用ports安硯apache13_modssl+mysql+php+phpmyadmin(轉)

gugu99發表於2007-08-11
ApacheMySqlPHP
用ports安硯apache13_modssl+mysql+php+phpmyadmin(轉)[@more@]

  # cd /usr/ports/databases/mysql41-server

# make

WITH_CHARSET=big5 //支援繁篦中文(?篦中文是gbk)及以繁篦中文?盍韻?瘁

WITH_XCHARSET=all //支援其它的?瘁

WITH_OPENSSL=yes //使用安全唄接

DB_DIR=/usr/local/mysql //指定???的位置

WITH_LINUXTHREADS=yes //使用linux的?程

SKIP_DNS_CHECK=yes //安硯mysql?略咿?查主?名??ip

BUILD_OPTIMIZED=yes //????提高效能, 加快速度

install clean更加快的??要加BUILD_STATIC=yes 但不能同?使用openssl, 同????出?以下邋鍺資訊

You can't use the BUILD_STATIC option when using OpenSSL.

?於各?啉?, ???看/usr/ports/databases/mysql41-server奄的Makefile

......

For more information, and contact details about the security

status of this software, see the following webpage:

===> Cleaning for mysql-client-4.1.1

===> Cleaning for p5-DBD-mysql41-2.9003

===> Cleaning for p5-DBI-137-1.37

===> Cleaning for libtool-1.3.5_1

===> Cleaning for linuxthreads-2.2.3_13

===> Cleaning for openssl-0.9.7c

===> Cleaning for mysql-server-4.1.1

#

至此 mysql-server 和 mysql-client 已?安硯完成

1.2 韻置mysql

在 /usr/local/share/mysql 在呃?目?奄共有四? .cnf的?例?案, (my-small.cnf, my-medium.cnf, my-large.cnf, my-huge.cnf), 根?系靳??篦(?存)的?量和服?而韻定my.cnf. 在每??例?案奄都有真明.

my-small.cnf //??篦少於或等於64M只提供很少的???服? (< =64M)

my-medium.cnf //??篦在32M到64M之殮而且和其他服?一起使用如web

my-large.cnf //??篦有512M主要是提供???服?

my-huge.cnf //??篦有1G到2G主要是提供???服?

我們檢視一下機器的記憶體:

# dmesg | grep real

real memory = 132825088 (129712K bytes)

本?只有128M ??篦及只是供web使用, 所是用my-medium.cnf 呃??例?

# cp /usr/local/share/mysql/my-medium.cnf /etc/my.cnf

# ls -l /usr/local

...

drwx------ 4 mysql mysql 512 Feb 21 20:57 mysql

...

mysql已?是?於mysql 的用?和群酵.

1.3 ??mysql

利用啟動指令碼去啟動mysql

#/usr/local/etc/rc.d/mysql-server.sh start

# ps -aux | grep mysql

mysql 53989 0.0 13.3 66404 16868 p0 IN 10:17PM 0:00.62 /usr/local/libexec/mysql

mysql 53990 0.0 13.3 66404 16868 p0 SN 10:17PM 0:00.00 /usr/local/libexec/mysql

mysql 53991 0.0 13.3 66404 16868 p0 IN 10:17PM 0:00.00 /usr/local/libexec/mysql

1.4 更改mysql 密瘁

#/usr/local/bin/mysqladmin -u root -p password 'mysql_password'

Enter password: //按enter, mysql盍韻?有密瘁

二. 安硯及韻置apache13-modssl

2.1 安裝Apache-modssl

#cd /usr/ports/www/apache13-modssl/

# make

. . .

<=== src

===> Creating Dummy Certificate for Server (SnakeOil)

[use 'make certificate' to create a real one]

#make install

# make certificate //氧作CA帳酌

===> Creating Test Certificate for Server

SSL Certificate Generation Utility (mkcert.sh)

Copyright (c) 1998-2000 Ralf S. Engelschall, All Rights Reserved.

Generating test certificate signed by Snake Oil CA [TEST]

WARNING: Do not use this for real-life/production systems

______________________________________________________________________

STEP 0: Decide the signature algorithm used for certificate

The generated X.509 CA certificate can contain either

RSA or DSA based ingredients. Select the one you want to use.

Signature Algorithm ((R)SA or (D)SA) [R]:

______________________________________________________________________

STEP 1: Generating RSA private key (1024 bit) [server.key]

2553406 semi-random bytes loaded

Generating RSA private key, 1024 bit long modulus

..++++++

...................++++++

e is 65537 (0x10001)

______________________________________________________________________

STEP 2: Generating X.509 certificate signing request [server.csr]

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

1. Country Name (2 letter code) [XY]:CN

2. State or Province Name (full name) [Snake Desert]:HongKong

3. Locality Name (eg, city) [Snake Town]:HongKong

4. Organization Name (eg, company) [Snake Oil, Ltd]:kinux.org

5. Organizational Unit Name (eg, section) [Webserver Team]:kinux.org

6. Common Name (eg, FQDN) []:

7. Email Address (eg, name@FQDN) [www@snakeoil.dom]:kinuxventure@yahoo.com.hk

8. Certificate Validity (days) [365]: ______________________________________________________________________

STEP 3: Generating X.509 certificate signed by Snake Oil CA [server.crt]

Certificate Version (1 or 3) [3]: Signature ok

subject=/C=CN/ST=HongKong/L=HongKong/O=kinux.org/OU=kinux.org/CN=/emailAddress=

kinuxventure@yahoo.com.hk

Getting CA Private Key

Verify: matching certificate & key modulus

Verify: matching certificate signature

../conf/ssl.crt/server.crt: /C=XY/ST=Snake Desert/L=Snake Town/O=Snake Oil,

  Ltd/OU=Certificate Authority/CN=Snake Oil CA/emailAddress=ca@snakeoil.dom

  error 10 at 1 depth lookup:certificate has expired

  OK

  ______________________________________________________________________

  STEP 4: Enrypting RSA private key with a pass phrase for security [server.key]

  The contents of the server.key file (the generated private key) has to be

  kept secret. So we strongly recommend you to encrypt the server.key file

  with a Triple-DES cipher and a Pass Phrase.

  Encrypt the private key now? [Y/n]: Y

  writing RSA key

  Enter PEM pass phrase:

  Verifying - Enter PEM pass phrase:

  Fine, you're using an encrypted RSA private key.

  ______________________________________________________________________

  RESULT: Server Certification Files

  o conf/ssl.key/server.key

  The PEM-encoded RSA private key file which you configure

  with the 'SSLCertificateKeyFile' directive (automatically done

  when you install via APACI). KEEP THIS FILE PRIVATE!

  o conf/ssl.crt/server.crt

  The PEM-encoded X.509 certificate file which you configure

  with the 'SSLCertificateFile' directive (automatically done

  when you install via APACI).

  o conf/ssl.csr/server.csr

  The PEM-encoded X.509 certificate signing request file which

  you can send to an official Certificate Authority (CA) in order

  to request a real server certificate (signed by this CA instead

  of our demonstration-only Snake Oil CA) which later can replace

  the conf/ssl.crt/server.crt file.

  WARNING: Do not use this for real-life/production systems

  CA 帳酌氧作完成!!

2.2 韻定apache

  #vi /usr/local/etc/apache/httpd.conf

更改ServerName ?你的主?名或IP2.3 ??apache

  #/usr/local/etc/rc.d/apache.sh start

apache#

# ps -aux | grep www

www 70204 0.0 2.5 4888 3212 ?? S 2:56AM 0:00.00 /usr/local/sbin/

www 70205 0.0 2.5 4888 3212 ?? S 2:56AM 0:00.00 /usr/local/sbin/

www 70206 0.0 2.5 4888 3212 ?? S 2:56AM 0:00.00 /usr/local/sbin/

www 70207 0.0 2.5 4888 3212 ?? S 2:56AM 0:00.00 /usr/local/sbin/

www 70208 0.0 2.5 4888 3212 ?? S 2:56AM 0:00.00 /usr/local/sbin/

三. 安硯及韻定php

  3.1 協調

  由於FreeBSD盍韻已安硯了GETTEXT, 在安硯php??出?error, 所以要在ports奄先卸下GETTEXT. 之後再在安硯php?啉?GETTEXT 一起安硯.

  #cd /usr/ports/devel/gettext

#make deinstall clean

# cd /usr/ports/www/mod_php4

#make//make之後, 一??出一?像似以下的?面, 根?自己需要啉?安硯?件包.

  //CTYPE, MYSQL, OVERLOAD, PCRE, POSIX, SESSION, TOKENIZER, XML, ZLIB 呃???件是盍韻要安硯的.

  //=========================================================

// PHP configuration options

|| Please select desired options: ||

|| [ ] BCMATH bc style precision math functions ||

|| [ ] BZIP2 bzip2 library support ||

|| [ ] CALENDAR calendar conversion support ||

|| [ ] CDB cdb database support (dba) ||

|| [ ] CRACK crack support ||

|| [X] CTYPE ctype functions ||

|| [ ] CURL CURL support ||

|| [ ] DB4 Berkeley DB4 support ||

|| [ ] DBASE dBase library support ||

|| [ ] DBX dbx support ||

|| [ ] DIO Direct I/O support ||

|| [ ] DOMXML DOM support ||

|| [ ] DOMXSLT DOM XSLT and EXSLT support (implies DOMXML) ||

|| [ ] EXIF EXIF support ||

|| [ ] FILEPRO filePro support ||

|| [ ] FRIBIDI FriBidi support ||

|| [ ] FTP FTP support ||

|| [X] GD GD library support ||

|| [ ] GDBM GDBM database support (dba) ||

|| [X] GETTEXT gettext library support ||

|| [ ] GMP GNU MP support ||

|| [ ] HYPERWAVE Hyperwave support ||

|| [ ] ICONV iconv support ||

|| [ ] IMAP IMAP support ||

|| [ ] INIFILE INI file support (dba) ||

|| [ ] INTERBASE Interbase 6 database support (Firebird) ||

|| [ ] MBSTRING multibyte string support ||

|| [ ] MCAL Modular Calendar Access Library support ||

|| [ ] MCVE MCVE support (implies OPENSSL) ||

|| [ ] MCRYPT Encryption support ||

|| [ ] MHASH Crypto-hashing support ||

|| [ ] MIME mime_magic support ||

|| [ ] MING ming shockwave flash support ||

|| [ ] MNOGOSEARCH mnoGoSearch support ||

|| [ ] MSSQL MS-SQL database support ||

|| [X] MYSQL MySQL database support ||

|| [ ] NCURSES ncurses support (CLI only) ||

|| [ ] OPENLDAP OpenLDAP support ||

|| [X] OPENSSL OpenSSL support ||

|| [ ] ORACLE Oracle support ||

|| [X] OVERLOAD user-space object overloading support ||

|| [ ] PCNTL pcntl support (CLI only) ||

|| [X] PCRE Perl Compatible Regular Expression support ||

|| [ ] PDFLIB PDFlib support ||

|| [X] POSIX POSIX-like functions ||

|| [ ] POSTGRESQL PostgreSQL database support ||

|| [ ] PSPELL pspell support ||

|| [ ] READLINE readline support (CLI only) ||

|| [ ] RECODE recode support ||

|| [X] SESSION session support ||

|| [ ] SHMOP shmop support ||

|| [ ] SNMP SNMP support (implies OPENSSL) ||

|| [ ] SOCKETS sockets support ||

|| [ ] SYBASEDB Sybase database support (DB-lib) ||

|| [ ] SYBASECT Sybase database support (CT-lib) ||

|| [ ] SYSVSEM System V semaphore support ||

|| [ ] SYSVSHM System V shared memory support ||

|| [X] TOKENIZER tokenizer support ||

|| [ ] UNIXODBC unixODBC support ||

|| [ ] WDDX WDDX support (implies XML) ||

|| [X] XML XML support ||

|| [ ] XMLRPC XMLRPC-EPI support ||

|| [ ] XSLT XSLT Sablotron support ||

|| [ ] YAZ YAZ support (ANSI/NISO Z39.50) ||

|| [ ] YP YP/NIS support ||

|| [ ] ZIP ZIP support ||

|| [X] ZLIB ZLIB support ||

//

==========================================================//

[ OK ] Cancel

. . .

Build complete.

(It is safe to ignore warnings about tempnam and tmpnam).

#make install

===> Installing for mod_php4-4.3.4_6,1

===> mod_php4-4.3.4_6,1 depends on file: /usr/local/sbin/apxs - found

===> mod_php4-4.3.4_6,1 depends on shared library: expat.4 - found

===> mod_php4-4.3.4_6,1 depends on shared library: intl.6 - found

===> mod_php4-4.3.4_6,1 depends on shared library: mysqlclient.14 - found

===> Generating temporary packing list

===> Checking if www/mod_php4 already installed

Installing PHP SAPI module: apache

[activating module `php4' in /usr/local/etc/apache/httpd.conf]

cp libs/libphp4.so /usr/local/libexec/apache/libphp4.so

chmod 755 /usr/local/libexec/apache/libphp4.so

cp /usr/local/etc/apache/httpd.conf /usr/local/etc/apache/httpd.conf.bak

cp /usr/local/etc/apache/httpd.conf.new /usr/local/etc/apache/httpd.conf

rm /usr/local/etc/apache/httpd.conf.new

Installing shared extensions: /usr/local/lib/php/20020429/

Installing build environment: /usr/local/lib/php/build/

Installing header files: /usr/local/include/php/

Installing helper programs: /usr/local/bin/

program: phpize

program: php-config

program: phpextdist

*****************************************************************************

Make sure index.php is part of your DirectoryIndex.

You should add the following lines to your Apache configuration file:

AddType application/x-httpd-php .php

AddType application/x-httpd-php-source .phps

*****************************************************************************

===> Registering installation for mod_php4-4.3.4_6,1

3.2 韻定php.

  在 /usr/local/etc/apache/httpd.conf 奄加上以下?句.

  AddType application/x-httpd-php .php

AddType application/x-httpd-php-source .phps 由於小弟?php?不熟悉, 所以不在呃奄真明php.ini 有什麼更好的韻定了. #cd /usr/local/etc

#cp php.ini-recommended php.ini 重啟apache

  #/usr/local/etc/rc.d/apache.sh stop

#/usr/local/etc/rc.d/apache.sh start3.3 ??php.

  生成test.php,並在奄面加上以下的3行.

  #vi /usr/local/www/data/test.php

Phpinfo ();

?>

開啟瀏覽器

  四. 安硯及韻定phpMyAdmin.

  用ports 來安裝phpmyadmin

  #cd /usr/ports/databases/phpmyadmin

#make install clean

#cd /usr/local/www/data/phpMyAdmin

#cp config.inc.php.sample config.inc.php

#chmod 755 config.inc.php

#vi config.inc.php更改以下?行

  $cfg['PmaAbsoluteUri'] = '';

改成

$cfg['PmaAbsoluteUri'] = '';

$cfg['Servers'][$i]['auth_type'] = 'config'; // Authentication method (config, http or cookie based)?

改成

$cfg['Servers'][$i]['auth_type'] = 'http'; // Authentication method (config, http or cookie based)?

$cfg['Servers'][$i]['password'] = ''; // MySQL password (only needed

改成

$cfg['Servers'][$i]['password'] = 'mysql passwd'; // MySQL password (only needed

??phpMyAdmin

  

  後?:

  以下是一些安硯?可能遇到的?銓.

  在安硯mod_php4??出?以下的邋鍺資訊.

  /usr/libexec/ld-elf.so.1: Shared object "libintl.so.5" not found解?方法:

  原因是gettext 和 gmake 的版本的mod_php4安硯是要求的不一樣, 一般是mod_php4 要的版本比蕢新, 所以出?一些不支援的?象.

  只要用cvsup 更新你的gettext 和gmake就可以了. #cd /usr/ports/devel/gettext

#make deinstall clean && make reinstall clean

#cd ../gmake

#make deinstall clean && make reinstall clean在重安硯gettext 和gmake之前?住要ports是最新的.

  你也可?考以下方法.

  

  •   

    • 來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/10748419/viewspace-944447/,如需轉載,請註明出處,否則將追究法律責任。

    相關文章