linux系统源代码安装apache、编译隐藏版本等信息
文章使用rocky10系统,apache-2.4.63版本
系统是最小化安装的,需要安装组包。
dnf -y groupinstall "Development tools" "base"
1、安装依赖包
dnf -y install wget openssl-devel pcre-devel expat-devel libtool autoconf openssl-devel db4-devel expat-devel sqlite-devel mysql-devel libdb4-devel pcre2-devel
2、下载apache(httpd-2.4.63)、apr-1.7.6、apr-utils-1.6.3
mkdir -p /usr/local/src/apache/ && cd /usr/local/src/apache
curl -LO https://downloads.apache.org/apr/apr-1.7.6.tar.gz
tar zxf apr-1.7.6.tar.gz
curl -LO https://downloads.apache.org/apr/apr-util-1.6.3.tar.gz
tar zxf apr-util-1.6.3.tar.gz
curl -LO https://downloads.apache.org/httpd/httpd-2.4.63.tar.gz
3、安装apr-1.7.6
cd /usr/local/src/apache/apr-1.7.6
./configure --prefix=/usr/local/apache-apr \
--enable-threads \
--enable-posix-shm \
--enable-sysv-shm \
--enable-allocator-uses-mmap \
--enable-allocator-guard-pages \
--enable-pool-concurrency-check \
--enable-other-child \
--enable-nonportable-atomics \
--enable-shared \
--enable-static \
--enable-debug \
--enable-profile \
--with-valgrind && \
make && make install
4、安装apr-utils-1.6.3
cd /usr/local/src/apache/apr-utils-1.6.3.tar.gz
./configure --prefix=/usr/local/apache-apr-util \
--with-apr=/usr/local/apache-apr \
--without-crypto \
--with-expat=/usr && \
make && make install
5、隐藏apache版本和信息
sed -i.bak '
40s|Apache Software Foundation|https://blog.csdn.net/2301_77161927|
41s|Apache HTTP Server|https://blog.csdn.net/2301_77161927|
42s|Apache|https://blog.csdn.net/2301_77161927|
74s|AP_SERVER_MINORREVISION "." AP_SERVER_PATCHLEVEL|"https://blog.csdn.net/2301_77161927"|
75s|AP_SERVER_BASEPRODUCT "/" AP_SERVER_BASEREVISION|"https://blog.csdn.net/2301_77161927"|
' /usr/local/src/apache/httpd-2.4.63/include/ap_release.h
sed -i.bak '
/^#define AP_SERVER_MAJORVERSION_NUMBER/ c\
#define AP_SERVER_MAJORVERSION_NUMBER 2301
/^#define AP_SERVER_MINORVERSION_NUMBER/ c\
#define AP_SERVER_MINORVERSION_NUMBER 77161927
/^#define AP_SERVER_PATCHLEVEL_NUMBER/ c\
#define AP_SERVER_PATCHLEVEL_NUMBER 0
' /usr/local/src/apache/httpd-2.4.63/include/ap_release.h
sed -i.bak '
/SrvTk_MAJOR,/ s|/\*.*\*/|/* https://blog.csdn.net/2301_77161927 */|
/SrvTk_MINOR,/ s|/\*.*\*/|/* https://blog.csdn.net/2301_77161927 */|
/SrvTk_MINIMAL,/ s|/\*.*\*/|/* https://blog.csdn.net/2301_77161927 */|
/SrvTk_OS,/ s|/\*.*\*/|/* https://blog.csdn.net/2301_77161927 */|
/SrvTk_FULL,/ s|/\*.*\*/|/* https://blog.csdn.net/2301_77161927 */|
/SrvTk_PRODUCT_ONLY/ s|/\*.*\*/|/* https://blog.csdn.net/2301_77161927 */|
' /usr/local/src/apache/httpd-2.4.63/server/core.c
https://blog.csdn.net/2301_77161927是替换的内容。
如果使用的是其他版本,版本信息可能会有不同,如果没有修改成功,可以查找一下在那个文件。
如果已经执行了上面的修改命令没有查询到、应该就是修改成功了。
egrep -n '#define AP_SERVER_BASEVENDOR "Apache Software Foundation"' server/core.c include/ap_release.h
6、安装httpd-2.4.63
/usr/local/src/apache/httpd-2.4.63
./configure --prefix=/usr/local/apache \
--enable-so \
--enable-ssl \
--enable-rewrite \
--enable-proxy \
--enable-proxy-http \
--enable-proxy-connect \
--enable-proxy-ajp \
--enable-cache \
--enable-mods-shared=most \
--enable-mpms-shared=all \
--with-apr=/usr/local/apache-apr \
--with-apr-util=/usr/local/apache-apr-util \
--with-pcre \
--with-ssl \
--with-z \
--enable-deflate \
--enable-expires \
--enable-headers \
--enable-unique-id \
--enable-remoteip && \
make && make install
7、添加apache绝对路径
echo -e 'export APACHE_HOME=/usr/local/apache
export APACHE_APR_HOME=/usr/local/apache-apr
export APACHE_APU_HOME=/usr/local/apache-apr-util
export PATH=$APACHE_HOME/bin:$APCHE_APR_HOME/bin:$APACHE_APU_HOME/bin:$PATH' >> /etc/profile
source /etc/profile
8、添加systemctl
cat << 'EOF' | sudo tee /etc/systemd/system/apache.service
[Unit]
Description=Apache HTTP Server
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/apache/bin/apachectl start
ExecStop=/usr/local/apache/bin/apachectl stop
ExecReload=/usr/local/apache/bin/apachectl graceful
PIDFile=/usr/local/apache/logs/httpd.pid
PrivateTmp=true
Restart=on-failure
[Install]
WantedBy=multi-user.target
EOF
httpd.conf文件默认没有pid文件,因为apache会使用编译时的默认路径,如果不确定可以使用apachectl -V查看。
apachectl -V
也可以在httpd.conf配置文件中指定。
echo "PidFile /usr/localhttpd.pid" >> /usr/local/apache/conf/httpd.conf