.\" $OpenBSD: httpd.8,v 1.12 2003/03/06 04:07:38 david Exp $ .\" Copyright (c) 1995-1997 David Robinson. All rights reserved. .\" Copyright (c) 1997-1999 The Apache Group. All rights reserved. .\" Copyright (c) 1998-1999 Bob Beck. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in .\" the documentation and/or other materials provided with the .\" distribution. .\" .\" 3. All advertising materials mentioning features or use of this .\" software must display the following acknowledgment: .\" "This product includes software developed by the Apache Group .\" for use in the Apache HTTP server project (http://www.apache.org/)." .\" .\" 4. The names "Apache Server" and "Apache Group" must not be used to .\" endorse or promote products derived from this software without .\" prior written permission. .\" .\" 5. Redistributions of any form whatsoever must retain the following .\" acknowledgment: .\" "This product includes software developed by the Apache Group .\" for use in the Apache HTTP server project (http://www.apache.org/)." .\" .\" THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY .\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR .\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR .\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, .\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; .\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, .\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" ==================================================================== .\" .\" This software consists of voluntary contributions made by many .\" individuals on behalf of the Apache Group and was originally based .\" on public domain software written at the National Center for .\" Supercomputing Applications, University of Illinois, Urbana-Champaign. .\" For more information on the Apache Group and the Apache HTTP server .\" project, please see . .Dd September 18, 2002 .Dt HTTPD 8 .Os .Sh NAME .Nm httpd .Nd Apache Hypertext Transfer Protocol Server .Sh SYNOPSIS .Nm httpd .Op Fl FhlLStTuvVX .Op Fl d Ar serverroot .Op Fl f Ar config .Op Fl c Ar directive .Op Fl C Ar directive .Op Fl D Ar parameter .Op Fl R Ar libexecdir .Sh DESCRIPTION .Nm is the Apache HyperText Transfer Protocol (HTTP) server program. It is designed to be run as a standalone daemon process. When used like this it will create a pool of child processes to handle requests. To stop it, send a TERM signal to the initial (parent) process. The PID of this process is written to a file as given in the configuration file. Alternatively .Nm may be invoked by the Internet daemon .Xr inetd 8 each time a connection to the HTTP service is made. .Pp Normally this service can be enabled for startup on OpenBSD by editing .Pa /etc/rc.conf . The .Fl u option is of particular importance. .Pp This manual page only lists the command line arguments. For details of the directives necessary to configure .Nm see the Apache manual, which is part of the Apache distribution or can be found at .Pa http://www.apache.org/ , or in .Pa /var/www/htdocs/manual . Paths in this manual page reflect those compiled into .Nm by default with OpenBSD. .Sh OPTIONS .Bl -tag -width Ds .It Fl u By default .Nm will .Xr chroot 2 to the .Va serverroot path. The .Fl u option disables this behaviour, and returns .Nm to the expanded "unsecure" behaviour. .Pp As a result of the default secure behaviour, .Nm cannot access any objects outside .Va ServerRoot -- this security measure is taken in case .Nm is compromised. This is not without drawbacks, though: .Pp CGI programs may fail due to the limited environment available inside this chroot space. UserDir, of course, cannot access files outside the directory space. Other modules will also have issues. DocumentRoot directories or any other files needed must be inside .Va ServerRoot . For this to work, pathnames inside the .Va config file do not need adjustment relative to .Va ServerRoot . For this option to remain secure, it is important that no files or directories writable by user .Ar www or group .Ar www are created inside the .Va ServerRoot . .It Fl R Ar libexecdir This option is only available if .Nm was built with the .Dv SHARED_CORE rule enabled which forces the .Nm core code to be placed into a dynamic shared object (DSO) file. This file is searched in a hardcoded path under ServerRoot per default. Use this option to override. .It Fl d Ar serverroot Set the initial value for the ServerRoot directive to .Va serverroot . This can be overridden by the ServerRoot command in the configuration file. The default is .Pa /var/www . .It Fl f Ar config Execute the commands in the file .Va config on startup. If .Va config does not begin with a /, then it is taken to be a path relative to the ServerRoot. The default is .Pa conf/httpd.conf . .It Fl C Ar directive Process the configuration .Va directive before reading config files. .It Fl c Ar directive Process the configuration .Va directive after reading config files. .It Fl D Ar parameter Sets a configuration .Va parameter which can be used with ... sections in the configuration files to conditionally skip or process commands. .It Fl F Run the main process in foreground. For process supervisors. .It Fl h Output a short summary of available command line options. .It Fl l Output a list of modules compiled into the server. .It Fl L Output a list of directives together with expected arguments and places where the directive is valid. .It Fl S Show the settings as parsed from the config file (currently only shows the virtualhost settings). .It Fl t Run syntax tests for configuration files only, including DocumentRoot checks. The program immediately exits after this syntax parsing with either a return code of 0 (Syntax OK) or return code not equal to 0 (Syntax Error). .It Fl T Run syntax tests for configuration files only, without DocumentRoot checks. The program immediately exits after this syntax parsing with either a return code of 0 (Syntax OK) or return code not equal to 0 (Syntax Error). .It Fl X Run in single-process mode, for internal debugging purposes only; the daemon does not detach from the terminal or fork any children. Do NOT use this mode to provide ordinary web service. .It Fl v Print the version of .Nm Ns , and then exit. .It Fl V Print the version and build parameters of .Nm Ns , and then exit. .El .Pp The documents served by .Nm should not be owned by the user which .Nm is running as (usually user .Va www and group .Va www Ns ). They must, however, be readable by this user. .Sh FILES .Bl -tag -width /etc/passwd -compact .It Pa /var/www/conf/httpd.conf .It Pa /var/www/conf/srm.conf .It Pa /var/www/conf/access.conf .It Pa /var/www/conf/mime.types .It Pa /var/www/logs/error_log .It Pa /var/www/logs/access_log .It Pa /var/www/logs/httpd.pid .It Pa /etc/rc.conf .El .Sh SEE ALSO .Xr chroot 2 , .Xr inetd 8 , .Xr rc 8