4.3 Understanding the Default OES Setup of Apache HTTP Server

4.3.1 Apache and Tomcat Installation

Novell-ready versions of Apache 2 HTTP Server software (Prefork, 64-bit) and Tomcat 6 are automatically installed when you set up OES services on a server.

4.3.2 Apache HTTP Server Configuration

OES configures Apache settings in the /etc/sysconfig/apache2 global configuration file and the /etc/apache2/conf.d/oes_httpd.conf configuration file.

The /etc/sysconfig/apache2 configuration file controls some global settings of Apache, such as modules to load, additional configuration files to include, server flags to apply when the Apache HTTP Server daemon (httpd2) is started, and flags that should be added to the command line.

4.3.3 Apache User wwwrun and Group www

Apache uses the user wwwrun identity to serve files to clients of your website. OES and Apache configure the following during the OES installation:

  • The Apache installation creates a local group www and user wwwrun on the server. OES automatically makes the user wwwrun as the file owner of the web content for the OES Welcome website.

    When you create a website location, you must configure the user wwwrun as the file owner of the website’s main directory and files.

  • OES creates the group www and the user wwwrun in eDirectory when you install an OES server in an eDirectory tree for the first time. The user wwwrun is added as a member of the group www. The user novlxsrvd is also created and added to the group www.

  • OES enables the group www and its member users (wwwrun and novlxsrvd) for Linux with Linux User Management (LUM).

    If your website is hosted on an NSS volume or an NCP-enabled Linux volume, you must assign the eDirectory user wwwrun as a file system trustee of the website’s main directory, and give the trustee Read and File Scan rights.

For information about changing the file owner or configuring a file system trustee, see Section 4.4.6, Configuring Permissions for the Website DocumentRoot Directory.

4.3.4 Virtual Host for the OES Welcome Website

OES automatically configures the OES Welcome website in the /etc/opt/novell/httpd/conf.d/welcome-apache.conf file. Listening is set up on port 80 in the /etc/apache2/listen.conf file. Port 80 is opened in the firewall. The Apache HTTP Server daemon (httpd2) starts automatically on server restart.

Apache serves the Welcome page for the OES server at

http://<server_dns_or_ip_address>

4.3.5 Secure SSL Virtual Host for the Default Website

OES automatically configures a default secure virtual host (_default_:443) in the /etc/apache2/vhost.d/vhost-ssl.conf file. It sets up listening on port 443 in the /etc/apache2/listen.conf file. It opens port 443 in the firewall. The default virtual host configuration is automatically loaded first. It is also used when a domain name does not match a virtual host configuration. The default virtual host defines a custom log /var/log/apache2/ssl_request_log to capture events for SSL requests. An Include directive in the /etc/apache2/vhost.d/vhost-ssl.conf file automatically loads the virtual hosts that are defined in the /etc/opt/novell/httpd/sslconf.d/*.conf files.

4.3.6 Secure SSL Virtual Host for the Novell iManager Website

If you install Novell iManager on an OES server, the iManager installation automatically configures a secure virtual host for iManager and Novell Portal Services (NPS) in the /etc/opt/novell/iManager/nps-Apache.conf file. A symbolic link in the /etc/opt/novell/httpd/sslconf.d/ directory points to the nps-Apache.conf file. This allows the virtual host to be automatically included along with the default secure virtual host when Apache is restarted.

Aliases are defined in the nps-Apache.conf file to hit the website with any of the following URLs:

https://<server_dns_or_ip_address>/nps/iManager.html

https://<server_dns_or_ip_address>/nps

https://<server_dns_or_ip_address>/iManager.html