May 16, 2009

Checking for the latest Apache source version - Lazy sysadmin version...

This is a short little write-up on how to stay current with the latest version of the Apache HTTP server. Since I crated a script to do all the hard work, I will mostly explain the sequence of events and additional steps you may need to take before and after the script is run.

High Level Steps

The steps that we will take is as follow:


  • Import the Apache PGP KEYS file (once off)
  • Prep our environment (once off)
  • Get the script!

Actions in the script:

  • Load our current version
  • Go through the shortlist of mirrors (loop) and process on the first positive match
  • Get the list of files
  • Extract the version info from the file
  • Is there a new version available (compare with our current latest version)? No - EXIT; YES carry on...
  • Download the file
  • Security check (MD5 and PGP)
  • Notify
  • Update latest current version
  • Run additional scripts
  • STOP

Finally we take a look at actions we will typically take after we have the source.


PGP Keys:

If you have not done so already, get the latest KEYS file from the main Apache site:

$ wget
$ gpg --import KEYS

If you need more info about the gpg application, please have a look here:

The environment the script will run in:

You should find a place to store the downloaded files and the tracker file. The script by default put's everything in /tmp - but this is not ideal as it get's cleaned out from time to time and the files will be lost after a reboot.


On RedHat based systems, I would suggest /usr/src/redhat/SOURCES/ as the destination directory for the Apache source. You could place the tracker file in your home directory if you want.

Getting the script:

Download the latest version of the script:

$ wget

Dependencies - Perl modules:

Some of the dependencies may be available on your Linux distro. If it's not, you can install them using either instruction from or


In the future I hope to add support for:

Right now, I use the gpg app just to report the result.

Configuring the script

If you open the downloaded file, you will see all the parameters you can change is in the top 30 odd lines.

$branch - Just set this to the major branch you are watching. For me this is 2.2 (script default)

@mirrors - This is a list of mirrors. You MUST have at least one. More is better, for in case your primary mirror is not available.

The other variables should be fairly self explanatory :-)

Running the Script

After you have downloaded, you can just change the permissions to make it executable and run it first by hand to test and when you are happy with the results add it to your crontab :-)


This was one of those quick morning hacks and I will be using and improving the script in the following months.

For RedHat(RPM) based systems, I suggest you look at ways to use the post action script to automatically build your next RPM. You are of course welcome to post that bit on your blog or on the Apache Group page.


Click Here!