Building and Installing Apache Extension Shared Object Modules With apxs

The APache eXtenSion tool or apxs is a neat little program (perl script) that lets us build and install extension modules for the Apache HTTP Server. These are similar to the modules we’ve seen so many times like mod_rewrite, mod_proxy, mod_authz_core, mod_remoteip, etc. that reside in a folder somewhere as .so (shared object) files. Yes, we’re talking about learning how to build shared/dynamic modules from the C source code with this tool.

To use this extension mechanism, your platform must support the DSO feature (which is true for most unix-based or unix-like operation systems) and httpd must be built with mod_so (which is also fairly common). If that’s not the case, apxs will anyway complain on a run.

Installation

Let’s see how to install the apxs tool across different operating systems as it doesn’t always ship with the default apache or httpd package from the standard package manager repositories.

FreeBSD

With FreeBSD, the apxs tool ships with the apache package itself, so that’s cool.

# pkg install apache24
# rehash
# which apxs
/usr/local/sbin/apxs

CentOS / Fedora

For CentOS or Fedora, we must install a separate package called httpd-devel.

# dnf install httpd-devel # or yum install httpd-devel
# which apxs
/usr/bin/apxs

Ubuntu / Debian

For Ubuntu or Debian, the package to be installed is apache2-dev.

# apt install apache2-dev
# which apxs
/usr/bin/apxs

Alpine (Docker)

If you’re running Alpine based containers, then apache2-dev package is needed.

# apk add apache2-dev

Usage

Once you’ve apxs installed, using it is pretty straightforward. For instance recently I had to build and install the mod_evasive module (used for DDoS protection) and all I did was copy the single C file and run this command:

# apxs -cia mod_evasive.c
...
Libraries have been installed in:
   /usr/lib/apache2/modules
...
chmod 644 /usr/lib/apache2/modules/mod_evasive.so
[preparing module `evasive20' in /etc/apache2/mods-available/evasive20.load]
Enabling module evasive20.
To activate the new configuration, you need to run:
  service apache2 restart

It takes care of:

  • -c – Building the .so file.
  • -i – Putting it in the correct location (where all the other modules lie) which in my case (Ubuntu) is /usr/lib/apache2/modules/.
  • -a – Creates a .load file with LoadModule directive and puts it under mods-available (Ubuntu/Debian specific). It even enables the module. In other distributions like FreeBSD, Fedora, etc. apxs will automatically add the LoadModule directive to httpd.conf.

For the changes to take effect, the final step is to just restart the apache server.

So now we know given a source file (in C), how apxs can be used to churn out a shared object that can be easily linked to httpd. In the future if you’ve to build third party modules from scratch because the operating system package manager doesn’t provide the objects, then you know what to do!

Leave a Reply

Your email address will not be published. Required fields are marked *