[users@httpd] Apache Compile 2.0.50.tar.gz - successful...... But.................

[InHisGrip <se...@yahoo.com>]

Hi Nick, or everyone who may want to lend a helping
hand.

After constant testing, trying to figure out how the
compile might work this time around, finally it did! 

Thanks to you, Scot Harris and others who have
contributed in some way. Thanks guys!!!

However, I have questions as a followup for this
successful compile. Please see below, here is the
summary of the steps that I did for the nth time
around:

--- Nick Kew <ni...@webthing.com> wrote:

On Sat, 24 Jul 2004, InHisGrip wrote:

1. Downloaded the httpd-2.0.50.tar.gz at the
apache.org site.

Good.

2. Moved the tarball into a convenient location,
/usr/local/src

That's unconventional, but harmless.

3. Issued the following commands from /usr/local/src:

You missed the important security step: verify the PGP
signature on it.

# tar -vzxf httpd-2.0.50.tar.gz
# cd httpd-2.0.50
# ./configure --prefix=/usr/local/apache2
--enable-mods-shared=all (this one, I added)

# make
# make install

That's fine for what you're doing, but to have a
useful webserver you
would of course want to customise it a bit more:-)

-- 
Nick Kew

After the stuffs above: did the following too...

# cd /usr/local/apache2/bin
 
# ./apachectl start
 
# ./apachectl stop
 
# ./apachectl restart

No errors from here, after this, I edited the
/etc/init.d/httpd wherein I have changed the default
directory paths to the correct one, i.e.
/usr/local/apache2 and so on.... which worked.

Now, here are my questions folks:

1. Please advise if these commands are okay or
necessary after the ./apachectl restart?

# chkconfig --add httpd
	
# chkconfig --level 2345 httpd on
	
# chkconfig --list

2. You mentioned that I missed out the most important
part which is verifying the PGP signature which is
correct. However, I tried verifying the tarball by
following the howto on apache.org site but
unfortunately could not verify the signature and file
somehow? 

I know that I need to go and get the checksum or the
key from a trusted source at the main site and then
download the tarball from the nearest site.... when I
did an md5checksum httpd-2.0.50-tar.gz.asc to verify
this and compare the figures I couldn't. Is there a
way to do this file and signature verification
properly?

3. Now, since my compile settings was somehow
successful. When I tried accessing the site, through
my browser whether from my local home network or
internet. I get this error 403 message:

Forbidden

You don't have permission to access / on this server.

Apache/2.0.50 (Unix) DAV/2 Server at
www2.platonfamily.net Port 5688

Now, I presume root cannot be world readable and this
is security reasons. Is there a workaround this? I
tried chmod 755
/usr/local/apache2/htdocs/www.platonfamily.net but to
no avail. I also did make a symbolic link by typing in
the same working directory, 

# ln -s index.htm index.html

No luck yet....

Since we are talking about security, I will be posting
another email on this issue of securing apache so that
you may give some of your own expert opinion from your
own standpoint.

Again, thanks very much for looking into this. I
couldn't have done the initial process without the
generous replies of all the people who replied to this
thread such as yourself.

Thanks in advance.

InHisGrip,
Servie





	
		
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage!
http://promotions.yahoo.com/new_mail 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org