LAMPS Tutorial 2.0 (v2.0.0)
원본출처 : http://lamps.efactory.de/e-lamps-2-0-0.shtml
This tutorial is about the compilation, installation and configuration of a LAMPS server. It explains, among other things, the installation of Apache 2.0, Mod_Perl, PHP, Mod_SSL, MySQL, PostgreSQL and PDFLib, gives examples and shows how to test the components. The operating system is Linux. The LAMPS tutorial is intended for webmasters and web developers who want to set up a test system.
At present, there is very little information about the installation of LAMPS servers with Apache 2.0 available on the web and, therefore, I have written this tutorial based on my Apache 1.x tutorials and some newsgroup contributions.
Supposably, this tutorial does not cover all problems that may occur, but hopefully, it is a valuable support for those who want to set up a LAMPS server.
In case this tutorial contains mistakes, I would appreciate a message to stengel@eFactory.de.
1. LAMPS Tutorial Content
1. LAMPS Tutorial Content
2. The Ingredients and where to find them
Linux
Apache
MySQL
PostgreSQL
PHP
mod_perl
OpenSSL
PDFLib
3. Preparation - Unpacking the Ingredients
4. Cooking - Compilation and Installation
MySQL
PostgreSQL
OpenSSL
Apache and SSL
PDFLib
PHP
mod_perl
Miscellaneous and Configuration
2. The Ingredients and where to find them
Linux
Basically, it does not matter which Linux distribution you use. I have chosen Mandrake 7.2 to write this tutorial and verified it with RedHat 7.0, 7.2, 7.3 and Debian 3.0, but all major distributions from version 6 on should work. (All distributions with libc version 6.0)
I will not explain the installation here, because that would go beyond the scope of this tutorial. Normally, clicking through it is sufficient to get a run capable Linux server system. In case one has forgot something, the packet can always be installed later on.
Linux distributions on Tucows : http://linux.tucows.com/distribution.html
www.mandrake.com : http://www.mandrake.com
www.redhat.de : http://www.redhat.de
www.suse.de : http://www.suse.de
Apache 2.0.39
In any case, the Apache web server is needed. At the time I wrote this tutorial, version 2.0.39 was the current one for Apache 2. Alternatively, there is still Apache 1.3.26 which, meanwhile, should almost be completely bug free. Older versions should not be used, since there are security problems up to version 1.3.26 and 2.0.39.
Apache Website : http://httpd.apache.org
Download Apache Httpd 2.0.39 (4.2MB) : http://httpd.apache.org/dist/httpd/httpd-2.0.39.tar.gz
MySQL 3.23.51
The MySQL version that I currently use is 3.23.51. In case a newer version is chosen, there may be problems regarding the configuration. A brief look into the README or the INSTALL file should solve those problems.
Note: MySQL has not necessarily to be compiled, but may be installed as RPM. In this case, the MySQL path has to be modified during the compilation of PHP.
MySQL Website : http://www.mysql.com/
Download MySQL 3.23.51 (Mirror): ftp://filepile.tiscali.de/mirror/mysql/Downloads/MySQL-3.23/mysql-3.23.51.tar.gz
PostgreSQL 7.2.1
Instead of (or additionally to) MySQL, you may want to use PostgreSQL. PostgreSQL supports transactions, which can be very useful. However, you have to keep in mind not to forget the according entry in the configuration of PHP.
PostgreSQL Website : http://www.postgresql.org/
Download PostgreSQL 7.2.1 : http://www.postgresql.org/ftpsite/v7.2.1/postgresql-7.2.1.tar.gz
PHP 4.2.1
One of the most important things is the current version of PHP. Version 4.2.1 has recently been released, and this is the one we use.
PHP Website : http://www.php.net/
Download PHP 4.2.1 : http://www.php.net/do_download.php?download_file=php-4.2.1.tar.gz
mod_perl 1.99_04
Since some of my sites are based on Perl, I always install the Apache Perl module. A requirement therefore is, of course, that Perl is installed. But it is mostly installed together with the distribution automatically.
Mod-Perl Website : http://perl.apache.org/
Download mod_perl 1.99_4 : http://perl.apache.org/dist/mod_perl-1.99_04.tar.gz
OpenSSL 0.9.6d
To run Apache on SSL, OpenSSL is necessary for the compilation of the mod_ssl module. I am using OpenSSL version 0.9.6d.
OpenSSL Website : http://www.openssl.org
Download OpenSSL 0.9.6d : http://www.openssl.org/source/openssl-0.9.6d.tar.gz
PDFLib 4.0.3
PDFLib enables you to create PDF documents dynamically from PHP, which can be very useful.
PDFLib home page : http://www.pdflib.com
Download pdflib-4.0.3.tar.gz : http://www.pdflib.com/pdflib/download/pdflib-4.0.3.tar.gz
3. Preparation - Unpacking the Ingredients
Before we can start, all tar.gz files have to be unpacked. You have to log in as root on the computer and to copy all the files to /usr/local/src/lamps. Of course, it is possible to choose another path, but this is the one we will use in this tutorial.
cd /usr/local/src/lamps
for i in `ls *.gz`; do tar zxf $i; done;
The archive files are no longer needed, but I would like to suggest to save them somewhere, eventually together with this tutorial, as a backup.
4. Cooking - Compilation and Installation
MySQL
The following lines install MySQL. --prefix is the installation folder and --localstatedir is the database folder (important for subsequent backups). The link from current to 3.23.51 makes it easier to update the MySQL version just by modifying the link. If MySQL was installed as RPM, this section may be skipped.
Note: After entering make, there is plenty of time for a coffee. So, never say die.
cd /usr/local/src/lamps/mysql-3.23.51/
./configure --prefix=/usr/local/mysql/3.23.51 \
--localstatedir=/home/mysql/data
make
make install
ln -s /usr/local/mysql/3.23.51 /usr/local/mysql/current
Afterwards, we create the data folder (if it does not exist yet), install the standard database and, finally, change the root password. Of course, you should use your own password instead of 'secret'.
mkdir /home/mysql /home/mysql/data
scripts/mysql_install_db
/usr/local/mysql/current/bin/safe_mysqld &
/usr/local/mysql/current/bin/mysqladmin -u root password 'secret'
Sometimes, safe_mysqld aborted and gave me an error message (check if mysql runs with ps -ax | grep safe_mysql). I suppose the reason was that the user mysql did not exist. In this case the following is worth a try:
/usr/sbin/adduser mysql
chown -R mysql:mysql /home/mysql
/usr/local/mysql/current/bin/safe_mysqld &
/usr/local/mysql/current/bin/mysqladmin -u root password 'secret'
Also, an old my.cnf in /etc/ once caused some problems (mysql_install_db installed the database at /var/lib/mysql/data instead of /home/myqsl/data and, so, MySQL did't work). In this case, delete the my.cnf file or rename it.
Additionally, I sometimes fall for missing to enter the MySQL libraries into the lib path. You will realise this after starting the Apache, when you receive an error message that the file libmysqlclient.so.10 cannot be found. If this problem occurs, you will have to open the file /etc/ld.so.conf and add /usr/local/mysql/current/lib/mysql at the end. After that, you will have to execute the following:
/sbin/ldconfig
So, now it should work. In order to start MySQL automatically at boottime, you just have to enter the following lines:
cp support-files/mysql.server /etc/rc.d/init.d
chmod 744 /etc/rc.d/init.d/mysql.server
cd /etc/rc.d/rc2.d
ln -s ../init.d/mysql.server S20mysql.server
ln -s ../init.d/mysql.server K20mysql.server
cd /etc/rc.d/rc3.d
ln -s ../init.d/mysql.server S20mysql.server
ln -s ../init.d/mysql.server K20mysql.server
Note: Eventually, the chosen distribution uses another runlevel than rc2 or rc3. The actual runlevel can be checked by typing /sbin/runlevel in the console.
Tip: If you do not want to access mysql, mysqldump etc. via their long path, it is very useful to create some links to the programs.
ln -s /usr/local/mysql/current/bin/mysql \
/usr/local/bin/mysql
ln -s /usr/local/mysql/current/bin/mysqladmin \
/usr/local/bin/mysqladmin
ln -s /usr/local/mysql/current/bin/mysqldump \
/usr/local/bin/mysqldump
Tip: If you want to use Webmin, there have to be some changes in the module configuration, i.e. regarding the path for the databases.
PostgreSQL
If PostgreSQL shall not be installed, this section may be skipped. In this case, you will have to remember to omit --with-pgsql while compiling PHP.
Now, we compile and install PostgreSQL. The installation is a little trickier compared to MySQL but, at least, it takes less time.
cd /usr/local/src/lamps/postgresql-7.2.1
./configure --prefix=/usr/local/pgsql/7.2.1/
make
make install
ln -s /usr/local/pgsql/7.2.1 /usr/local/pgsql/current
Now, we create the user pgsql as well as the database folder /home/pgsql and give it the rights for the pgsql user.
/usr/sbin/adduser pgsql
chown -R pgsql:pgsql /home/pgsql
As well as regarding MySQL, it is important that the lib path refers to the PostgreSQL files. Therefore, we open the file /etc/ld.so.conf in an editor and add the line /usr/local/pgsql/current/lib at the end (if it is not there yet). Afterwards, we execute the following command:
/sbin/ldconfig
Now, we can create the database. We log in as user pgsql and execute the script initdb.
su - pgsql
/usr/local/pgsql/current/bin/initdb \
-D /home/pgsql/data
Then, we switch back to user root an copy the start script.
exit
cp contrib/start-scripts/linux /etc/rc.d/init.d/pgsql
chmod /etc/rc.d/init.d/pgsql 744
Now, we open the file in an editor and adjust the following lines:
# prefix=/usr/local/pgsql has to be changed to
prefix=/usr/local/pgsql/current
# PGDATA="/usr/local/pgsql/data" has to be changed to
PGDATA="/home/pgsql/data"
# PGUSER=postgres has to be changed to
PGUSER=pgsql
We can now start PostgreSQL, create a test database and log in.
Note: You leave the Psql console by \q.
/etc/rc.d/init.d/pgsql start
/usr/local/pgsql/current/bin/createdb test -U pgsql
/usr/local/pgsql/current/bin/psql test -U pgsql
If you do not want to start psql via its long path, you may create a symbolic link.
ln -s /usr/local/pgsql/current/bin/psql /usr/local/bin/psql
In order to start PostgreSQL automatically at boottime, we add some start links.
cd /etc/rc.d/rc2.d
ln -s ../init.d/pgsql S20psql
ln -s ../init.d/pgsql K20psql
cd /etc/rc.d/rc3.d
ln -s ../init.d/pgsql S20psql
ln -s ../init.d/pgsql K20psql
Note: If you want to use Webmin, there have to be some changes in the module configuration, i.e. regarding the path for the databases.
OpenSSL
The installation of OpenSSL is pretty simple. We specify the destination folder by --prefix and create a symbolic link.
cd /usr/local/src/lamps/openssl-0.9.6d
./config --prefix=/usr/local/openssl/0.9.6d
make
make test
make install
ln -s /usr/local/openssl/0.9.6d /usr/local/openssl/current
ln -s /usr/local/openssl/current/bin/openssl /usr/local/bin/openssl
Does it work? Just a side node: Too much coffee is unhealthy. But it is already one third done.
Apache 2
Now we are going to build Apache with SSL, whereby we will compile Apache as DSO. This means that modules like PHP can be loaded dynamically. Unlike Apache 1.3.x, for Apache 2.0.x patching is no longer necessary.
cd /usr/local/src/lamps/httpd-2.0.39/
./configure --prefix=/usr/local/apache2/2.0.39 \
--enable-modules=all\
--enable-ssl\
--enable-so
make
make install
ln -s /usr/local/apache2/2.0.39 /usr/local/apache2/current/
Creating certificates is not as simple as for Apache 1.3.x. (If there is a simple method, I would appreciate a message.)
In order to get a test certificate, we create a CA. Regarding going live, Thawte or Verisign would be the Certification Authorities to sign the certificate.
Note: Normally, for the purpose of software development, SSL is not needed and this section may be skipped.
cd /usr/local/apache2/current/conf/
openssl genrsa -des3 -out ca.key 1024
You have to enter a password twice. After executing the next command, this password has to be entered again. Afterwards, the CA data is requested to create the certificate.
openssl req -new -x509 -days 365 -key ca.key -out ca.crt
Country Name: DE
State or Province: NRW
Localty Name: Duesseldorf
Organization Name: Mycompany
Organizational Unit Name: CA
Common Name: www.mycompany.de
Email Address: ca@mycompany.de
Now, we generate the server key. Again, a password is necessary. We back up the key and encode it, so that Apache will not demand a password after each reboot.
openssl genrsa -des3 -out server.key 1024
mv server.key server.key.secure
openssl rsa -in server.key.secure -out server.key
Creating a server certificate is similar to creating the CA certificate, but no password is needed, since the key is already encoded.
Note: In order to go live, the "common name" has to match the server's host adress.
openssl req -new -days 365 -key server.key -out server.csr
Country Name: DE
State or Province: NRW
Localty Name: Duesseldorf
Organization Name: Mycompany
Organizational Unit Name: webteam
Common Name: www.mycompany.de
Email Address: webmaster@mycompany.de
A challenge password:
An optional company name:
Finally, the certificate is signed by our self made CA and the keys are copied to their own folders. Therefore, we use Ralf S. Engelschall's bash script which may be downloaded here. It is best to save the script in /usr/local/bin and to make it executable by chmod 744.
The CA password has to be entered and it has to be confirmed twice by "y".
sign.sh server.crt
mkdir ssl.crt ssl.key
cp server.crt ssl.crt
cp server.key ssl.key
In order to make Apache start while booting, we copy the start script and create links for run level two and three.
cp /usr/local/apache2/current/bin/apachectl \
/etc/rc.d/init.d/httpd2
cd /etc/rc.d/rc2.d
ln -s ../init.d/httpd2 S20httpd2
ln -s ../init.d/httpd2 K20httpd2
cd /etc/rc.d/rc3.d
ln -s ../init.d/httpd2 S20httpd2
ln -s ../init.d/httpd2 K20httpd2
In order to start Apache always with SSL, /etc/rc.d/init.d/httpd2 has to be edited and to be modified in two sections.
case $ARGV in
# Original: start|stop|restart|graceful)
stop|restart|graceful)
$HTTPD -k $ARGV
ERROR=$?
;;
# Original: startssl|sslstart|start-SSL)
start|startssl|sslstart|start-SSL)
$HTTPD -k start -DSSL
Now, we can compile the modules.
PDFLib
The installation of PDFLib is also pretty simple. It is just three lines. As mentioned above, this section may be skipped if PDFLib is not needed.
cd /usr/local/src/lamps/pdflib-4.0.3/ ./configure --with-shared-pdflib --enable-cxx
make
make test
The fourth line creates the file pdftest.pdf in folder test. As soon as it exists, we can install PDFLib.
make install
So, PDFLib is installed. In order to make it being found, an entry in the ld.so.conf file is necessary. You have to edit the file and if the line /usr/local/lib does not exist yet, you have to add it. Afterwards, /sbin/ldconfig has to be executed.
PHP
Now, we compile and install PHP. At the end, the config path is set to /etc/. Therein, also php.ini will be saved.
If PostgreSQL, MySQL or PDFLib have not been installed, the according lines in the configure command have to be omitted.
--trans-sid-id makes PHP adding a session ID to links and forms automatically if sessions are used, but this is optional.
The final line for GD support may also be omitted, but the GD module can be very helpful regarding the dynamic creation of graphics. Thereby, it has to be considered that additional packets have to be installed (i.e. regarding Redhat 7.3: gd*.rpm, libjpeg*.rpm, libtiff*.rpm, freetype*.rpm and libpng*.rpm). You can, for example, check this by rpm -qa | grep libjeg. After executing this command, two lines should appear, one of which conatains "devel".
Note: To build the command line version of PHP, it has to be configured and installed twice, whereby, during the second run, --with-apxs2=/usr... has to be replaced by --enable-cli. This may be useful to execute time controlled PHP scripts.
Since PHP may cause some problems depending on the Apache 2 version, we have (at least regarding our PHP version) to edit the file /usr/local/src/lamps/php-4.2.1/sapi/apache2filter/php_functions.c and to delete therein the following lines (lines 93-95):
#if !MODULE_MAGIC_AT_LEAST(20020506,0)
ADD_STRING(boundary);
#endif
Now, we can compile it:
cd /usr/local/src/lamps/php-4.2.1
./configure \
--with-apxs2=/usr/local/apache2/current/bin/apxs \
--with-mysql=/usr/local/mysql/current \
--with-pgsql=/usr/local/pgsql/current \
--with-pdflib=/usr/local/ \
--with-zlib-dir=/usr/lib/ \
--enable-versioning \
--enable-track-vars=yes \
--enable-url-includes \
--enable-trans-sid \
--enable-sysvshm=yes \
--enable-sysvsem=yes \
--with-ftp \
--with-config-file-path=/etc \
--with-gd
make
make install
The php.ini has to be copied and that's it.
cp /usr/local/src/lamp/php-4.2.1/php.ini-dist /etc/php.ini
mod_perl
Configuring mod_perl is easy. A precondition is that Perl is installed in version 5.6.0 or higher. Therefore, just the RPM of your distribution is needed. You can test it by entering:
perl -v
A short message should then appear. The rest is simple:
cd /usr/local/src/lamp/mod_perl-1.99_04
perl Makefile.PL \
MP_AP_PREFIX=/usr/local/apache2/current/ \
MP_INST_APACHE2=1 \
EVERYTHING=1
make
make install
Now, mod_perl is installed. We just must not forget to let Apache know about it later on.
Miscellaneous and Configuration
Apache
Now, I set all files in the htdocs folder to user nobody and group nobody, since problems may occur, i.e. that PHP cannot write data.
chown -R nobody /usr/local/apache2/current/htdocs/
chgrp -R nobody /usr/local/apache2/current/htdocs/
If we want PHP to work properly, we have to associate PHP extensions with the module in /usr/local/apache2/current/conf/httpd.conf. Therefore, we have to add the following lines:
SetOutputFilter PHP
SetInputFilter PHP
These lines should be located next to the other files block, if we do not want to search them too long when we have to edit them.
In order to make Perl work, another line has to be added (at best where the other "LoadModule" lines are located).
LoadModule perl_module modules/mod_perl.so
Since we normally do not want HTML files being the only index file, we have to search for the following line:
DirectoryIndex index.html
Here, we can add other index file names like index.php, index.php4 or default.htm at will and separated by spaces.
Now, the Apache can be started:
/etc/rc.d/init.d/httpd2 start
You can test it i.e. using Lynx, if you have it installed.
lynx http://localhost
PHP
PHP may very well be tested by creating an info.php in /usr/local/apache2/current/htdocs/ with the following content:
<?php
phpinfo();
?>
If you open it in Lynx or any other browser, you should get a status page which shows all modules and parameters of PHP. Most of all, you can check if one of the modules has not been compiled.
PDFLib
PDFLib can easily be tested by a small PHP script. (It is important that user nobody has the rights to write in the folder where the script runs.
<?PHP
$file = fopen("php.pdf", "w");
$dokument = pdf_open($file);
pdf_begin_page($dokument,200,100);
pdf_set_font($dokument,"Times-Roman",14, "winansi");
pdf_set_text_pos($dokument,20,50);
pdf_show($dokument,"Gratuliere PDFLib funktioniert");
pdf_end_page($dokument);
$dokument = pdf_close($dokument);
fclose($file);
header("location:php.pdf\n\n");
?>
Miscellaneous
Finally, we can check if SSL runs by entering https://localhost into the browser.
And to be more conform to other distributions, I create a folder /etc/httpd and set links to the conf and the logs folder of Apache:
mkdir /etc/httpd2
ln -s /usr/local/apache2/current/conf /etc/httpd2/conf
ln -s /usr/local/apache2/current/logs /etc/httpd2/logs
So, the LAMPS system is ready. I would like to suggest to boot the thing in order to check if Apache and MySQL start properly.
Tip: If i.e. SSL does not work although the Apache runs, you can try to take down the firewall to check if eventually the SSL port is locked.
/etc/rc.d/init.d/ipchains stop
The same applies to iptables. But don't forget to restart the firewall by the parameter start as soon as TCP port 443 is unlocked.
|