Exploring Apache on Mac 
In the background I’m learning how to configure Apache on Mac OS X. There are lots of little stumbling blocks that involve penetrating the user interface and getting down to the Unix running underneath. There’s a tiny sliver of Apache showing through the GUI but not enough to do anything interesting.
The first thing I had to figure out, after learning where the document root is (still not totally clear on that but I got it working) is where the httpd.conf file is. I found it at:
Macintosh HD:private:etc:httpd:httpd.conf
You can’t normally get to this location in the Finder, but there is a way, in the Terminal window, to tell the Finder to display hidden files and folders, and then you can navigate there. A tutorial at MacWorld explains how.
Even better, you can open the folder from within the OPML Editor using the file.openfolder verb. There’s probably a way to do it in AppleScript as well.
So I opened the httpd.conf file and started reading it, and it seems like a standard Apache install with an added nicety: at the end it includes all files ending with .conf in the users sub-folder. So you can modify the install without having to modify the shipping conf file, which means you can get an upgrade from Apple without losing your changes. Good.
So I started writing a file that would map virtual hosts to store in my personal conf file, but when it came time to save, no luck. On further investigation I find that I don’t own the files, even the one named after me! They belong to the system.
So now I’m scratching my head trying to figure out how I log on with permission to edit files created by the system. There must be a way, right?
Suggestions are welcome of course. 🙂
PS: This is what I needed. Thanks!!
Why Feedburner is trouble
When Feedburner first came online I warned that there was danger in giving so much power to one company. They argued that they were just a little company, struggling to make a go of it, and no one should fear them. Some of them even took the predictable political tactic of trashing the personality of the person raising the question. I held my ground. I’ve been around this business a long time, and I was sure their strategy was to sell to a bigger company, and I don’t trust big companies.
People at big companies often are underpaid, with stock options going nowhere, and feel unappreciated by their colleagues, and when they look outside their company they see lots of people who look happy and successful, making more money than they are, without the political troubles and strategy taxes, and they feel like they’re doing all the work. (Of course we look at them and see much the same thing, the grass is always greener over there.)
So now someone at Google “owns” Feedburner and all their feeds. And they could, if they wanted to, change the feeds to another format, overnight, without asking anyone. Reader software might have trouble working with it. They would say “Oh but the new feeds work better with Google Reader, and that’s the one most people use.” And by the way, more and more that’s true these days. But what about other feed suppliers? Do they have to change to work with Google Reader? They will say no, but there may turn out to be practical reasons why they must.
People at Microsoft used to say that Windows isn’t ready to ship until Lotus doesn’t run. That’s not a typo. You’d think it would be the other way around, that a popular operating system would never hold the users of a popular spreadsheet hostage. But it could happen when they have their own spreadsheet and want you to switch. Or if they want everyone to put ads in their feeds. Who would miss a few blogs here and there, don’t we all use Blogger anyway (that’s one area where they haven’t taken over, btw, thankfully).
I would have been concerned no matter who bought Feedburner, had it been Microsoft or Yahoo, or Fox or even Cisco, or if they hadn’t sold out at all. Little companies can sometimes do desperate things when new management comes in.
These technologies work best when there’s lots of competition and lots of choice, and when users are alert and don’t trust companies that don’t deserve their trust. But I can’t say I’ve ever seen that happen for any sustained period, but I still have hope it could happen someday.
Scripting News Annex 
Posted by Stephen Gilbert on July 21, 2007 at 11:40 am
I found the file by just using the Go menu in the finder and then selecting goto folder /etc/httpd. To edit the file, I used BBEdit’s free Textwrangler for the Mac, which automatically unlocks the file and asks you for your admin password when you save. If you want to use a command-line editor like vi, then you have to use sudo vi /etc/httpd/httpd.conf, I think, which should prompt you for your password.
–Steve
Posted by tibor on July 21, 2007 at 12:15 pm
I guess logging in as root would do the trick too?
Posted by Robert Cassidy on July 21, 2007 at 1:37 pm
Keeping in mind that Mac OS X Server is the animal that gives you full easy access to all of this stuff…
Another option, especially for developers, is to run MAMP (www.mamp.info). It’s a virtualized apache/php/mysql. It’s not something you’d probably want to run your server off of, but if you want to have apache up and running in about 30 seconds, it’s a very slick way to get rolling.
Posted by Yong Bakos on July 21, 2007 at 1:45 pm
Dave,
Don’t forget that the default install of Apache is v1, not Apache 2.
I suggest compiling and installing apache2 in say, /usr/local/apache2.
You’ll also want to google a bit on the prefpane controller in ‘sharing’ as it is tied to the default apache installation — but you can change it to control your apache2 install.
Posted by PXLated on July 21, 2007 at 1:50 pm
I use BBedit to get at anything hidden. Dave, you might look into MAMP, a complete Apache/MySQL install that’s separate from the one built into OSX. You can set up several virtual environments, etc. Very easy to install, or reinstall.
http://www.macinstruct.com/node/182
Posted by Bryan on July 21, 2007 at 1:58 pm
I believe that even without going through the steps of activating the root user on a Mac you’re able to “sudo -s” to root from the terminal. Works on my macbook out of the box although I haven’t tried playing with the apache configs.
Posted by michael on July 21, 2007 at 4:12 pm
As PXLated said, BBEdit is perfect for this. It lets you open “hidden” files, asks if you want to edit a “locked” file. And authentics you as an admin user when you save it.
Much safer than running as root.
Another trick is that you can open such directories in the finder using the “Go > Go to Folder…” menu item, just enter /private/etc/httpd/ to open a window listing those files.
Posted by A on July 21, 2007 at 8:12 pm
Actually, the phrase was “DOS ain’t done ’til Lotus won’t run.” You can read a discussion about it here http://www.proudlyserving.com/archives/2005/08/dos_aint_done_t.html. According to that post, neither Microsoft nor Lotus folks (who would know better than any) have supported that claim.
(Disclosure: I work for Microsoft.)
Posted by heavyboots on July 21, 2007 at 8:40 pm
First post by Steve for the win. (And practically every other post after it.)If you must be root in Terminal, sudo -s does the trick, but I’ve never run across anything that has yet required me to be root to force it to happen. Worse case, add read/write privs for the group admin to the file. Assuming you have an administrator account, this will get you the necessary access while leaving the file owned by whomever else it is owned by.
Enabling root login just means that if you have ssh open to the intarweb people will know the name of an admin-enabled account to attempt password guesses on… There’s absolutely no need to mess with root.
Posted by Sable on July 21, 2007 at 9:02 pm
The trick here is to open the file with root permissions – not necessarily as root. The usual approach to editing this type of file is to use sudo. e.g.
#sudo pico /private/etc/httpd/httpd.conf
This will allow you to use the built in terminal text editor “pico”. If you like vi you would just use that instead.
You can also open the file from the command line in the same way to edit in a text editor. If you use text wrangler (free – http://www.barebones.com/products/textwrangler/), it will install a shell extension that let’s you use the following command:
#sudo edit /private/etc/httpd/httpd.conf
Linux offers the same feature built in by using “gedit”.
Mac has the “open” command and it let’s you specify what program to use so this:
#sudo open -a TextEdit /private/etc/httpd/httpd.conf
will open that same file for you in TextEdit with read/write permissions.
I wouldn’t suggest changing the permissions in order to edit from the gui only because bad permissions will render the file unusable.
cheers 🙂
Posted by Nitin Borwankar on July 21, 2007 at 9:57 pm
Hi Dave,
This is not very complicated – it follows the Unix model except that docroot
is /Library/WebServer/Documents/ .
/private/etc … is linked to /etc so you can just access the conf file as
/etc/httpd/httpd.conf and so on. The rest follows the Apache 1.x file layout.
I have installed installed php and wordpress wordpress mu, drupal on my PPC Mac OS X 10.4 laptop.
Unless you really need Apache2 the default webserver install runs just fine.
You should have admin permissions on the account you normally use.
Then just add an “su ” in front of commands that access /usr, or edit system files.
If you want to use Apache 2 – one suggestion would be to install it in /usr/local/apache2 and then take it from there, the conf files will go in
/usr/local/apache2/conf. Your path should contain /usr/local/apache2/bin ahead of /usr/sbin/ so that your apache2 binaries will prevail.
When building from source use “configure –help” to install elsewhere other than the default /usr/local/apache2.
else to use the default install locations unpack the src then cd to the root of the unpacked tree then
a) ./configure
b) make
c) sudo make install
don’t forget the sudo in the last step.
Posted by Raines on July 22, 2007 at 6:05 am
BBedit and Terminal are great, but I’m still a fan of BatchMod for changing privs in a graphical way.
Posted by apache ex-configurator on July 22, 2007 at 8:42 am
Will chime in that BBEdit is the easiest method. If you’re running as administrator of your computer, you can edit/save via “Open hidden …” + standard permissions dialog.
Without BBEdit (or equivalent), you can always
sudo vi httpd.conf
at Terminal. Or pico or whatever. But BBEdit … much preferred for all config.
—
If httpd.conf is set up to “AllowOverride All” for document root … or specific directories … you can also just drop .htaccess files in applicable directories and generally bypass httpd.conf.
Doing so is simpler and site specific. Gives incremental control, and Apache config lives where it works.
Great for setting authentication (directory/file protection), mod_rewrite directives, and php-specific directives. One of the most commonly used directives in sites I produce is setting the php include path in .htaccess. This allows multiple sets of php libraries in use by multiple users. e.g.
php_value include_path .:/usr/local/lib/php-lib-1.01
Iin this use, inserting an .htaccess file in relevant sites can supplant both httpd.conf and php.ini.
Posted by Pete Prodoehl on July 22, 2007 at 8:56 am
I guess I’ve been using Apache for so long that the last time I thought Apple’s config was weird was about 2000. I typically edit /etc/hosts and /etc/http/httpd.conf and running apachectl restart every week or so (using sudo) Once I remembered those three things, it became pretty simple.
Posted by Kevin Marks on July 22, 2007 at 9:33 am
I had exactly that problem with FeedBurner when I was at Technorati – they kept turning perfectly good Atom feeds that clearly indicated what was full-content and what was a summary into less clear RSS ones, containing Apple’s redundant extensions to RSS.
Posted by Samiq on July 22, 2007 at 10:57 am
Hi Dave, I went thru this as well a couple of months ago as I got my first mac… I ended up installing Apache HTTPServer 2.2.4 and PHP5 on my mac since the version shipping with mac is a bit old and as u have figure it out, out of the reach of costumizing and personalizing and it should be.
I put a blog post with a couple of tutorials that helped me out the most, I even got the little gui thing in the System Preferences to point to my new Apache installation so I can start and stop the service using that… nor that it is easier than just opening the Terminal and doing by command as well…
Hope this help u and the guys reading after!
Cheers!
Samiq
Getting Apache 2.2 and PHP 5 on the Mac
Samiq Bits
Posted by Samiq on July 22, 2007 at 10:59 am
Oh, remember to run as super user when doing some of this tasks by using the sudo command!
Posted by Jon Gales on July 22, 2007 at 12:22 pm
My only gripe with OS X’s default Apache install is you have to activate .htaccess files. Otherwise pretty much everything runs without any tweaks.
Posted by lemon obrien on July 22, 2007 at 7:01 pm
this is a big reason why apple can suck. they should correct this; does anyone actually care about anything other than root.
i hate needles rules and regulations.
Posted by John Conides on July 23, 2007 at 6:04 am
Also, if you want to see the content of a hidden directory using the Finder while in the Terminal, type ‘open .’ and your pwd will open in the Finder
Posted by Klark on July 23, 2007 at 6:12 am
For the record, MAMP is not a “virtualized apache/php/mysql”. It’s the real deal, in a nice package.
Posted by Robert Cassidy on July 23, 2007 at 8:05 am
For the record, MAMP is not a “virtualized apache/php/mysql”. It’s the real deal, in a nice package.
What I mean by that is that it runs under the MAMP control app, and while that app is running, everything is golden. If that app quits (or you log out, etc.) then everything shuts down. I consider a server environment that is dependent on a userspace process to be ‘virtualized’. VMWare may run Windows Server in a nice package as well, but it’s not the same thing as a proper install.
Yes, it is the real deal – and for development work it’s tough to beat, but I wouldn’t run my server out of it.
Posted by Don Strickland on July 23, 2007 at 8:25 am
above, Samiq said, “remember to run as super user when doing some tasks by using the sudo command!”
Nicely said Samiq.
May I add that when one discusses the sudo command vocally, PLEASE pronounce it su (as in the first syllable of super) and do (to perform a task). I hear way to many people mispronounce it as pseudo (like the first two syllables of pseudonym).
Posted by Don W Strickland on July 23, 2007 at 8:43 am
Samiq said, “remember to run as super user when doing some tasks by using the sudo command!”
Nicely said.
May I add that when one discusses the sudo command vocally, PLEASE pronounce it su (as in the first syllable of super) and do (to perform a task). I hear way to many people mispronounce it as pseudo (like the first two syllables of pseudonym).
Posted by jimmason101 on July 23, 2007 at 8:59 am
Dave,
I came across these links today,
http://developer.apple.com/iphone/.
http://developer.apple.com/events/iphone/techtalks/
Could this be a way of porting Frontier to IPhone?
Posted by Keola Donaghy on July 23, 2007 at 12:24 pm
Dave, also be careful in using the GUI admin tools for Apache after you have manually edited the httpd.conf file. I did it once and it blew away a lot of my manual changes. They may have fixed it, this experience was about two years ago but I always make a copy of the config file after any changes anyway. I don’t make any changes to the file with the admin tools anymore.
Posted by vanni on July 24, 2007 at 7:27 am
glad you found mamp for me it’s the only way to fly the localhost
Posted by Randy Charles Morin on July 24, 2007 at 8:34 am
Dave, why is it OK for u to sell weblogs.com to a BigCo, but not ok for FeedBurner to sell to a BigCo.
Posted by Dave Winer on July 24, 2007 at 8:36 am
I don’t know Randy, who said it wasn’t ok?
Posted by Jon Kettenhofen on August 7, 2007 at 4:41 am
Being root is dangerous. root has tremendous power and
can easily destroy the system with a single command. If you
are root, BE VERY CAREFUL!
Recommend, as others, disabling root password. It’s best & safer to use a good secure password for any admin account.
Any OS X administrator can become root in a terminal (in Applications/Utilities) by using “sue-doo” [think woman with big hair] but this is not for the timid!
sudo su – root
‘exit’ gets you back to your terminal login user.
No root password required. The hyphen gives you the root login and environment (variables, type “set”); leave it out and you get your user environment without the directory/folder change.
Some, but not all, manual pages are available with the “man”
command: in a terminal type
man ls
man man
etc; type q to quit. man man will give more man page
navigation tips (g, G, j, k, ctl-f, ctl-b). To get more depth
check out the “See Also:” in each man page.
Google Marc Liyanage for Mac apps. MAMP’s also 4 Windows.
I like MacPorts (needs X11, XCode) which covers many open sources and has many “how to” pages on the web. However, stay with one “system” or you’ll likely suffer a rat’s nest of config problems.
[Elder geeks like me just use vi or emacs.]
Posted by Brian Clark on August 12, 2007 at 2:25 pm
Re: Why Feedburner is trouble
I think it’s a damn fine headline. 😉
Posted by Mac84 on August 18, 2007 at 7:02 am
Apache is against all Mac OS X principles and design guidelines. Average Mac users don’t know that it is there, let alone how to deal with its Unixish philosophy and its configuration files.
I’d suggest having a look on Abyss Web Server from http://www.aprelium.com/abyssws . It is a little gem in the servers’ world. It offers a native Mac OS X version which is backed by an intuitive and nice user interface. The software is very powerful and supports most scripting languages. It stands the comparison with Apache. But unlike Apache, it can be finely configured using a mouse and no headaches.