概要
設定変更をしないで Apache の設定や情報をダンプする方法のまとめ。
出力例は CentOS 7.1.1503 および yum でインストールした Apache 2.4.6 のデフォルト設定の環境による。
各コマンド一覧
httpd -t -D DUMP_CONFIG 2>/dev/null | grep '# In' | awk '{print $4}' # 設定ファイル一覧
httpd -t -D DUMP_CONFIG 2>/dev/null | grep -v '#' # 設定ファイル内容
httpd -V # コンパイル時の設定
httpd -S -D SSL # 実行時の設定
httpd -l # 静的モジュール一覧
httpd -M # ロード済みモジュール一覧
rpm -qi httpd # パッケージ情報
rpm -q --changelog httpd # パッケージ更新履歴
設定(conf)ファイル
設定ファイルの一覧の取得
Apache の conf ファイルの一覧をコマンドラインで取得する方法を本邦初公開(たぶん)。
SetHandler server-info の設定をしていなくても mod_info モジュールがロードされていれば設定ファイルが一覧できる。
httpd -t -DDUMP_CONFIG でも可。
httpd -t -D DUMP_CONFIG 2>/dev/null | grep '# In' | awk '{print $4}'
/etc/httpd/conf/httpd.conf
/etc/httpd/conf.d/autoindex.conf
/etc/httpd/conf.d/userdir.conf
/etc/httpd/conf.d/welcome.conf
設定ファイルの内容の取得
httpd -t -D DUMP_CONFIG 2>/dev/null | grep -v '#'
Listen 80
User apache
Group apache
ServerAdmin root@localhost
<Directory />
AllowOverride none
Require all denied
</Directory>
DocumentRoot "/var/www/html"
<Directory "/var/www">
AllowOverride None
Require all granted
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
DirectoryIndex index.html
<Files ".ht*">
Require all denied
</Files>
ErrorLog "logs/error_log"
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
CustomLog "logs/access_log" combined
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
TypesConfig /etc/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
AddDefaultCharset UTF-8
MIMEMagicFile conf/magic
EnableSendfile on
IndexOptions FancyIndexing HTMLTable VersionSort
Alias /icons/ "/usr/share/httpd/icons/"
<Directory "/usr/share/httpd/icons">
Options Indexes MultiViews FollowSymlinks
AllowOverride None
Require all granted
</Directory>
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif /core
AddIcon /icons/bomb.gif */core.*
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
DefaultIcon /icons/unknown.gif
ReadmeName README.html
HeaderName HEADER.html
UserDir disabled
<Directory "/home/*/public_html">
AllowOverride FileInfo AuthConfig Limit Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
Require method GET POST OPTIONS
</Directory>
<LocationMatch "^/+$">
Options -Indexes
ErrorDocument 403 /.noindex.html
</LocationMatch>
<Directory /usr/share/httpd/noindex>
AllowOverride None
Require all granted
</Directory>
Alias /.noindex.html /usr/share/httpd/noindex/index.html
Alias /noindex/css/bootstrap.min.css /usr/share/httpd/noindex/css/bootstrap.min.css
Alias /noindex/css/open-sans.css /usr/share/httpd/noindex/css/open-sans.css
Alias /images/apache_pb.gif /usr/share/httpd/noindex/images/apache_pb.gif
Alias /images/poweredby.png /usr/share/httpd/noindex/images/poweredby.png
設定ファイルのパーサー
どこまでまともに使えるか不明だが、とりあえず見つけたものをピックアップした。
Python
http://www.poldylicious.de/node/25
2008/07/04 投稿
https://pypi.python.org/pypi/apache_conf_parser
2011/04/12 リリース
PHP
http://stackoverflow.com/questions/11057733/how-to-parse-a-conf-file-in-php/11057915#11057915
2012/06/15 コメント
Ruby
http://serverfault.com/questions/122002/parse-edit-apache-conf-files-with-ruby/124236#124236
2010/03/19 コメント
Java
https://github.com/jrossi227/ApacheConfParser
2016/04/24 コミット
Perl
http://search.cpan.org/dist/Apache-ConfigParser-1.01/lib/Apache/ConfigParser.pm
2015/05/23 リリース
JavaScript
https://github.com/tellnes/node-apacheconf
2013/11/30 コミット
Apache の設定情報
コンパイル時の設定の取得
httpd -V
Server version: Apache/2.4.6 (CentOS)
Server built: May 12 2016 10:27:23
Server's Module Magic Number: 20120211:24
Server loaded: APR 1.4.8, APR-UTIL 1.5.2
Compiled using: APR 1.4.8, APR-UTIL 1.5.2
Architecture: 64-bit
Server MPM: prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/etc/httpd"
-D SUEXEC_BIN="/usr/sbin/suexec"
-D DEFAULT_PIDLOG="/run/httpd/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
実行時の設定の取得
httpd -t -D DUMP_VHOSTS -D DUMP_RUN_CFG -D SSL と同義。
httpd -S -D SSL
VirtualHost configuration:
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex authdigest-opaque: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
Define: SSL
User: name="apache" id=48
Group: name="apache" id=48
モジュール
コンパイルされたモジュールの一覧の取得
httpd -l
Compiled in modules:
core.c
mod_so.c
http_core.c
ロードされたモジュールの一覧の取得
httpd -M
Loaded Modules:
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
allowmethods_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_core_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_file_module (shared)
authn_socache_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cache_module (shared)
cache_disk_module (shared)
data_module (shared)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
echo_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_magic_module (shared)
mime_module (shared)
negotiation_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
substitute_module (shared)
suexec_module (shared)
unique_id_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
lua_module (shared)
mpm_prefork_module (shared)
proxy_module (shared)
lbmethod_bybusyness_module (shared)
lbmethod_byrequests_module (shared)
lbmethod_bytraffic_module (shared)
lbmethod_heartbeat_module (shared)
proxy_ajp_module (shared)
proxy_balancer_module (shared)
proxy_connect_module (shared)
proxy_express_module (shared)
proxy_fcgi_module (shared)
proxy_fdpass_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_scgi_module (shared)
proxy_wstunnel_module (shared)
systemd_module (shared)
cgi_module (shared)
その他の情報
パッケージ情報の取得
rpm -qi httpd
Name : httpd
Version : 2.4.6
Release : 40.el7.centos.1
Architecture: x86_64
Install Date: 2016年07月05日 13時44分16秒
Group : System Environment/Daemons
Size : 9806197
License : ASL 2.0
Signature : RSA/SHA256, 2016年05月13日 08時40分23秒, Key ID 24c6a8a7f4a80eb5
Source RPM : httpd-2.4.6-40.el7.centos.1.src.rpm
Build Date : 2016年05月12日 19時29分24秒
Build Host : worker1.bsys.centos.org
Relocations : (not relocatable)
Packager : CentOS BuildSystem <http://bugs.centos.org>
Vendor : CentOS
URL : http://httpd.apache.org/
Summary : Apache HTTP Server
Description :
The Apache HTTP Server is a powerful, efficient, and extensible
web server.
パッケージの更新履歴
rpm -q --changelog httpd
* 木 5月 12 2016 CentOS Sources <bugs@centos.org> - 3.4.6-40.el7.centos.1
- Remove index.html, add centos-noindex.tar.gz
- change vstring
- change symlink for poweredby.png
- update welcome.conf with proper aliases
* 月 3月 21 2016 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-40.1
- fix apache user creation when apache group already exists (#1319001)
* 木 9月 17 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-40
- mod_dav: follow up fix for previous commit (#1263975)
* 水 8月 26 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-39
- mod_dav: treat dav_resource uri as escaped (#1255480)
* 水 8月 19 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-38
- mod_ssl: add support for User Principal Name in SSLUserName (#1242503)
* 月 8月 10 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-37
- core: fix chunk header parsing defect (CVE-2015-3183)
- core: replace of ap_some_auth_required with ap_some_authn_required
and ap_force_authn hook (CVE-2015-3185)
* 火 7月 14 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-36
- Revert fix for #1162152, it is not needed in RHEL7
- mod_proxy_ajp: fix settings ProxyPass parameters for AJP backends (#1242416)
* 水 7月 01 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-35
- mod_remoteip: correct the trusted proxy match test (#1179306)
- mod_dav: send complete response when resource is created (#1235383)
- apachectl: correct the apachectl status man page (#1231924)
* 水 6月 03 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-34
- mod_proxy_fcgi: honor Timeout / ProxyTimeout (#1222328)
- do not show all vhosts twice in httpd -D DUMP_VHOSTS output (#1225820)
- fix -D[efined] or <Define>[d] variables lifetime accross restarts (#1227219)
- mod_ssl: do not send NPN extension with not configured (#1226015)
* 月 5月 18 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-33
- mod_authz_dbm: fix crash when using "Require dbm-file-group" (#1221575)
パッケージの設定ファイルの取得
rpm -qc httpd
出力例
/etc/httpd/conf.d/autoindex.conf
/etc/httpd/conf.d/userdir.conf
/etc/httpd/conf.d/welcome.conf
/etc/httpd/conf.modules.d/00-base.conf
/etc/httpd/conf.modules.d/00-dav.conf
/etc/httpd/conf.modules.d/00-lua.conf
/etc/httpd/conf.modules.d/00-mpm.conf
/etc/httpd/conf.modules.d/00-proxy.conf
/etc/httpd/conf.modules.d/00-systemd.conf
/etc/httpd/conf.modules.d/01-cgi.conf
/etc/httpd/conf/httpd.conf
/etc/httpd/conf/magic
/etc/logrotate.d/httpd
/etc/sysconfig/htcacheclean
/etc/sysconfig/httpd