Add Apache plugin support for Gentoo with systemd

[joohoi]

The current default constants for Gentoo fail on systems that are using systemd as init system.

This is because control script in Apache package expects OpenRC based init scripts. It might be feasible to handle the httpd restarts and configuration dumps using the systemd service.

@Jarodiv you have previously been active on this front, so maybe you have some insight on the following points:

• What would be the sensible way to fingerprint the systemd installation? Just finding out if systemctl exists?
• What does the systemd service for Apache in Gentoo look like? Does it use the values from /etc/conf.d/apache2 variables in command line like it does on OpenRC systems?
• Do we have a way to run configtest on the httpd with the correct command line?

cc @osirisinferi as you have been active on Gentoo front also.

[Jarodiv]

Wow, I totally missed out this one.

What would be the sensible way to fingerprint the systemd installation? Just finding out if systemctl exists?

Systemd, if used, always has the PID 1, so the easiest way is to simply check if the process systemd is running and if it has the PID 1.

What does the systemd service for Apache in Gentoo look like? Does it use the values from /etc/conf.d/apache2 variables in command line like it does on OpenRC systems?

Nope, it sadly does not. I wasn't able to locate the file neither in the Gentoo repos nor in the Apache Git repo but here is how it looks on my host (vanilla):

[Unit]
Description=The Apache HTTP Server
After=network.target remote-fs.target nss-lookup.target

[Service]
EnvironmentFile=/etc/conf.d/apache2
ExecStart=/usr/sbin/apache2 $APACHE2_OPTS -DFOREGROUND
ExecReload=/usr/sbin/apache2 $APACHE2_OPTS -k graceful
ExecStop=/usr/sbin/apache2 $APACHE2_OPTS -k graceful-stop
# We want systemd to give httpd some time to finish gracefully, but still want
# it to kill httpd after TimeoutStopSec if something went wrong during the
# graceful stop. Normally, Systemd sends SIGTERM signal right after the
# ExecStop, which would kill httpd. We are sending useless SIGCONT here to give
# httpd time to finish.
KillSignal=SIGCONT
PrivateTmp=true
#Hardening
PrivateTmp=true
CapabilityBoundingSet=CAP_CHOWN CAP_SETGID CAP_SETUID CAP_DAC_OVERRIDE CAP_KILL CAP_NET_BIND_SERVICE CAP_IPC_LOCK
SecureBits=noroot-locked
ProtectSystem=full
NoNewPrivileges=true
PrivateDevices=true
MemoryDenyWriteExecute=true

[Install]
WantedBy=multi-user.target

Do we have a way to run configtest on the httpd with the correct command line?

Gentoo has a very odd way for applying configuration to the Apache service. I described a way to deal with it in my PR two years ago (the last reply was from you, so I guess you saw it ^^) but it definitely was hacky and nothing I would be happy to see in code:
-> #5021 (comment)

I hope these information are of any use for you. I will now monitor this Issue a bit better, so feel free to ask further questions :)

[Jarodiv]

I think this can be closed too as it should be fixed along with #3411

[joohoi]

Thanks! Closing.