LAMP is short for Linux, Apache, MySQL, PHP. This tutorial shows how you can install an Apache2 webserver on a Fedora 16 server with PHP5 support (mod_php) and MySQL support. I do not issue any guarantee that this will work for you! In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100. These settings might differ for you, so you have to replace them where appropriate. To install MySQL, we do this: yum install mysql mysql-server Then we create the system startup links for MySQL (so that MySQL starts automatically whenever the system boots) and start the MySQL server: systemctl enable mysqld.service Run mysql_secure_installation to set a password for the user root (otherwise anybody can access your MySQL database!): [root@server1 ~]# mysql_secure_installation Apache2 is available as a Fedora package, therefore we can install it like this: yum install httpd Now configure your system to start Apache at boot time... systemctl enable httpd.service ... and start Apache: systemctl start httpd.service Now direct your browser to http://192.168.0.100, and you should see the Apache2 placeholder page: Apache's default document root is /var/www/html on Fedora, and the configuration file is /etc/httpd/conf/httpd.conf. Additional configurations are stored in the /etc/httpd/conf.d/ directory. We can install PHP5 and the Apache PHP5 module as follows: yum install php We must restart Apache afterwards: systemctl restart httpd.service The document root of the default web site is /var/www/html. We will now create a small PHP file (info.php) in that directory and call it in a browser. The file will display lots of useful details about our PHP installation, such as the installed PHP version. vi /var/www/html/info.php Now we call that file in a browser (e.g. http://192.168.0.100/info.php): As you see, PHP5 is working, and it's working through the Apache 2.0 Handler, as shown in the Server API line. If you scroll further down, you will see all modules that are already enabled in PHP5. MySQL is not listed there which means we don't have MySQL support in PHP5 yet. To get MySQL support in PHP, we can install the php-mysql package. It's a good idea to install some other PHP5 modules as well as you might need them for your applications. You can search for available PHP5 modules like this: yum search php Pick the ones you need and install them like this: yum install php-mysql php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-eaccelerator php-magickwand php-mbstring php-mcrypt php-mssql php-shout php-snmp php-soap php-tidy Now restart Apache2: systemctl restart httpd.service Now reload http://192.168.0.100/info.php in your browser and scroll down to the modules section again. You should now find lots of new modules there, including the MySQL module: phpMyAdmin is a web interface through which you can manage your MySQL databases. phpMyAdmin can be installed as follows: yum install phpmyadmin Now we configure phpMyAdmin. We change the Apache configuration so that phpMyAdmin allows connections not just from localhost (by commenting out the vi /etc/httpd/conf.d/phpMyAdmin.conf Restart Apache: systemctl restart httpd.service Afterwards, you can access phpMyAdmin under http://192.168.0.100/phpmyadmin/: 1 Preliminary Note
2 Installing MySQL 5
systemctl start mysqld.service
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we'll need the current
password for the root user. If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): <-- ENTER
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
Set root password? [Y/n] <-- ENTER
New password: <-- yourrootsqlpassword
Re-enter new password: <-- yourrootsqlpassword
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] <-- ENTER
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] <-- ENTER
... Success!
By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] <-- ENTER
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] <-- ENTER
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MySQL
installation should now be secure.
Thanks for using MySQL!
[root@server1 ~]#3 Installing Apache2
4 Installing PHP5
5 Testing PHP5 / Getting Details About Your PHP5 Installation
6 Getting MySQL Support In PHP5
7 phpMyAdmin
# phpMyAdmin - Web based MySQL browser written in php # # Allows only localhost by default # # But allowing phpMyAdmin to anyone other than localhost should be considered # dangerous unless properly secured by SSL Alias /phpMyAdmin /usr/share/phpMyAdmin Alias /phpmyadmin /usr/share/phpMyAdmin #
8 Links
~:Shoooter!!!:~
About Me
- Mohd Nasrun
- Saya seorang PENGURUS SYARIKAT, PHOTOGRAPHER dan juga seorg IT ENGINEER yang berpangkalan di Kuala Lumpur. Jika anda mempunyai kerja yang khusus yang anda ingin berbincang dengan saya, sila hubungi saya untuk berbincang. Saya mendapati bahawa ia adalah yang terbaik untuk duduk dan berbincang setiap pekerjaan secara peribadi atau melalui telefon,sebagai amanah dan tahap keselesaan adalah kritikal kepada kejayaan fotografi. Saya juga ada membuat photoshoot untuk wedding, pre-wed, engagement, babies photographer - Percetakkan - Perkhidmatan Rekabentuk - Studio Gambar Saya boleh dihubungi melalui mobile +6 012-448 5126 atau email kepada nasrun@septact.com.my xde yg istimewa about me... ape lagi ek? orang slalu kata sayer ni tinggi sangat.pastu saya nie simple minded, peramah dan mmg senang nak buat kawan. suka wat joke tapi bukan nak jadi joker... Mmm... satu je kelemahan sayer nie terlalu mementingkan member. "We have an obligation to give back to the communities that give us so much."
This took me some time to figure out… here you go. 1. Add the Telephony network repository in YaST2. The URL is http://download.opensuse.org/repositories/network:/telephony/openSUSE_10.3/ … 2. There’s a bug in the deps for Asterisk with mISDNuser (the version in the repository is more recent, but is “uninstallable”) that will block the install process… so as a workaround, first, type 3. -Then- you can install asterisk with If I have the time, I'll provide configuration details later... P.S. - Don't even try using the freepbx RPM -- it's busted pretty badly. Not sure why it is, I'll figure it out later... Yes, those are amazon links. Why? Bandwidth’s expensive, this article’s getting a lot of reads, and I don't want to 'beg' with a tip jar. Thanks for clicking!zypper install zaptel. Then download mISDN-1_1_5-3.5.i586.rpm and mISDNuser-1_1_5-2.4.i586.rpm and install them with rpm -ihv mISDN*.rpm.zypper install asterisk.Related:
With Dell kit of 1950/860 and newer, I’m using the built in IPMI-over-LAN in the BIOS for stonith instead of messing with DRAC5 or more complicated means. It’s easy to configure on it’s own IP and it just plain works. First, a security note with people who have their machines on a “public” network: You’ll want to disable or set a password for the ‘null’ default user for ipmi. This may be done for you in recent versions of dell firmware, but it isn’t on some older stuff. Also, IPMI v. 1.5 doesn’t do encryption by default; you’ll want to make sure you set an encryption key in the bios settings and then use that when you connect (with the lanplus interface, and I have no idea what the syntax is with the stonith resource agent…) or you’ll be sending your authentication information “in the clear”. Since you need to have ADMINISTRATOR permission to reboot the machine as far as I know, you will want to make sure you have this secured… or anyone who’s sniffing can power your machines off at will. You can test the sequence by using ipmitool. Now all you need to do is add a configuration to your cluster. Using the pacemaker clm command line tool, just go You’ll want to add constraints (out of the scope of this document, since it depends on your cluster design) so that a host won’t have it’s own stonith running on it. Although I’m thinking that a game of stonith-based russian roulette would be kinda fun as a computer art installation someday.ipmitool -H (ip address) -U (user) -a chassis power cycle should cause your server to reboot after you enter the password. Please test this first.configure primitive (host)-stonith stonith:external/ipmi \. Double check your stonith resource agents to be sure of the syntax. (
params hostname=(host) ipaddr=(ip address) user=(user) passwd=(password) interface=lancrm# ra meta external/ipmi stonith )
What a mouthful. Like most other americans who live on a budget, I’m taking a “staycation” this weekend. What better thing to do than to get my mail server migrated to my new VPS? Well, first, I suppose, I should get the mail server all working on the new VPS… In CentOS, the default Postfix package doesn’t have MySQL support built in. If you’ve got the priorities plugin installed, you’re either going to need to disable it or otherwise work around it so that you get the one from the centosplus repo. Other than that, it’s been made about as easy as it can be… just keep in mind as you’re reading this tutorial that I really loathe administering mail servers and consider it to be a quite onerous chore that’s been made even more onerous by spammers and hackers and script kiddies and what have you. You’ll need to install: . There’s no RPM for Postfixadmin, but it’s available from the project’s site on Sourceforge. And now the fun begins. This howto assumes that you have a decent level of knowledge and skill setting up services that run on Linux.I’ve included my configuration files where appropriate, please note you’ll need to establish your own files associated with mysql, since the main purpose of those files is authentication.Please read the documents on how to do this. I’ve even linked to the correct pages. Since Dovecot and Postfix hang off of postfixadmin, let’s get that installed first. Download the tarball, untar it somewhere (I use /opt/postfixadmin/), and point apache at it… basically, just add this into your virtual host container on the server: Don’t forget to set up a database. I’m assuming you’re using mysql; as root: Change the settings in /opt/postfixadmin/config.inc.php to reflect your server’s setup. If you are using MySQL >= 4.1, don’t forget to change the database type to mysqli… you’ll get much better performance. To finish setup, head to http://www.yourserver.com/pfadmin/setup.php and follow the prompts. You’ll want to have already pointed the domain’s MX at this IP address — that’s outside the scope of this tutorial, but rest assured that if you haven’t already done it, you’re going to want to go take a nice long nap … say, for a day or two … and come back when it resolves. Don’t add a domain or a mailbox yet. On to Postfix. Postfix is the mail transfer agent. In post office terms, Postfix is the guy at the central office who receives your mail from the truck or airplane, takes it out of the big bulk bag, filters it into your correct mailbox after applying any additional filters (i.e. “I’m on vacation, hold my mail”) to your individual account, and puts it in your P.O. box ready for you to pick up. The official word on how to do postfix with mysql is available here. Go read that, I’ll wait. Before proceeding with the Postfix configuration, make sure that the postfix version you have has MySQL support built in. To do this, run To get postfix working, you’ll need to tell it to use mysql virtual maps for it’s user and domain tables. I’ve posted my configuration files below to make it easy on you. There’s a decent walkthrough in the postfixadmin DOCUMENTS folder. A few things of note: The next step is to get Dovecot configured. Dovecot is the part that allows users to authenticate to the mail server and to get the mail from their mailbox. In post office terms, it’s the authentication mechanism (key or combination) that lets you into your private P.O. box. Again, there’s a DOVECOT.txt in the postfixadmin/DOCUMENTS directory that will tell you what settings you need to change, but I’ve attached my file below. In round terms, what you need to do is set up the pop3 and IMAP servers for the appropriate locations, tell them to look in the mysql tables for the authentication information, etc. Please note that Dovecot changed it’s configuration file schema, so default_mail_env is now mail_location and a few other details. Depending on what version of dovecot you’re using (I’m using 1.0-1.2.rc15, which is the latest from centos) you might have to make some changes to the configuration files below. There some very good information in the Dovecot wiki that you want to read before we go any farther. With both of those servers running, make sure you don’t have any errors in /var/log/maillog. Then make sure that your firewalls are open on ports 25, 110 and 143. (This tutorial doesn’t cover SSL/TLS. I’ll cover it at a later date — but I recommend that you go from here and follow the very easy instructions at both the postfix and dovecot websites to configure it yourself.) With both dovecot and postfix running with users from the database, we should have a secure and working server. Let’s test it. Before we start testing, you’re going to need a hash of your username and password… this is the virtual mailbox you set up when you were setting up postfixadmin. The command to get this hash looks like: perl -MMIME::Base64 -e ‘print encode_base64(“\000foo\@foobar.com\000foobar“)’; … replace the first green part with the email user’s name, then the second green part with the virutal domain we’re handling mail for, and the third green part with the user’s password. Which would result in a hash of: SMTP first. Open up a shell and telnet to your mailserver on port 25 or 587. You should be able to hold a session that looks something like this: At this point you could send mail and see if it actually goes through. Google it if you need to figure it out, since I’m not going to really cover it much here. Let’s test Dovecot some though. Telnet to port 110 on your mailserver, and let’s use the same password hash to do something similar. (Note that you’ll have to have sent an email to the user first in order for the mailboxes to be created, so if you haven’t, do so!) Ok, you can receive mail, send mail, and everything else. If that’s all you want, you’re done. Just to make sure, head over to the abuse.net relay test and run a test against your server to make very sure you don’t have any open relays that could be used by spammers. Having open relays on your server WILL get you blacklisted almost immediately. The easiest way to get spamassassin running is to follow this tutorial. Just remember that if you’re running SMTP on port 587, run spamassassin there too. Don’t forget to start and chkconfig the spamasssassin service before you restart postfix. Install squirrelmail via yum. It’s easy — just install it, restart apache, and you’re good to go. Update: See this blog article for SMTP auth. This configuration, it should be noted, is the one that works for me. It may not work for you. It may not also follow the best security principles — I would especially recommend getting SSL/TLS working for any sort of deployment in the workplace. If you identify any security holes or problems, please post a comment below or email me via the contact page and I’ll update the tutorial. Also, please note the date the tutorial was published and check documentation files accordingly. Reading this tutorial and/or downloading the files is no replacement for actually reading the documentation.yum install gcc postfix clamav mysql-server mysql-devel spamassassin dovecot php php-mbstring php-mysql rpm-build
Alias /pfadmin/ "/opt/postfixadmin/"
mysql> create database postfix; Query OK, 1 row affected (0.01 sec) mysql> grant all on postfix.* to postfix@localhost identified by 'passwordgoeshere'; Query OK, 0 rows affected (0.03 sec)
Postfix
postconf -m and verify that mysql appears in the list. If mysql isn’t there, uninstall postfix using yum, download the version from the centosplus repository, and install that one manually.Dovecot
Securing / Opening things up
AGZvb0Bmb29iYXIuY29tAGZvb2Jhcg==
:~ karlkatzke$ telnet mailserver.com 587 Trying xx.xx.xx.xx... Connected to mailserver.com. Escape character is '^]'. 220 mailserver.com ESMTP Postfix ehlo mail.foobar.net 250-mailserver.com 250-PIPELINING 250-SIZE 10240000 250-ETRN 250-AUTH PLAIN 250-AUTH=PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN auth plain foobar 535 5.7.0 Error: authentication failed: auth plain AGZvb0Bmb29iYXIuY29tAGZvb2Jhcg== 235 2.0.0 Authentication successful
:~ karlkatzke$ telnet mailserver.com 110 Trying xx.xx.xx.xx... Connected to mailserver. Escape character is '^]'. +OK Dovecot ready. user foobar@mailserver.com +OK pass foobar +OK Logged in. list +OK 2 messages: 1 601 2 486 . quit +OK Logging out. Connection closed by foreign host.
Spam Assassin
Squirrelmail
Wrapping up
Despite the Linux kernel having support for so many file systems, not all of them are enabled in RedHat Enterprise Linux by default. This might be well as some of them might not yet classify as “enterprise grade” in the eyes of RedHat, who knows… Luckily, support for missing file systems such as ReiserFS, XFS and JFS can be added easily as outlined below. First of all, you need access to an RPM repository. Usually this is your setup cd-rom or a network-accessible (FTP, HTTP or even NFS) directory. I assume you have this setup already, so let’s proceed to the next step. You’ll need the toolchain, rpm-build, the glibc and kernel headers as well as the kernel source RPM from redhat. Issue this to see what kernel header version is required for you: Install them as required using yum: This will install everything you need to get going in the first place. Now go and get the kernel source RPM, which you’ll find at the RedHat FTP Site. Save it to a temporary directory and install it accordingly: This will throw some messages at you about a user/group named “brewbuilder” not being there. That means no harm, however you may prefer to create it first. Now everything needed should exist inside your /usr/src/redhat directory. Then run rpmbuild from the redhat tree. Now you need to initialize the kernel build environment like this from the kernel source tree. You will also need to copy the original kernel config from your current RedHat kernel. From “menuconfig” navigate to “File systems”, where you enable the missing modules. In my case I select “Reiserfs support”, “JFS” and “XFS” to be included as module (“M” marking). This is especially required if you just want to build the module and copy it over to your locally installed kernel modules directory. I’d recommend to create an RPM for proper upgrade management anyway, however in this case it actually doesn’t matter (except in terms of overhead and performance of course) it you’re using a module or compile it into the kernel. Afterwards I exit from “menuconfig”, not without saving the changes of course. Now this is what I call the lazy way… For easy upgrades and package management, I’d strongly recommend you create a fullblown RPM (see next section). However, if you just want to get going, you can compile the modules manually like this: Then add the modules made to your current module directory like this: This will leave you with modules suiting your kernel. However, whenever you’re upgrading the kernel package, they may get overwritten, so it’s best to create a kernel rpm and install it as a regurlar package. Before you create your RPM package, it’s recommended you edit the Makefile and replace the EXTRAVERSION header by something meaningful which makes the difference clear. In this case, I’ve set EXTRAVERSION = -jfsxfsreiserfs_2.6.18_53_1.6. Then simply run this command to create the RPM package: Like this you’ll end up with both a new RPM package and a source RPM inside your /usr/src/redhat/RPMS and /usr/src/redhat/SRPMS directories, which can then be installed via rpm or, if integrated with a local yum repository, from yum itself. Of course, the modules themselves serve no practical purpose if you lack the userspace tools to create and maintain the file systems. Get them accordingly from ftp://oss.sgi.com/projects/xfs/ (XFS), http://jfs.sourceforge.net/ (JFS) andhttp://chichkin_i.zelnet.ru/namesys/ (ReiserFS). Again, it’s recommended to create an RPM from the sources, but this is beyond the scope of this article.
For this howto I assume you are running the stock RedHat kernel.Get an RPM repository
Install requireds packages
# uname -a Linux localhost 2.6.18-53.el5 #1 SMP Wed Oct 10 16:34:19 EDT 2007 x86_64 x86_64 x86_64 GNU/Linux
#yum install rpm-build.x86_64 ncurses-devel.x86_64 gcc.x86_64 redhat-rpm-config unifdef [ ... output omitted ... ] ============================================================================= Package Arch Version Repository Size ============================================================================= Installing: gcc x86_64 4.1.2-14.el5 base 5.3 M ncurses-devel x86_64 5.5-24.20060715 base 1.7 M redhat-rpm-config noarch 8.0.45-22.el5 base 53 k unifdef x86_64 1.171-5.fc6 base 15 k Installing for dependencies: cpp x86_64 4.1.2-14.el5 base 2.9 M glibc-devel x86_64 2.5-18 base 2.4 M glibc-headers x86_64 2.5-18 base 598 k kernel-headers x86_64 2.6.18-53.el5 base 814 k libgomp x86_64 4.1.2-14.el5 base 77 k Transaction Summary ============================================================================= Install 9 Package(s) Update 0 Package(s) Remove 0 Package(s) Total download size: 14 M Is this ok [y/N]:
# mkdir /usr/src/sources && cd /usr/src/sources # wget ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-53.1.6.el5.src.rpm # rpm -ivh kernel-2.6.18-53.1.6.el5.src.rpm
# cd /usr/src/redhat # rpmbuild -bp SPECS/kernel-2.6.spec [ ... output omitted ... ]
Enable the file systems
# cd /usr/src/redhat/BUILD/kernel-2.6.18/linux-2.6.18.x86_64 # cp /boot/config-`uname -r` .config # make menuconfig
Compiling and installing the modules the lazy way
# cd /usr/src/redhat/BUILD/kernel-2.6.18/linux-2.6.18.x86_64 # mkdir .tmp_versions # make fs/xfs/xfs.ko # make fs/jfs/jfs.ko # make fs/reiserfs/reiserfs.ko
# mkdir /lib/modules/`uname -r`/kernel/fs/reiserfs # mkdir /lib/modules/`uname -r`/kernel/fs/xfs # mkdir /lib/modules/`uname -r`/kernel/fs/jfs # cp ./fs/reiserfs/reiserfs.ko /lib/modules/`uname -r`/kernel/fs/reiserfs # cp ./fs/xfs/xfs.ko /lib/modules/`uname -r`/kernel/fs/xfs # cp ./fs/jfs/jfs.ko /lib/modules/`uname -r`/kernel/fs/jfs # depmod -a
Building a full-featured RPM
# cd /usr/src/redhat/BUILD/kernel-2.6.18/linux-2.6.18.x86_64 # vi Makefile
# cd /usr/src/redhat/BUILD/kernel-2.6.18/linux-2.6.18.x86_64 # make rpm
Getting the tools