Apache 2.2 with LDAP, PHP and WebDAV on Solaris
Software Components
- OpenSSL, www.openssl.org
- OpenLDAP, www.openldap.org
- Apache Webserver, httpd.apache.org
- LibXML, www.xmlsoft.org
- UW IMAP Client, www.washington.edu/imap
- PHP, www.php.net
Compile and Install
Compile on Solaris 9. Everything must be compiled with GCC 3.4.x. Newer versions of GCC cause Apache to segfault when using PHP5 and the open source geeks don't have Sun compiler and therefore it may cause compile errors. For creating a self-contained SysV package set install prefix to /opt/apache. Set these environment variables:
PATH="/opt/gnu/gcc/3.4.1/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/ccs/bin" CC="gcc" CFLAGS="-O3 -fPIC -Wall" CXX="g++" CXXFLAGS="-O3 -fPIC -Wall" CPPFLAGS="-I/opt/apache/include" LDFLAGS="-R/opt/apache/lib -L/opt/apache/lib" LD_OPTIONS="$LDFLAGS" unset LD_LIBRARY_PATH export PATH CC CFLAGS CXX CXXFLAGS LDFLAGS CPPFLAGS LD_OPTIONS alias make=gmake
Every binary compiled with GCC are linked against libgcc_s.so. Copy these librarys into the package tree.
mkdir -p /opt/apache/lib/sparcv9
cd /opt/apache/lib
cp /opt/gnu/gcc/3.4.1/lib/libgcc_s.so.1 .
ln -s libgcc_s.so.1 libgcc_s.so
cd /opt/apache/lib/sparcv9
cp /opt/gnu/gcc/3.4.1/lib/sparcv9/libgcc_s.so.1 .
ln -s libgcc_s.so.1 libgcc_s.so
OpenSSL
cd /tmp
gtar -xvpzf openssl-0.9.8d.tar.gz
cd openssl-0.9.8
./config --prefix=/opt/apache \
--openssldir=/opt/apache/openssl shared \
-R/opt/apache/lib -L/opt/apache/lib
gmake
gmake install
cd -
Change the path of Perl in /opt/apache/bin/c_rehash to /usr/bin/perl.
OpenLDAP
Only client tools, headers and libraries are required in order to build Apache and PHP with LDAP support.
gtar -xvpzf openldap-2.3.31.tgz
cd /tmp/openldap-2.3.31
./configure --prefix=/opt/apache \
--sysconfdir=/etc/opt/apache \
--disable-slapd --disable-slurpd \
--localstatedir=/var/opt/apache \
--with-tls
gmake depend
gmake
gmake install
cd -
Apache Webserver
Apache Webserver is build with Support for SSL, LDAP, WebDAV and digest authentication. Installation is a bit tricky because LDAP support for authentication is quite new.
Build apr without LDAP support.
gtar -xvzf httpd-2.2.3.tar.gz
cd /tmp/httpd-2.2.3/srclib/apr
./configure --prefix=/var/opt/apache \
--exec-prefix=/opt/apache \
--includedir=/opt/apache/include \
--infodir=/opt/apache/info \
--mandir=/opt/apache/man \
--sysconfdir=/etc/opt/apache \
--datadir=/var/opt/apache
gmake
gmake install
Build apr-util with LDAP support using the previously created apr.
cd ../apr-util
./configure --prefix=/var/opt/apache \
--exec-prefix=/opt/apache \
--includedir=/opt/apache/include \
--infodir=/opt/apache/info \
--mandir=/opt/apache/man \
--sysconfdir=/etc/opt/apache \
--datadir=/var/opt/apache \
--with-apr=/opt/apache \
--with-ldap=ldap \
--with-ldap-include=/opt/apache/include \
--with-ldap-lib=/opt/apache/lib
gmake
gmake install
Now build whole Apache with all modules.
cd /tmp/httpd-2.2.3
./configure --prefix=/var/opt/apache \
--exec-prefix=/opt/apache \
--includedir=/opt/apache/include \
--infodir=/opt/apache/info \
--mandir=/opt/apache/man \
--sysconfdir=/etc/opt/apache \
--datadir=/var/opt/apache \
--enable-ssl \
--with-ssl=/opt/apache \
--with-ldap=ldap \
--with-ldap-include=/opt/apache/include \
--with-ldap-lib=/opt/apache/lib \
--with-apr=/opt/apache \
--with-apr-util=/opt/apache \
--enable-authnz-ldap \
--enable-ldap \
--enable-dav \
--enable-dav-fs \
--enable-dav-lock \
--enable-auth-digest \
--enable-so
gmake
gmake install
cd -
LibXML
gtar -xvzf /tmp/libxml2-2.6.26.tar.gz
cd /tmp/libxml2-2.6.26
./configure --prefix=/opt/apache \
--datadir=/var/opt/apache \
--sysconfdir=/etc/opt/apache
gmake
gmake install
cd -
UW IMAP Client
gtar -xvzf /tmp/imap-2006c1.tar.Z cd /tmp/imap-2006c1 gmake gso SSLDIR=/opt/apache EXTRACFLAGS="-O3 -fPIC" mkdir /opt/apache/include/c-client cp c-client/*.h /opt/apache/include/c-client cp c-client/c-client.a /opt/apache/lib/libc-client.a cd -
PHP
gtar -xvzf /tmp/php-5.2.0.tar.gz
cd /tmp/php-5.2.0
./configure --prefix=/opt/apache \
--with-apxs2=/opt/apache/bin/apxs \
--with-ldap=/opt/apache \
--with-imap=/opt/apache \
--with-imap-ssl=/opt/apache \
--with-ssl=/opt/apache \
--with-libxml-dir=/opt/apache \
--with-config-file-path=/etc/opt/apache \
--enable-safe-mode \
--without-pear
gmake
gmake install
cd -
Configuration
Files written by WebDAV are stored under the same user that Apache runs.
<VirtualHost *:443>
ServerName dav.example.com
ServerAlias *
ServerAdmin webmaster@example.com
DocumentRoot /davhome
SSLEngine on
SSLProtocol +SSLv3 +TLSv1
# Apple Finder does not provide client certificates
# SSLVerifyClient require
SSLVerifyClient optional
SSLSessionCacheTimeout 600
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/opt/apache/certs/dav.example.com_cert.pem
SSLCertificateKeyFile /etc/opt/apache/certs/dav.example.com_key.pem
SSLCACertificateFile /etc/opt/apache/certs/ca_example.com.pem
SSLCACertificatePath /etc/opt/apache/certs/ca
CustomLog logs/access_ssl_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
# WebDAV
DavLockDB /var/opt/apache/webdav/DavLock
DavMinTimeout 600
<Location /bart_simpson>
Dav On
ForceType text/plain
Order Allow,Deny
Allow from all
AuthType Basic
AuthBasicProvider ldap
AuthName DAV_bart_simpson
AuthLDAPURL ldap://127.0.0.1:389/ou=people,dc=example,dc=com?uid?one?(objectClass=person)
Require ldap-user bart_simpson
</Location>
</VirtualHost>
<Directory "/davhome">
Options +Indexes -FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>