Slashdot Mirror

← Back to Stories (view on slashdot.org)

Virgin Apache is Hard to Find

Posted by michael on from the yow dept.

markcox writes "Apache Week had written an article examining the Apache packages distributed by 10 popuplar Linux vendors. The survey found that all the vendors added some patches to virgin Apache including build patches, backported security patches, changing the product name through to dubious patches, and missed security fixes."

49 comments

  1. It's actually very easy to find... by embo · · Score: 4, Funny

    From the apache site:

    http://www.apache.org/dist/httpd/

  2. Did anyone else's mind go to the gutter... by AngryPuppy · · Score: 4, Funny

    ...when they read about trying to find virgin Apache? Perhaps headlines like this are part of the reason the tribes don't like native American references on sports teams, products, etc.

    1. Re:Did anyone else's mind go to the gutter... by walt-sjc · · Score: 2, Funny

      Did anyone else's mind go to the gutter...

      No, just yours. :-)

    2. Re:Did anyone else's mind go to the gutter... by AngryPuppy · · Score: 3, Funny

      No, just yours. :-)

      That's what I was afraid of.

      :-)

    3. Re:Did anyone else's mind go to the gutter... by AngryPuppy · · Score: 0, Offtopic

      Offtopic?

      Come on. It's a reasonable and almost funny response to the post above me. It's perfectly ON TOPIC for the coversation.

      Somewhere there's a moderator with "LOSER" emblazoned across his (her?) forehead because they couldn't find a better way to use their mod points.

  3. "virgin" httpd set up easier with ApacheToolbox by ubiquitin · · Score: 5, Interesting

    The strangness that various distros impart to apache is why I usually start with Apache Toolbox. This uses wget to automatically download any missing source, and currently supports 60+ third party modules in addition to the 36 apache modules which are included in standard source distribution. For redhatters, this even halts appropriately for RPMs that cause problems. Works on slowaris, and pretty much any BSD/*NIX with gcc. I'm not a member of this project or anything, just a fan: it just works.

    --
    http://tinyurl.com/4ny52
    1. Re:"virgin" httpd set up easier with ApacheToolbox by peterdaly · · Score: 2, Insightful

      I have to second that. ApacheToolBox rocks. Not only can it download and configure all of that, but it can also create an RPM at the end that contains everything and the configuration.

      That's a nice feature when you want the exact same configuration on more than one server.

      -Pete

      --
      Soccer Goal Plans
    2. Re:"virgin" httpd set up easier with ApacheToolbox by Anonymous Coward · · Score: 0
      I too want to throw my hat in the ring for ATB. It's very nice. My gripes about it are few:

      The help in install.sh is lacking. It doesn't give help for all the modules nor give a complete enough help for many of the modules. Plus the "99" help option is all or nothing, giving you all help info at once, scrolling by at the speed of light (or at least your console).

      It toggles the selection between modules that apparently can't work together like mod_throttle and mod_bandwidth. I discovered this just today. It doesn't tell you it's going to do this either.

      It doesn't give you any description of the possible layout options other than the distro it's common in.

      IMHO install.sh should be replace with a make menuconfig setup like what the kernel uses. This would allow for better and more direct help on selections. It would also give the ATB folks a place to to reference the main site for a module, dependancies, compatibility issues, etc..

      I really like ATB. Compiling just Apache from source is easy. If you want to toss things like mod_ssl and mod_perl in the mix, it's get hard very quickly. ATB makes it much easier.

  4. Maybe they should try slashdot... by tweder · · Score: 4, Funny

    It shouldn't be too difficult to find plenty of virgins around here :)

    *rimshot*

    1. Re:Maybe they should try slashdot... by Anonymous Coward · · Score: 0

      Sounds like he struck a nerve.

    2. Re:Maybe they should try slashdot... by Anonymous Coward · · Score: 0

      Is a rimshot anything like a rimjob?

  5. Ok ? by noselasd · · Score: 0, Offtopic

    and ... ?

  6. big suprise... by josepha48 · · Score: 3, Interesting
    NOT!

    NetBSD's ports patches most software as there are a few things that are specific to NetBSD. Just do a make install and watch it say 'patching...'. Minor things like LD_LIBRARY_PATH and things that if configure is not set up for then it wont find (not sure what their patches do). FreeBSD does the same thing. RedHat can't ship a default kernel they have to ship their own kernel. So what's the point? In order for any vendor to ship apache or any other software they usually have patches applied. This is because the way apache is setup to do things and the way that the vendors setup things is different. To get update and things you have to pretty much wait till they are ready to update the software.

    Solution: You want a virgin apache, download the source from apache.org and compile and install yourself. Pass configure the options you want. It's really not that hard.... Is this really worthy news?

    --

    Only 'flamers' flame!

  7. In other news... by mdielmann · · Score: 5, Funny

    ...Virgin Apache developers are fairly easy to find...

    --
    Sure I'm paranoid, but am I paranoid enough?
    1. Re:In other news... by vidnet · · Score: 2, Funny

      No more virgin apaches? Did our western way force them all into prostitution?

    2. Re:In other news... by Anonymous Coward · · Score: 0

      No! It was Custer, having his Revenge!

  8. An Apache Virgin by 56ksucks · · Score: 1, Funny

    An Apache Virgin is hard to find huh? Does this mean that an Apache Slut is easy to find?

    --

    ---- "Excuse me. Where's the children's gun section?"

  9. I just compile from the source by rklrkl · · Score: 5, Interesting

    Apache is one of those programs that I actually refuse to use a binary distribution of. I just download the latest source, set my preferred options (making sure I build with dynamically loadable modules, which allows me to comment out the ones I don't need in httpd.conf) and away I go. If Apache is installed, I "rpm -e" it and then "make install" my source-built version. If I want to upgrade, usually only the httpd binary and modules need updating and then a quick restart of the server and I'm nicely up-to-date (would you trust "rpm -Uvh" on a live production server's Apache ??!).

    1. Re:I just compile from the source by DA-MAN · · Score: 2, Insightful

      I sure do, it's easier when you have to update many servers to set up a local rpm site and have all servers update. The main thing is to roll your own Apache rpm. which is not too hard

      --
      Can I get an eye poke?
      Dog House Forum
  10. Slackware's Apache is not modified. by volkerdi · · Score: 4, Informative

    And that's the policy for nearly all of the other included packages as well.

    1. Re:Slackware's Apache is not modified. by Gruturo · · Score: 1

      And that's the policy for nearly all of the other included packages as well.

      And that's the reason we love Slackware and the great job you do, Pat.
      Many, many, many many thanks from all of us and from all the Slackware boxes reliably humming from all over the world!

      --

      Vacuum cleaners suck. Kings rule.
    2. Re:Slackware's Apache is not modified. by tlayne · · Score: 1

      And that's the policy for nearly all of the other included packages as well.

      And that's why we like Slackware so well. Keep up the good work. BTW, why no mod_perl?

      --
      Terry Layne
      Portland, OR
    3. Re:Slackware's Apache is not modified. by PONA-Boy · · Score: 1

      Hear, Hear!!! I second that emotion...

      although, I _still_ tend to compile from source and install by hand.

      make mine SLACKWARE!!!

      -PONA-

      --
      +that's funny...I don't FEEL tardy.+
    4. Re:Slackware's Apache is not modified. by (startx) · · Score: 1

      Okay, so slackware-9.0 has been tagged for almost 24 hours now, and your posting to slashdot rather than making iso's, sending an email to the announce list, posting to the front page of slackware.com, and getting the cd sets ready? Come on man, where are your priorities?!?! /me refreshes /. to see if there are any new stories.....

  11. SWEET ZOMBIE JESUS!!! PATCHES??? by Anonymous Coward · · Score: 4, Funny

    "The survey found that all the vendors added some patches to virgin Apache ["a patchy server"] including build patches, backported security patches, changing the product name through to dubious patches, and missed security fixes."

    Patches in Apache??? No way! You must be kidding me! I think I'm gonna wet my gay panties! Who'd've thought 'bout that?! This has to be a front page story on Slashdot!!!

  12. open source by charmer · · Score: 4, Insightful
    From the article: "The Apache Software Foundation would rather that vendors of Apache didn't add any third-party modifications to Apache at all - it adds to brand confusion. It's rather like going to buy Coke, complaining to the Coca-Cola company that the drink was too sour, then finding that your supermarket was adding lemon."

    Thats because Coke is not open source. Isn't the ability to modify an inherent feature in open source software ?

    Charmer

    1. Re:open source by Anonymous Coward · · Score: 0

      > Thats because Coke is not open source. Isn't the ability to modify an inherent feature in open source software ?

      This is Slashdot. We are using Linux, not Windows, and we are drinking OpenCola, not Coke. Did I miss a memo or something? Is OSS not "elite" now, or what?

    2. Re:open source by jericho4.0 · · Score: 4, Insightful
      True, but the Apache team does have a valid concern, in that people who think they're getting vanilla Apache are getting something else.

      I think a good compromise would be every dist including comprehensive changlogs.

      --
      "A language that doesn't affect the way you think about programming, is not worth knowing" - Alan Perlis
    3. Re:open source by Anonymous Coward · · Score: 0

      > True, but the Apache team does have a valid concern, in that people who think they're getting vanilla Apache are getting something else.

      Good point. I use Debian (www.debian.org), and I thought that the real Apache is such a rock solid stable program. Man, was I wrong.

    4. Re:open source by Misch · · Score: 1

      Getting what? Vanilla coke?

      --

      --You will rephrase your request for me to go to hell. Goto statements are not acceptable programming constructs
  13. MOD PARENT UP! by Anonymous Coward · · Score: 0

    the most funny comment in this article!!! :)))))

  14. Yes by Compact+Dick · · Score: 1


    Especially when I sub-read the line under it [ Security Hole Found in...]

    --
    Use ISO 8601 dates [YYYY-MM-DD]
  15. Slashdot discovers... by augustz · · Score: 4, Interesting

    that distributions are doing precisely what open source software was designed to permit.

    Shock is expressed that all users of apache do not bow down to the demands of pencil pansies everywhere but that a free flowing and open marketplace of ideas expressed in different software variations exists.

    In good news however, software users can find software that doesn't have many variations or 'dubious patches' at their local Office Depot in boxes produced by Microsoft.

    Give me a break. This is news how?

  16. Rule #1 of Apache on RedHat. by Anonymous Coward · · Score: 0

    1. Open Mozilla, go to www.apache.org, download source.

    I think you can guess what rule #2 is. Yeah, binary distribution for some things is great.

    For others, you just label yourself as a great big fscking idiot if you rely on it.

    1. Re:Rule #1 of Apache on RedHat. by Lord-StarFury · · Score: 1

      Apache on Red Hat might be okay if you don't know what the F* you're doing, but if you want apache/php/whatever configured the way you want it to be, its best to compile from source :)

      --
      ...then the old man said to me, "It's jivin' time."
  17. Modding can be tricky by Da+VinMan · · Score: 1, Offtopic

    I didn't mod this (obviously since I'm posting), but I do know that moderating can be tricky sometimes.

    I once modded a comment as "Troll" because the comment concluded with some wise ass remark about their not being real thought put into posts on /. (or some such). I resented the remark because I usually try to keep my posts relatively intelligent, useful, accurate, etc. Hell, I even spell check my posts so I don't develop sloppy habits just because I'm posting on /.

    Anyway, no one understood the mod I made, so I got battered in meta-moderation. Well, if that wasn't bad enough, I think I also pissed off the local deities, because I got whacked with a couple of subsequent "Off Topic" mods to a couple of posts I made. It's not a big deal, but it was interesting timing.

    Anyway, in this case, maybe the mod is just a prick, but it's sometimes hard to tell.

    --
    Please mod this post only if you think others should/n't read this. I have enough ego^H^H^Hkarma. Thanks!
    1. Re:Modding can be tricky by AngryPuppy · · Score: 1

      Hard to say. It was the first time I've been modded down, and with a few beers in my system, I s'pose I was in a fighting mood.

    2. Re:Modding can be tricky by IWX222 · · Score: 1

      (Score: 2, Offtopic) You see somet new every day. And before you ask I have modded and meta-modded several times so i _do_ have a certain amount of experience

      --


      .sig me!
    3. Re:Modding can be tricky by Da+VinMan · · Score: 1

      I laughed, I cried. I give up. :+} I'm sure the moderator was simply mod-trolling or just being funny. I'm sure they'll get whacked in meta-moderation.

      --
      Please mod this post only if you think others should/n't read this. I have enough ego^H^H^Hkarma. Thanks!
    4. Re:Modding can be tricky by Anonymous Coward · · Score: 0
      Hell, I even spell check my posts

      Next time, also try grammar checking it. Hint: their != there

    5. Re:Modding can be tricky by Anonymous Coward · · Score: 0

      Yeah, I saw that after I posted. I try not to be sloppy, but there is only so much time I'm going to spend at each post. Oh well....

  18. installing from distros by KD7JZ · · Score: 0

    I am finding that I mostly only install the base
    OS from the distro, and then download the major
    packages from their respective sites.

  19. RedHat vs Solaris by pyrrho · · Score: 1

    Yes, I noticed this, on my Solaris 8 box, it came with apache... but in RedHat, no apache... there's something called httpd though....

    {um that would be +1 "Funny", or possibly -10 "Not Funny", but not -1 "That is apache you idiot"}

    --

    -pyrrho

  20. Looking for virgins? by Anonymous Coward · · Score: 0

    You've definitely posted to the right place!

  21. To Summarize: by Anonymous Coward · · Score: 0
    Compact Dick finds Security Hole under Virgin Apache.

    Did I get that right?

  22. Virgin Apache? by Anonymous Coward · · Score: 0

    Enough is enough. This time Richard Branson has gone too far.