一:系统约定
二:系统基本设置
三:下载软件
四:安装必须的软件
五:编译安装软件
六:配置apache PHP
七:测试 (通过phpinfo,phpmyadmin,sugarcrm的安装来测试)
一:系统约定
采用Centos5.2光盘,
软件源代码包存放位置 /usr/local/src
源码包编译安装位置(prefix) /usr/local/software_name
MySQL 数据库位置 /data/mysql/data
Apache 网站根目录 /data/www/wwwroot(虚拟主机在这个目录下)
Apache 虚拟主机日志根目录 /data/www/logs
Apache 运行账户 www:www
创建两个虚拟主机 test.com linux.com
所有的配置的文件修改,都做备份,备份的名字为 文件名.save
下面的实验是用vmware station 6 创建一个 redhat AS5的vm,安装centos5.2,安装的时候,选择安装语言是英文,采用文本方式来安装,选择最小化的安装。
yum的更新,采用本地光盘的方式,这样比较快捷。
我的机器基本设置
IP:192.168.1.200/255.255.255.0
网关:192.16.1.1
DNS:192.168.1.1
hostname:ns1
二:系统基本设置
我已经把所有需要配置的内容,做一个一个脚本,只需要运行一次就可以。
cd /usr/local/src
vi /usr/local/src/init.sh
#####################
#Diabe IPV6
cp /etc/modprobe.conf /etc/modprobe.conf.save
echo “alias net-pf-10 off” >> /etc/modprobe.conf
echo “alias ipv6 off” >> /etc/modprobe.conf
#SSH
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.save
sed -i ‘/#PermitRootLogin/s/#PermitRootLogin/PermitRootLogin/’ /etc/ssh/sshd_config
sed -i -e ‘74 s/^/#/’ -i -e ‘76 s/^/#/’ /etc/ssh/sshd_config
sed -i “s/#UseDNS yes/UseDNS no/” /etc/ssh/sshd_config
sed -i -e ‘44 s/^/#/’ -i -e ‘48 s/^/#/’ /etc/ssh/sshd_config
/etc/init.d/sshd restart
#停止 the “beep”
cp /etc/inputrc /etc/inputrc.save
sed -i ‘/#set bell-style none/s/#set bell-style none/set bell-style none/’ /etc/inputrc
#关闭SElinux
cp /etc/sysconfig/selinux /etc/sysconfig/selinux.save
sed -i ‘/SELINUX=enforcing/s/SELINUX=enforcing/SELINUX=disabled/’ /etc/sysconfig/selinux
#加载光驱
mkdir /mnt/cdrom
mount /dev/cdrom /mnt/cdrom
echo “mount /dev/cdrom /mnt/cdrom” >> /etc/rc.local
#设置yum使用本地光盘
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.save
mv /etc/yum.repos.d/CentOS-Media.repo /etc/yum.repos.d/CentOS-Media.repo.save
echo “[DVDISO]” >> /etc/yum.repos.d/dvdiso.repo
echo “name=DVD ISO” >> /etc/yum.repos.d/dvdiso.repo
echo “baseurl=file:///mnt/cdrom/” >> /etc/yum.repos.d/dvdiso.repo
echo “enabled=1″ >> /etc/yum.repos.d/dvdiso.repo
echo “gpgcheck=0″ >> /etc/yum.repos.d/dvdiso.repo
#vim设置
yum -y install vim-enhanced
mv /bin/vi /bin/vi.save
ln -s /usr/bin/vim /bin/vi
cp /etc/vimrc /etc/vimrc.save
sed -i “39 s/^/ set number n filetype onn set history=1000n syntax onn set tabstop=4n set showmatchn set vb t_vb=n set mouse=an set ignorecasen set autowriten /” /etc/vimrc
#时间的设置
yum -y install ntp
ntpdate 210.72.145.44 && clock -w
#安装常用软件
yum -y install wget unzip
#停止没有必要的服务
chkconfig –list |grep 3:on |awk ‘{print $1}’ |egrep -v ’sshd|network|syslog’ |xargs -i{} chkconfig –level 3 {} off
chkconfig –list | grep 3:on | cut -f1
#重新启动
init 6
####################
sh init.sh
三:下载软件
cd /usr/local/src
vi list
http://download.filehat.com/apache/httpd/httpd-2.2.8.tar.gz
http://opensource.nchc.org.tw/COSA/CNS4/cronolog-1.6.2.tar.gz
http://www.libgd.org/releases/gd-2.0.35.tar.bz2
http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.12.tar.gz
http://mirror.optus.net/sourcefo ... mcrypt-2.5.8.tar.gz
http://jaist.dl.sourceforge.net/ ... mcrypt-2.6.7.tar.gz
http://www.openssl.org/source/openssl-0.9.8h.tar.gz
http://openbsd.md5.com.ar/pub/Op ... penssh-5.0p1.tar.gz
http://mysql.byungsoo.net/Downlo ... ysql-5.0.51b.tar.gz
http://cn2.php.net/get/php-5.2.6.tar.bz2/from/this/mirror
http://downloads.phpchina.com/ze ... glibc23-i386.tar.gz
ftp://ftp.cac.washington.edu/mail/imap.tar.Z
http://puzzle.dl.sourceforge.net ... s-utf-8-only.tar.gz
http://dl.sugarforge.org/sugarcr ... 0/SugarCE-5.1.0.zip
http://mirror.optus.net/sourceforge/m/mh/mhash/mhash-0.9.9.tar.gz
wget -i list
四:安装必须的软件
采用yum的方式安装
yum -y install gcc make patch gcc-c++ gcc-g77 flex bison autoconf automake
libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel libtiff-devel fontconfig-devel libXpm-devel gettext-devel pam-devel pcre-devel libtool libtool-ltdl
五:编译安装软件
下面的内容,其实你可以复制到一个文本,比如 install.sh 运行这个脚本,我已经测试过了,整整运行了快1个小时,估计是我在vm上跑道原因。前提是你下载的软件和我是一样的,也就是软件都是通过上面的下载的。
cd /usr/local/src
vi install.sh
###############################################
#安装openssl
cd /usr/local/src
tar zxvf openssl-0.9.8h.tar.gz
cd openssl-0.9.8h
./config shared zlib
make
make test
make install
mv /usr/bin/openssl /usr/bin/openssl.save
mv /usr/include/openssl /usr/include/openssl.save
mv /usr/lib/libssl.so /usr/lib/libssl.so.save
ln -s /usr/local/ssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/ssl/include/openssl /usr/include/openssl
ln -sv /usr/local/ssl/lib/libssl.so.0.9.8 /usr/lib/libssl.so
cd ..
#配置库文件搜索路径
echo “/usr/local/ssl/lib” >> /etc/ld.so.conf
ldconfig -v
#检测安装结果
openssl version
#安装openssh
tar xvf openssh-5.0p1.tar.gz
cd openssh-5.0p1
./configure
”–prefix=/usr”
”–with-pam”
”–with-zlib”
”–sysconfdir=/etc/ssh”
”–with-ssl-dir=/usr/local/ssl”
”–with-md5-passwords”
make
make install
cd ..
service sshd restart
ssh -v
#安装GD
tar jxvf gd-2.0.35.tar.bz2
cd gd-2.0.35
aclocal
./configure –prefix=/usr/local/gd2
make && make install
cd ..
#安装 libmcrypt
tar zxvf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8/
./configure
make
make install
/sbin/ldconfig
cd libltdl/
./configure –enable-ltdl-install
make
make install
cd ../../
cp /usr/local/lib/libmcrypt.* /usr/lib
#安装libiconv
tar zxvf libiconv-1.12.tar.gz
cd libiconv-1.12/
./configure –prefix=/usr/local
make
make install
cd ../
ln -s /usr/local/lib/libiconv.so.2 /usr/lib/
#安装mhash
tar zxvf mhash-0.9.9.tar.gz
cd mhash-0.9.9/
./configure
make
make install
cd ../
ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2
#安装mcrypt
tar zxvf mcrypt-2.6.7.tar.gz
cd mcrypt-2.6.7/
./configure
make
make install
cd ../
#安装cronolog
tar xvf cronolog-1.6.2.tar.gz
cd cronolog-1.6.2
./configure –prefix=/usr/local/cronolog
make && make install
cd ..
#安装imap
tar zxf imap.tar.Z
cd imap-2007b
make lr5 PASSWDTYPE=std SSLTYPE=unix.nopwd IP6=4
echo “set disable-plaintext nil” > /etc/c-client.cf
mkdir /usr/local/imap-2007b
mkdir /usr/local/imap-2007b/include/
mkdir /usr/local/imap-2007b/lib/
chmod -R 077 /usr/local/imap-2007b
rm -rf /usr/local/imap-2007b/include/*
rm -rf /usr/local/imap-2007b/lib/*
rm -rf /usr/sbin/imapd
cp imapd/imapd /usr/sbin/
cp c-client/*.h /usr/local/imap-2007b/include/
cp c-client/*.c /usr/local/imap-2007b/lib/
cp c-client/c-client.a /usr/local/imap-2007b/lib/libc-client.a
cd ..
#安装MYSQL
tar zxvf mysql-5.0.51b.tar.gz
cd mysql-5.0.51b
./configure
“–prefix=/usr/local/mysql”
“–localstatedir=/data/mysql/data”
“–with-comment=Source”
“–with-server-suffix=-test.com”
“–with-mysqld-user=mysql”
“–without-debug”
“–with-big-tables”
“–with-charset=gbk”
“–with-collation=gbk_chinese_ci”
“–with-extra-charsets=all”
“–with-pthread”
“–enable-static”
“–enable-thread-safe-client”
“–with-client-ldflags=-all-static”
“–with-mysqld-ldflags=-all-static”
“–enable-assembler”
“–without-isam”
“–without-innodb”
“–without-ndb-debug”
make && make install
useradd mysql -d /data/mysql -s /sbin/nologin
/usr/local/mysql/bin/mysql_install_db –user=mysql
cd /usr/local/mysql
chown -R root:mysql .
chown -R mysql /data/mysql/data
cp share/mysql/my-huge.cnf /etc/my.cnf
cp share/mysql/mysql.server /etc/rc.d/init.d/mysqld
chmod 755 /etc/rc.d/init.d/mysqld
chkconfig –add mysqld
/etc/rc.d/init.d/mysqld start
cd /usr/local/mysql/bin
for i in *; do ln -s /usr/local/mysql/bin/$i /usr/bin/$i; done
cd /usr/local/src
mysqladmin -u root password chenshake
#安装Apache
tar zxvf httpd-2.2.8.tar.gz
cd httpd-2.2.8
./configure
“–prefix=/usr/local/apache2″
“–with-included-apr”
“–enable-so”
“–enable-deflate=shared”
“–enable-expires=shared”
“–enable-rewrite=shared”
“–enable-static-support”
“–disable-userdir”
make
make install
cd ..
#安装PHP
tar jxvf php-5.2.6.tar.bz2
cd php-5.2.6
./configure
“–prefix=/usr/local/php”
“–with-apxs2=/usr/local/apache2/bin/apxs”
“–with-config-file-path=/usr/local/php/etc”
“–with-mysql=/usr/local/mysql”
“–with-gd=/usr/local/gd2″
“–with-libxml-dir=/usr”
“–with-jpeg-dir”
“–with-png-dir”
“–with-freetype-dir”
“–with-zlib ”
–with-iconv-dir=/usr/local
“–with-openssl=/usr/local/ssl”
“–with-curl ”
“–with-curlwrappers ”
“–with-mcrypt”
“–with-imap=/usr/local/imap-2007b”
“–with-kerberos”
“–with-bz2″
“–enable-soap”
“–enable-gd-native-ttf”
“–enable-ftp”
“–enable-mbstring”
“–enable-exif”
“–disable-ipv6″
“–disable-cgi”
“–disable-cli”
make
make install
mkdir /usr/local/php/etc
cp php.ini-dist /usr/local/php/etc/php.ini
cd ..
#安装Zend Optimizer (安装Zend Optimizer过程的最后不要选择重启Apache。)
tar xzvf ZendOptimizer-3.3.3-linux-glibc23-i386.tar.gz
cd ZendOptimizer-3.3.3-linux-glibc23-i386
./install.sh
##########################################################################
sh install.sh
脚本到这里为止,因为zend的设置,我没法自动完成,只能你手动设置,如果谁知道怎么做,麻烦指导指导,注意php.ini 的位置 /usr/local/php/etc/
#设置session的存放位置和修改php上次文件的大小,最大文件25m
cp /usr/local/Zend/etc/php.ini /usr/local/Zend/etc/php.ini.save
sed -i -e ‘991 s/;//’ /usr/local/Zend/etc/php.ini
sed -i ’s/post_max_size = 8M/ post_max_size = 30M/g’ /usr/local/Zend/etc/php.ini
sed -i ’s/upload_max_filesize = 2M/ upload_max_filesize = 25M/g’ /usr/local/Zend/etc/php.ini
cd /usr/local/src
六:配置apache PHP
创建apache的启动脚本,apache编译包里带的那个启动脚本,有一个缺点,启动和停止没有任何提示,所以就用下面这个,比较方便。
vi /etc/init.d/httpd
###################################
#!/bin/bash
#
# Startup script for the Apache Web Server
#
# chkconfig: - 85 15
# description: Apache is a World Wide Web server. It is used to serve
# HTML files and CGI.
# processname: httpd
# pidfile: /usr/local/apache2/logs/httpd.pid
# config: /usr/local/apache2/conf/httpd.conf
# Source function library.
. /etc/rc.d/init.d/functions
if [ -f /etc/sysconfig/httpd ]; then
. /etc/sysconfig/httpd
fi
# This will prevent initlog from swallowing up a pass-phrase prompt if
# mod_ssl needs a pass-phrase from the user.
INITLOG_ARGS=”"
# Path to the apachectl script, server binary, and short-form for messages.
apachectl=/usr/local/apache2/bin/apachectl
httpd=/usr/local/apache2/bin/httpd
pid=/usr/local/apache2/logs/httpd.pid
prog=httpd
RETVAL=0
# The semantics of these two functions differ from the way apachectl does
# things — attempting to start while running is a failure, and shutdown
# when not running is also a failure. So we just do it the way init scripts
# are expected to behave here.
start() {
echo -n $”Starting $prog: “
daemon $httpd $OPTIONS
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/httpd
return $RETVAL
}
stop() {
echo -n $”Stopping $prog: “
killproc $httpd
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/httpd $pid
}
reload() {
echo -n $”Reloading $prog: “
killproc $httpd -HUP
RETVAL=$?
echo
}
# See how we were called.
case “$1″ in
start)
start
;;
stop)
stop
;;
status)
status $httpd
RETVAL=$?
;;
restart)
stop
start
;;
condrestart)
if [ -f $pid ] ; then
stop
start
fi
;;
reload)
reload
;;
graceful|help|configtest|fullstatus)
$apachectl $@
RETVAL=$?
;;
*)
echo $”Usage: $prog {start|stop|restart|condrestart|reload|status”
echo $”|fullstatus|graceful|help|configtest}”
exit 1
esac
exit $RETVAL
###########################
设置可运行和开机启动
chmod +x /etc/rc.d/init.d/httpd
chkconfig –add httpd
chkconfig –level 3 httpd on
配置apache
groupadd www -g 48
useradd -u 48 -g www www
mkdir -p /data/www/wwwroot/linux.com
mkdir -p /data/www/wwwroot/test.com
mkdir -p /data/logs
chmod +w /data/www/wwwroot
chown -R www:www /data/www/wwwroot
cp /usr/local/apache2/conf/httpd.conf /usr/local/apache2/conf/httpd.conf.save
编辑httpd.conf
sed -i -e ‘121 s/^/#/’ -i -e ‘122 s/^/#/’ /usr/local/apache2/conf/httpd.conf
sed -i -e “s/User daemon/User www/” -i -e “s/Group daemon/Group www/” /usr/local/apache2/conf/httpd.conf
sed -i ’s/DirectoryIndex index.html/ DirectoryIndex index.php index.html index.htm/g’ /usr/local/apache2/conf/httpd.conf
sed -i -e ‘101 s/^#//g’ -i -e ‘374 s/^#//g’ -i -e ‘389 s/^#//g’ -i -e ‘392 s/^#//g’ -i -e ‘401 s/^#//g’ /usr/local/apache2/conf/httpd.conf
sed -i “58 s/^/AddType application/x-httpd-php .php/” /usr/local/apache2/conf/httpd.conf
编辑php.ini
cp /usr/local/php/etc/php.ini /usr/local/php/etc/php.ini.save
sed -i ‘205 s#;open_basedir =#open_basedir = /data/www/wwwroot:/tmp#g’ /usr/local/php/etc/php.ini
sed -i ‘/expose_php/s/On/Off/’ /usr/local/php/etc/php.ini
sed -i ‘/display_errors/s/On/Off/’ /usr/local/php/etc/php.ini
配置虚拟主机
备份相关配置文件
mv /usr/local/apache2/conf/extra/httpd-vhosts.conf /usr/local/apache2/conf/extra/httpd-vhosts.conf.save
mv /usr/local/apache2/conf/extra/httpd-default.conf /usr/local/apache2/conf/extra/httpd-default.conf.save
mv /usr/local/apache2/conf/extra/httpd-mpm.conf /usr/local/apache2/conf/extra/httpd-mpm.conf.save
创建3个apache相关的文件
vi /usr/local/apache2/conf/extra/httpd-vhosts.conf
NameVirtualHost *:80
ServerAdmin shake.chen@gmail.com
DocumentRoot “/data/www/wwwroot/test.com”
ServerName test.com
ServerAlias bbs.test.com
ErrorLog “logs/test.com-error_log”
CustomLog “|/usr/local/cronolog/sbin/cronolog /data/logs/access_www.test.com.%Y%m%d” combined
ServerAdmin shake.chen@gmail.com
DocumentRoot “/data/www/wwwroot/linux.com”
ServerName linux.com
ServerAlias bbs.linux.com
ErrorLog “logs/linux.com-error_log”
CustomLog “|/usr/local/cronolog/sbin/cronolog /data/logs/access_www.linux.com.%Y%m%d” combined
vi /usr/local/apache2/conf/extra/httpd-default.conf
Timeout 15
KeepAlive Off
MaxKeepAliveRequests 50
KeepAliveTimeout 5
UseCanonicalName Off
AccessFileName .htaccess
ServerTokens Prod
ServerSignature Off
HostnameLookups Off
vi /usr/local/apache2/conf/extra/httpd-mpm.conf
ServerLimit 2000
StartServers 10
MinSpareServers 10
MaxSpareServers 15
MaxClients 2000
MaxRequestsPerChild 10000
七:测试
修改本地hosts文件
192.168.1.200 www.test.com
启动Apache
service httpd start
复制代码
测试php
cd /data/www/wwwroot/test.com
vi info.php
phpinfo()
?>
这个时候 http://192.168.1.200/info.php 或者 http://www.test.com/info.php 就可以看到php的信息。
安装phpadmin
cd /usr/local/src
tar zxvf phpMyAdmin-2.11.8.1-all-languages-utf-8-only.tar.gz
cp -rf phpMyAdmin-2.11.8.1-all-languages-utf-8-only /data/www/wwwroot/test.com/phpmyadmin
cd /data/www/wwwroot/test.com/phpmyadmin
cp config.sample.inc.php config.inc.php
sed -i -e “/^$cfg['blowfish_secret']/{ s@”;@’88888888888888888′;@; }” config.inc.php
这个时候,你就可以通过 http://192.168.1.200/phpmyadmin 或者 http://www.test.com/phpmyadmin来进行数据库管理, 我上面已经给mysql设置的密码。
user:root
password:chenshake
安装sugarcrm
sugarcrm的邮件模块需要用到imap,ssl,所以我编译的时候,需要吧imap,curl模块编译进去.
cd /usr/local/src
unzip SugarCE-5.1.0.zip
mv SugarCE-Full-5.1.0/ /data/www/wwwroot/test.com/sugarcrm
chmod -R 777 /data/www/wwwroot/test.com/sugarcrm/
与30万Linux爱好者讨论问题!
【已有6位网友发表了看法】 【打涌 【关闭】
相关评论
作者: isosdw 发布日期: 2009-7-29
大同小异
作者: baizx 发布日期: 2009-7-29
请 教我实质的 内容 比如 如何如何改 哪里哪里应该变动~~~谢谢
作者: baizx 发布日期: 2009-8-05
呃 转个 5.3的最近找到的
CentOS 5 全功能WWW服务器搭建全教程 V3.0
一、基本系统安装
1、下载CentOS 5
我是下载的DVD版本,大家也可以下载服务器CD安装版本,其实都差不多。大家可以到这儿下载,速度很快的。
http://ftp.iasi.roedu.net/mirrors/ce...86-bin-DVD.iso
建议在windows下用BT或迅雷下载,速度会快很多。
下载后刻录成光盘。我建议你刻录DVD啦,如果是菜鸟,把图形界面也装上,可以在图形界面进行学习,当然强烈不建议在服务器上装桌面。
Centos 5系列任何一个版本就行了,安装后可以通过yum upgrade直接更新为最新版本。
2、安装CentOS 5
作为服务器,不安装不需要的组件,所以在选择组件的时候,除了选择FTP SERVER外取消所有组件的选择。也不要选web服务器。因为我们后面要手动编译安装。
系统约定RPM包和源码包存放位置
RPM包和源码包存放位置 /usr/local/src
源码包编译安装位置(prefix) /usr/local/xxx
脚本以及维护程序存放位置 /usr/local/sbin
MySQL 数据库位置 /var/lib/mysql
Apache 网站根目录 /usr/local/apache2/htdocs
Apache 虚拟主机日志根目录 /data/logs/www
yum RPM包信息文件 /etc/yum.list
3、系统环境部署及调整
(1)检查系统是否正常
# more /var/log/messages //检查有无系统内核级错误信息
# dmesg //检查硬件设备是否有错误信息
# ifconfig //检查网卡设置是否正确
# ping www.163.com // 检查网络是否正常
(2)关闭不需要的服务
# export LANG='en_US' //设置语言
# setup //选择启动的服务
进入system service 选项。
以space 键选定所需服务。
以下仅列出需要启动的服务,未列出的服务一律关闭:
crond
irqbalance 仅当服务器CPU为S.M.P架构或支持双核心、HT技术时,才需开启,否则关闭。
microcode_ctl
network
iptables
vsftpd
sshd
syslog
yum-updatesd
(3)修改/etc/yum.repos.d/CentOS-Base.repo,将镜象站点地址改为在中国的镜象站点地址。不然我们通过yum安装软件速度会极慢。修改如下:
# CentOS-Base.repo
#
# This file uses a new mirrorlist system developed by Lance Davis for CentOS.
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#
[base]
name=CentOS-$releasever - Base
baseurl=http://mirrors.shlug.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
protect=1
#released updates
[updates]
name=CentOS-$releasever - Updates
baseurl=http://mirrors.shlug.org/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
protect=1
#packages used/produced in the build but not released
[addons]
name=CentOS-$releasever - Addons
baseurl=http://mirrors.shlug.org/centos/$releasever/addons/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
protect=0
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
baseurl=http://mirrors.shlug.org/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
protect=0
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
baseurl=http://mirrors.shlug.org/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
protect=1
#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib
baseurl=http://mirrors.shlug.org/centos/$releasever/contrib/$basearch/
gpgcheck=1
enabled=0
protect=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
保存文件。
(4)更新系统,我们使用yum,
运行:
# yum upgrade
建议更新所有列出的程序,包括内核,rhel 5.X的稳定性还要继续努力呢。
(5)定时校正服务器时间
# yum install –y ntp
# crontab -e
0 23 * * * /usr/sbin/ntpdate 210.72.145.44
以上命令设置好后存盘。
# /sbin/service crond reload
重载计划任务配置
您的机器将在每天的23:00根据中国国家授时中心的NTP服务器时间自动校准时间。
(6)FTP服务器的配置
vi /etc/vsftpd/vsftpd.conf
把anonymous_enable=YES
修改为anonymous_enable=No不允许匿名登录。
添加两句
chroot_local_user=yes
listen_port=2121
将用户锁定在主目录,并将FTP监听端口修改为2121
把ftpd_banner=*前的注释去掉。后面改成你的欢迎信息(这样设置可以避免显示ftp服务器的版本信息)
然后保存,service vsftpd start就可以了。
这时应当添加用户,因为root默认不能通过FTP方式登录,也不安全。
groupadd upload
useradd upload -g upload -d /usr/local/apache2/htdocs/ -M
如果FTP登录时出现
ftp服务器连接失败,错误提示:
500 OOPS: cannot change directory:/home/*******
500 OOPS: child died
解决方法:
# setsebool ftpd_disable_trans 1
# service vsftpd restart
这样对于我们上传一些文件到系统中很方便。
大家有兴趣的可以看下这篇文章对vsftpd进行一个比较详细的了解
http://blog.chinaunix.net/u/10047/showart_198837.html
4、重新启动系统
# init 6
此时系统启动成功,可以删除老的内核
二、安装mysql, apache, php, Zend Optimizer等基本环境
5. 使用 yum 程序安装所需开发包(以下为标准的rpm包名称)
# yum install gcc gcc-c++ gcc-g77 flex bison autoconf automake bzip2-devel zlib-devel ncurses-devel libjpeg-devel libpng-devel libtiff-devel freetype-devel pam-devel openssl-devel libxml2-devel gettext-devel pcre-devel
#这里我们将编译GD所必须的一些小软件比如libpng,libtiff,freetype,libjpeg,gettext-devel等先用RPM 的方式一并安装好,避免手动编译浪费时间,同时也能避免很多错误,这几个小软件的编译很麻烦。这几个小软件编译错误了,GD当然安装不了,php5的编译当然也没戏了。所以我们抓大放小,对这些小牛鬼蛇神采取快速简洁的方式进行安装。并且对服务器的性能也不能产生什么影响。
另外libxml2系统已经默认安装了,所以我们不需要手工编译了,直接安装它的开发包就行了。
6. 源码编译安装所需包 (Source)
(1) GD2
# cd /usr/local/src
# wget http://www.libgd.org/releases/gd-2.0.35.tar.gz
# tar xzvf gd-2.0.35.tar.gz
# cd gd-2.0.35
# yum install libtool libtool-ltdl
# aclocal
# CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --prefix=/usr/local/gd2 --mandir=/usr/share/man
// 注意,CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" 这个环境参数只针对intel P4 芯片,如果你的CPU是AMD的,注意不能使用。请查看相应的编译优化参数。否则程序会无法编译,即使编译成功也无法运行,嘿嘿。
关于其他CPU的优化参见我的BLOG的一篇转贴:
http://www.cnprint.org/bbs/blogs/1/blog43.html
//./configure 配置。
# make //make 是用来编译的,它从 Makefile 中读取指令,然后编译。
# make install //make install 是用来安装的,它也从 Makefile 中读取指令,安装到指定的位置。
(2) Apache 日志截断程序
# cd /usr/local/src
# wget http://cronolog.org/patches/cronolog-1.7.0-beta.tar.gz
# tar cronolog-1.7.0-beta.tar.gz
# cd cronolog-1.7.0-beta
#CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --prefix=/usr/local/cronolog && make && make install
7、编译mysql 5.0.50
mysql 5.0.50是企业版本,貌似双数版本都是企业版本了。个人觉得代码质量要比社区版本要好一些。大家可以下载,免费使用。并不需要向mysql公司交钱。
#cd /usr/local/src
# wget http://mirror.provenscaling.com/mysq...-5.0.50.tar.gz
# tar xzvf mysql-5.0.50.tar.gz
# cd mysql-5.0.50
修改mysql 客户端最大连接数, 默认的只有100,远远达不到我们的要求。
# vi sql/mysqld.cc
搜索找到下面一行:
{"max_connections", OPT_MAX_CONNECTIONS,
"The number of simultaneous clients allowed.", (gptr*) &max_connections,
(gptr*) &max_connections, 0, GET_ULONG, REQUIRED_ARG, 100, 1, 16384, 0, 1,
0},
将其中的100改为1500, 当然小点也可以,根据你的需要来,不建议改的太大。
{"max_connections", OPT_MAX_CONNECTIONS,
"The number of simultaneous clients allowed.", (gptr*) &max_connections,
(gptr*) &max_connections, 0, GET_ULONG, REQUIRED_ARG, 1500, 1, 16384, 0, 1,
0},
保存。
# CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --prefix=/usr/local/mysql --localstatedir=/var/lib/mysql --with-comment=Source --with-server-suffix=-enterprise-gpl --with-mysqld-user=mysql --without-debug --with-big-tables --with-charset=utf8 --with-collation=utf8_general_ci --with-extra-charsets=gbk,latin1 --with-pthread --enable-static --with-client-ldflags=-all-static --with-mysqld-ldflags=-all-static --enable-assembler --without-innodb --without-ndb-debug --without-isam --enable-local-infile --with-readline --with-raid
配置成功会提示:
MySQL has a Web site at http://www.mysql.com/ which carries details on the
latest release, upcoming features, and other information to make your
work or play with MySQL more productive. There you can also find
information about mailing lists for MySQL discussion.
Remember to check the platform specific part of the reference manual for
hints about installing MySQL on your platform. Also have a look at the
files in the Docs directory.
Thank you for choosing MySQL!
# make
编译的时间可能会比较长,毕竟优化的比较厉害。
# make install
编译安装完成后执行后续操作:
# useradd mysql //添加 mysql 用户
# cd /usr/local/mysql
# bin/mysql_install_db --user=mysql
# chown -R root:mysql . //设置权限,注意后面有一个 "."
# chown -R mysql /var/lib/mysql //设置 mysql 目录权限
# chgrp -R mysql . //注意后面有一个 "."
# cp share/mysql/my-medium.cnf /etc/my.cnf
# cp share/mysql/mysql.server /etc/rc.d/init.d/mysqld //开机自动启动 mysql。
# chmod 755 /etc/rc.d/init.d/mysqld
# chkconfig --add mysqld
#添加LIB PATH
echo "/usr/local/mysql/lib" >> /etc/ld.so.conf && ldconfig
vi /etc/my.cnf
修改 MySQL 配置,增加部分优化参数,如下:
[mysqld]
ft_min_word_len=2
运行以下命令即可启动 MySQL 服务器:
# /etc/rc.d/init.d/mysqld start //启动 MySQL
# bin/mysqladmin -u root password "password_for_root"
# service mysqld stop //关闭 MySQL
8. 编译安装 Apache
# cd /usr/local/src
# wget http://www.ip97.com/apache.org/httpd/httpd-2.2.6.tar.gz
# tar zxvf httpd-2.2.6.tar.gz
# cd httpd-2.2.6
先依次安装apr和apr-util
# cd srclib/apr
# CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --prefix=/usr/local/apr --enable-threads --enable-other-child --enable-static
# make && make install
# cd ../apr-util
# CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr/ --with-mysql=/usr/local/mysql
# make && make install
cd /usr/local/src/httpd-2.2.6
# CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --prefix=/usr/local/apache2 --enable-mods-shared=all --with-mysql=/usr/local/mysql --enable-cache --enable-file-cache --enable-mem-cache --enable-disk-cache --enable-static-support --enable-static-htpasswd --enable-static-htdigest --enable-static-rotatelogs --enable-static-logresolve --enable-static-htdbm --enable-static-ab --enable-static-checkgid --disable-cgid --disable-cgi --with-apr=/usr/local/apr/ --with-apr-util=/usr/local/apr-util/ --enable-ssl --with-ssl=/usr/include/openssl --with-pcre
# make
# make install
注解:
./configure //配置源代码树
--prefix=/usr/local/apache2 //体系无关文件的顶级安装目录PREFIX ,也就Apache的安装目录。
--enable-module=so //打开 so 模块,so 模块是用来提 DSO 支持的 apache 核心模块
--enable-mods-shared=all //编译全部的模板,对于不需要我们可以在httpd.conf去掉。
--enable-cache //支持缓存
--enable-file-cache //支持文件缓存
--enable-mem-cache //支持记忆缓存
--enable-disk-cache //支持磁盘缓存
--enable-static-support //支持静态连接(默认为动态连接)
--enable-static-htpasswd //使用静态连接编译 htpasswd - 管理用于基本认证的用户文件
--enable-static-htdigest //使用静态连接编译 htdigest - 管理用于摘要认证的用户文件
--enable-static-rotatelogs //使用静态连接编译 rotatelogs - 滚动 Apache 日志的管道日志程序
--enable-static-logresolve //使用静态连接编译 logresolve - 解析 Apache 日志中的IP地址为主机名
--enable-static-htdbm //使用静态连接编译 htdbm - 操作 DBM 密码数据库
--enable-static-ab //使用静态连接编译 ab - Apache HTTP 服务器性能测试工具
--enable-static-checkgid //使用静态连接编译 checkgid
--disable-cgid //禁止用一个外部 CGI 守护进程执行CGI脚本
--disable-cgi //禁止编译 CGI 版本的 PHP
--enable-ssl // 编译 ssl模块。
我们不再使用worker模式编译apache,worker模式和php貌似有一些不协调不稳定之处。所以使用了默认的perfork模式。
将apache设置成开机自启动:
在/etc/rc.d/rc.local文件中加入一行
/usr/local/apache2/bin/apachectl start
这样每次重新启动系统以后,apache也会随系统一起启动.
或者将apache安装为系统服务
# cp /usr/local/apache2/bin/apachectl /etc/rc.d/init.d/httpd
然后 vi /etc/rc.d/init.d/httpd 添加(#!/bin/sh下面)
# chkconfig: 2345 50 90
# description: Activates/Deactivates Apache Web Server
最后,运行chkconfig把Apache添加到系统的启动服务组里面:
# chkconfig --add httpd
# chkconfig httpd on
9、编译php 5.2.5
Suhosin是php增强型安全补丁,可以编译到静态内核中,也可以编译成php动态扩展。我个人强烈你建议安装成静态内核。Suhosin已经进入 Gentoo Linux、FreeBSD、OpenSuSE Linux、Mandriva Linux、Debian Linux官方包。下面的以下先说静态安装步骤。当然你也可以在安装php后将它编译成php的动态扩展。
# cd /usr/local/src
# wget http://cn.php.net/get/php-5.2.5.tar.gz/from/this/mirror
wget http://www.hardened-php.net/suhosin/...9.6.2.patch.gz
# tar zxvf php-5.2.5.tar.gz
# gunzip suhosin-patch-5.2.5-0.9.6.2.patch.gz
# cd php-5.2.5
# patch -p 1 -i ../suhosin-patch-5.2.5-0.9.6.2.patch
# ./buildconf --force
# CHOST="i686-pc-linux-gnu" CFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -mcpu=pentium4 -march=pentium4 -pipe -fomit-frame-pointer" CXXFLAGS="-O3 -msse2 -mmmx -Wall -W -mfpmath=sse -funroll-loops -mcpu=pentium4 -march=pentium4 -pipe -felide-constructors -fno-exceptions -fno-rtti -fomit-frame-pointer" ./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache2/bin/apxs --with-pear=/usr/share/php --with-zlib-dir --with-bz2 --with-libxml-dir=/usr --with-gd=/usr/local/gd2 --enable-gd-native-ttf --enable-gd-jis-conv --with-freetype-dir --with-jpeg-dir --with-png-dir --with-ttf=shared,/usr --enable-mbstring --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-config-file-path=/etc --with-iconv --disable-ipv6 --enable-static --enable-zend-multibyte --enable-inline-optimization --enable-zend-multibyte --enable-sockets --enable-soap --with-openssl --with-gettext --enable-suhosin
配置成功会提示:
+--------------------------------------------------------------------+
| License: |
| This software is subject to the PHP License, available in this |
| distribution in the file LICENSE. By continuing this installation |
| process, you are bound by the terms of this license agreement. |
| If you do not agree with the terms of this license, you must abort |
| the installation process at this point. |
+--------------------------------------------------------------------+
Thank you for using PHP.
# make
# make test
# make install
# cp php.ini-recommended /etc/php.ini
# echo "/usr/local/php/lib" >> /etc/ld.so.conf && ldconfig
在这里也顺便说一下将suhosin安装成为php的动态扩展的方法。毕竟网上根本不见它的中文安装教程。
虽然我个人不推荐这种方式。
wget http://www.hardened-php.net/suhosin/...sin-0.9.20.tgz
tar zxvf suhosin-0.9.20.tgz
cd suhosin-0.9.20
./configure --with-php-config=/usr/local/php/bin/php-config
make
make install
会提示编译的模块存在的目录,记住它。
Installing shared extensions: /usr/local/php/lib/php/extensions/no-debug-zts-20060613/
然后在php.ini中增加一行下列语句。
extension="/usr/local/php/lib/php/extensions/
