Kinux <kinuxventure@yahoo.com.hk>
一. 安裝及設置mysql
1.1 安装mysql
# cd /usr/ports/databases/mysql41-server
# make\
WITH_CHARSET=big5\ //支援繁體中文(簡體中文是gbk)及以繁體中文為預設編碼
WITH_XCHARSET=all\ //支援其它的編碼
WITH_OPENSSL=yes\ //使用安全連接
DB_DIR=/usr/local/mysql\ //指定數據庫的位置
WITH_LINUXTHREADS=yes\ //使用linux的線程
SKIP_DNS_CHECK=yes\ //安裝mysql時略過檢查主機名對應ip
BUILD_OPTIMIZED=yes //編釋參數提高效能, 加快速度
install clean
更加快的編釋要加BUILD_STATIC=yes 但不能同時使用openssl, 同時編釋會出現以下錯誤信息
You can't use the BUILD_STATIC option when
using OpenSSL.
對於各個選項, 詳細請看/usr/ports/databases/mysql41-server裏的Makefile
......
For more information, and contact details about the security
status of this software, see the following webpage:
http://www.mysql.com/
===> Cleaning for mysql-client-4.1.1
===> Cleaning for p5-DBD-mysql41-2.9003
===> Cleaning for p5-DBI-137-1.37
===> Cleaning for libtool-1.3.5_1
===> Cleaning for linuxthreads-2.2.3_13
===> Cleaning for openssl-0.9.7c
===> Cleaning for mysql-server-4.1.1
#
至此 mysql-server 和 mysql-client 已經安裝完成
1.2 設置mysql
在 /usr/local/share/mysql 在這個目錄裏共有四個 .cnf的範例檔案, (my-small.cnf,
my-medium.cnf, my-large.cnf, my-huge.cnf), 根據系統記憶體(內存)的數量和服務而設定my.cnf.
在每個範例檔案裏都有說明.
my-small.cnf //記憶體少於或等於64M只提供很少的數據庫服務 (< =64M)
my-medium.cnf //記憶體在32M到64M之間而且和其他服務一起使用如web
my-large.cnf //記憶體有512M主要是提供數據庫服務
my-huge.cnf //記憶體有1G到2G主要是提供數據庫服務
我们查看一下机器的内存:
# dmesg | grep real
real memory = 132825088 (129712K bytes)
本機只有128M 記憶體及只是供web使用, 所是用my-medium.cnf 這個範例檔
# cp /usr/local/share/mysql/my-medium.cnf
/etc/my.cnf
# ls -l /usr/local
...
drwx------ 4 mysql mysql 512 Feb 21 20:57 mysql
...
mysql已經是屬於mysql 的用戶和群組.
1.3 啓動mysql
利用启动脚本去启动mysql
#/usr/local/etc/rc.d/mysql-server.sh start
# ps -aux | grep mysql
mysql 53989 0.0 13.3 66404 16868 p0 IN 10:17PM 0:00.62 /usr/local/libexec/mysql
mysql 53990 0.0 13.3 66404 16868 p0 SN 10:17PM 0:00.00 /usr/local/libexec/mysql
mysql 53991 0.0 13.3 66404 16868 p0 IN 10:17PM 0:00.00 /usr/local/libexec/mysql
1.4 更改mysql 密碼
#/usr/local/bin/mysqladmin -u root -p password
'mysql_password'
Enter password: //按enter, mysql預設沒有密碼
二. 安裝及設置apache13-modssl
2.1 安装Apache-modssl
#cd /usr/ports/www/apache13-modssl/
# make
. . .
<=== src
===> Creating Dummy Certificate for Server (SnakeOil)
[use 'make certificate' to create a real one]
#make install
# make certificate //製作CA認證
===> Creating Test Certificate for Server
SSL Certificate Generation Utility (mkcert.sh)
Copyright (c) 1998-2000 Ralf S. Engelschall, All Rights Reserved.
Generating test certificate signed by Snake Oil CA [TEST]
WARNING: Do not use this for real-life/production systems
______________________________________________________________________
STEP 0: Decide the signature algorithm used for certificate
The generated X.509 CA certificate can contain either
RSA or DSA based ingredients. Select the one you want to use.
Signature Algorithm ((R)SA or (D)SA) [R]: <--按enter用RSA
______________________________________________________________________
STEP 1: Generating RSA private key (1024 bit) [server.key]
2553406 semi-random bytes loaded
Generating RSA private key, 1024 bit long modulus
..++++++
...................++++++
e is 65537 (0x10001)
______________________________________________________________________
STEP 2: Generating X.509 certificate signing request [server.csr]
You are about to be asked to enter information that will be
incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished
Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
1. Country Name (2 letter code) [XY]:CN
2. State or Province Name (full name) [Snake Desert]:HongKong
3. Locality Name (eg, city) [Snake Town]:HongKong
4. Organization Name (eg, company) [Snake Oil, Ltd]:kinux.org
5. Organizational Unit Name (eg, section) [Webserver Team]:kinux.org
6. Common Name (eg, FQDN) [www.snakeoil.dom]:www.kinux.org
7. Email Address (eg, name@FQDN) [www@snakeoil.dom]:kinuxventure@yahoo.com.hk
8. Certificate Validity (days) [365]: <--按enter
______________________________________________________________________
STEP 3: Generating X.509 certificate signed by Snake Oil CA
[server.crt]
Certificate Version (1 or 3) [3]: <--按enter
Signature ok
subject=/C=CN/ST=HongKong/L=HongKong/O=kinux.org/OU=kinux.org/CN=www.kinux.org/emailAddress=
kinuxventure@yahoo.com.hk
Getting CA Private Key
Verify: matching certificate & key modulus
Verify: matching certificate signature
../conf/ssl.crt/server.crt: /C=XY/ST=Snake Desert/L=Snake
Town/O=Snake Oil,
Ltd/OU=Certificate Authority/CN=Snake Oil CA/emailAddress=ca@snakeoil.dom
error 10 at 1 depth lookup:certificate has expired
OK
______________________________________________________________________
STEP 4: Enrypting RSA private key with a pass phrase for
security [server.key]
The contents of the server.key file (the generated private
key) has to be
kept secret. So we strongly recommend you to encrypt the
server.key file
with a Triple-DES cipher and a Pass Phrase.
Encrypt the private key now? [Y/n]: Y
writing RSA key
Enter PEM pass phrase: <--輸入密碼
Verifying - Enter PEM pass phrase: <--再次輸入密碼
Fine, you're using an encrypted RSA private key.
______________________________________________________________________
RESULT: Server Certification Files
o conf/ssl.key/server.key
The PEM-encoded RSA private key file which you configure
with the 'SSLCertificateKeyFile' directive (automatically
done
when you install via APACI). KEEP THIS FILE PRIVATE!
o conf/ssl.crt/server.crt
The PEM-encoded X.509 certificate file which you configure
with the 'SSLCertificateFile' directive (automatically done
when you install via APACI).
o conf/ssl.csr/server.csr
The PEM-encoded X.509 certificate signing request file which
you can send to an official Certificate Authority (CA) in
order
to request a real server certificate (signed by this CA
instead
of our demonstration-only Snake Oil CA) which later can
replace
the conf/ssl.crt/server.crt file.
WARNING: Do not use this for real-life/production systems
CA 認證製作完成!!
2.2 設定apache
#vi /usr/local/etc/apache/httpd.conf
更改ServerName 為你的主機名或IP
2.3 啓動apache
#/usr/local/etc/rc.d/apache.sh start
apache#
# ps -aux | grep www
www 70204 0.0 2.5 4888 3212 ?? S 2:56AM 0:00.00 /usr/local/sbin/
www 70205 0.0 2.5 4888 3212 ?? S 2:56AM 0:00.00 /usr/local/sbin/
www 70206 0.0 2.5 4888 3212 ?? S 2:56AM 0:00.00 /usr/local/sbin/
www 70207 0.0 2.5 4888 3212 ?? S 2:56AM 0:00.00 /usr/local/sbin/
www 70208 0.0 2.5 4888 3212 ?? S 2:56AM 0:00.00 /usr/local/sbin/
三. 安裝及設定php
3.1 协调
由於FreeBSD預設已安裝了GETTEXT, 在安裝php時會出現error, 所以要在ports裏先卸下GETTEXT.
之後再在安裝php時選擇GETTEXT 一起安裝.
#cd /usr/ports/devel/gettext
#make deinstall clean
# cd /usr/ports/www/mod_php4
#make
//make之後, 一會彈出一個像似以下的畫面, 根據自己需要選擇安裝軟件包.
//CTYPE, MYSQL, OVERLOAD, PCRE, POSIX, SESSION, TOKENIZER, XML,
ZLIB 這幾個軟件是預設要安裝的.
//=========================================================\\
// PHP configuration options \\
|| Please select desired options: ||
|| [ ] BCMATH bc style precision math functions ||
|| [ ] BZIP2 bzip2 library support ||
|| [ ] CALENDAR calendar conversion support ||
|| [ ] CDB cdb database support (dba) ||
|| [ ] CRACK crack support ||
|| [X] CTYPE ctype functions ||
|| [ ] CURL CURL support ||
|| [ ] DB4 Berkeley DB4 support ||
|| [ ] DBASE dBase library support ||
|| [ ] DBX dbx support ||
|| [ ] DIO Direct I/O support ||
|| [ ] DOMXML DOM support ||
|| [ ] DOMXSLT DOM XSLT and EXSLT support (implies DOMXML)
||
|| [ ] EXIF EXIF support ||
|| [ ] FILEPRO filePro support ||
|| [ ] FRIBIDI FriBidi support ||
|| [ ] FTP FTP support ||
|| [X] GD GD library support ||
|| [ ] GDBM GDBM database support (dba) ||
|| [X] GETTEXT gettext library support ||
|| [ ] GMP GNU MP support ||
|| [ ] HYPERWAVE Hyperwave support ||
|| [ ] ICONV iconv support ||
|| [ ] IMAP IMAP support ||
|| [ ] INIFILE INI file support (dba) ||
|| [ ] INTERBASE Interbase 6 database support (Firebird) ||
|| [ ] MBSTRING multibyte string support ||
|| [ ] MCAL Modular Calendar Access Library support ||
|| [ ] MCVE MCVE support (implies OPENSSL) ||
|| [ ] MCRYPT Encryption support ||
|| [ ] MHASH Crypto-hashing support ||
|| [ ] MIME mime_magic support ||
|| [ ] MING ming shockwave flash support ||
|| [ ] MNOGOSEARCH mnoGoSearch support ||
|| [ ] MSSQL MS-SQL database support ||
|| [X] MYSQL MySQL database support ||
|| [ ] NCURSES ncurses support (CLI only) ||
|| [ ] OPENLDAP OpenLDAP support ||
|| [X] OPENSSL OpenSSL support ||
|| [ ] ORACLE Oracle support ||
|| [X] OVERLOAD user-space object overloading support ||
|| [ ] PCNTL pcntl support (CLI only) ||
|| [X] PCRE Perl Compatible Regular Expression support ||
|| [ ] PDFLIB PDFlib support ||
|| [X] POSIX POSIX-like functions ||
|| [ ] POSTGRESQL PostgreSQL database support ||
|| [ ] PSPELL pspell support ||
|| [ ] READLINE readline support (CLI only) ||
|| [ ] RECODE recode support ||
|| [X] SESSION session support ||
|| [ ] SHMOP shmop support ||
|| [ ] SNMP SNMP support (implies OPENSSL) ||
|| [ ] SOCKETS sockets support ||
|| [ ] SYBASEDB Sybase database support (DB-lib) ||
|| [ ] SYBASECT Sybase database support (CT-lib) ||
|| [ ] SYSVSEM System V semaphore support ||
|| [ ] SYSVSHM System V shared memory support ||
|| [X] TOKENIZER tokenizer support ||
|| [ ] UNIXODBC unixODBC support ||
|| [ ] WDDX WDDX support (implies XML) ||
|| [X] XML XML support ||
|| [ ] XMLRPC XMLRPC-EPI support ||
|| [ ] XSLT XSLT Sablotron support ||
|| [ ] YAZ YAZ support (ANSI/NISO Z39.50) ||
|| [ ] YP YP/NIS support ||
|| [ ] ZIP ZIP support ||
|| [X] ZLIB ZLIB support ||
\\ //
\\==========================================================//
[ OK ] Cancel
. . .
Build complete.
(It is safe to ignore warnings about tempnam and tmpnam).
#make install
===> Installing for mod_php4-4.3.4_6,1
===> mod_php4-4.3.4_6,1 depends on file: /usr/local/sbin/apxs
- found
===> mod_php4-4.3.4_6,1 depends on shared library: expat.4
- found
===> mod_php4-4.3.4_6,1 depends on shared library: intl.6
- found
===> mod_php4-4.3.4_6,1 depends on shared library: mysqlclient.14
- found
===> Generating temporary packing list
===> Checking if www/mod_php4 already installed
Installing PHP SAPI module: apache
[activating module `php4' in /usr/local/etc/apache/httpd.conf]
cp libs/libphp4.so /usr/local/libexec/apache/libphp4.so
chmod 755 /usr/local/libexec/apache/libphp4.so
cp /usr/local/etc/apache/httpd.conf /usr/local/etc/apache/httpd.conf.bak
cp /usr/local/etc/apache/httpd.conf.new /usr/local/etc/apache/httpd.conf
rm /usr/local/etc/apache/httpd.conf.new
Installing shared extensions: /usr/local/lib/php/20020429/
Installing build environment: /usr/local/lib/php/build/
Installing header files: /usr/local/include/php/
Installing helper programs: /usr/local/bin/
program: phpize
program: php-config
program: phpextdist
*****************************************************************************
Make sure index.php is part of your DirectoryIndex.
You should add the following lines to your Apache configuration
file:
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
*****************************************************************************
===> Registering installation for mod_php4-4.3.4_6,1
3.2 設定php.
在 /usr/local/etc/apache/httpd.conf 裏加上以下兩句.
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
由於小弟對php並不熟悉, 所以不在這裏說明php.ini 有什么更好的設定了.
#cd /usr/local/etc
#cp php.ini-recommended php.ini
重启apache
#/usr/local/etc/rc.d/apache.sh stop
#/usr/local/etc/rc.d/apache.sh start
3.3 測試php.
生成test.php,并在裏面加上以下的3行.
#vi /usr/local/www/data/test.php
<?
Phpinfo ();
?>
打开浏览器 http://yourweburl/test.php
四. 安裝及設定phpMyAdmin.
用ports 来安装phpmyadmin
#cd /usr/ports/databases/phpmyadmin
#make install clean
#cd /usr/local/www/data/phpMyAdmin
#cp config.inc.php.sample config.inc.php
#chmod 755 config.inc.php
#vi config.inc.php
更改以下幾行
$cfg['PmaAbsoluteUri'] = '';
改成
$cfg['PmaAbsoluteUri'] = http://yourweburl/phpMyAdmin/ '';
$cfg['Servers'][$i]['auth_type'] = 'config'; // Authentication
method (config, http or cookie based)?
改成
$cfg['Servers'][$i]['auth_type'] = 'http'; // Authentication
method (config, http or cookie based)?
$cfg['Servers'][$i]['password'] = ''; // MySQL password (only
needed
改成
$cfg['Servers'][$i]['password'] = 'mysql passwd'; // MySQL
password (only needed
測試phpMyAdmin
https://yourweburl/phpMyAdmin/
後記:
以下是一些安裝時可能遇到的問題.
在安裝mod_php4時會出現以下的錯誤信息.
/usr/libexec/ld-elf.so.1: Shared object "libintl.so.5"
not found
解決方法:
原因是gettext 和 gmake 的版本的mod_php4安裝是要求的不一样, 一般是mod_php4 要的版本比較新,
所以出現一些不支持的現象.
只要用cvsup 更新你的gettext 和gmake就可以了.
#cd /usr/ports/devel/gettext
#make deinstall clean && make reinstall clean
#cd ../gmake
#make deinstall clean && make reinstall clean
在重安裝gettext 和gmake之前記住要ports是最新的.
你也可參考以下方法.
http://docs.freebsd.org/cgi/getmsg.cgi?fetch=609553+0+archive/2003/freebsd-ports/20031123.freebsd-ports
http://www.bsdforums.org/forums/showthread.php?threadid=13526