LAMPS Tutorial 2.0 (v2.0.5)

This tutorial is about the compilation, installation and configuration of a LAMPS server.

In case this tutorial contains mistakes, I would appreciate a message to stengel@eFactory.de.

New:
New versions of all packages and some bugfixes. PostgreSQL removed. Several simplifications. New PDFLib 6.


1. LAMPS Tutorial Content

1. LAMPS Tutorial Content

2. The Ingredients and where to find them


2. The Ingredients and where to find them


Linux



Basically, it does not matter which Linux distribution you use. I have chosen Mandrake 7.2 to write this tutorial and verified it with RedHat 7.0, 7.2, 7.3 and Debian 3.0.

I will not explain the installation here, because that would go beyond the scope of this tutorial. Normally, clicking through it is sufficient to get a run capable Linux server system. Don't forget to install the development packages as well (gcc, make, etc.). In case one has forgot something, the packet can always be installed later on.

Linux Distributionen auf Tucows
www.mandrake.com
www.redhat.de
www.debian.de

Top


Apache 2.0.50



In any case, the Apache web server is needed.

Apache Website
Download Apache Httpd 2.0.50

Top


MySQL 4.0.20



The MySQL version that I currently use is 4.0.20. In case a newer version is chosen, there may be problems regarding the configuration. A brief look into the README or the INSTALL file should solve these problems.

Note: MySQL has not necessarily to be compiled, but may be installed as RPM or binary. In this case, the MySQL path has to be modified during the compilation of PHP.

MySQL Website
Download MySQL 4.0.20

Top


PHP 4.3.8



One of the most important things is the current version of PHP. Version 4.3.8 has recently been released, and this is the one we use.

PHP Website
Download PHP 4.3.8

Top


mod_perl 1.99_16



Since some of my sites are based on Perl, I always install the Apache Perl module. A requirement therefore is, of course, that Perl is installed. But it is mostly installed together with the distribution automatically.


Mod-Perl Website
Download mod_perl 1.99_16

Top


OpenSSL 0.9.7d



To run Apache on SSL, OpenSSL is necessary for the compilation of the mod_ssl module. I am using OpenSSL version 0.9.7d.

OpenSSL Website
Download OpenSSL 0.9.7d

Top


PDFLib-Lite 6.0.0 p1



PDFLib enables you to create PDF documents dynamically from PHP, which can be very useful. An alternative for this module may be the FPDF Project

PDFLib home page
Download PDFlib-Lite 6.0.0p1

Top



3. Preparation - Unpacking the Ingredients

Before we can start, all tar.gz files are to be unpacked. You have to log in as root on the computer and copy all the files to /usr/local/src/lamps. Of course, it is possible to choose another path, but this is the one we will use in this tutorial.

cd /usr/local/src/lamps
for i in `ls *.gz`; do tar zxf $i; done;


The archive files are no longer needed, but I would like to suggest to save them somewhere, eventually together with this tutorial, as a backup.

Top



4. Cooking - Compilation and Installation


MySQL



The following lines install MySQL. --prefix is the installation folder and --localstatedir is the database folder (important for subsequent backups). If MySQL was been installed as RPM or DEB, this section may be skipped.

Note: After entering make, there is plenty of time for a coffee. So, never say die.

cd /usr/local/src/lamps/mysql-4.0.20/
./configure --prefix=/usr/local/mysql \
--localstatedir=/home/mysql/data --with-innodb
make
make install

Afterwards, we create the mysql user, the data folder, install the standard database and, finally, change the root password. Of course, you should use your own password instead of 'secret'.

mkdir /home/mysql
/usr/sbin/groupadd mysql
/usr/sbin/useradd mysql -g mysql -s /bin/false -d /home/mysql
scripts/mysql_install_db
chown -R mysql:mysql /home/mysql
cp support-files/mysql.server /etc/rc.d/init.d/mysqld
chmod 744 /etc/rc.d/init.d/mysqld
/etc/rc.d/init.d/mysqld start
> /usr/local/mysql/bin/mysqladmin -u root password 'secret'

Hint: If an error message appears mentioning "gethostbyname_r" you haven't installed the g++ package.
Once, an old my.cnf in /etc/ caused me some problems (mysql_install_db installed the database at /var/lib/mysql/data instead of /home/mysql/data and, so, MySQL did't work). In this case, delete the my.cnf file or rename it.

Additionally, I sometimes fall for missing to enter the MySQL libraries into the lib path. You will realise this after starting having Apache started, when you receive an error message saying that the file libmysqlclient.so.10 cannot be found. If this problem occurs, you will have to open the file /etc/ld.so.conf and add /usr/local/mysql/lib/mysql at the end. After that, you will have to execute the following:

/sbin/ldconfig

Now it should work. In order to start MySQL automatically at boottime, you just have to enter the following lines:

cd /etc/rc.d/rc3.d
ln -s ../init.d/mysqld S20mysqld
ln -s ../init.d/mysqld K20mysqld

Note: Eventually, the chosen distribution uses another runlevel rc3. The actual runlevel can be checked by typing /sbin/runlevel in the console.

Tip: If you do not want to access mysql, mysqldump, etc. via their long path, it is very useful to create some links to the programs.

ln -s /usr/local/mysql/bin/mysql \
/usr/local/bin/mysql
ln -s /usr/local/mysql/bin/mysqladmin \
/usr/local/bin/mysqladmin
ln -s /usr/local/mysql/bin/mysqldump \
/usr/local/bin/mysqldump
ln -s /usr/local/mysql/bin/mysqlshow \
/usr/local/bin/mysqlshow

Tip: If you want to use Webmin, there have to be some changes in the module configuration, i.e. regarding the path for the databases.

Top


OpenSSL



The installation of OpenSSL is pretty simple. We specify the destination folder by --prefix.

cd /usr/local/src/lamps/openssl-0.9.7d
./config --prefix=/usr/local/openssl
make
make test
make install
ln -s /usr/local/openssl/bin/openssl /usr/local/bin/openssl

Does it work? Just a side node: Too much coffee is unhealthy. But it is already one third done.

Top


Apache 2



Now we are going to build Apache with SSL, whereby we will compile Apache as DSO. This means that modules like PHP can be loaded dynamically. Unlike Apache 1.3.x, for Apache 2.0.x patching is no longer necessary.

cd /usr/local/src/lamps/httpd-2.0.50/
./configure --prefix=/usr/local/httpd \
--enable-modules=all \
--enable-ssl \
--with-ssl=/usr/local/openssl \
--enable-so
make
make install

In order to make Apache start while booting, we copy the start script and create links for runlevel three.

cp /usr/local/httpd/bin/apachectl \
/etc/rc.d/init.d/httpd
cd /etc/rc.d/rc3.d
ln -s ../init.d/httpd S20httpd
ln -s ../init.d/httpd K20httpd

Creating certificates is not as simple as for Apache 1.3.x. (If there is a simple method, I would appreciate a message.)

In order to get a test certificate, we create a CA. Regarding going live, Thawte or Verisign would be the Certification Authorities to sign the certificate.

Note: Normally, for the purpose of software development, SSL is not needed and this section may be skipped.

cd /usr/local/httpd/conf/
openssl genrsa -des3 -out ca.key 1024

You have to enter a password twice. After executing the next command, this password has to be entered again. Afterwards, the CA data is requested to create the certificate.

openssl req -new -x509 -days 365 -key ca.key -out ca.crt

Country Name: DE
State or Province: NRW
Localty Name: Duesseldorf
Organization Name: Mycompany
Organizational Unit Name: CA
Common Name: www.mycompany.de
Email Address: ca@mycompany.de

Now, we generate the server key. Again, a password is necessary. We back up the key and encode it, so that Apache will not demand a password after each reboot.

openssl genrsa -des3 -out server.key 1024
mv server.key server.key.secure
openssl rsa -in server.key.secure -out server.key

Creating a server certificate is similar to creating the CA certificate, but no password is needed, since the key is already encoded.

Note: In order to go live, the "common name" has to match the server's host adress.

openssl req -new -days 365 -key server.key -out server.csr

Country Name: DE
State or Province: NRW
Localty Name: Duesseldorf
Organization Name: Mycompany
Organizational Unit Name: webteam
Common Name: www.mycompany.de
Email Address: webmaster@mycompany.de
A challenge password:
An optional company name:

Finally, the certificate is signed by our self made CA and the keys are copied to their own folders. Therefore, we use Ralf S. Engelschall's bash script which may be downloaded here. It is best to save the script in /usr/local/bin and to make it executable by chmod 744.

The CA password has to be entered and it has to be confirmed twice by "y".

sign.sh server.csr
mkdir ssl.crt ssl.key
cp server.crt ssl.crt
cp server.key ssl.key

In order to start Apache always with SSL, /etc/rc.d/init.d/httpd has to be edited and to be modified in one section.

# the path to your httpd binary, including options if necessary
# Original HTTPD='/usr/local/httpd/bin/httpd'
HTTPD='/usr/local/httpd/bin/httpd -DSSL'

Now, I set all files in the htdocs folder to user nobody and group nobody, since problems may occur, i.e. that PHP/Perl cannot write data.

chown -R nobody:nobody /usr/local/httpd/htdocs/

The next step ist compiling and setting up PHP.

Top


PHP



Now, we compile and install PHP. At the end, the config path is set to /etc/. Therein, also php.ini will be saved.

If MySQL has not been installed, the according line in the configure command has to be omitted.

The final line for GD support may also be omitted, but the GD module can be very helpful regarding the dynamic creation of graphics. Thereby, it has to be considered that additional packets have to be installed (i.e. regarding Redhat 7.3: gd*.rpm, libjpeg*.rpm, libtiff*.rpm, freetype*.rpm and libpng*.rpm). You can, for example, check this by rpm -qa | grep libjpeg. After executing this command, two lines should appear, one of which conatains "devel".

cd /usr/local/src/lamps/php-4.3.8
./configure \
--with-apxs2=/usr/local/httpd/bin/apxs \
--with-mysql=/usr/local/mysql \
--with-zlib-dir=/usr/lib/ \
--enable-versioning \
--enable-track-vars=yes \
--enable-url-includes \
--enable-sysvshm=yes \
--enable-sysvsem=yes \
--enable-ftp \
--enable-calendar \
--with-config-file-path=/etc \
--with-gd
make
make install

For the compilation of PDFLib later on, some additional files are needed in /usr/local/include/php. This may be omitted if you do not want to install PDFLib.

mkdir /usr/local/include/php/ext/gd
mkdir /usr/local/include/php/ext/gd/libgd
cp ext/gd/php_gd.h /usr/local/include/php/ext/gd
cp ext/gd/libgd/gd.h /usr/local/include/php/ext/gd/libgd
cp ext/gd/libgd/gd_io.h /usr/local/include/php/ext/gd/libgd

If we want PHP to work properly with Apache, we have to associate PHP extensions with the module in /usr/local/httpd/conf/httpd.conf. Therefore, we have to add the following lines:

AddType application/x-httpd-php php
AddType application/x-httpd-php-source phps

The php.ini has to be copied and that's it.

cp /usr/local/src/lamp/php-4.3.8/php.ini-dist /etc/php.ini

Top


PDFLib



The installation of PDFLib is also pretty simple. It is just three lines. As mentioned above, this section may be skipped if PDFLib is not needed.

cd /usr/local/src/lamps/PDFlib-Lite-6.0.0p1/
./configure
make
make install

So, PDFLib is installed. In order to make it being found, an entry in the ld.so.conf file is necessary. You have to edit the file and if the line /usr/local/lib does not exist yet, you have to add it. Afterwards, /sbin/ldconfig has to be executed.

To enable PDF support for PHP we also need to create a PHP module. The automake and libtool packages need to be installed on your computer to get this done. Answer the path question by just pressing return (autodetect).

pear install bind/pdflib/php/pecl/pdflib-2.0.tgz
cd /usr/local/lib/php/extensions
mv no-debug-non-zts-20020429/pdf.so .
rmdir no-debug-non-zts-20020429

After compilation you should have a pdf.so in /usr/local/lib/php/extensions. Sometimes the no-debug-non-zts-20020429 folder had to be created before executing pear install.... Now edit /etc/php.ini and add a new line to enable the extension and change the extension_dir line as well.

extension_dir="/usr/local/lib/php/extensions/"

...
extension=pdf.so

Top


mod_perl



Configuring mod_perl is easy. A precondition is that Perl is installed in version 5.6.0 or higher. Therefore, just the RPM of your distribution is needed. You can test it by entering:

perl -v

A short message should appear. The rest is simple:

cd /usr/local/src/lamps/mod_perl-1.99_16
perl Makefile.PL \
MP_AP_PREFIX=/usr/local/httpd/ \
MP_INST_APACHE2=1

make
make install

In order to make Perl work with Apache, a line has to be added to /usr/local/httpd/conf/httpd.conf, if it does not already exist.

LoadModule perl_module modules/mod_perl.so

Now, mod_perl is installed and we can continue the configuration of our system.

Top


Miscellaneous and Configuration



Apache

Since we normally do not want HTML files being the only index file, we have to search for the following line:

DirectoryIndex index.html

Here we can add other index file names like index.php, index.php4 or default.htm at will and separated by spaces.

Now, the Apache can be started:

/etc/rc.d/init.d/httpd start

PHP

PHP may very well be tested by creating an info.php in /usr/local/httpd/htdocs/ with the following content:

<?php
phpinfo();
?>

If you open it in Lynx or any other browser, you should get a status page which shows all modules and parameters of PHP. Most of all, you can check if one of the modules has not been compiled.

PDFLib

PDFLib can easily be tested by a small PHP script. (It is important that user nobody has the rights to write in the folder where the script runs.

<?PHP
$dokument = pdf_new();
pdf_open_file($dokument,"php.pdf");
$font=pdf_findfont($dokument, "Times-Roman", "winansi", 0);
pdf_begin_page($dokument,200,100);
pdf_setfont($dokument,$font,14);
pdf_set_text_pos($dokument,20,50);
pdf_show($dokument,"PDFLib is working");
pdf_end_page($dokument);
$dokument = pdf_close($dokument);
header("location:php.pdf\n\n");
?>

Miscellaneous

Finally, we can check if SSL runs by entering https://localhost into the browser.

And to be more conform to other distributions, I create a folder /etc/httpd and set links to the conf and the logs folder of Apache:

mkdir /etc/httpd
ln -s /usr/local/httpd/conf /etc/httpd/conf
ln -s /usr/local/httpd/logs /etc/httpd/logs

The LAMPS system is ready!

I would like to suggest to boot the thing in order to check if Apache and MySQL start properly.

Tip: If i.e. SSL does not work although the Apache runs, you can try to take down the firewall to check if eventually the SSL port is locked.

/etc/rc.d/init.d/ipchains stop

The same applies to iptables. But don't forget to restart the firewall by the parameter start as soon as TCP port 443 is unlocked.

Top

Disclaimer









The content of this document may be reproduced on the web, provided that a copyright notice and straight HTML hyperlink to lamps.efactory.de appear on the same page.

eFactory
GmbH & Co. KG
stengel@eFactoryy.de

Goethestraße 75
40237 Düsseldorf

Tel.: 0211 44 03 97-0
Fax: 0211 44 03 97-40