hey I already compiled apache 2.0.58 from source onto my centos server and noticed I needed to get SSL module added "after the fact"
-what are the commands I would run to get this working without wiping everything out and starting over?
-karlski
On 10/01/07, Karl R. Balsmeier karl@klxsystems.net wrote:
hey I already compiled apache 2.0.58 from source onto my centos server and noticed I needed to get SSL module added "after the fact"
-what are the commands I would run to get this working without wiping everything out and starting over?
It's generally recommended that you DO NOT compile *anything* from source for CentOS or any other RPM-based distro unless you have absolutely no other option and you know what you're doing.
And under those circumstances you should at least consider rebuilding a custom RPM with whatever additional functionality you require from the SRPM so it's still packaged and runs far less risk of breaking the system.
If you need Apache with SSL support the recommended method would be to install the 'httpd' and 'mod_ssl' packages and their dependencies with the command...
# yum install httpd mod_ssl
or
# yum groupinstall 'Web Server'
The latter of which includes...
Group: Web Server Required Groups: Base Mandatory Packages: tux httpd Default Packages: mod_python mod_ssl distcache webalizer system-config-httpd mod_perl crypto-utils httpd-manual squid php-ldap php Optional Packages mod_auth_kerb httpd-suexec php-pgsql php-odbc mod_auth_pgsql mod_auth_mysql mod_authz_ldap php-mysql
There's lots more useful information on the CentOS site and in the Wiki.
http://www.centos.org/docs/4/html/yum/sn-software-management-tools.html http://www.centos.org/docs/4/html/yum/sn-managing-packages.html http://wiki.centos.org/?action=fullsearch&context=180&value=yum&...
Will.
Will McDonald wrote:
On 10/01/07, Karl R. Balsmeier karl@klxsystems.net wrote:
hey I already compiled apache 2.0.58 from source onto my centos server and noticed I needed to get SSL module added "after the fact"
-what are the commands I would run to get this working without wiping everything out and starting over?
It's generally recommended that you DO NOT compile *anything* from source for CentOS or any other RPM-based distro unless you have absolutely no other option and you know what you're doing.
And under those circumstances you should at least consider rebuilding a custom RPM with whatever additional functionality you require from the SRPM so it's still packaged and runs far less risk of breaking the system.
If you need Apache with SSL support the recommended method would be to install the 'httpd' and 'mod_ssl' packages and their dependencies with the command...
# yum install httpd mod_ssl
or
There's lots more useful information on the CentOS site and in the Wiki.
http://www.centos.org/docs/4/html/yum/sn-software-management-tools.html http://www.centos.org/docs/4/html/yum/sn-managing-packages.html http://wiki.centos.org/?action=fullsearch&context=180&value=yum&...
Will. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hi Will,
I understand all of the centos-package-only rhetoric but am still curious about a technical answer to my specific technical question.
I appreciate all of the helpful pointers you've copied in from the site -but in this case the question is more important than enforcing the packaging paradigm -and I support the project's views on that and have seen them many times.
To wit, Community Enterprise OS is used outside of this context all of the time -in this case for a highly scientific purpose related to optimizing chip yields -with, (gasp), things compiled from source which are (sigh of relief) eventually turned into nifty RPM files that can be shared/modified/perfected by the community by the brilliant likes of the centos package maintainers at their noble and highly revered discretion.
"To do the science we must do the work". So apologies for the "outside the box" moment. We are doing this work on 60+ 64-bit servers, all of whom have apache from source because we had our own needs to answer to and this OS was the closest match to the need to make a javagroups application cluster, which it does very very well.
If anyone knows, much appreciated, -you can just email me 'off-list'. I emailed the mod_sslusers list so hopefull that'll get a nice clear answer.
And just to be really clear, no negative attitude here or anything, -just looking for a community assist on an important question. thanx!
-krb
Karl R. Balsmeier wrote:
And just to be really clear, no negative attitude here or anything, -just looking for a community assist on an important question. thanx!
When you try to do something like this, its usually a good idea to see how its done in the distro. There might be clues there. It will also ive you an understanding on how other packages in the distro might be linked and depend on the package you are trying to replace.
In this case - use the httpd.spec provided in the httpd sources package, mod_ssl is built at the same time as httpd binaries are. Just remember to rebuild everytime there is a security issue, and everytime anything that depends on httpd has a security issue.
- KB
Karanbir Singh wrote:
Karl R. Balsmeier wrote:
And just to be really clear, no negative attitude here or anything, -just looking for a community assist on an important question. thanx!
When you try to do something like this, its usually a good idea to see how its done in the distro. There might be clues there. It will also ive you an understanding on how other packages in the distro might be linked and depend on the package you are trying to replace.
In this case - use the httpd.spec provided in the httpd sources package, mod_ssl is built at the same time as httpd binaries are. Just remember to rebuild everytime there is a security issue, and everytime anything that depends on httpd has a security issue.
- KB
oh good, -yeah, we have been debating going to 2.0.59 using this approach, so am going to just paste your comments into our document and run with it.
-right now you have done such a stellar job with the package repository my script just says yum install this or that -it's funny how it [my build script] shrinks down month by month -especially 64-bit stuff like libevent, xvfb, memcached, all these used to mean alot of source compiles and interruptions of the automated builds... looks like 4.4 has settled into a nice rhythm...
hopefully when Java goes GPL the whole chicken/egg thing there will cascade into a future cent release and I can move our developer machines off of fedora once and for all...
-krb
On Wed, 2007-01-10 at 13:28 -0800, Karl R. Balsmeier wrote:
Will McDonald wrote:
On 10/01/07, Karl R. Balsmeier karl@klxsystems.net wrote:
hey I already compiled apache 2.0.58 from source onto my centos server and noticed I needed to get SSL module added "after the fact"
-what are the commands I would run to get this working without wiping everything out and starting over?
It's generally recommended that you DO NOT compile *anything* from source for CentOS or any other RPM-based distro unless you have absolutely no other option and you know what you're doing.
And under those circumstances you should at least consider rebuilding a custom RPM with whatever additional functionality you require from the SRPM so it's still packaged and runs far less risk of breaking the system.
If you need Apache with SSL support the recommended method would be to install the 'httpd' and 'mod_ssl' packages and their dependencies with the command...
# yum install httpd mod_ssl
or
There's lots more useful information on the CentOS site and in the Wiki.
http://www.centos.org/docs/4/html/yum/sn-software-management-tools.html http://www.centos.org/docs/4/html/yum/sn-managing-packages.html http://wiki.centos.org/?action=fullsearch&context=180&value=yum&...
Will. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hi Will,
I understand all of the centos-package-only rhetoric but am still curious about a technical answer to my specific technical question.
I appreciate all of the helpful pointers you've copied in from the site -but in this case the question is more important than enforcing the packaging paradigm -and I support the project's views on that and have seen them many times.
To wit, Community Enterprise OS is used outside of this context all of the time -in this case for a highly scientific purpose related to optimizing chip yields -with, (gasp), things compiled from source which are (sigh of relief) eventually turned into nifty RPM files that can be shared/modified/perfected by the community by the brilliant likes of the centos package maintainers at their noble and highly revered discretion.
"To do the science we must do the work". So apologies for the "outside the box" moment. We are doing this work on 60+ 64-bit servers, all of whom have apache from source because we had our own needs to answer to and this OS was the closest match to the need to make a javagroups application cluster, which it does very very well.
If anyone knows, much appreciated, -you can just email me 'off-list'. I emailed the mod_sslusers list so hopefull that'll get a nice clear answer.
And just to be really clear, no negative attitude here or anything, -just looking for a community assist on an important question. thanx!
-krb
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
For the future good of community :)
You may want to look at *apachectl* command
Calin
================================================= Do you mean that you not only want a wrong answer, but a certain wrong answer? -- Tobaben
On 10/01/07, Karl R. Balsmeier karl@klxsystems.net wrote:
Will McDonald wrote:
On 10/01/07, Karl R. Balsmeier karl@klxsystems.net wrote:
hey I already compiled apache 2.0.58 from source onto my centos server and noticed I needed to get SSL module added "after the fact"
-what are the commands I would run to get this working without wiping everything out and starting over?
It's generally recommended that you DO NOT compile *anything* from source for CentOS or any other RPM-based distro unless you have absolutely no other option and you know what you're doing.
And under those circumstances you should at least consider rebuilding a custom RPM with whatever additional functionality you require from the SRPM so it's still packaged and runs far less risk of breaking the system.
If you need Apache with SSL support the recommended method would be to install the 'httpd' and 'mod_ssl' packages and their dependencies with the command...
# yum install httpd mod_ssl
or
There's lots more useful information on the CentOS site and in the Wiki.
http://www.centos.org/docs/4/html/yum/sn-software-management-tools.html http://www.centos.org/docs/4/html/yum/sn-managing-packages.html http://wiki.centos.org/?action=fullsearch&context=180&value=yum&...
Will. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hi Will,
I understand all of the centos-package-only rhetoric but am still curious about a technical answer to my specific technical question.
I appreciate all of the helpful pointers you've copied in from the site -but in this case the question is more important than enforcing the packaging paradigm -and I support the project's views on that and have seen them many times.
To wit, Community Enterprise OS is used outside of this context all of the time -in this case for a highly scientific purpose related to optimizing chip yields -with, (gasp), things compiled from source which are (sigh of relief) eventually turned into nifty RPM files that can be shared/modified/perfected by the community by the brilliant likes of the centos package maintainers at their noble and highly revered discretion.
"To do the science we must do the work". So apologies for the "outside the box" moment. We are doing this work on 60+ 64-bit servers, all of whom have apache from source because we had our own needs to answer to and this OS was the closest match to the need to make a javagroups application cluster, which it does very very well.
If anyone knows, much appreciated, -you can just email me 'off-list'. I emailed the mod_sslusers list so hopefull that'll get a nice clear answer.
And just to be really clear, no negative attitude here or anything, -just looking for a community assist on an important question. thanx!
OK, cool. The reason for the potted "Use RPMS" response was that the vast majority of people asking "how to do X/Y/Z" with the source tend not to understand what they're doing or why, they're just following a how-to or FAQ that doesn't take a packaging system into consideration. And people who do "get it" tend to just RTFM or Google it :)
To enable SSL support in Apache at build time you need to pass the './configure' a couple of options and the paths to some SSL libraries, if those have been built and installed outside the packaging system too.
--enable-shared=ssl \ --enable-module=ssl \
The output from
# $path_to_apache_source/configure --help
is copious and useful. As are the INSTALL/README files included in that source.
Assuming your Apache was configured then built with modular support (mod_so.c) then you can enable additional functionality after-the-fact using 'apxs'. SSL support *may* be so tied into the Apache build that 'apxs' won't suffice but I'd guess you'll be OK.
Will.
Yeah, I'm such a RH/FC/CentOS noob, I'm not used to the whole 'Use RPMS' thing.
I'm about 12* more comfortable compiling from source and satisfying dependencies, that dealing with packaging practically seems like a waste of time.
On the other hand, we have about 90 custom RPM's for our application, that until recently have been mostly based around RH9, and it's related underlying support structure. Rebuilding it to run under CentOS was *only* a week, including porting yum 2.6.1 to run under our slightly hacked version of python24.
A good portion of that was due to the fact that we had source RPM's and spec files. I still prefer the *BSD ports tree, but I can deal with RPM's a bit now.
BTW, KB's repository rocks. We're probably going to end up trying to port httpd-2.2, if the result is worth sharing, we're willing.
Peter
Will McDonald wrote:
OK, cool. The reason for the potted "Use RPMS" response was that the vast majority of people asking "how to do X/Y/Z" with the source tend not to understand what they're doing or why, they're just following a how-to or FAQ that doesn't take a packaging system into consideration. And people who do "get it" tend to just RTFM or Google it :)
Will McDonald wrote:
On 10/01/07, Karl R. Balsmeier karl@klxsystems.net wrote:
Will McDonald wrote:
On 10/01/07, Karl R. Balsmeier karl@klxsystems.net wrote:
hey I already compiled apache 2.0.58 from source onto my centos
server
and noticed I needed to get SSL module added "after the fact"
-what are the commands I would run to get this working without wiping everything out and starting over?
It's generally recommended that you DO NOT compile *anything* from source for CentOS or any other RPM-based distro unless you have absolutely no other option and you know what you're doing.
And under those circumstances you should at least consider rebuilding a custom RPM with whatever additional functionality you require from the SRPM so it's still packaged and runs far less risk of breaking the system.
If you need Apache with SSL support the recommended method would be to install the 'httpd' and 'mod_ssl' packages and their dependencies with the command...
# yum install httpd mod_ssl
or
There's lots more useful information on the CentOS site and in the
Wiki.
http://www.centos.org/docs/4/html/yum/sn-software-management-tools.html
http://www.centos.org/docs/4/html/yum/sn-managing-packages.html
http://wiki.centos.org/?action=fullsearch&context=180&value=yum&...
Will. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hi Will,
I understand all of the centos-package-only rhetoric but am still curious about a technical answer to my specific technical question.
I appreciate all of the helpful pointers you've copied in from the site -but in this case the question is more important than enforcing the packaging paradigm -and I support the project's views on that and have seen them many times.
To wit, Community Enterprise OS is used outside of this context all of the time -in this case for a highly scientific purpose related to optimizing chip yields -with, (gasp), things compiled from source which are (sigh of relief) eventually turned into nifty RPM files that can be shared/modified/perfected by the community by the brilliant likes of the centos package maintainers at their noble and highly revered discretion.
"To do the science we must do the work". So apologies for the "outside the box" moment. We are doing this work on 60+ 64-bit servers, all of whom have apache from source because we had our own needs to answer to and this OS was the closest match to the need to make a javagroups application cluster, which it does very very well.
If anyone knows, much appreciated, -you can just email me 'off-list'. I emailed the mod_sslusers list so hopefull that'll get a nice clear answer.
And just to be really clear, no negative attitude here or anything, -just looking for a community assist on an important question. thanx!
OK, cool. The reason for the potted "Use RPMS" response was that the vast majority of people asking "how to do X/Y/Z" with the source tend not to understand what they're doing or why, they're just following a how-to or FAQ that doesn't take a packaging system into consideration. And people who do "get it" tend to just RTFM or Google it :)
To enable SSL support in Apache at build time you need to pass the './configure' a couple of options and the paths to some SSL libraries, if those have been built and installed outside the packaging system too.
--enable-shared=ssl \ --enable-module=ssl \
The output from
# $path_to_apache_source/configure --help
is copious and useful. As are the INSTALL/README files included in that source.
Assuming your Apache was configured then built with modular support (mod_so.c) then you can enable additional functionality after-the-fact using 'apxs'. SSL support *may* be so tied into the Apache build that 'apxs' won't suffice but I'd guess you'll be OK.
Will. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
oh great, so if you ever run across a centos server and the owner says "it was made from source, can you please fix it", -or are just plain curious about what I did to fix this [how to uninstall apache 2.0.58 made from source], you just have to do two commands to remove the apache compiled from source, like this:
rm -rf /usr/local/apache rm /etc/rc.d/init/d/httpd
the first rm command recursively forcibly removes the apache dirs and files under /usr/local/ the second rm comand will delete the symlink from /usr/local/apache/bin/apachectl to /etc/rc.d/init.d/httpd if it exists
you can then effectively revert to the centos method of
yum install httpd
or
yum groupinstall "Web Server"
and skip merrily along your webified path through the elysian fields of networked information.
-karlski
Karl R. Balsmeier wrote:
and skip merrily along your webified path through the elysian fields of networked information.
You slay me Karl.
:D
Peter