38 FreeBSD5.2伺服器安裝
advertisement
106759232
2016/3/7
038FreeBSD 5.2 安裝設定
940616
說明:
本文為以 5.2 重新架設網路伺服器(class2)之過程記錄
本伺服器主要伺服程式包含
apache2.0.54
php 4.3.11(含 pdflib-5.0.4)
mysql 4.1.12
webmin-1.2.10
目的作為伺服器的基本組態。
安裝記錄:
1.安裝基本系統:(安裝到可以從遠端登入,詳細步驟請參考相關文件 05)
以 FreeBSD 5.2 安裝光碟開機;安裝系統;media (媒體) CD-ROM 安裝
以 ports 安裝 bash shell;
設定 root 密碼;
設定網路組態;
設定網路卡介面(interface)
開啟 inetd 伺服程式;開啟 ftp, telnet 服務程式。
增加一遠端登入的使用者;wheel 群組
以 chsh 指令更改使用者及 root 的 shell 為 bash shell
重新開機;遠端登入
2.安裝套件(遠端安裝)
以 telnet 連接 系統
重新登入
2.1 安裝 cvsup (目的為保持最新的 ports)
cd /usr/ports/net/cvsup
make
make install
取得批次檔及設定檔;(由 class1.dahan.edu.tw 取得,或下載來改名)
ftp class1.dahan.edu.tw
cd /usr/local/bin
lcd /usr/local/bin
get run_cvsup
cd /etc
-1-
106759232
2016/3/7
lcd /etc
get cvsupfile
get cvsupfile-ports
bye
修改 run_cvsup 執行檔
ee /usr/local/bin/run_cvsup
找到 cvsupfile-stable 改成 cvsupfile
chmod 744 /usr/local/bin/run_cvsup
自動更新(加入 crontab)
ee /etc/crontab
在 crontab 加入一列:(每週 4 之 3 點 25 分執行)
25
3
*
/usr/local/bin/run_cvsup
*
4
root
---------- 安裝 cvsup 完成
執行一次 run_cvsup 以更新 ports
2.2 安裝 mysql (mysql-server-4.1.12)
cd /usr/ports/databases/mysql41-server
修改編譯指示檔;加入中文字碼
ee Makefile
找到
CONFIGURE_ARGS=
在其後的參數設定中加入:
--with-charset=big5 \
make
make install
----- 系統顯示資料 ----Added group "mysql".
Added user "mysql".
install-info --quiet /usr/local/info/mysql.info /usr/local/info/dir
===> Installing rcNG startup script(s)
===>
Compressing manual pages for mysql-server-4.1.12
-2-
106759232
2016/3/7
===>
Registering installation for mysql-server-4.1.12
===> SECURITY REPORT:
This port has installed the following files which may act as network
servers and may therefore pose a remote security risk to the system.
/usr/local/libexec/mysqld
This port has installed the following startup scripts which may cause
these network services to be started at boot time.
/usr/local/etc/rc.d/mysql-server.sh
If there are vulnerabilities in these programs there may be a security
risk to the system. FreeBSD makes no guarantee about the security of
ports included in the Ports Collection. Please type 'make deinstall'
to deinstall the port if this is a concern.
For more information, and contact details about the security
status of this software, see the following webpage:
http://www.mysql.com/
-----顯示資料 結束 -----
----- 安裝 mysql 完成
啟始資料庫
/usr/local/bin/mysql_install_db
-----顯示資料 開始 ----Installing all prepared tables
Fill help tables
To start mysqld at boot time you have to copy support-files/mysql.server
to the right place for your system
PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:
/usr/local/bin/mysqladmin -u root password 'new-password'
/usr/local/bin/mysqladmin -u root -h class2.dahan.edu.tw password 'new-password'
See the manual for more instructions.
You can start the MySQL daemon with:
cd /usr/local ; /usr/local/bin/mysqld_safe &
-3-
106759232
2016/3/7
You can test the MySQL daemon with the benchmarks in the 'sql-bench' directory:
cd sql-bench ; perl run-all-tests
Please report any problems with the /usr/local/bin/mysqlbug script!
The latest information about MySQL is available on the web at
http://www.mysql.com
Support MySQL by buying support/licenses at https://order.mysql.com
-----顯示資料 結束-----
變更檔案擁有者:
chown -R mysql:mysql /var/db/mysql
---------- 這部分等 webmin 安裝妥後再安裝 ----設定密碼:
/usr/local/bin/mysqladmin -u root password '12345'
/usr/local/bin/mysqladmin -u root -h class2.dahan.edu.tw password '12345'
進入 webmin 處理 伺服器:
警告:您的系統上沒有安裝 Perl 模組 DBI 和 DBD::mysql,
所以 Webmin 無法順利的連線到您的 MySQL 資料庫,按這兒來安裝。
自動安裝失敗;改用手動安裝:
cd /usr/ports/databases/p5-DBI
make
make install
cd /usr/ports/databases/p5-DBD-mysql
make
make install
---------- 這部分等 webmin 安裝妥後再安裝 完成 ----2.3 安裝 openssl (openssl-0.9.7g)
cd /usr/ports/security/openssl
make
make install
-----顯示資料 ----===>
Compressing manual pages for openssl-0.9.7g
===>
Running ldconfig
-4-
106759232
2016/3/7
/sbin/ldconfig -m /usr/local/lib
===>
Registering installation for openssl-0.9.7g
===> SECURITY REPORT:
This port has installed the following files which may act as network
servers and may therefore pose a remote security risk to the system.
/usr/local/bin/openssl
/usr/local/lib/libcrypto.so.3
/usr/local/lib/libssl.so.3
If there are vulnerabilities in these programs there may be a security
risk to the system. FreeBSD makes no guarantee about the security of
ports included in the Ports Collection. Please type 'make deinstall'
to deinstall the port if this is a concern.
For more information, and contact details about the security
status of this software, see the following webpage:
http://www.openssl.org/
-----顯示資料 -----
----- 安裝 openssl 完成
2.4 安裝 webmin (webmin-1.210.tar.gz)
cd /usr/ports/sysutils/webmin
make
make install
-----顯示資料 ----===>
Returning to build of webmin-1.210
===>
webmin-1.210 depends on file: /usr/local/bin/perl5.6.1 - found
===>
Generating temporary packing list
===>
Checking if sysutils/webmin already installed
@comment Insert PLIST.lib-webmin here
===================================
To reconfigure webmin you should
run the following command as root:
${LOCALBASE}/lib/webmin/setup.sh
You won't have to perform this step
after every webmin upgrade.
-5-
106759232
2016/3/7
Since 1.150_2, to run webmin from
startup, add webmin_enable="YES"
in your /etc/rc.conf.
===================================
===>
Registering installation for webmin-1.210
-----顯示資料 完 -----
設定開機時即啟動:
ee /etc/rc.conf
加入一列:
webmin_enable="YES"
----- 安裝 webmin 完成 ----設定 webmin
/usr/local/lib/webmin/setup.sh
***********************************************************************
*
Welcome to the Webmin setup script, version 1.210
*
***********************************************************************
Webmin is a web-based interface that allows Unix-like operating
systems and common Unix services to be easily administered.
Installing Webmin in /usr/local/lib/webmin ...
***********************************************************************
Webmin uses separate directories for configuration files and log files.
Unless you want to run multiple versions of Webmin at the same time
you can just accept the defaults.
Config file directory [/usr/local/etc/webmin]:
Log file directory [/var/log/webmin]:
***********************************************************************
Webmin is written entirely in Perl. Please enter the full path to the
Perl 5 interpreter on your system.
Full path to perl (default /usr/bin/perl):
-6-
106759232
2016/3/7
Testing Perl ...
Perl seems to be installed ok
***********************************************************************
Operating system name:
FreeBSD
Operating system version: 2004
***********************************************************************
Webmin uses its own password protected web server to provide access
to the administration programs. The setup script needs to know :
- What port to run the web server on. There must not be another
web server already using this port.
- The login name required to access the web server.
- The password required to access the web server.
- If the webserver should use SSL (if your system supports it).
- Whether to start webmin at boot time.
Web server port (default 10000):
Login name (default admin):
Login password:
Password again:
Use SSL (y/n): y
***********************************************************************
Creating web server config files..
..done
Creating access control file..
..done
Creating start and stop scripts..
..done
Copying config files..
..done
Creating uninstall script /usr/local/etc/webmin/uninstall.sh ..
..done
-7-
106759232
2016/3/7
Changing ownership and permissions ..
..done
Running postinstall scripts ..
..done
Attempting to start Webmin mini web server..
..done
***********************************************************************
Webmin has been installed and started successfully. Use your web
browser to go to
https://class2.dahan.edu.tw:10000/
and login with the name and password you entered previously.
Because Webmin uses SSL for encryption only, the certificate
it uses is not signed by one of the recognized CAs such as
Verisign. When you first connect to the Webmin server, your
browser will ask you if you want to accept the certificate
presented, as it does not recognize the CA. Say yes.
設定完成;系統會自動執行;
可以下列方式登入:
https://class2.dahan.edu.tw:10000/
登入後可先調整語系。
有關伺服器的管理,必須在 webmin 中,各伺服器的組態設定中設定相關
的路徑後,才可正確執行;設定例請參考附件
2.5 安裝 PHP 前,先安裝相關的 package
cd /usr/ports/graphics/jpeg
make
make install
===>
Running ldconfig
/sbin/ldconfig -m /usr/local/lib
===>
Registering installation for jpeg-6b_3
-8-
106759232
2016/3/7
cd /usr/ports/graphics/tiff
make
make install
===>
Running ldconfig
/sbin/ldconfig -m /usr/local/lib
===>
Registering installation for tiff-3.7.2
cd /usr/ports/devel/t1lib
make
make install
===>
Running ldconfig
/sbin/ldconfig -m /usr/local/lib
===>
Registering installation for t1lib-5.0.1,1
安裝 PDFlib;
由於新版的 PDFlib (PDFlib-Lite-6.0.1) 刪除了某函數(pdf_open_fp),造成
和其他相依的軟體配合出了問題;所以只好使用舊的版本;php 已內建 pdf
的支援程式;可是還須要 lib 及 include 的 pdflib 程式(可參看下文 make
install 的顯示資料);目前採用的是 5.0.4 的版本。
先取得軟體:PDFlib-Lite-5.0.4p1-Unix-src 存到 /usr/ports/distfiles
mkdir /tmp/work
cd /tmp/work
tar zxvf /usr/ports/distfiles/PDFlib-Lite-5.0.4p1-Unix-src.tar.gz
cd /tmp/work/PDFlib-Lite-5.0.4p1-Unix-src
./configure
-----顯示資料 完 ----_____________________________________________________________
For your convenience, here's a summary of configure's results:
Support for shared libraries:
yes
C++ language binding for PDFlib:
yes
Java language binding for PDFlib:
no
Perl language binding for PDFlib:
yes
Python language binding for PDFlib:
no
Tcl language binding for PDFlib:
no
PDF import library (PDI):
no
-9-
106759232
2016/3/7
Note: if you purchase the additional PDF import library (PDI)
you can also manipulate existing PDF documents with PDFlib.
The additional block feature can be used to personalize PDF.
See http://www.pdflib.com for details.
Please observe the licensing terms for commercial PDFlib usage.
PDFlib license agreement and purchase order can be found in the doc directory.
-----顯示資料 完 -----
make
make install
-----顯示資料 ----if test ! -d /usr/local/lib ; then
chmod 755 /usr/local/lib;
mkdir -p /usr/local/lib;
fi
if test ! -d /usr/local/include ; then
mkdir -p /usr/local/include;
chmod 755 /usr/local/include;
fi
../../config/install-sh -c -m 644 pdflib.h /usr/local/include
../../libtool --silent ../../config/install-sh -c -m 644 libpdf.la /usr/local/lib;
../../../libtool --silent --mode=install
../../../config/install-sh -c -m 644 p
dflib_pl.la /usr/local/lib/perl5/site_perl/5.6.1/mach
../../../config/install-sh -c -m 644 pdflib_pl.pm /usr/local/lib/perl5/site_perl/5.6.1/mach
./config/install-sh -c pdflib-config /usr/local/bin
-----顯示資料 完 -----
2.6 安裝 mod_php4
先處理 php4 ( mod_php4 使用 php4 的 Makefile 檔)
cd /usr/ports/lang/php4
ee Makefile
找到:
CONFIGURE_ARGS= --enable-versioning \
--enable-memory-limit \
--with-layout=GNU \
--with-config-file-scan-dir=${PREFIX}/etc/php \
--disable-all
改成:(php4 內建支援 pdf;在 work/php-4.3.11/ext/pdf 的目錄內)
CONFIGURE_ARGS= --enable-versioning \
- 10 -
106759232
2016/3/7
--enable-memory-limit \
--with-layout=GNU \
--with-config-file-scan-dir=${PREFIX}/etc/php \
--with-gd --enable-gd-native-ttf --enable-gd-jis-conv \
--with-t1lib \
--enable-mbstring \
--enable-mbregex \
--enable-cli \
--with-zlib-dir=/usr
\
--with-jpeg-dir=/usr/local \
--with-png-dir=/usr/local \
--with-pdf
\
--prefix=/usr/local
修改完後返回 mod_php4:
cd /usr/ports/www/mod_php4
make
Options for mod_php4 4.3.11_1,1
[X] APACHE2
[ ] DEBUG
[X] IPV6
Use apache 2.x instead of apache 1.3.x
Enable debug
Enable ipv6 support
[X] OPENSSL Build static OpenSSL extension
安裝 mod_php4 前會先安裝 APACHE
-----顯示資料 ----cp .libs/libphp4.so /usr/local/libexec/apache2/libphp4.so
libtool: install: warning: remember to run `libtool --finish /usr/ports/www/mod_
php4/work/php-4.3.11/libs'
grep: /usr/local/libexec/apache2/libphp4.la: No such file or directory
grep: /usr/local/libexec/apache2/libphp4.la: No such file or directory
Warning!
dlname not found in /usr/local/libexec/apache2/libphp4.la.
Assuming installing a .so rather than a libtool archive.
chmod 755 /usr/local/libexec/apache2/libphp4.so
[activating module `php4' in /usr/local/etc/apache2/httpd.conf]
Installing build environment:
/usr/local/lib/php/build/
Installing header files:
/usr/local/include/php/
Installing helper programs:
/usr/local/bin/
program: phpize
- 11 -
106759232
2016/3/7
program: php-config
program: phpextdist
***************************************************************
Make sure index.php is part of your DirectoryIndex.
You should add the following to your Apache configuration file:
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
***************************************************************
===>
Registering installation for mod_php4-4.3.11_1,1
-----顯示資料 -----
----- 安裝 php_mod4 完成
2.7 修改 apache2 設定
ee /usr/local/etc/apache2/httpd.conf
修改下列資料:
ServerAdmin cyr@cyr.idv.tw
<IfModule mod_userdir.c>
# UserDir public_html
UserDir web
# <Directory /home/*/public_html>
<Directory /home/*/web>
DirectoryIndex index.html index.html.var index.php
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
----- 修改 apache2 設定完成
----- 修改 php 設定
cp /usr/local/etc/php.ini-recommended /usr/local/etc/php.ini
ee /usr/local/etc/php.ini
- 12 -
106759232
2016/3/7
修改下列資料:
;;;;;;;;;;;;;;;;;;;
; Resource Limits ;
;;;;;;;;;;;;;;;;;;;
max_execution_time = 300
; Maximum execution time of each script, in seconds
max_input_time = 60
; Maximum amount of time each script may spend parsing r
memory_limit = 8M
; Maximum amount of memory a script may consume (8MB)
----- 修改 php 設定 完成
----- 檢查環境設定
mkdir /home/cyr/web
chown cyr:www /home/cyr/web
ee /home/cyr/web/phpinfo.php
<?php
phpinfo();
?>
ee /home/cyr/web/pdftest.php
<?php
$pdf = pdf_new();
pdf_open_file($pdf, "test.pdf");
pdf_set_info($pdf, "Author", "Uwe Steinmann");
pdf_set_info($pdf, "Title", "Test for PHP wrapper of PDFlib 2.0");
pdf_set_info($pdf, "Creator", "See Author");
pdf_set_info($pdf, "Subject", "Testing");
pdf_begin_page($pdf, 595, 842);
pdf_add_outline($pdf, "Page 1");
$font = pdf_findfont($pdf, "Times New Roman", "winansi", 1);
pdf_setfont($pdf, $font, 10);
pdf_set_value($pdf, "textrendering", 1);
pdf_show_xy($pdf, "Times Roman outlined", 50, 750);
pdf_moveto($pdf, 50, 740);
pdf_lineto($pdf, 330, 740);
pdf_stroke($pdf);
pdf_end_page($pdf);
- 13 -
106759232
2016/3/7
pdf_close($pdf);
pdf_delete($pdf);
echo "<A HREF=getpdf.php>finished</A>";
?>
chown cyr:www /home/cyr/web/phpinfo.php
chmod 755 /home/cyr/web/phpinfo.php
chown cyr:www /home/cyr/web/pdftest.php
chmod 755 /home/cyr/web/pdftest.php
執行 phpinfo 看看是否正確 (apache 必須先跑起來;可使用 webmin 去
啟動)
========================================================
2.8 webmin 的 apache2 的組態修正:
組態設定
給模組 Apache 網頁伺服器
給 Apache 網頁伺服器 的可組態選項
Configurable 選項
顯示虛擬伺服器 依
⊙ 圖示
列表
排序虛擬伺服器 依
⊙ 設定檔案內的位置
最多顯示的伺服器數量
100
新增虛擬伺服器檔案到
⊙ httpd.conf
IP 位置
⊙ Default ($DOM.conf)
Filename pattern for virtual servers
測試設定檔案在套用變更前?
⊙ 是
測試設定檔案在手動變更後?
是
⊙ 否
測試設定檔案在其他變更後?
是
⊙ 否
測試組態檔指令
伺服器名稱
否
⊙ apachectl configtest
httpd 加上 -D 參數
顯示 Apache 管理名稱
Apache 文件根目錄
是
否
⊙ Apache 全球網站
系統組態
Apache 伺服器根目錄 /usr/local/etc/apache ==>
httpd 的執行路徑
/usr/local/sbin/httpd
/usr/local/www/data
不變
Apache 版本?
apachectl 指令路徑
無
⊙ /usr/local/sbin/apachectl
啟動 Apache 的命令 ⊙ 使用 apachectl 或手動啟動
停止 Apache 的命令 ⊙ 使用 apachectl 或砍掉程序
- 14 -
106759232
2016/3/7
套用組態指令
⊙ 使用 apachectl 或 HUP 訊號
httpd.conf 路徑 自動 ⊙ /usr/local/etc/apache/httpd.conf
==> /usr/local/etc/apache2/httpd.conf
路徑
srm.conf
access.conf
路徑
mime.types
路徑
自動 ⊙
/usr/local/etc/apache2/srm.conf
自動 ⊙
/usr/local/etc/apache2/access.conf
自動 ⊙
/usr/local/etc/apache2/mime.types
Apache PID 檔案路徑
<-
⊙ 自動執行
回到 索引
======================================================
2.9 webmin 的 mysql 的組態修正:
組態設定
給模組 MySQL 資料庫伺服器
給 MySQL 資料庫伺服器 的可組態選項
組態選項
資料庫管理者名稱
root
資料庫管理者密碼
⊙ 不改變 Set to
每頁顯示的列數
25
顯示資料庫與表格為 清單
⊙
圖示
使用垂直列編輯介面 ⊙ 是
顯示粗體欄在
否
⊙ 表格中資料
下載連結
如果可以的話使用 DBI 連接?
⊙ 是
執行 strftime 取代備份目標?
是
⊙
Password hashing mode
⊙
Default
Old
否
否
Encoding for database ⊙ content
系統組態
到 mysqlshow 指令的完整路徑 /usr/local/bin/mysqlshow
到 mysqladmin 指令的完整路徑
/usr/local/bin/mysqladmin
到 mysql 指令的完整路徑 /usr/local/bin/mysql
mysqldump 指令路徑 /usr/local/bin/mysqldump
mysqlimport 指令路徑
/usr/local/bin/mysqlimport
啟動 MySQL 伺服器的命令
(/usr/local/bin/safe_mysqld ||
/usr/local/bin/mysqld_safe) &
停止 MySQL 伺服器的命令
⊙ 自動
到 MySQL 共享函式庫的路徑
Path to MySQL databases directory
無
/usr/local/lib/mysql
None
連接 MySQL 主機道 ⊙ 本地端
MySQL 連接埠
⊙ 預設
MySQL socket 檔案 ⊙ 預設
- 15 -
/usr/local/var/mysql
106759232
2016/3/7
=================================================================
錯誤處理參考:
-----顯示資料 ----/bin/sh /usr/local/bin/libtool15 --silent --mode=link cc -O -pipe -mcpu=pentiuma
===>
===>
===>
===>
Installing for expat-1.95.8_2
Generating temporary packing list
Checking if textproc/expat2 already installed
An older version of textproc/expat2 is already installed (expat-1.95.6_1)
You may wish to ``make deinstall'' and install this port again
by ``make reinstall'' to upgrade it properly.
If you really wish to overwrite the old port of textproc/expat2
without deleting it first, set the variable "FORCE_PKG_REGISTER"
in your environment or the "make install" command line.
*** Error code 1
Stop in /usr/ports/textproc/expat2.
*** Error code 1
Stop in /usr/ports/www/apache2.
*** Error code 1
Stop in /usr/ports/www/mod_php4.
-----顯示資料 -----
原因: textproc/expat2 的版本舊,要更新:
切換過去
cd /usr/ports/textproc/expat2
make deinstall
make reinstall
----- 處理完成 ----錯誤處理參考:
webmin
啟動 Apache 失敗 :
Syntax error on line 274 of /usr/local/etc/apache2/httpd.conf:
Cannot load /usr/local/libexec/apache2/libphp4.so into server:
/usr/local/libexec/apache2/libphp4.so: Undefined symbol "PDF_open_fp"
mod_php4 include pdflib 時,新的版本(pdflib-6.0.1)已沒有 "PDF_open_fp"
的函數,可是 libphp4.so 中還有,導致失敗
- 16 -
