httpd/httpd.service

# See httpd.service(8) for more information on using the httpd service.

# Modifying this file in-place is not recommended, because changes
# will be overwritten during package upgrades.  To customize the
# behaviour, run "systemctl edit httpd" to create an override unit.

# For example, to pass additional options (such as -D definitions) to
# the httpd binary at startup, create an override unit (as is done by
# systemctl edit) and enter the following:

#	[Service]
#	Environment=OPTIONS=-DMY_DEFINE

[Unit]
Description=The Apache HTTP Server
Wants=httpd-init.service
After=network.target remote-fs.target nss-lookup.target httpd-init.service
Documentation=man:httpd.service(8)

[Service]
Type=notify
Environment=LANG=C

ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND
ExecReload=/usr/sbin/httpd $OPTIONS -k graceful
# Send SIGWINCH for graceful stop
KillSignal=SIGWINCH
KillMode=mixed
DevicePolicy=closed
KeyringMode=private
LockPersonality=yes
MemoryDenyWriteExecute=yes
OOMPolicy=continue
PrivateDevices=yes
PrivateTmp=true
ProtectClock=yes
ProtectControlGroups=yes
ProtectHome=read-only
ProtectHostname=yes
ProtectKernelLogs=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
ProtectSystem=yes
RestrictNamespaces=yes
RestrictRealtime=yes
RestrictSUIDSGID=yes
SystemCallArchitectures=native

[Install]
WantedBy=multi-user.target
move unit man pages to section 8, add as Documentation= in units 2017-06-05 15:55:45 +00:00			`# See httpd.service(8) for more information on using the httpd service.`
add httpd.service(5) and httpd.socket(5) man pages 2017-05-19 10:04:53 +00:00
Tweak wording. 2017-04-18 07:59:42 +00:00			`# Modifying this file in-place is not recommended, because changes`
Shorter text in httpd.service. 2017-07-14 11:57:27 +00:00			`# will be overwritten during package upgrades. To customize the`
			`# behaviour, run "systemctl edit httpd" to create an override unit.`
update to 2.4.23 (#1325883, #1353203) - load mod_proxy_hcheck - recommend use of "systemctl edit" in httpd.service Resolves: rhbz#1353203 Resolves: rhbz#1325883 2016-07-07 12:22:30 +00:00
Tweak wording. 2017-04-18 07:59:42 +00:00			`# For example, to pass additional options (such as -D definitions) to`
			`# the httpd binary at startup, create an override unit (as is done by`
			`# systemctl edit) and enter the following:`
ignore /etc/sysconfig/httpd and document systemd way of setting env variables in this file 2013-05-24 08:24:09 +00:00
			`# [Service]`
			`# Environment=OPTIONS=-DMY_DEFINE`

add systemd service files (#684175, thanks to Jóhann B. Guðmundsson) 2011-04-12 14:39:15 +00:00			`[Unit]`
update to 2.4.1 - adopt upstream default httpd.conf (almost verbatim) - split all LoadModules to conf.modules.d/.conf - include conf.d/.conf at end of httpd.conf - trim %changelog 2012-03-13 09:55:18 +00:00			`Description=The Apache HTTP Server`
Generate SSL keys on service start This defers the creation of self-signed SSL certificates to the first time that httpd starts up. This has several advantages: * Waiting until the first boot will help avoid some issues with limited entropy in the install process. * The certificates can be regenerated automatically whenever they are removed, which helps with tools such as virt-sysprep * The certificates are now generated by SSCG, which produces a limited-trust CA alongside it that can be safely imported by a client. For more information on SSCG, see: https://sgallagh.wordpress.com/2016/05/02/self-signed-ssltls-certificates-why-they-are-terrible-and-a-better-alternative/ Signed-off-by: Stephen Gallagher <sgallagh@redhat.com> 2017-09-20 18:18:24 +00:00			`Wants=httpd-init.service`
			`After=network.target remote-fs.target nss-lookup.target httpd-init.service`
move unit man pages to section 8, add as Documentation= in units 2017-06-05 15:55:45 +00:00			`Documentation=man:httpd.service(8)`
add systemd service files (#684175, thanks to Jóhann B. Guðmundsson) 2011-04-12 14:39:15 +00:00
			`[Service]`
adding mod_systemd to integrate with systemd better 2012-09-07 09:35:51 +00:00			`Type=notify`
ignore /etc/sysconfig/httpd and document systemd way of setting env variables in this file 2013-05-24 08:24:09 +00:00			`Environment=LANG=C`

adding mod_systemd to integrate with systemd better 2012-09-07 09:35:51 +00:00			`ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND`
tweak default ssl.conf - fix restart handling (#814645) - use graceful restart by default Resolves: rhbz#814645 2012-04-20 11:38:40 +00:00			`ExecReload=/usr/sbin/httpd $OPTIONS -k graceful`
use KillMode=mixed in httpd.service (#1135122) 2014-09-01 07:32:54 +00:00			`# Send SIGWINCH for graceful stop`
			`KillSignal=SIGWINCH`
			`KillMode=mixed`
- Updated Systemd security settings (closes #3) (Rahul Sundaram) - updated httpd.service(5) man page (Joe Orton) 2024-03-07 13:04:06 +00:00			`DevicePolicy=closed`
			`KeyringMode=private`
			`LockPersonality=yes`
			`MemoryDenyWriteExecute=yes`
use OOMPolicy=continue in httpd.service, httpd@.service (#1947475) Resolves: rhbz#1947475 2021-04-09 08:40:47 +00:00			`OOMPolicy=continue`
- Updated Systemd security settings (closes #3) (Rahul Sundaram) - updated httpd.service(5) man page (Joe Orton) 2024-03-07 13:04:06 +00:00			`PrivateDevices=yes`
			`PrivateTmp=true`
			`ProtectClock=yes`
			`ProtectControlGroups=yes`
			`ProtectHome=read-only`
			`ProtectHostname=yes`
			`ProtectKernelLogs=yes`
			`ProtectKernelModules=yes`
			`ProtectKernelTunables=yes`
			`ProtectSystem=yes`
			`RestrictNamespaces=yes`
			`RestrictRealtime=yes`
			`RestrictSUIDSGID=yes`
			`SystemCallArchitectures=native`
add systemd service files (#684175, thanks to Jóhann B. Guðmundsson) 2011-04-12 14:39:15 +00:00
			`[Install]`
			`WantedBy=multi-user.target`