LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   First time Apache upgrade (https://www.linuxquestions.org/questions/linux-newbie-8/first-time-apache-upgrade-4175457680/)

raulito_b 04-10-2013 11:55 AM
First time Apache upgrade
 
I have a 10.04.01 Ubuntu server running webmin version 1.620 and I want to upgrade my apache version from 2.2.14 to 2.2.24 before I upgrade to 2.4. Since this is the first time I"m doing this I did the following steps.

Code:
gunzip -d httpd-2.2.24.tar.gz
tar xvf httpd-2.2.24.tar
./configure
But After i ran ./configure I got this output with an error

Code:
apache2/httpd-2.2.24# ./configure
checking for chosen layout... Apache
checking for working mkdir -p... yes
checking build system type... i686-pc-linux-gnu
checking host system type... i686-pc-linux-gnu
checking target system type... i686-pc-linux-gnu

Configuring Apache Portable Runtime library ...

checking for APR... reconfig
configuring package in srclib/apr now
checking build system type... i686-pc-linux-gnu
checking host system type... i686-pc-linux-gnu
checking target system type... i686-pc-linux-gnu
Configuring APR library
Platform: i686-pc-linux-gnu
checking for working mkdir -p... yes
APR Version: 1.4.6
checking for chosen layout... apr
checking for gcc... no
checking for cc... no
checking for cl.exe... no
configure: error: in `/etc/apache2/httpd-2.2.24/srclib/apr':
configure: error: no acceptable C compiler found in $PATH
See `config.log' for more details
configure failed for srclib/apr
How can I overcome this? did I miss a step or am I missing some elements in my current apache install?

Thanks!

snowday 04-10-2013 12:03 PM
I believe this error is caused because you don't have the compiler installed, which you can install with:

Code:
sudo apt-get update
sudo apt-get install build-essential

raulito_b 04-10-2013 12:09 PM
Thanks for the quick reply!
I"m going to go ahead and install that package and try again.

raulito_b 04-10-2013 12:42 PM
That totally helped thanks.
But before I install I noticed that there is a specific set of instructions for upgrading apache as opposed to installing a whole version which was the steps I was following.
What would be the better option to do then?

should I do what the apache document says to do during an upgrade or should I just do a whole new install with the upgraded version of apache?

Here are the instructions for upgrading in the apache docs

Quote:
to upgrade across minor versions, start by finding the file config.nice in the build directory of your installed server or at the root of the source tree for your old install. This will contain the exact configure command line that you used to configure the source tree. Then to upgrade from one version to the next, you need only copy the config.nice file to the source tree of the new version, edit it to make any desired changes, and then run:

$ ./config.nice
$ make
$ make install
$ PREFIX/bin/apachectl -k graceful-stop
$ PREFIX/bin/apachectl -k start
Should I just do these steps? I'm guessing I still have to download that newer version of apache and then run this or?

Thanks!

snowday 04-10-2013 12:48 PM
I would use the stable, Ubuntu-supported apache, personally (unless I had a specific reason to upgrade, a spare testing system, and time/manpower to address any issues that might arise due to the upgrade).

raulito_b 04-10-2013 12:56 PM
Well I have a working web server now with a site on it, would upgrading to the full version change any of the settings I have now for my site? Thats my biggest worry actually. I have two options I can do a slow upgrade from 2.2.14 to 2.2.24 then go to 2.4 or I can just go straight into 2.2.14 to 2.4.
Also is there an Ubuntu specific version of Apache? I was just going to use the package from the apache.org site.


Thanks again!

snowday 04-10-2013 01:06 PM
If your web server is working fine, what is the reason/purpose for the upgrade? The more details you give, the better advice you will get from the forum experts.

Here is the Ubuntu 10.04 documentation for installing and configuring apache: https://help.ubuntu.com/10.04/serverguide/httpd.html

raulito_b 04-10-2013 01:13 PM
Well since I"m runnning Coldfusion server on this server I did an security prob found here https://foundeo.com/hack-my-cf/

I ran a scan and one of the critical issue it found was that I have an older version of Apache


Quote:
We found 3 security issues on your server xxx.xxx.com
* important* Apache 2.2 Security Update Available
The version of Apache you are running does not contain the
most recent security fixes.
More Information:
http://httpd.apache.org/security/vul...lities_22.html
So that particular secuirty issue is addrssed in apache version 2.2.24. So that is why I wanted to upgrade to that version.

Hope that helps.

Thanks!

snowday 04-10-2013 01:22 PM
What are the specific "security issues" and what is their impact? The "critical issue" you have quoted is completely non-informative.

You can check the Ubuntu 10.04 apache2 changelog to see if the specific security issues you are worried about have been patched: http://changelogs.ubuntu.com/changel...8.11/changelog

I see that it was patched with three security updates (maybe the ones you are concerned about, though I have absolutely know way of knowing that) on March 8, 2013.

Here is an article to help you understand version numbering in long-term-support Linux distributions: https://access.redhat.com/security/u...g/?sc_cid=3093
(written for Red Hat but the concepts also apply to Ubuntu)

Quote:
Backporting has a number of advantages for customers, but it can create confusion when it is not understood. Customers need to be aware that just looking at the version number of a package will not tell them if they are vulnerable or not. For example, stories in the press may include phrases such as "upgrade to Apache httpd 2.0.43 to fix the issue," which only takes into account the upstream version number. This can cause confusion as even after installing updated packages from a vendor, it is not likely customers will have the latest upstream version. They will instead have an older upstream version with backported patches applied.

Also, some security scanning and auditing tools make decisions about vulnerabilities based solely on the version number of components they find. This results in false positives as the tools do not take into account backported security fixes.


All times are GMT -5. The time now is 07:32 AM.