[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Apache2: httpd.conf or apache2.conf?

On Mon, Sep 19, 2005 at 08:58:52AM +0200, David Huemer wrote:
> I tried the provided .deb package and also compiled my own apache2
> server and discovered the following: If you use the Debian package all
> configuration is done in the apache2.conf and the httpd.conf is only for
> compatibility reasons. If you compile your own server, all configuration
> files are in the httpd.conf. 
> I am not sure about the version of the apache2 server in the Debian
> package, but I think the version used is not the newest. Maybe this
> difference occurs because of different versions.
Tha Apache website:

The Apache HTTP Server Project is proud to announce the release of
version 2.0.54 of the Apache HTTP Server ("Apache").

$ apt-cache policy apache2
  Instalados: (ninguno)
  Candidato: 2.0.54-5
  Tabla de versión:
     2.0.54-5 0
        500 http://miami sarge/updates/main Packages

> By the way: I would absolutetly recommend to compile the apache2 by hand
> so you can define your own profile in the config.layout file to
> customize where config files and so on are located.
Why?  Debian packages are package to conform to Debian policy.  That
means that all confoguration files are in (or accessible from) /etc.
Have you ever had the misfortune of on a *nix system where configuration
files were scattered all over the filesystem(s)?  It is a pain.
Besides, the differences between the default upstream setup and the
Debian setup are documented in the various packages.

Even then, if you are intent on customizing the package, it is probably
better to do it by modifying the Debian source package [0], rather than
by compiling it by hand from upstream.  That way the other packages you
may want to install (e.g., php4, mod_perl and so on) that depend on an
apache package being present will install cleanly without some hacky
workaround like equivs.

Not only that, but if you compile it by hand from the upstream
distribution, you should be prepared to follow all the security
advisories (i.e., simple pointing apt to sarge/updates will not allow
you to receive the security updates for packages you install yourself).
I am not trying to say that it is somehow bad, but people should be
aware that there is an additional burden to supporting hand-compiled
packages.  At least if you customize a .deb package and install it with
apt, then you will see when security updates become available.


[0] http://familiasanchez.net/~roberto/?page=debcustomize

Roberto C. Sanchez

Attachment: pgpenhbd6mg9h.pgp
Description: PGP signature

Reply to: