My team here at Red Hat maintains the web server stack in Fedora and RHEL. One of the cool projects we’ve been working on recently is Software Collections. With RHEL we’ve always suffered from the tension between offering a stable OS platform to users, and trying to support the latest-and-greatest open source software. Software Collections is a great technology we’re using to address that tension. Remi Collet has blogged about the PHP 5.4 software collection (now available in the 1.0 release of our product) over at his blog and at redhat.com. Another team member, Jan Kaluza, has been working on a collection of httpd 2.4 for RHEL6 – something we keep hearing requests for in bugzilla.
To kick the wheels of Jan’s collection in a RHEL 6.4 VM, here’s what I did:
# curl -s http://repos.fedorapeople.org/repos/jkaluza/httpd24/epel-httpd24.repo > /etc/yum.repos.d/epel-httpd24.repo # yum install httpd24-httpd ... Installed: httpd24-httpd.x86_64 0:2.4.6-5.el6 Dependency Installed: httpd24-apr.x86_64 0:1.4.8-2.el6 httpd24-apr-util.x86_64 0:1.5.2-5.el6 httpd24-httpd-tools.x86_64 0:2.4.6-5.el6 httpd24-runtime.x86_64 0:1-6.el6 Complete! #
This has dropped a complete installation of Apache httpd 2.4.6 into /opt/rh/httpd24 which can be used alongside the httpd 2.2.15 package supported in RHEL 6.4.
# rpm -ql httpd24-httpd | grep sbin /opt/rh/httpd24/root/usr/sbin/apachectl /opt/rh/httpd24/root/usr/sbin/fcgistarter /opt/rh/httpd24/root/usr/sbin/htcacheclean /opt/rh/httpd24/root/usr/sbin/httpd /opt/rh/httpd24/root/usr/sbin/rotatelogs /opt/rh/httpd24/root/usr/sbin/suexec
The httpd install is contained inside /opt/rh/httpd24 as far as possible, but we do “leak” into the normal RHEL filesystem in a couple of places – notably to offer an init script. This makes firing up the newly installed 2.4 daemon in my VM as easy as any other service:
# service httpd24-httpd start Starting httpd: [ OK ] # curl -s http://localhost/ | grep 'Test Page for' <title>Test Page for the Apache HTTP Server on Red Hat Enterprise Linux</title> #
That’s the httpd packagers’ equivalent of getting your program to print “Hello, World” – we’re successfully serving the familiar HTML “welcome page” over HTTP on port 80.
I wanted to check whether the SELinux labelling is being applied correctly in the httpd 2.4 collection. Using some /usr/bin/semanage magic, it’s actually very simple for us to automatically apply SELinux policy inside software collections using an RPM %post script. Here’s one way to check whether it’s working:
# ps Zf -C httpd LABEL PID TTY STAT TIME COMMAND unconfined_u:system_r:httpd_t:s0 1772 ? Ss 0:00 /opt/rh/httpd24/root/usr/sbin/httpd unconfined_u:system_r:httpd_t:s0 1774 ? S 0:00 \_ /opt/rh/httpd24/root/usr/sbin/httpd unconfined_u:system_r:httpd_t:s0 1775 ? S 0:00 \_ /opt/rh/httpd24/root/usr/sbin/httpd unconfined_u:system_r:httpd_t:s0 1776 ? S 0:00 \_ /opt/rh/httpd24/root/usr/sbin/httpd unconfined_u:system_r:httpd_t:s0 1777 ? S 0:00 \_ /opt/rh/httpd24/root/usr/sbin/httpd unconfined_u:system_r:httpd_t:s0 1778 ? S 0:00 \_ /opt/rh/httpd24/root/usr/sbin/httpd
Success – those “httpd_t” labels which I’ve highlighted tell me that httpd processes are running in the correct domain.
Finally, here’s a quick demo of one httpd 2.4 feature I really love – an embedded Lua interpreter in the form of mod_lua:
# cat > /opt/rh/httpd24/root/var/www/html/hello.lua <<EOF function handle(r) r.content_type = "text/plain" r:puts("Hello Lua World!\n") return apache2.OK end EOF # echo 'AddHandler lua-script .lua' > /opt/rh/httpd24/root/etc/httpd/conf.d/lua.conf # service httpd24-httpd reload Reloading httpd: # curl -s http://localhost/hello.lua Hello Lua World! #
Fun stuff for httpd geeks!