Apache HTTP Server
Using Apache With HP MPE/iX
This document explains how to compile, install, configure and run
Apache 1.3 under HP MPE/iX.
The bug reporting page and new-httpd mailing list are NOT
provided to answer questions about configuration or running Apache.
Before you submit a bug report or request, first consult this
document, the Frequently Asked
Questions page and the other relevant documentation topics. If
you still have a question or problem, post it to the comp.sys.hp.mpe newsgroup or the
associated HP3000-L
mailing list, where many Apache users and several contributors
are more than willing to answer new and obscure questions about
using Apache on MPE/iX.
groups.google.com's newsgroup archive offers easy browsing of
previous questions. Searching the newsgroup archives, you will
usually find your question was already asked and answered by other
users!
Requirements
Apache 1.3 requires MPE/iX 6.0 or greater. It will NOT run on
earlier releases of MPE/iX. The following MPE/iX patches (or
their superseding descendants) are relevant to Apache:
- MPE/iX 6.0:
-
- MPEKXT3B - fixes an MPE bug that results in transient
"permission denied" errors being returned by the server to the
browser.
- MPELX36A - enhances the kill() function so that MPE users with
SM capability can send signals to Apache for shutdown, restart,
etc.
- MPELX44C - fixes an MPE bug that prevents DSO modules from
being dynamically loaded.
- MPELX51C - enhances the kill() function so that Apache can use
it when the Apache parent UID is different from the Apache children
UID (strongly recommended).
- NSTxxxxx - the latest network transport patch should always be
installed when using TCP/IP applications such as Apache.
- MPE/iX 6.5:
-
- MPELX44D - fixes an MPE bug that prevents DSO modules from
being dynamically loaded.
- MPELX51D - enhances the kill() function so that Apache can use
it when the Apache parent UID is different from the Apache children
UID (strongly recommended).
- NSTxxxxx - the latest network transport patch should always be
installed when using TCP/IP applications such as Apache.
Implementation
Considerations
While MPE has a very good POSIX implementation that enables fairly
simple porting of Unix applications such as Apache, there are some
Unix concepts which just don't exist or aren't fully implemented in
MPE, and so this may force some functionality changes in the
package being ported.
Significant MPE vs. Unix OS differences
- MPE lacks the concept of a Unix UID=0 root user with special
privileges. Where Unix functions require a user to be
executing as root, MPE requires the user to be executing in priv
mode, so the program file must be linked with PM (Priv Mode)
capability, and the Unix function calls must be bracketed by
GETPRIVMODE() and GETUSERMODE() calls. The following Unix
functions used by Apache are affected:
-
- bind() for ports less than 1024
- setgid()
- setuid()
- MPE's support for UIDs and GIDs is more limited than
Unix. Every MPE account maps to a unique GID. Each MPE
account can contain multiple MPE users, and every MPE user maps to
a unique UID (UID 0 is not supported). The current UID for a
process must correspond to an MPE user within the MPE account that
corresponds to the current GID of the process.
- MPE child processes cannot survive the death of their
parent. When the parent terminates, any remaining children
will be killed.
- MPE doesn't initialize the envp parameter when invoking the
main() of a new process. Use the global variable environ
instead of envp.
- MPE link() exists, but always returns EIMPL. Use rename()
or symlinks instead of hard links.
- MPE doesn't allow the @ character in filenames.
- MPE lacks support for TCP_NODELAY, but that's the default
anyway.
- MPE lacks support for SO_KEEPALIVE.
- MPE lacks support for process groups.
- MPE inetd only passes stdin (and NOT stdout) to the invoked
service. But you can write to stdin just fine.
Major Apache functionality issues
- Beginning with HP-supported Apache 1.3.9 and HP WebWise MPE/iX
Secure Web Server A.01.00 (based on Apache 1.3.9), the User and
Group directives in httpd.conf are now unconditionally executed as
corresponding setuid()/setgid() calls. Previously this was
only done if HTTPD was being run as MANAGER.SYS. This
functionality change was submitted back to the 1.3.13-dev source
tree at www.apache.org. The Apache for Unix behavior is to
only honor User and Group if running as root.
- Beginning with HP-supported Apache 1.3.9 and HP WebWise MPE/iX
Secure Web Server A.01.00 (based on Apache 1.3.9), the SVIPC shared
memory macros SHM_R and SHM_W have been modified from their
traditional owner-only-read and owner-only-write values to be
owner-and-group-read and owner-and-group-write on MPE/iX in order
to allow increased parent/child flexibility in spite of MPE's
limited POSIX UID/GID support. This functionality change was
submitted back to the 1.3.13-dev source tree at
www.apache.org. The Apache for Unix behavior uses the
traditional owner-only values of SHM_R and SHM_W.
Minor Apache functionality issues
- Apache for Unix must be run as root to bind to TCP ports
1-1023. Apache for MPE must call GETPRIVMODE() to bind to TCP ports
1-1023; PM is not used for ports greater than 1023. The standard
web server HTTP port is 80.
- Apache for Unix in standalone mode will detach itself and run
in the background as a system-type process. Apache for MPE in
standalone mode cannot detach itself and run in the background
because MPE POSIX doesn't allow this (the detached child would be
killed when the parent terminated). Therefore you must use an
MPE batch job to run Apache in standalone mode.
- Apache for Unix uses process groups to manage child processes.
Apache for MPE cannot use process groups because MPE POSIX doesn't
support this. The implications of this are unknown.
- Apache for Unix uses the setsockopt() option TCP_NODELAY.
Apache for MPE does not, because MPE doesn't support it. But
TCP_NODELAY is the default MPE behavior anyway.
- Apache for Unix uses the setsockopt() option
SO_KEEPALIVE. Apache for MPE does not, because MPE doesn't
support it.
- Apache for Unix under inetd reads from the socket via stdin and
writes via stdout. Apache for MPE under inetd reads *AND* writes
the socket via stdin. I consider MPE 5.5 inetd to be broken and
poorly documented, so I submitted SR 5003355016 to address this. If
HP ever alters the MPE inetd to pass the socket the way HPUX inetd
does (not likely in the grand scheme of things), the existing
Apache for MPE code will break.
- Apache for Unix will use the @ character in proxy cache
filenames, but since @ is illegal in MPE filenames, Apache for MPE
uses the % character instead.
Binary Distributions
HP ships a fully supported Apache binary distribution with the
Fundamental Operating System (FOS) in MPE/iX 6.5 and later.
This distribution can be found in the APACHE account.
HP supplies fully supported Apache binary distributions for
MPE/iX 6.0 or later available for downloading from http://jazz.external.hp.com/src/apache/.
Mark Bixby supplies Apache binary distributions for MPE/iX
available for downloading from http://www.bixby.org/mark/apacheix.html.
Binaries from bixby.org are NOT supported by HP. HP only
supports binaries distributed by HP.
All of the binary distributions mentioned above may possibly
include functionality that hasn't yet been submitted back to the
Apache Software Foundation (though submitting back is the intended
goal). Please read the documentation that comes with these
binaries in order to determine functionality differences (if any)
compared to the latest sources available from the ASF.
If you will be using one of these binary distributions, please
stop reading this document and start reading the specific
distribution documentation for installation details.
Create the Accounting
Structure
Apache can be installed under the account of your choice. For
the purposes of this document, the APACHE account will be used:
- :HELLO MANAGER.SYS
- :NEWACCT APACHE,MGR
- :ALTACCT
APACHE;PASS=xxxxxxxx;CAP=AM,AL,ND,SF,BA,IA,PM,PH
- :ALTGROUP
PUB.APACHE;CAP=BA,IA,PM,PH;ACCESS=(R,L,X:AC;W,A,S:AL)
- :ALTUSER
MGR.APACHE;CAP=AM,AL,ND,SF,BA,IA,PM,PH;HOME=PUB
- :NEWUSER SERVER.APACHE
- :ALTUSER
SERVER.APACHE;CAP=ND,SF,BA,IA,PH;HOME=PUB
Downloading Apache
Use your web browser to download the Apache source tarball from http://www.apache.org/dist/httpd/.
Then ftp upload the tarball to your e3000 as show below:
C:\Temp>ftp 3000.host.name
Connected to 3000.host.name.
220 HP ARPA FTP Server [A0009H09] (C) Hewlett-Packard Co. 1990
User (3000.host.name:(none)): MGR.APACHE
331 Password required for MGR.APACHE. Syntax: acctpass
Password:xxxxxxxx
230 User logged on
ftp> quote type L 8
200 Type set to L (byte size 8).
ftp> put apache_v.u.ff.tar.Z /tmp/apache.tar.Z
200 PORT command ok.
150 File: /tmp/apache.tar.Z opened; data connection will be opened
226 Transfer complete.
ftp: 2685572 bytes sent in 2.75Seconds 976.57Kbytes/sec.
ftp> quit
221 Server is closing command connection
Unpack the tarball:
- :HELLO MGR.APACHE
- :XEQ SH.HPBIN.SYS -L
- $ mkdir src
- $ chmod 700 src
- $ cd src
- $ tar xvfopz /tmp/apache.tar.Z
Compiling Apache
It is STRONGLY recommended to use gcc instead of the HP C/iX
compiler. You can obtain gcc from http://jazz.external.hp.com/src/gnu/gnuframe.html.
- $ cd apache_v.uu.ff
- $ ./configure --prefix=/APACHE/PUB --enable-module=xxx
--enable-module=yyy ...etc...
- $ make
Installing Apache
- $ make install
- $ cd /APACHE/PUB
- $ mv bin/httpd HTTPD
- $ ln -s HTTPD bin/httpd
- $ callci "xeq linkedit.pub.sys 'altprog
HTTPD;cap=ia,ba,ph,pm'"
Configuring Apache
Edit /APACHE/PUB/conf/httpd.conf and customize as needed for your
environment. Be sure to make the following mandatory changes:
- User SERVER.APACHE
- Group APACHE
Running Apache
Simply create and :STREAM the following standalone server job in
order to start Apache:
!JOB JHTTPD,MGR.APACHE;OUTCLASS=,2
!XEQ SH.HPBIN.SYS "-c 'umask 007; ./HTTPD -f /APACHE/PUB/conf/httpd.conf'"
!eoj
Controlling Apache
Log on as MGR.APACHE (or MANAGER.SYS or any other SM user if you've
installed MPELX36A on 6.0) in order to shutdown or restart Apache
via the use of signals.
To shut down Apache from the POSIX shell:
$ kill `cat /APACHE/PUB/logs/httpd.pid`
To shut down Apache from the CI:
:XEQ SH.HPBIN.SYS '-c "kill `cat /APACHE/PUB/logs/httpd.pid`"'
Apache HTTP Server