FLAGS"
SH_LDFLAGS="-Wl,-z,relro"
export CFLAGS SH_LDFLAGS

%define mpms worker prefork
%define prefer_mpm prefork

AP_CONFOPTS="\
	--prefix=%{_sysconfdir}/apache2 \
	--exec-prefix=%{_prefix} \
	--bindir=%{_bindir} \
	--sbindir=%{_sbindir} \
	--mandir=%{_mandir} \
	--libdir=%{_libdir} \
	--sysconfdir=%{_sysconfdir}/apache2/conf \
        --includedir=%{_includedir}/apache2 \
	--libexecdir=%{_libdir}/apache2/modules \
	--datadir=%{contentdir} \
	--with-installbuilddir=%{_libdir}/apache2/build \
	--enable-layout=Vine \
 	--with-program-name=apache2 \
	--with-ldap \
	--enable-ldap --enable-authnz-ldap \
	--enable-mods-shared=all \
        --enable-cache=shared \
        --enable-cgi=shared \
        --enable-cgid=shared \
        --enable-rewrite=shared \
        --enable-disk-cache=shared \
        --enable-file-cache=shared \
        --enable-mem-cache=shared \
	--enable-authn-anon --enable-authn-alias \
	--with-apr=%{_prefix} --with-apr-util=%{_prefix} \
	--enable-suexec --with-suexec \
	--with-suexec-caller=%{suexec_caller} \
	--with-suexec-docroot=%{contentdir} \
	--with-suexec-logfile=%{_localstatedir}/log/apache2/suexec.log \
	--with-suexec-bin=%{_libdir}/%{pkgname}/suexec \
	--with-suexec-uidmin=500 --with-suexec-gidmin=500 \
	--with-pcre \
	--enable-ssl --with-ssl \
	--enable-deflate \
	--enable-proxy --enable-proxy-connect \
	--enable-proxy-http --enable-proxy-ftp"
#all  mpm build
for mpm in %{mpms}; do
   mkdir mpm-$mpm;
   cd mpm-$mpm;
   ../configure $AP_CONFOPTS --with-mpm=$mpm --srcdir=../ ;
   make %{?_smp_mflags} ;
#   mv apache2 apache2.$mpm ;
   cd ../
done

%install
rm -rf $RPM_BUILD_ROOT

# Classify ab and logresolve as section 1 commands, as they are in /usr/bin
cp -p docs/man/ab.8 docs/man/ab.1
sed -e "1s/logresolve 8/logresolve 1/" \
  < docs/man/logresolve.8 > docs/man/logresolve.1
#rm docs/man/logresolve.8

# install mpms binary 
pushd mpm-worker
  make DESTDIR=$RPM_BUILD_ROOT install
  rm -f $RPM_BUILD_ROOT/%{_sbindir}/apache2
popd

for mpm in %{mpms}; do
    install -m755 mpm-$mpm/apache2 $RPM_BUILD_ROOT/%{_sbindir}/apache2.$mpm
done

# install conf file/directory
mkdir $RPM_BUILD_ROOT%{_sysconfdir}/apache2/conf.d
install -m 644 $RPM_SOURCE_DIR/README.confd \
   $RPM_BUILD_ROOT%{_sysconfdir}/apache2/conf.d/README
install -m 644 $RPM_SOURCE_DIR/ssl.conf \
   $RPM_BUILD_ROOT%{_sysconfdir}/apache2/conf.d/ssl.conf

rm $RPM_BUILD_ROOT%{_sysconfdir}/apache2/conf/*.conf
install -m 644 $RPM_SOURCE_DIR/httpd.conf \
   $RPM_BUILD_ROOT%{_sysconfdir}/apache2/conf/httpd.conf

# mod_ssl bits
for suffix in crl crt csr key prm; do
   mkdir $RPM_BUILD_ROOT%{_sysconfdir}/apache2/conf/ssl.${suffix}
done

# Makefiles for certificate management
for ext in crt crl; do 
  install -m 644 $RPM_SOURCE_DIR/mod_ssl-Makefile.${ext} \
	$RPM_BUILD_ROOT%{_sysconfdir}/apache2/conf/ssl.${ext}/Makefile.${ext}
done
ln -s ../../../usr/share/ssl/certs/Makefile $RPM_BUILD_ROOT/etc/apache2/conf

# for holding mod_dav lock database
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/dav

# create a prototype session cache
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/cache/mod_ssl
touch $RPM_BUILD_ROOT%{_localstatedir}/cache/mod_ssl/scache.{dir,pag,sem}

# move utilities to /usr/bin
mv $RPM_BUILD_ROOT%{_sbindir}/{ab,htdbm,logresolve,htpasswd,htdigest} \
   $RPM_BUILD_ROOT%{_bindir}

# Make the MMN accessible to module packages
echo %{mmn} > $RPM_BUILD_ROOT%{_includedir}/apache2/.mmn

# docroot
# mkdir $RPM_BUILD_ROOT%{contentdir}/html
install -m 644 $RPM_SOURCE_DIR/index.html.ja \
	$RPM_BUILD_ROOT%{contentdir}/error/noindex.html
rm -r $RPM_BUILD_ROOT%{contentdir}/manual/style

install -m 644 $RPM_SOURCE_DIR/vine.png \
	$RPM_BUILD_ROOT%{contentdir}/icons

# logs
# rmdir $RPM_BUILD_ROOT%{_sysconfdir}/apache2/logs
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/log/apache2

ln -sf %{_sysconfdir}/%{pkgname}/conf/httpd.conf $RPM_BUILD_ROOT/%{_sysconfdir}/%{pkgname}/conf/apache2.conf


# symlinks for /etc/apache2
ln -s ../..%{_localstatedir}/log/apache2 $RPM_BUILD_ROOT/etc/apache2/logs
ln -s ../..%{_localstatedir}/run $RPM_BUILD_ROOT/etc/apache2/run
ln -s ../..%{_libdir}/apache2/modules $RPM_BUILD_ROOT/etc/apache2/modules
ln -s ../..%{_libdir}/apache2/build $RPM_BUILD_ROOT/etc/apache2/build

# install SYSV init stuff
mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d
install -m755 $RPM_SOURCE_DIR/apache2.init \
	$RPM_BUILD_ROOT/etc/rc.d/init.d/apache2
%{__perl} -pi -e "s:\@docdir\@:%{_docdir}/%{name}-%{version}:g" \
	$RPM_BUILD_ROOT/etc/rc.d/init.d/apache2	

# install log rotation stuff
mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d
install -m644 $RPM_SOURCE_DIR/apache2.logrotate \
	$RPM_BUILD_ROOT/etc/logrotate.d/apache2

mv $RPM_BUILD_ROOT/%{_sbindir}/apachectl $RPM_BUILD_ROOT/%{_sbindir}/apache2ctl

# fix man page paths
sed -e "s|/usr/local/apache2/conf/httpd.conf|/etc/apache2/conf/httpd.conf|" \
    -e "s|/usr/local/apache2/conf/mime.types|/etc/mime.types|" \
    -e "s|/usr/local/apache2/conf/magic|/etc/apache2/conf/magic|" \
    -e "s|/usr/local/apache2/logs/error_log|/var/log/apache2/error_log|" \
    -e "s|/usr/local/apache2/logs/access_log|/var/log/apache2/access_log|" \
    -e "s|/usr/local/apache2/logs/httpd.pid|/var/run/apache2.pid|" \
    -e "s|/usr/local/apache2|/etc/httpd|" < $RPM_SOURCE_DIR/apache2.8 \
  > $RPM_BUILD_ROOT%{_mandir}/man8/apache2.8

install -m644 $RPM_SOURCE_DIR/apache2ctl.8 \
	$RPM_BUILD_ROOT%{_mandir}/man8/apache2ctl.8

# change command name to avoid conflict with apache1 pacjage
%define cflcmd /usr/bin/htdigest /usr/bin/htpasswd /usr/sbin/rotatelogs 

for i in %{cflcmd}; do \
  echo $i 
  mv $RPM_BUILD_ROOT$i $RPM_BUILD_ROOT$i"2";
done;

mv $RPM_BUILD_ROOT/%{_sbindir}/apxs $RPM_BUILD_ROOT/%{_bindir}/apxs

%define cflman usr/share/man/man1/dbmmanage.1 usr/share/man/man1/htdigest.1 usr/share/man/man1/htpasswd.1 usr/share/man/man8/rotatelogs.8 usr/share/man/man8/suexec.8 usr/share/man/man8/apxs.8 usr/share/man/man8/httpd.8

(cd $RPM_BUILD_ROOT;
for i in %{cflman}; do \
    echo $i | sed -e "s|\.1|2\.1|" -e "s|\.8|2\.8|" |    xargs mv $i ;
    
done;
)

#cp $RPM_SOURCE_DIR/config_vars.mk $RPM_BUILD_ROOT/%{_sysconfdir}/%{pkgname}/build/.
mv $RPM_BUILD_ROOT/%{_sbindir}/suexec $RPM_BUILD_ROOT/%{_libdir}/%{pkgname}/suexec


rm -f $RPM_BUILD_ROOT%{_mandir}/man1/ab*
rm -f $RPM_BUILD_ROOT%{_mandir}/man1/logresolve*
# conflict with apache 1, so removed...
rm -f $RPM_BUILD_ROOT%{_mandir}/man8/ab*
rm -f $RPM_BUILD_ROOT%{_mandir}/man8/logresolve*

# remove unpackaged files
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/apache2/conf/mime.types \
      $RPM_BUILD_ROOT%{_libdir}/*.la \
      $RPM_BUILD_ROOT%{_libdir}/*.exp \
      $RPM_BUILD_ROOT%{_libdir}/apache2/modules/*.exp \
      $RPM_BUILD_ROOT%{_libdir}/apache2/build/config.nice \
      $RPM_BUILD_ROOT%{_sbindir}/{apache2,checkgid,dbmmanage,envvars*} \
      $RPM_BUILD_ROOT%{contentdir}/html/* \
      $RPM_BUILD_ROOT%{contentdir}/cgi-bin/*

%pre
# Add the "apache" user
/usr/sbin/useradd -c "Apache" -u 48 \
	-s /sbin/nologin -r -d %{contentdir} apache 2> /dev/null || :

%triggerpostun -- apache < 2.0
/sbin/chkconfig --add apache2


%post
# Register the httpd service
for mpm in %{mpms}; do
  /sbin/update-alternatives --install %{_sbindir}/apache2 apache2 %{_sbindir}/apache2.$mpm 20;
done
/sbin/update-alternatives --install %{_sbindir}/apache2 apache2 %{_sbindir}/apache2.%{prefer_mpm} 30
/sbin/chkconfig --add apache2

%preun
if [ $1 = 0 ]; then
	/sbin/service apache2 stop > /dev/null 2>&1
	/sbin/chkconfig --del apache2
	for mpm in %{mpms}; do
	  /sbin/update-alternatives --remove apache2 %{_sbindir}/apache2.$mpm;
	done  
fi

%postun
if [ "$1" -ge 1 ]; then
	/sbin/service apache2 condrestart
fi
/sbin/ldconfig

%post -n mod_ssl-apache2
/sbin/ldconfig ### is this needed?
umask 077

if [ ! -f %{_sysconfdir}/apache2/conf/ssl.key/server.key ] ; then
%{_bindir}/openssl genrsa -rand /proc/apm:/proc/cpuinfo:/proc/dma:/proc/filesystems:/proc/interrupts:/proc/ioports:/proc/pci:/proc/rtc:/proc/uptime 1024 > %{_sysconfdir}/apache2/conf/ssl.key/server.key 2> /dev/null
fi

FQDN=`hostname`
if [ "x${FQDN}" = "x" ]; then
   FQDN=localhost.localdomain
fi

if [ ! -f %{_sysconfdir}/apache2/conf/ssl.crt/server.crt ] ; then
cat << EOF | %{_bindir}/openssl req -new -key %{_sysconfdir}/apache2/conf/ssl.key/server.key -x509 -days 365 -out %{_sysconfdir}/apache2/conf/ssl.crt/server.crt 2>/dev/null
--
SomeState
SomeCity
SomeOrganization
SomeOrganizationalUnit
${FQDN}
root@${FQDN}
EOF
fi

%clean
rm -rf $RPM_BUILD_ROOT

%files
%defattr(-,root,root)

%doc ABOUT_APACHE README CHANGES LAYOUT LICENSE
%doc migration.html migration.css

%dir %{_sysconfdir}/apache2
%{_sysconfdir}/apache2/modules
%{_sysconfdir}/apache2/logs
%{_sysconfdir}/apache2/run
%dir %{_sysconfdir}/apache2/conf
%config(noreplace) %{_sysconfdir}/apache2/conf/*.conf
%config(noreplace) %{_sysconfdir}/apache2/conf/magic

%config %{_sysconfdir}/logrotate.d/apache2
%config %{_sysconfdir}/rc.d/init.d/apache2

%dir %{_sysconfdir}/apache2/conf.d
%{_sysconfdir}/apache2/conf.d/README

%dir %{_sysconfdir}/apache2/conf/extra
%config %{_sysconfdir}/apache2/conf/extra/*

%dir %{_sysconfdir}/apache2/conf/original
%{_sysconfdir}/apache2/conf/original/*

%{_bindir}/ab
%{_bindir}/ht*
%{_bindir}/logresolve
%{_sbindir}/ht*
%{_sbindir}/apache2.*
%{_sbindir}/apache2ctl
%{_sbindir}/rotatelogs2
%attr(4510,root,%{suexec_caller}) %{_libdir}/%{pkgname}/suexec

%dir %{_libdir}/apache2
%dir %{_libdir}/apache2/modules
# everything but mod_ssl.so:
%{_libdir}/apache2/modules/mod_[a-r]*.so
%{_libdir}/apache2/modules/mod_s[petu]*.so
%{_libdir}/apache2/modules/mod_[t-z]*.so

%dir %{contentdir}
%dir %{contentdir}/cgi-bin
%dir %{contentdir}/html
%dir %{contentdir}/icons
%dir %{contentdir}/error
%dir %{contentdir}/error/include
%{contentdir}/icons/*
%{contentdir}/error/README
%{contentdir}/error/noindex.html
%config(noreplace) %{contentdir}/error/*.var
%config(noreplace) %{contentdir}/error/include/*.html

%attr(0700,root,root) %dir %{_localstatedir}/log/apache2

%attr(0700,apache,apache) %dir %{_localstatedir}/lib/dav

%{_mandir}/man1/*

%{_mandir}/man8/*

%files manual
%defattr(-,root,root)
%{contentdir}/manual

%files -n mod_ssl-apache2
%defattr(-,root,root)
%{_libdir}/apache2/modules/mod_ssl.so
%config(noreplace) %{_sysconfdir}/apache2/conf.d/ssl.conf
%attr(0700,root,root) %dir %{_sysconfdir}/apache2/conf/ssl.*
%config %{_sysconfdir}/apache2/conf/Makefile
%config %{_sysconfdir}/apache2/conf/ssl.*/*
%attr(0700,apache,root) %dir %{_localstatedir}/cache/mod_ssl
%attr(0600,apache,root) %ghost %{_localstatedir}/cache/mod_ssl/scache.dir
%attr(0600,apache,root) %ghost %{_localstatedir}/cache/mod_ssl/scache.pag
%attr(0600,apache,root) %ghost %{_localstatedir}/cache/mod_ssl/scache.sem

%files devel
%defattr(-,root,root)
%{_includedir}/apache2
%{_sysconfdir}/apache2/build
%{_bindir}/apxs
%{_mandir}/man8/apxs*
%{_libdir}/apache2/build/*.mk
%{_libdir}/apache2/build/*.sh

%changelog
* Sun Aug 09 2009 Daisuke SUZUKI  2.2.13-1
- new upstream release

* Wed Jul 29 2009 Daisuke SUZUKI  2.2.12-1
- new upstream release 
  (including security fix for CVE-2009-1890, CVE-2009-1191,
   CVE-2009-1195, CVE-2009-1955, CVE-2009-1956, CVE-2009-0023)

* Fri Jan 09 2009 NAKAMURA Kenta  2.2.11-2
- rebuilt with openldap-2.4.11

* Fri Jan  2 2009 Ryoichi INAGAKI  2.2.11-1
- new upstream release

* Sat Oct 18 2008 Ryoichi INAGAKI  2.2.10-1
- new upstream release (including security fix for CVE-2008-2939)

* Fri Jun 20 2008 Ryoichi INAGAKI  2.2.9-1
- new upstream release (including security fix for CVE-2008-2364, CVE-2007-6420)
- built with db4-4.6.21, apr 1.3.0

* Sun Apr 27 2008 Tomohiro 'Tomo-p' KATO  2.2.8-1
- add Patch60 (to fix bug#31418).

* Thu Feb 21 2008 AKIYAMA Kazuhito  2.2.8-0vl2
- rebuild with expat-2.0.1

* Tue Jan 22 2008 Daisuke SUZUKI  2.2.8-0vl1
- new upstream release

* Sat Nov  3 2007 Ryoichi INAGAKI  2.2.6-0vl2
- added postun script from VinePlus/4.0 package
  * Tue Sep 11 2007 Satoshi IWAMOTO  2.2.3-0vl3.2
  - add postun script to restart daemon with message

* Sun Jul 01 2007 NAKAMURA Kenta  2.2.3-0vl8
- updated Patch2: httpd-2.2.3-apxs.patch

* Sun Jun 24 2007 NAKAMURA Kenta  2.2.3-0vl7
- modified libdir in config.layout for lib64 architecture

* Sun May 27 2007 Ryoichi INAGAKI  2.2.3-0vl6
- rebuilt with openssl-0.9.8e

* Thu May 10 2007 MATSUBAYASHI Kohji  2.2.3-0vl5
- rebuilt with new toolchain and db4-4.3.x

* Tue Feb  7 2007 Ryoichi INAGAKI  2.2.3-0vl4
- added BuildRequires: pcre-devel, sqlite3-devel 

* Mon Sep 11 2006 Kazutaka HARADA  2.2.3-0vl3
- change manual Group to Applications/Documentation. 

* Sun Aug 27 2006 NAKAMURA Kenta  2.2.3-0vl2
- rebuilt with openldap-2.3.27-0vl1

* Sat Jul 29 2006 Ryoichi INAGAKI  2.2.3-0vl1
- new upstream release including security fix (CVE-2006-3747)

* Sun May 28 2006 Daisuke SUZUKI  2.2.2-0vl1
- new upstream release
  - update to 2.2.2
- remove apr/apr-devel subpackage, 
  use external apr/apr-util instead of internal one.

* Sun May 28 2006 Daisuke SUZUKI  2.0.58-0vl1
- new upstream release
- use apache2.prefork as default.

* Thu Mar 23 2006 Daisuke SUZUKI  2.0.55-0vl3
- rebuild to use new _localstatedir (rpm-4.4.2-0vl11)
- remove unpackaged files in %%install section

* Fri Jan 27 2006 Daisuke SUZUKI  2.0.55-0vl2
- fix logrotate configuration (use apache2.pid instead of httpd.pid)
  (BTS:10)
- use Epoch instead of Serial

* Sat Oct 15 2005 Daisuke SUZUKI  2.0.55-0vl1
- new upstream release
- drop obsolete security patches which is merged in upstream

* Sat Oct 08 2005 Daisuke SUZUKI  2.0.54-0vl1
- new upstream release

* Sun Sep 11 2005 Ryoichi INAGAKI  2.0.53-0vl2
- added Patch122 to 125 for secutiry fix
  (CAN-2004-{1268,2088,2700,2728})
- fix %install section

* Sun Apr 10 2005 Ryoichi INAGAKI  2.0.53-0vl1
- new upstream release

* Sat Nov 06 2004 Daisuke SUZUKI  2.0.52-0vl1
- new upstream release

* Sun Oct 24 2004 MATSUBAYASHI Kohji  2.0.50-0vl4
- rebuilt with db4-4.2.52

* Sat Sep  4 2004 USAMI Kosuke  - 2.0.50-0vl3
- separate apr, apr-devel packages
- add BuildPreReq: zlib-devel

* Sun Jul 11 2004 Daisuke SUZUKI  2.0.50-0vl2
- fix %%files to include instdso.sh
  thanks to jax 
- add %%{?_smp_mflags} to make option.

* Sun Jul  4 2004 IWAI, Masaharu  2.0.50-0vl1
- new upstream version

* Sun Nov 23 2003 IWAI, Masaharu  2.0.48-0vl1
- new upstream version

* Mon Sep 15 2003 IWAI, Masaharu  2.0.47-0vl1
- new upstream version
- update apxs patch (Patch101)
- fix dependency:
    - change file name to package name in Requires and {Build,}Prereq
- add BuildPrereq: openldap-devel
- update %%files section
- rename httpd.8 manpage

* Tue May 12 2003 Satoshi MACHINO  2.0.45-0vl1
- new upstream version
- used vine-config.layout in srclib

* Tue May 12 2003 Satoshi MACHINO  2.0.44-0vl9
- rebuild

* Sun Apr  6 2003 Kazuhisa TAKEI  2.0.44-0vl8
- change pkg name from mod_ssl to mod_ssl-apache2
- remove "apache-manual" entry from Obsoletes:

* Thu Apr  3 2003 Kazuhisa TAKEI  2.0.44-0vl7
- remove "mod_dav" and "apache-devel" from Obsoletes: 
- enable MPMS(worker %mpms )

* Sun Mar 30 2003 Kazuhisa TAKEI  2.0.44-0vl6
- add correct config_vars.mk

* Sun Mar 30 2003 Kazuhisa TAKEI  2.0.44-0vl5
- apply apxs's patch ( from Debian)

* Sun Mar 30 2003 Kazuhisa TAKEI  2.0.44-0vl4
- add apr-config,apu-config to devel's %file 

* Sun Mar 30 2003 Kazuhisa TAKEI  2.0.44-0vl3
- change apxs path ( /usr/sbin -> /usr/bin
- add symlink under /etc/apache2/conf
  (logs, run), httpd.conf -> apache2.conf
- fixed apache2 initscript.

* Sat Mar 29 2003 Kazuhisa TAKEI  2.0.44-0vl2
- build Vine Linux
- new upstream version
- sharing with apache1

* Wed Sep  4 2002 Nalin Dahyabhai  2.0.40-8
- link httpd with libssl to avoid library loading/unloading weirdness

* Tue Sep  3 2002 Joe Orton  2.0.40-7
- add LoadModule lines for proxy modules in httpd.conf (#73349)
- fix permissions of conf/ssl.*/ directories; add Makefiles for
  certificate management (#73352)

* Mon Sep  2 2002 Joe Orton  2.0.40-6
- provide "httpd-mmn" to manage module ABI compatibility

* Sun Sep  1 2002 Joe Orton  2.0.40-5
- fix SSL session cache (#69699)
- revert addition of LDAP support to apr-util

* Mon Aug 26 2002 Joe Orton  2.0.40-4
- set SIGXFSZ disposition to "ignored" (#69520)
- make dummy connections to the first listener in config (#72692)

* Mon Aug 26 2002 Joe Orton  2.0.40-3
- allow "apachectl configtest" on a 1.3 httpd.conf
- add mod_deflate
- enable LDAP support in apr-util
- don't package everything in /path/to/directory/error as config(noreplace)

* Wed Aug 21 2002 Bill Nottingham  2.0.40-2
- add trigger (#68657)

* Mon Aug 12 2002 Joe Orton  2.0.40-1
- update to 2.0.40

* Wed Jul 24 2002 Joe Orton  2.0.36-8
- improve comment on use of UserDir in default config (#66886)

* Wed Jul 10 2002 Joe Orton  2.0.36-7
- use /sbin/nologin as shell for apache user (#68371)
- add patch from CVS to fix possible infinite loop when processing
  internal redirects

* Wed Jun 26 2002 Gary Benson  2.0.36-6
- modify init script to detect 1.3.x httpd.conf's and direct users
  to the migration guide

* Tue Jun 25 2002 Gary Benson  2.0.36-5
- patch apachectl to detect 1.3.x httpd.conf's and direct users
  to the migration guide
- ship the migration guide

* Fri Jun 21 2002 Joe Orton 
- move /etc/httpd2 back to /etc/httpd
- add noindex.html page and poweredby logo; tweak default config
  to load noindex.html if no default "/" page is present.
- add patch to prevent mutex errors on graceful restart

* Fri Jun 21 2002 Tim Powers  2.0.36-4
- automated rebuild

* Wed Jun 12 2002 Joe Orton  2.0.36-3
- add patch to fix SSL mutex handling

* Wed Jun 12 2002 Joe Orton  2.0.36-2
- improved config directory patch

* Mon May 20 2002 Joe Orton 
- initial build; based heavily on apache.spec and mod_ssl.spec
- fixes: #65214, #58490, #57376, #61265, #65518, #58177, #57245

そしてビルド。

$ rpmbuild -bb --clean apache2-vl.spec

ビルド後インストール。

$ cd ../RPMS/x86_64
$ su
# rpm -ivh apache2-2.2.13-1vl5.x86_64.rpm apache2-devel-2.2.13-1vl5.x86_64.rpm mod_ssl-apache2-2.2.13-1vl5.x86_64.rpm


メイン設定ファイル。

# cd /etc/apache2/conf
# vi httpd.conf
#
# This is the main Apache HTTP server configuration file.  It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs/2.2> for detailed information.
# In particular, see 
# <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>
# for a discussion of each configuration directive.
#
# Do NOT simply read the instructions in here without understanding
# what they do.  They're here only as hints or reminders.  If you are unsure
# consult the online docs. You have been warned.  
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path.  If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "/var/log/apache2/foo_log"
# with ServerRoot set to "/etc/apache2" will be interpreted by the
# server as "/etc/apache2//var/log/apache2/foo_log".

#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# Do not add a slash at the end of the directory path.  If you point
# ServerRoot at a non-local disk, be sure to point the LockFile directive
# at a local disk.  If you wish to share the same ServerRoot for multiple
# httpd daemons, you will need to change at least LockFile and PidFile.
#
ServerRoot "/etc/apache2"

#
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
#
# Change this to Listen on specific IP addresses as shown below to 
# prevent Apache from glomming onto all bound IP addresses.
#
#Listen 12.34.56.78:80
Listen 80

#
# Dynamic Shared Object (DSO) Support
#
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
#
# Example:
# LoadModule foo_module modules/mod_foo.so
#
LoadModule authn_file_module /usr/lib64/apache2/modules/mod_authn_file.so
LoadModule authn_dbm_module /usr/lib64/apache2/modules/mod_authn_dbm.so
LoadModule authn_anon_module /usr/lib64/apache2/modules/mod_authn_anon.so
LoadModule authn_dbd_module /usr/lib64/apache2/modules/mod_authn_dbd.so
LoadModule authn_default_module /usr/lib64/apache2/modules/mod_authn_default.so
LoadModule authn_alias_module /usr/lib64/apache2/modules/mod_authn_alias.so
LoadModule authz_host_module /usr/lib64/apache2/modules/mod_authz_host.so
LoadModule authz_groupfile_module /usr/lib64/apache2/modules/mod_authz_groupfile.so
LoadModule authz_user_module /usr/lib64/apache2/modules/mod_authz_user.so
LoadModule authz_dbm_module /usr/lib64/apache2/modules/mod_authz_dbm.so
LoadModule authz_owner_module /usr/lib64/apache2/modules/mod_authz_owner.so
LoadModule authnz_ldap_module /usr/lib64/apache2/modules/mod_authnz_ldap.so
LoadModule authz_default_module /usr/lib64/apache2/modules/mod_authz_default.so
LoadModule auth_basic_module /usr/lib64/apache2/modules/mod_auth_basic.so
LoadModule auth_digest_module /usr/lib64/apache2/modules/mod_auth_digest.so
LoadModule file_cache_module /usr/lib64/apache2/modules/mod_file_cache.so
LoadModule cache_module /usr/lib64/apache2/modules/mod_cache.so
LoadModule disk_cache_module /usr/lib64/apache2/modules/mod_disk_cache.so
LoadModule mem_cache_module /usr/lib64/apache2/modules/mod_mem_cache.so
LoadModule dbd_module /usr/lib64/apache2/modules/mod_dbd.so
LoadModule dumpio_module /usr/lib64/apache2/modules/mod_dumpio.so
LoadModule reqtimeout_module /usr/lib64/apache2/modules/mod_reqtimeout.so
LoadModule ext_filter_module /usr/lib64/apache2/modules/mod_ext_filter.so
LoadModule include_module /usr/lib64/apache2/modules/mod_include.so
LoadModule filter_module /usr/lib64/apache2/modules/mod_filter.so
LoadModule substitute_module /usr/lib64/apache2/modules/mod_substitute.so
LoadModule deflate_module /usr/lib64/apache2/modules/mod_deflate.so
LoadModule ldap_module /usr/lib64/apache2/modules/mod_ldap.so
LoadModule log_config_module /usr/lib64/apache2/modules/mod_log_config.so
LoadModule log_forensic_module /usr/lib64/apache2/modules/mod_log_forensic.so
LoadModule logio_module /usr/lib64/apache2/modules/mod_logio.so
LoadModule env_module /usr/lib64/apache2/modules/mod_env.so
LoadModule mime_magic_module /usr/lib64/apache2/modules/mod_mime_magic.so
LoadModule cern_meta_module /usr/lib64/apache2/modules/mod_cern_meta.so
LoadModule expires_module /usr/lib64/apache2/modules/mod_expires.so
LoadModule headers_module /usr/lib64/apache2/modules/mod_headers.so
LoadModule ident_module /usr/lib64/apache2/modules/mod_ident.so
LoadModule usertrack_module /usr/lib64/apache2/modules/mod_usertrack.so
LoadModule unique_id_module /usr/lib64/apache2/modules/mod_unique_id.so
LoadModule setenvif_module /usr/lib64/apache2/modules/mod_setenvif.so
LoadModule version_module /usr/lib64/apache2/modules/mod_version.so
LoadModule proxy_module /usr/lib64/apache2/modules/mod_proxy.so
LoadModule proxy_connect_module /usr/lib64/apache2/modules/mod_proxy_connect.so
LoadModule proxy_ftp_module /usr/lib64/apache2/modules/mod_proxy_ftp.so
LoadModule proxy_http_module /usr/lib64/apache2/modules/mod_proxy_http.so
LoadModule proxy_scgi_module /usr/lib64/apache2/modules/mod_proxy_scgi.so
LoadModule proxy_ajp_module /usr/lib64/apache2/modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module /usr/lib64/apache2/modules/mod_proxy_balancer.so
LoadModule ssl_module /usr/lib64/apache2/modules/mod_ssl.so
LoadModule mime_module /usr/lib64/apache2/modules/mod_mime.so
LoadModule dav_module /usr/lib64/apache2/modules/mod_dav.so
LoadModule status_module /usr/lib64/apache2/modules/mod_status.so
LoadModule autoindex_module /usr/lib64/apache2/modules/mod_autoindex.so
LoadModule asis_module /usr/lib64/apache2/modules/mod_asis.so
LoadModule info_module /usr/lib64/apache2/modules/mod_info.so
LoadModule suexec_module /usr/lib64/apache2/modules/mod_suexec.so
LoadModule cgid_module /usr/lib64/apache2/modules/mod_cgid.so
LoadModule cgi_module /usr/lib64/apache2/modules/mod_cgi.so
LoadModule dav_fs_module /usr/lib64/apache2/modules/mod_dav_fs.so
LoadModule vhost_alias_module /usr/lib64/apache2/modules/mod_vhost_alias.so
LoadModule negotiation_module /usr/lib64/apache2/modules/mod_negotiation.so
LoadModule dir_module /usr/lib64/apache2/modules/mod_dir.so
LoadModule imagemap_module /usr/lib64/apache2/modules/mod_imagemap.so
LoadModule actions_module /usr/lib64/apache2/modules/mod_actions.so
LoadModule speling_module /usr/lib64/apache2/modules/mod_speling.so
LoadModule userdir_module /usr/lib64/apache2/modules/mod_userdir.so
LoadModule alias_module /usr/lib64/apache2/modules/mod_alias.so
LoadModule rewrite_module /usr/lib64/apache2/modules/mod_rewrite.so

<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.  
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
User apache
Group apache

</IfModule>
</IfModule>

# 'Main' server configuration
#
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition.  These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
#
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
#

#
# ServerAdmin: Your address, where problems with the server should be
# e-mailed.  This address appears on some server-generated pages, such
# as error documents.  e.g. admin@your-domain.com
#
ServerAdmin you@example.com

#
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
#
# If your host doesn't have a registered DNS name, enter its IP address here.
#
#ServerName www.example.com:80

#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
DocumentRoot "/path/to/directory/html"

#
# Each directory to which Apache has access can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories). 
#
# First, we configure the "default" to be a very restrictive set of 
# features.  
#
<Directory />
    Options None
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>

#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#

#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/path/to/directory/html">
    #
    # Possible values for the Options directive are "None", "All",
    # or any combination of:
    #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
    #
    # Note that "MultiViews" must be named *explicitly* --- "Options All"
    # doesn't give it to you.
    #
    # The Options directive is both complicated and important.  Please see
    # http://httpd.apache.org/docs/2.2/mod/core.html#options
    # for more information.
    #
    Options Indexes FollowSymLinks

    #
    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be "All", "None", or any combination of the keywords:
    #   Options FileInfo AuthConfig Limit
    #
    AllowOverride None

    #
    # Controls who can get stuff from this server.
    #
    Order allow,deny
    Allow from all

</Directory>

#
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
<IfModule dir_module>
    DirectoryIndex index.html index.php index.cgi
</IfModule>

#
# The following lines prevent .htaccess and .htpasswd files from being 
# viewed by Web clients. 
#
<FilesMatch "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy All
</FilesMatch>

#
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here.  If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog "/var/log/apache2/error_log"

#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn

<IfModule log_config_module>
    #
    # The following directives define some format nicknames for use with
    # a CustomLog directive (see below).
    #
    LogFormat "%h %l %u %t \"%!414r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common
    SetEnvIf Remote_addr "^192\.168\.[01]\.[0-9]{1,3}$" no_log
    SetEnvIfNoCase Request_URI "^.*\.(gif|jp?g|png|ico|xml|txt|css|js)$" no_log
    SetEnvIf User-Agent "(Baiduspider|Yeti)" robots

    <IfModule logio_module>
      # You need to enable mod_logio.c to use %I and %O
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>

    #
    # The location and format of the access logfile (Common Logfile Format).
    # If you do not define any access logfiles within a <VirtualHost>
    # container, they will be logged here.  Contrariwise, if you *do*
    # define per-<VirtualHost> access logfiles, transactions will be
    # logged therein and *not* in this file.
    #
    #CustomLog "/var/log/apache2/access_log" common

    #
    # If you prefer a logfile with access, agent, and referer information
    # (Combined Logfile Format) you can use the following directive.
    #
    #CustomLog "/var/log/apache2/access_log" combined
</IfModule>

<IfModule alias_module>
    #
    # Redirect: Allows you to tell clients about documents that used to 
    # exist in your server's namespace, but do not anymore. The client 
    # will make a new request for the document at its new location.
    # Example:
    # Redirect permanent /foo http://www.example.com/bar

    #
    # Alias: Maps web paths into filesystem paths and is used to
    # access content that does not live under the DocumentRoot.
    # Example:
    # Alias /webpath /full/filesystem/path
    #
    # If you include a trailing / on /webpath then the server will
    # require it to be present in the URL.  You will also likely
    # need to provide a <Directory> section to allow access to
    # the filesystem path.

    #
    # ScriptAlias: This controls which directories contain server scripts. 
    # ScriptAliases are essentially the same as Aliases, except that
    # documents in the target directory are treated as applications and
    # run by the server when requested rather than as documents sent to the
    # client.  The same rules about trailing "/" apply to ScriptAlias
    # directives as to Alias.
    #
    ScriptAlias /cgi-bin/ "/path/to/directory/cgi-bin/"

</IfModule>

<IfModule cgid_module>
    #
    # ScriptSock: On threaded servers, designate the path to the UNIX
    # socket used to communicate with the CGI daemon of mod_cgid.
    #
    #Scriptsock /var/run/cgisock
</IfModule>

#
# "/path/to/directory/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
#
<Directory "/path/to/directory/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>

#
# DefaultType: the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value.  If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
DefaultType text/plain

<IfModule mime_module>
    #
    # TypesConfig points to the file containing the list of mappings from
    # filename extension to MIME-type.
    #
    TypesConfig /etc/mime.types

    #
    # AddType allows you to add to or override the MIME configuration
    # file specified in TypesConfig for specific file types.
    #
    #AddType application/x-gzip .tgz
    #
    # AddEncoding allows you to have certain browsers uncompress
    # information on the fly. Note: Not all browsers support this.
    #
    #AddEncoding x-compress .Z
    #AddEncoding x-gzip .gz .tgz
    #
    # If the AddEncoding directives above are commented-out, then you
    # probably should define those extensions to indicate media types:
    #
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz

    #
    # AddHandler allows you to map certain file extensions to "handlers":
    # actions unrelated to filetype. These can be either built into the server
    # or added with the Action directive (see below)
    #
    # To use CGI scripts outside of ScriptAliased directories:
    # (You will also need to add "ExecCGI" to the "Options" directive.)
    #
    #AddHandler cgi-script .cgi

    # For type maps (negotiated resources):
    #AddHandler type-map var

    #
    # Filters allow you to process content before it is sent to the client.
    #
    # To parse .shtml files for server-side includes (SSI):
    # (You will also need to add "Includes" to the "Options" directive.)
    #
    #AddType text/html .shtml
    #AddOutputFilter INCLUDES .shtml
</IfModule>

#
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type.  The MIMEMagicFile
# directive tells the module where the hint definitions are located.
#
#MIMEMagicFile conf/magic

#
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#

#
# EnableMMAP and EnableSendfile: On systems that support it, 
# memory-mapping or the sendfile syscall is used to deliver
# files.  This usually improves server performance, but must
# be turned off when serving from networked-mounted 
# filesystems or if support for these functions is otherwise
# broken on your system.
#
#EnableMMAP off
#EnableSendfile off

# Supplemental configuration
#
# The configuration files in the conf/extra/ directory can be 
# included to add extra features or to modify the default configuration of 
# the server, or you may simply copy their contents here and change as 
# necessary.

# Server-pool management (MPM specific)
Include conf/extra/httpd-mpm.conf

# Multi-language error messages
#Include conf/extra/httpd-multilang-errordoc.conf

# Fancy directory listings
#Include conf/extra/httpd-autoindex.conf

# Language settings
Include conf/extra/httpd-languages.conf

# User home directories
#Include conf/extra/httpd-userdir.conf

# Real-time info on requests and configuration
Include conf/extra/httpd-info.conf

# Virtual hosts
Include conf/extra/httpd-vhosts.conf

# Local access to the Apache HTTP Server Manual
#Include conf/extra/httpd-manual.conf

# Distributed authoring and versioning (WebDAV)
#Include conf/extra/httpd-dav.conf

# Various default settings
Include conf/extra/httpd-default.conf

# Secure (SSL/TLS) connections
#Include conf/extra/httpd-ssl.conf
#
# Note: The following must must be present to support
#       starting without SSL on platforms with no /dev/random equivalent
#       but a statically compiled-in mod_ssl.
#
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

mpm設定ファイル。

# cd extra
# vi httpd-mpm.conf
#
# Server-Pool Management (MPM specific)
# 

#
# PidFile: The file in which the server should record its process
# identification number when it starts.
#
# Note that this is the default PidFile for most MPMs.
#
<IfModule !mpm_netware_module>
    PidFile "/var/run/httpd.pid"
</IfModule>

#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
<IfModule !mpm_winnt_module>
<IfModule !mpm_netware_module>
LockFile "/var/log/apache2/accept.lock"
</IfModule>
</IfModule>

#
# Only one of the below sections will be relevant on your
# installed httpd.  Use "apachectl -l" to find out the
# active mpm.
#

# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_prefork_module>
    StartServers          5
    MinSpareServers       5
    MaxSpareServers      10
    MaxClients          150
    MaxRequestsPerChild   0
</IfModule>

# worker MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_worker_module>
    StartServers          2
    MaxClients          150
    MinSpareThreads      25
    MaxSpareThreads      75 
    ThreadsPerChild      25
    MaxRequestsPerChild   0
</IfModule>

# BeOS MPM
# StartThreads: how many threads do we initially spawn?
# MaxClients:   max number of threads we can have (1 thread == 1 client)
# MaxRequestsPerThread: maximum number of requests each thread will process
<IfModule mpm_beos_module>
    StartThreads            10
    MaxClients              50
    MaxRequestsPerThread 10000
</IfModule>

# NetWare MPM
# ThreadStackSize: Stack size allocated for each worker thread
# StartThreads: Number of worker threads launched at server startup
# MinSpareThreads: Minimum number of idle threads, to handle request spikes
# MaxSpareThreads: Maximum number of idle threads
# MaxThreads: Maximum number of worker threads alive at the same time
# MaxRequestsPerChild: Maximum  number of requests a thread serves. It is 
#                      recommended that the default value of 0 be set for this
#                      directive on NetWare.  This will allow the thread to 
#                      continue to service requests indefinitely.                          
<IfModule mpm_netware_module>
    ThreadStackSize      65536
    StartThreads           250
    MinSpareThreads         25
    MaxSpareThreads        250
    MaxThreads            1000
    MaxRequestsPerChild      0
    MaxMemFree             100
</IfModule>

# OS/2 MPM
# StartServers: Number of server processes to maintain
# MinSpareThreads: Minimum number of idle threads per process, 
#                  to handle request spikes
# MaxSpareThreads: Maximum number of idle threads per process
# MaxRequestsPerChild: Maximum number of connections per server process
<IfModule mpm_mpmt_os2_module>
    StartServers           2
    MinSpareThreads        5
    MaxSpareThreads       10
    MaxRequestsPerChild    0
</IfModule>

# WinNT MPM
# ThreadsPerChild: constant number of worker threads in the server process
# MaxRequestsPerChild: maximum  number of requests a server process serves
<IfModule mpm_winnt_module>
    ThreadsPerChild      150
    MaxRequestsPerChild    0
</IfModule>

language設定ファイル。

# vi httpd-language.conf
#
# Settings for hosting different languages.
#
# Required modules: mod_mime, mod_negotiation

# DefaultLanguage and AddLanguage allows you to specify the language of 
# a document. You can then use content negotiation to give a browser a 
# file in a language the user can understand.
#
# Specify a default language. This means that all data
# going out without a specific language tag (see below) will 
# be marked with this one. You probably do NOT want to set
# this unless you are sure it is correct for all cases.
#
# * It is generally better to not mark a page as 
# * being a certain language than marking it with the wrong
# * language!
#
DefaultLanguage ja
#
# Note 1: The suffix does not have to be the same as the language
# keyword --- those with documents in Polish (whose net-standard
# language code is pl) may wish to use "AddLanguage pl .po" to
# avoid the ambiguity with the common suffix for perl scripts.
#
# Note 2: The example entries below illustrate that in some cases 
# the two character 'Language' abbreviation is not identical to 
# the two character 'Country' code for its country,
# E.g. 'Danmark/dk' versus 'Danish/da'.
#
# Note 3: In the case of 'ltz' we violate the RFC by using a three char
# specifier. There is 'work in progress' to fix this and get
# the reference data for rfc1766 cleaned up.
#
# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
# Norwegian (no) - Polish (pl) - Portugese (pt)
# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
# Turkish (tr) - Simplified Chinese (zh-CN) - Spanish (es)
# Traditional Chinese (zh-TW)
#
AddLanguage ca .ca
AddLanguage cs .cz .cs
AddLanguage da .dk
AddLanguage de .de
AddLanguage el .el
AddLanguage en .en
AddLanguage eo .eo
AddLanguage es .es
AddLanguage et .et
AddLanguage fr .fr
AddLanguage he .he
AddLanguage hr .hr
AddLanguage it .it
AddLanguage ja .ja
AddLanguage ko .ko
AddLanguage ltz .ltz
AddLanguage nl .nl
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pl .po
AddLanguage pt .pt
AddLanguage pt-BR .pt-br
AddLanguage ru .ru
AddLanguage sv .sv
AddLanguage tr .tr
AddLanguage zh-CN .zh-cn
AddLanguage zh-TW .zh-tw

# LanguagePriority allows you to give precedence to some languages
# in case of a tie during content negotiation.
#
# Just list the languages in decreasing order of preference. We have
# more or less alphabetized them here. You probably want to change this.
#
LanguagePriority ja en ca cs da de el eo es et fr he hr it ko ltz nl nn no pl pt pt-BR ru sv tr zh-CN zh-TW

#
# ForceLanguagePriority allows you to serve a result page rather than
# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
# [in case no accepted languages matched the available variants]
#
ForceLanguagePriority Prefer Fallback

#
# Commonly used filename extensions to character sets. You probably
# want to avoid clashes with the language extensions, unless you
# are good at carefully testing your setup after each change.
# See http://www.iana.org/assignments/character-sets for the
# official list of charset names and their respective RFCs.
#
AddCharset us-ascii.ascii .us-ascii
AddCharset ISO-8859-1  .iso8859-1  .latin1
AddCharset ISO-8859-2  .iso8859-2  .latin2 .cen
AddCharset ISO-8859-3  .iso8859-3  .latin3
AddCharset ISO-8859-4  .iso8859-4  .latin4
AddCharset ISO-8859-5  .iso8859-5  .cyr .iso-ru
AddCharset ISO-8859-6  .iso8859-6  .arb .arabic
AddCharset ISO-8859-7  .iso8859-7  .grk .greek
AddCharset ISO-8859-8  .iso8859-8  .heb .hebrew
AddCharset ISO-8859-9  .iso8859-9  .latin5 .trk
AddCharset ISO-8859-10  .iso8859-10  .latin6
AddCharset ISO-8859-13  .iso8859-13
AddCharset ISO-8859-14  .iso8859-14  .latin8
AddCharset ISO-8859-15  .iso8859-15  .latin9
AddCharset ISO-8859-16  .iso8859-16  .latin10
AddCharset ISO-2022-JP .iso2022-jp .jis
AddCharset ISO-2022-KR .iso2022-kr .kis
AddCharset ISO-2022-CN .iso2022-cn .cis
AddCharset Big5.Big5   .big5 .b5
AddCharset cn-Big5 .cn-big5
# For russian, more than one charset is used (depends on client, mostly):
AddCharset WINDOWS-1251 .cp-1251   .win-1251
AddCharset CP866   .cp866
AddCharset KOI8  .koi8
AddCharset KOI8-E  .koi8-e
AddCharset KOI8-r  .koi8-r .koi8-ru
AddCharset KOI8-U  .koi8-u
AddCharset KOI8-ru .koi8-uk .ua
AddCharset ISO-10646-UCS-2 .ucs2
AddCharset ISO-10646-UCS-4 .ucs4
AddCharset UTF-7   .utf7
AddCharset UTF-8   .utf8
AddCharset UTF-16  .utf16
AddCharset UTF-16BE .utf16be
AddCharset UTF-16LE .utf16le
AddCharset UTF-32  .utf32
AddCharset UTF-32BE .utf32be
AddCharset UTF-32LE .utf32le
AddCharset euc-cn  .euc-cn
AddCharset euc-gb  .euc-gb
AddCharset euc-jp  .euc-jp
AddCharset euc-kr  .euc-kr
#Not sure how euc-tw got in - IANA doesn't list it???
AddCharset EUC-TW  .euc-tw
AddCharset gb2312  .gb2312 .gb
AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2
AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4
AddCharset shift_jis   .shift_jis .sjis

info設定ファイル。

# vi httpd-info.conf
#
# Get information about the requests being processed by the server
# and the configuration of the server.
#
# Required modules: mod_status (for the server-status handler),
#                   mod_info (for the server-info handler)

#
# Allow server status reports generated by mod_status,
# with the URL of http://servername/server-status
# Change the ".example.com" to match your domain to enable.

<Location /server-status>
    SetHandler server-status
    Order deny,allow
    Deny from all
    Allow from 192.168.0.0/23
</Location>

#
# ExtendedStatus controls whether Apache will generate "full" status
# information (ExtendedStatus On) or just basic information (ExtendedStatus
# Off) when the "server-status" handler is called. The default is Off.
#
ExtendedStatus On

#
# Allow remote server configuration reports, with the URL of
#  http://servername/server-info (requires that mod_info.c be loaded).
# Change the ".example.com" to match your domain to enable.
#
<Location /server-info>
    SetHandler server-info
    Order deny,allow
    Deny from all
    Allow from 192.168.0.0/23
</Location>

vhosts設定ファイル。

# vi httpd-vhosts.conf
#
# Virtual Hosts
#
# If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
# <URL:http://httpd.apache.org/docs/2.2/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.

#
# Use name-based virtual hosting.
#
NameVirtualHost *:80

#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
#
<VirtualHost *:80>
    ServerAdmin webmaster@example.com
    DocumentRoot "/path/to/directory"
    ServerName www.example.com
    ServerAlias www.example.com
    ErrorLog "/var/log/apache2/site_name-error_log"    
    CustomLog "/var/log/apache2/site_name-access_log" combined env=!no_log

<Directory "/path/to/directory">
    Options None
    AllowOverride None
    Order allow,deny
    Allow from all
    Deny from env=robots
</Directory>

ScriptAlias /cgi-bin/ "/path/to/directory/cgi-bin/"
<Directory "/path/to/directory/cgi-bin">
    Options ExecCGI
    Order allow,deny
    Allow from all
</Directory>

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteLog /var/log/apache2/site_name-rewrite.log
    RewriteCond %{HTTP_HOST} ^(example\.com)(:80)? [NC]
    RewriteRule ^(.*)$ http://www.example.com$1 [R=301,L]
</IfModule>
</VirtualHost>

default設定ファイル。

# vi httpd-default.conf
#
# This configuration file reflects default settings for Apache HTTP Server.
#
# You may change these, but chances are that you may not need to.
#

#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300

#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On

#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100

#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 5

#
# UseCanonicalName: Determines how Apache constructs self-referencing 
# URLs and the SERVER_NAME and SERVER_PORT variables.
# When set "Off", Apache will use the Hostname and Port supplied
# by the client.  When set "On", Apache will use the value of the
# ServerName directive.
#
UseCanonicalName Off

#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives.  See also the AllowOverride 
# directive.
#
AccessFileName .htaccess

#
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of:  Full | OS | Minor | Minimal | Major | Prod
# where Full conveys the most information, and Prod the least.
#
ServerTokens Prod

#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory 
# listings, mod_status and mod_info output etc., but not CGI generated 
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of:  On | Off | EMail
#
ServerSignature Off

#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off

必要なフォルダを作成する。

# mkdir -p /path/to/directory/cgi-bin

workerに設定する。

# update-alternatives --config apache2
Press enter to keep the default[*], or type selection number: 1

起動スクリプト。

#!/bin/bash
#
# Startup script for the Apache Web Server
#
# chkconfig: - 85 15
# description: Apache is a World Wide Web server.  It is used to serve \
#	       HTML files and CGI.
# processname: apache2
# pidfile: /var/run/apache2.pid
# config: /etc/apache2/conf/httpd.conf

# Source function library.
. /etc/rc.d/init.d/functions

if [ -f /etc/sysconfig/httpd ]; then
        . /etc/sysconfig/httpd
fi

# This will prevent initlog from swallowing up a pass-phrase prompt if
# mod_ssl needs a pass-phrase from the user.
INITLOG_ARGS=""

# Path to the apachectl script, server binary, and short-form for messages.
apachectl=/usr/sbin/apache2ctl
httpd=/usr/sbin/apache2
prog="Apache2 HTTP Server"
RETVAL=0

# check for 1.3 configuration
check13 () {
	CONFFILE=/etc/apache2/conf/httpd.conf
	GONE="(ServerType|BindAddress|Port|AddModule|ClearModuleList|"
	GONE="${GONE}AgentLog|RefererLog|RefererIgnore|FancyIndexing|"
	GONE="${GONE}AccessConfig|ResourceConfig)"
	if grep -Eiq "^[[:space:]]*($GONE)" $CONFFILE; then
		echo
		echo 1>&2 " Apache 1.3 configuration directives found"
		echo 1>&2 " please read /usr/share/doc/apache2-2.2.15/migration.html"
		failure "Apache 1.3 config directives test"
		echo
		exit 1
	fi
}

# The semantics of these two functions differ from the way apachectl does
# things -- attempting to start while running is a failure, and shutdown
# when not running is also a failure.  So we just do it the way init scripts
# are expected to behave here.
start() {
        echo -n $"Starting $prog: "
        check13 || exit 1
	if [ ! -f /usr/sbin/apache2 ] ; then
	  echo "test update alternatives"
	  /sbin/update-alternatives --auto apache2
	fi

        daemon $httpd $OPTIONS
        RETVAL=$?
        echo
        [ $RETVAL = 0 ] && touch /var/lock/subsys/apache2
        return $RETVAL
}
stop() {
	echo -n $"Stopping $prog: "
	killproc $httpd
	RETVAL=$?
	echo
	[ $RETVAL = 0 ] && rm -f /var/lock/subsys/apache2 /var/run/apache2.pid
}
reload() {
	echo -n $"Reloading $prog: "
	check13 || exit 1
	killproc $httpd -HUP
	RETVAL=$?
	echo
}

# See how we were called.
case "$1" in
  start)
	start
	;;
  stop)
	stop
	;;
  status)
        status $httpd
	RETVAL=$?
	;;
  restart)
	stop
	start
	;;
  condrestart)
	if [ -f /var/run/apache2.pid ] ; then
		stop
		start
	fi
	;;
  reload)
        reload
	;;
  graceful|help|configtest|fullstatus)
	$apachectl $@
	RETVAL=$?
	;;
  *)
	echo $"Usage: $prog {start|stop|restart|condrestart|reload|status|fullstatus|graceful|help|configtest}"
	exit 1
esac

exit $RETVAL

設定ファイルに構文エラーがないかチェックする。

# service apache2 configtest

Syntax OK
# /usr/sbin/apache2 -S

Syntax OK

起動設定後、起動する。

# chkconfig apache2 on
# service apache2 start

Apache2 HTTP Serverを起動中:				[  OK  ]