Friday, January 8, 2010

Fun with Apachectl and Httpd

Apachectl acts as SysV init script, taking arguments like start, stop, restart and status. It also acts as front-end to httpd command, by simply passing the command line arguments to httpd. So, all the commands you execute using apachectl, can also be executed directly by calling httpd.

1. Pass different httpd.conf filename to apachectl

Typically you’ll modify the original httpd.conf to try out different Apache directives. If something doesn’t work out, you’ll revert back the changes. Instead of playing around with the original httpd.conf, copy it to a new httpd.conf.debug and use this new httpd.conf.debug file with Apache for testing purpose as shown below using option -f.

# apachectl -f conf/httpd.conf.debug
# httpd -k start -f conf/httpd.conf.debug
[Note: you can use either apachectl or httpd as shown above]

# ps -ef | grep http
root 25080 1 0 23:26 00:00:00 /usr/sbin/httpd -f conf/httpd.conf.debug
apache 25099 25080 0 23:28 00:00:00 /usr/sbin/httpd -f conf/httpd.conf.debug
[Note: ps shows the httpd running with httpd.conf.debug file]

Once you are satisfied with the changes and Apache runs without any problem with httpd.conf.debug, you can copy the changes to httpd.conf and start the Apache normally as shown below.

# cp httpd.conf.debug httpd.conf
# apachectl stop
# apachectl start

# ps -ef | grep httpd
root 25114 1 0 23:28 00:00:00 /usr/sbin/httpd -k start
daemon 25115 25114 0 23:28 00:00:00 /usr/sbin/httpd -k start
[Note: ps indicates that the httpd is running using the default config file]

2. Use a temporary DocumentRoot without modifying httpd.conf

This is very helpful, when you are trying out different layout for your website and don’t want to modify the original files under the default DocumentRoot. Take a copy of your original DocumentRoot directory (/var/www/html) to a new temporary DocumentRoot directory (/var/www/html_debug). Make all your changes under this temporary DocumentRoot directory (/var/www/html_debug) and start the Apache with this temporary directory as shown below using option -c.

# httpd -k start -c "DocumentRoot /var/www/html_debug/"

If you want to go back to original configuration using the default DocumentRoot (/var/www/html), simply restart the Apache as shown below.

# httpd -k stop
# apachectl start

3. Increase the LogLevel temporarily

While you are debugging an issue, you can change the LogLevel of the Apache temporarily, without modifying the LogLevel directive in the httpd.conf as shown below using option -e. In this example, the LogLevel is set to debug.

# httpd -k start -e debug [Sun Aug 17 13:53:06 2008] [debug] mod_so.c(246): loaded module auth_basic_module [Sun Aug 17 13:53:06 2008] [debug] mod_so.c(246): loaded module auth_digest_module

Possible values you can pass to option -e are: debug, info, notice, warn, error, crit, alert, emerg

4. Display the modules compiled inside Apache using option -l

# httpd -l Compiled in modules: core.c prefork.c http_core.c mod_so.c

5. Display both static and dynamic module loaded by Apache

When you pass option -l, to httpd, it will display only the static modules. Passing option -M, will display both static and shared modules as shown below.

# httpd -M Loaded Modules: core_module (static) mpm_prefork_module (static) http_module (static) so_module (static) auth_basic_module (shared) auth_digest_module (shared) authn_file_module (shared) authn_alias_module (shared) Syntax OK

6. Show all accepted directives inside httpd.conf

This is like an extended help for httpd, which will display all the httpd.conf directives and the places where they are valid. For a specific directive, it tells all the possible values and where it can be used inside the httpd.conf. This can be very helpful, when you want to quickly know about a particular Apache directive.

# httpd -L HostnameLookups (core.c) "on" to enable, "off" to disable reverse DNS lookups, or "double" to enable double-reverse DNS lookups Allowed in *.conf anywhere ServerLimit (prefork.c) Maximum value of MaxClients for this run of Apache Allowed in *.conf only outside , or KeepAlive (http_core.c) Whether persistent connections should be On or Off Allowed in *.conf only outside , or LoadModule (mod_so.c) a module name and the name of a shared object file to load it from Allowed in *.conf only outside , or

7. Validate the httpd.conf after making changes

Use option -t to validate whether there are any issues with a specific Apache configuration file. In the example shown below, it displays that there is a problem at line 148 in the httpd.conf.debug. mod_auth_basicso is missing a . (period) before the so.

# httpd -t -f conf/httpd.conf.debug httpd: Syntax error on line 148 of /etc/httpd/conf/httpd.conf.debug: Cannot load /etc/httpd/modules/mod_auth_basicso into server: /etc/httpd/modules/mod_auth_basicso: cannot open shared object file: No such file or

Once you fix the issue, it will display Syntax OK.

# httpd -t -f conf/httpd.conf.debug Syntax OK

8. Display the httpd build parameters

Use option -V (upper-case V), to display Apache version number and all the parameters that are used while building the Apache.

# httpd -V
Server version: Apache/2.2.9 (Unix)
Server built: Jul 14 2008 15:36:56
Server's Module Magic Number: 20051115:15
Server loaded: APR 1.2.12, APR-Util 1.2.12
Compiled using: APR 1.2.12, APR-Util 1.2.12
Architecture: 32-bit
Server MPM: Prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=128
-D HTTPD_ROOT="/etc/httpd"
-D SUEXEC_BIN="/usr/sbin/suexec"
-D DEFAULT_PIDLOG="logs/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="logs/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"

If you want display only the Apache version number, use the option -v (lower-case v) as shown below.

# httpd -v
Server version: Apache/2.2.9 (Unix)
Server built: Jul 14 2008 15:36:56

9. Load a specific module only on demand.

Sometimes you may not want to load all the modules in the Apache. For e.g. You may want to load ldap related modules to Apache, only when you are testing LDAP. This can be achieved as shown below.

Modify the httpd.conf and add IfDefine directive called load-ldap (you can name this anything you want).

LoadModule ldap_module modules/mod_ldap.so LoadModule authnz_ldap_module modules/mod_authnz_ldap.so

When you are testing ldap and would like to Load the ldap related modules, pass the load-ldap to Option -D, as shown below:

# httpd -k start -e debug -Dload-ldap -f /etc/httpd/conf/httpd.conf.debug [Sun Aug 17 14:14:58 2008] [debug] mod_so.c(246): loaded module ldap_module [Sun Aug 17 14:14:58 2008] [debug] mod_so.c(246): loaded module authnz_ldap_module [Note: Pass -Dload-ldap, to load the ldap modules into Apache] # apachectl start [Note: Start the Apache normally, if you don't want to load the ldap modules.]