免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
12345下一页
最近访问板块 发新帖
查看: 29717 | 回复: 43

[Web] RHEL5.1+SELINUX--LAMP=APACHE+PHP+MYSQL+PHPMYADMIN+ZEND [复制链接]

论坛徽章:
0
发表于 2007-12-23 13:10 |显示全部楼层
Install LAMP
编译环境:RedHat Enterprise AS 5.1 开启SELlinux(我个人认为,它既然被REDHAT用上了,肯定就有它的道理,没有理由关掉它啊,嘿嘿)
安装所需要的软件均为最新的源代码包:
GD及库相关         
curl-7.17.1.tar.gz     libpng-1.2.24.tar.bz2   zlib-1.2.3.tar.gz
freetype-2.3.5.tar.gz  libxslt-1.1.22.tar.gz   jpegsrc.v6b.tar.gz
gd-2.0.36RC1.tar.bz2   libxml2-2.6.30.tar.gz   


PHP相关软件
phpMyAdmin-2.11.3-all-languages.tar.bz2
php-5.2.5.tar.bz2  
suhosin-patch-5.2.5-0.9.6.2.patch
ZendOptimizer-3.3.0-linux-glibc21-i386.tar.gz         
           
APACHE相关软件
httpd-2.2.6.tar.bz2   

mysql相关软件
mysql-5.1.22-rc.tar.gz  
                    


一、安装GD库及其它库文件
1.install zlib
tar xzvf  zlib-1.2.3.tar.gz
cd  zlib-1.2.3
./configure
make
make install

2. install libpng
tar xjvf libpng-1.2.24.tar.bz2
cd libpng-1.2.24
cp ./scripts/makefile.std makefile
make
make install

3.install freetype
tar xzvf freetype-2.3.5.tar.gz
cd freetype-2.3.5
./configure
make
make install

4.install jpeg
tar xzvf jpegsrc.v6b.tar.gz
cd jpeg-6b
mkdir -p /usr/local/man/man1
./configure --enable-shared --enable-static
make
make install

5.install curl
tar xzvf curl-7.17.1.tar.gz
cd curl-7.17.1
./configure
make
make install

6.install libxml2
tar xzvf libxml2-2.6.30.tar.gz
cd libxml2-2.6.30
./configure
make
make install

7.install libxslt
tar xzvf libxslt-1.1.22.tar.gz
cd libxslt-1.1.22
./configure --with-libxml
make
make install

8.install gd
tar xjvf gd-2.0.36RC1.tar.bz2
cd gd-2.0.36RC1
./configure --jpeg --with-png --with-zlib --with-freetype
make
make install

二、安装mysql数据库

[root@Kevin soft]# mkdir /httpd

[root@Kevin soft]# tar xzvf mysql-5.1.22-rc.tar.gz
[root@Kevin soft]# cd mysql-5.1.22-rc
[root@Kevin mysql-5.1.22-rc]# groupadd mysql
[root@Kevin mysql-5.1.22-rc]# useradd -g mysql mysql
[root@Kevin mysql-5.1.22-rc]#  ./configure \
> --prefix=/httpd/mysql --sysconfdir=/httpd/mysql --enable-assembler \
> --with-unix-socket-path=/tmp/mysql.sock --with-mysqld-user=mysql \
> --with-mysqld-ldflags=-a-static --with-innodb --with-extra-charsets=all \
> --with-charset=gb2312 --with-collation=gb2312_chinese_ci \
> --enable-thread-safe-client
[root@Kevin mysql-5.1.22-rc]# make
[root@Kevin mysql-5.1.22-rc]# make install
[root@Kevin mysql-5.1.22-rc]# cp support-files/my-medium.cnf /etc/my.cnf
[root@Kevin mysql-5.1.22-rc]# ./scripts/mysql_install_db --user=mysql
Installing MySQL system tables...
OK
Filling help tables...
OK

To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system

PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:
/httpd/mysql/bin/mysqladmin -u root password 'new-password'
/httpd/mysql/bin/mysqladmin -u root -h Kevin password 'new-password'
See the manual for more instructions.
You can start the MySQL daemon with:
cd /httpd/mysql ; /httpd/mysql/bin/mysqld_safe &

You can test the MySQL daemon with mysql-test-run.pl
cd mysql-test ; perl mysql-test-run.pl

Please report any problems with the /httpd/mysql/bin/mysqlbug script!

The latest information about MySQL is available on the web at
http://www.mysql.com
Support MySQL by buying support/licenses at http://shop.mysql.com

[root@Kevin mysql-5.1.22-rc]#cd /httpd/mysql
[root@Kevin mysql]# chown -R root .
[root@Kevin mysql]# chown -R mysql var
[root@Kevin mysql]# chown -R mysql var/.
[root@Kevin mysql]# chown -R mysql var/mysql/.
[root@Kevin mysql]# chgrp -R mysql .
[root@Kevin mysql]#cd /soft/mysql-5.1.22-rc
[root@Kevin mysql-5.1.22-rc]# cp support-files/mysql.server /etc/rc.d/init.d/mysqld
[root@Kevin mysql-5.1.22-rc]# chmod 700 /etc/rc.d/init.d/mysqld
[root@Kevin mysql-5.1.22-rc]# chkconfig --add mysqld
[root@Kevin mysql-5.1.22-rc]# chmod +x /etc/rc.d/init.d/mysqld

[root@Kevin mysql-5.1.22-rc]# /httpd/mysql/bin/mysqld_safe --user=mysql &
[1] 5321
[root@Kevin mysql-5.1.22-rc]# 071223 09:12:27 mysqld_safe Logging to
'/httpd/mysql/var/Kevin.err'.
071223 09:12:28 mysqld_safe Starting mysqld daemon with databases from
/httpd/mysql/var

kconfig --level 345 mysqld on
[root@Kevin mysql-5.1.22-rc]# service mysqld stop
Shutting down MySQL..071223 09:18:54 mysqld_safe mysqld from pid file
/httpd/mysql/var/Kevin.pid ended
                                                           [  OK  ]
[1]+  Done                    /httpd/mysql/bin/mysqld_safe --user=mysql

ln -s /httpd/mysql/bin/mysql /sbin/mysql
[root@Kevin mysql-5.1.22-rc]# ln -s /httpd/mysql/bin/mysqladmin /sbin/mysqladmin
[root@Kevin mysql-5.1.22-rc]#  PATH=&PATH:/httpd/mysql/bin
[1] 25129
bash: PATH:/httpd/mysql/bin: No such file or directory
[1]+  Done                    PATH=
[root@Kevin mysql-5.1.22-rc]# export PATH
[root@Kevin mysql-5.1.22-rc]# echo "/httpd/mysql/lib/mysql" >> /etc/ld.so.conf
[root@Kevin mysql-5.1.22-rc]# ldconfig

edit the file /etc/my.cnf
[root@Kevin mysql-5.1.22-rc]# vi /etc/my.cnf

add this two line under the [mysqld]

log = /var/log/mysqld/log.log

and touch the file

[root@Kevin mysql-5.1.22-rc]# mkdir /var/log/mysqld
[root@Kevin mysql-5.1.22-rc]# touch /var/log/mysqld/log.log

[root@Kevin mysql-5.1.22-rc]# chown -R mysql.mysql /var/log/mysqld

[root@Kevin mysql-5.1.22-rc]# service mysqld start
Starting MySQL.                                            [  OK  ]
[root@Kevin mysql-5.1.22-rc]#

set password for mysql root
[root@Kevin mysql-5.1.22-rc]# mysqladmin -u root -p password 'password'
insert the root password before , push enter


三、安装APACHE服务器
[root@Kevin soft]# tar xjvf httpd-2.2.6.tar.bz2
[root@Kevin soft]# cd httpd-2.2.6

[root@Kevin httpd-2.2.6]#  ./configure --prefix=/httpd/apache --enable-so --enable-track-vars
--enable-mods-shared=all --enable-cache --enable-disk-cache --enable-mem-cache
--enable-rewrite --with-mpm=worker --enable-ssl --with-zlib --enable-suexec
--with-suexec-caller=daemon

[root@Kevin httpd-2.2.6]# make
[root@Kevin httpd-2.2.6]# make install
[root@Kevin httpd-2.2.6]# cp support/apachectl /etc/rc.d/init.d/httpd

edit the file /etc/rc.d/init.d/httpd  and add this in it
[root@Kevin httpd-2.2.6]# vim /etc/rc.d/init.d/httpd

# Startup script for the Apache Web Server
# chkconfig: 2345 85 15
# description: Apache is a World Wide Web server .It is used to server
# HTML files and CGI.
# processname: httpd
# pidfile: /httpd/apache/log/httpd.pid
# config: /httpd/apache/conf/httpd.conf

[root@Kevin httpd-2.2.6]# chkconfig --add httpd
[root@Kevin httpd-2.2.6]# chmod 755 /etc/rc.d/init.d/httpd
[root@Kevin httpd-2.2.6]# chkconfig --level 345 httpd on

[root@Kevin httpd-2.2.6]# vim /httpd/apache/conf/httpd.conf

[root@Kevin httpd-2.2.6]# service httpd start
httpd: Syntax error on line 75 of /httpd/apache/conf/httpd.conf: Cannot load
/httpd/apache/modules/mod_deflate.so into server:
/httpd/apache/modules/mod_deflate.so: cannot restore segment prot after reloc:
Permission denied

提示这个错误是因为我开启了SELINUX,解决方法如下:(后面也会出现这种问题,按照同样的方法解决即可)

[root@Kevin ~]# tail /var/log/message
日志提示信息如下:
Dec 23 10:32:52 Kevin setroubleshoot:      SELinux is preventing
/httpd/apache/bin/httpd from loading /httpd/apache/modules/mod_deflate.so
which requires text relocation.      For complete SELinux messages. run
sealert -l dea1fd12-6af0-493c-9767-e76b9d8bd3b3


其中For complete SELinux messages.run …… 意思就是说为了完成SELlinux,运行后面的命令

然后我们运行日志里提示的命令,再从中找有用的信息。
[root@Kevin httpd-2.2.6]# sealert -l dea1fd12-6af0-493c-9767-e76b9d8bd3b3
Summary
    SELinux is preventing /httpd/apache/bin/httpd from loading
    /httpd/apache/modules/mod_deflate.so which requires text relocation.

Detailed Description
    The /httpd/apache/bin/httpd application attempted to load
    /httpd/apache/modules/mod_deflate.so which requires text relocation.  This
    is a potential security problem. Most libraries do not need this
permission.
    Libraries are sometimes coded incorrectly and request this permission.
The
    http://people.redhat.com/drepper/selinux-mem.html web page explains how to
    remove this requirement.  You can configure SELinux temporarily to allow
    /httpd/apache/modules/mod_deflate.so to use relocation as a workaround,
    until the library is fixed. Please file a
    http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package.

Allowing Access
    If you trust /httpd/apache/modules/mod_deflate.so to run correctly, you
can
    change the file context to textrel_shlib_t. "chcon -t textrel_shlib_t
    /httpd/apache/modules/mod_deflate.so"

    The following command will allow this access:
    chcon -t textrel_shlib_t /httpd/apache/modules/mod_deflate.so

上面这一段,Allowing Acces意思就是说允许访问(因为最开始的时候是提示权限拒绝),
这正是我们要找的内容 ,继续往下看,如果你相信,mod_deflate.so是可信的,你可以
改变这个文件的context为textrel_shlib_t.,用chcon -t textrel_shlib_t /httpd/apache/
modules/mod_deflate.so 这个命令。
用下面的命令将会允许这个访问:chcon -t textrel_shlib_t /httpd/apache/modules/mod_deflate.so

Additional Information        

Source Context                root:system_r:unconfined_t:SystemLow-SystemHigh
Target Context                root:object_r:etc_runtime_t
Target Objects                /httpd/apache/modules/mod_deflate.so [ file ]
Affected RPM Packages         
Policy RPM                    selinux-policy-2.4.6-104.el5
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   plugins.allow_execmod
Host Name                     Kevin
Platform                      Linux Kevin 2.6.18-53.el5xen #1 SMP Wed Oct 10
                              17:06:12 EDT 2007 i686 i686
Alert Count                   1
Line Numbers                  

Raw Audit Messages            

avc: denied { execmod } for comm="httpd" dev=sda2 egid=0 euid=0
exe="/httpd/apache/bin/httpd" exit=-13 fsgid=0 fsuid=0 gid=0 items=0
path="/httpd/apache/modules/mod_deflate.so" pid=23414
scontext=root:system_r:unconfined_t:s0-s0:c0.c1023 sgid=0
subj=root:system_r:unconfined_t:s0-s0:c0.c1023 suid=0 tclass=file
tcontext=root:object_r:etc_runtime_t:s0 tty=pts0 uid=0


[root@Kevin httpd-2.2.6]# chcon -t textrel_shlib_t /httpd/apache/modules/mod_deflate.so

再重新启动APACHE服务,又有一个同样的问题出现了,这次是mod_ssl.so,解决方法同上,我也
把信息贴出来。
[root@Kevin httpd-2.2.6]# service httpd start
httpd: Syntax error on line 89 of /httpd/apache/conf/httpd.conf: Cannot load
/httpd/apache/modules/mod_ssl.so into server:
/httpd/apache/modules/mod_ssl.so: cannot restore segment prot after reloc:
Permission denied

[root@Kevin ~]# tail /var/log/message
Dec 23 10:35:52 Kevin setroubleshoot:      SELinux is preventing
/httpd/apache/bin/httpd from loading /httpd/apache/modules/mod_ssl.so which
requires text relocation.      For complete SELinux messages. run sealert -l
013a3462-7caf-4619-a80c-4c3863537004

[root@Kevin httpd-2.2.6]# sealert -l 013a3462-7caf-4619-a80c-4c3863537004
Summary
    SELinux is preventing /httpd/apache/bin/httpd from loading
    /httpd/apache/modules/mod_ssl.so which requires text relocation.

Detailed Description
    The /httpd/apache/bin/httpd application attempted to load
    /httpd/apache/modules/mod_ssl.so which requires text relocation.  This is
a
    potential security problem. Most libraries do not need this permission.
    Libraries are sometimes coded incorrectly and request this permission.
The
    http://people.redhat.com/drepper/selinux-mem.html web page explains how to
    remove this requirement.  You can configure SELinux temporarily to allow
    /httpd/apache/modules/mod_ssl.so to use relocation as a workaround, until
    the library is fixed. Please file a
    http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package.

Allowing Access
    If you trust /httpd/apache/modules/mod_ssl.so to run correctly, you can
    change the file context to textrel_shlib_t. "chcon -t textrel_shlib_t
    /httpd/apache/modules/mod_ssl.so"

    The following command will allow this access:
    chcon -t textrel_shlib_t /httpd/apache/modules/mod_ssl.so

Additional Information        

Source Context                root:system_r:unconfined_t:SystemLow-SystemHigh
Target Context                root:object_r:etc_runtime_t
Target Objects                /httpd/apache/modules/mod_ssl.so [ file ]
Affected RPM Packages         
Policy RPM                    selinux-policy-2.4.6-104.el5
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   plugins.allow_execmod
Host Name                     Kevin
Platform                      Linux Kevin 2.6.18-53.el5xen #1 SMP Wed Oct 10
                              17:06:12 EDT 2007 i686 i686
Alert Count                   1
Line Numbers                  

Raw Audit Messages            

avc: denied { execmod } for comm="httpd" dev=sda2 egid=0 euid=0
exe="/httpd/apache/bin/httpd" exit=-13 fsgid=0 fsuid=0 gid=0 items=0
path="/httpd/apache/modules/mod_ssl.so" pid=23436
scontext=root:system_r:unconfined_t:s0-s0:c0.c1023 sgid=0
subj=root:system_r:unconfined_t:s0-s0:c0.c1023 suid=0 tclass=file
tcontext=root:object_r:etc_runtime_t:s0 tty=pts0 uid=0

[root@Kevin httpd-2.2.6]# chcon -t textrel_shlib_t /httpd/apache/modules/mod_ssl.so
[root@Kevin httpd-2.2.6]# service httpd start
[root@Kevin httpd-2.2.6]#
OK,可以看到成功启动了。不信还可以用命令查看一下httpd的进程
[root@Kevin httpd-2.2.6]# ps -ef | grep httpd
看看有没有相关的进程,如果没有,我说如果,那就看看日志里说什么,根据日志来判断问题所在,进而解决。


[ 本帖最后由 HonestQiao 于 2008-1-18 21:17 编辑 ]

论坛徽章:
0
发表于 2007-12-23 13:11 |显示全部楼层

RHEL5.1+SELINUX--LAMP=APACHE+PHP+MYSQL+PHPMYADMIN+ZEND

四、安装PHP
[root@Kevin soft]# gunzip suhosin-patch-5.25-0.9.6.2.patch.gz
[root@Kevin soft]# tar xjvf php-5.2.5.tar.bz2
[root@Kevin php-5.2.5]# patch -p1 < ../suhosin-patch-5.2.5-0.9.6.2.patch
[root@Kevin php-5.2.5]#  ./configure --prefix=/httpd/php --with-apxs2=/httpd/apache/bin/apxs \
> --with-mysql=/httpd/mysql --with-curl --enable-ftp \
> --with-libxml-dir --enable-soap --with-xsl --with-gd --with-jpeg-dir --with-zlib \
> --with-freetype-dir --enable-mbstring --with-iconv --disable-ipv6 \
> --with-mysql-sock=/tmp/mysql.sock --enable-magic-quotes \
> --enable-force-cgi-redirect --enable-short-tags --disable-debug

[root@Kevin php-5.2.5]# make

Build complete.
Don't forget to run 'make test'.

[root@Kevin php-5.2.5]# make test
这个过程会报错,不过没关系,继续
[root@Kevin php-5.2.5]# make install
同样出现上面的SELunix的问题,同样的方法解决

/soft/php-5.2.5/sapi/cli/php: error while loading shared libraries:
/usr/local/lib/libxslt.so.1: cannot restore segment prot after reloc:
Permission denied
/soft/php-5.2.5/sapi/cli/php: error while loading shared libraries:
/usr/local/lib/libxslt.so.1: cannot restore segment prot after reloc:
Permission denied
make: [test] Error 127 (ignored)

[root@Kevin ~]# tail /var/log/messages
Dec 23 12:23:56 Kevin setroubleshoot:      SELinux is preventing
/soft/php-5.2.5/sapi/cli/php from loading /usr/local/lib/libxslt.so.1.1.22
which requires text relocation.      For complete SELinux messages. run
sealert -l 732b8a74-391c-4243-8474-3bfc7aa88fee

[root@Kevin php-5.2.5]# sealert -l 732b8a74-391c-4243-8474-3bfc7aa88fee
Summary
    SELinux is preventing /soft/php-5.2.5/sapi/cli/php from loading
    /usr/local/lib/libxslt.so.1.1.22 which requires text relocation.

Detailed Description
    The /soft/php-5.2.5/sapi/cli/php application attempted to load
    /usr/local/lib/libxslt.so.1.1.22 which requires text relocation.  This is
a
    potential security problem. Most libraries do not need this permission.
    Libraries are sometimes coded incorrectly and request this permission.
The
    http://people.redhat.com/drepper/selinux-mem.html web page explains how to
    remove this requirement.  You can configure SELinux temporarily to allow
    /usr/local/lib/libxslt.so.1.1.22 to use relocation as a workaround, until
    the library is fixed. Please file a
    http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package.

Allowing Access
    If you trust /usr/local/lib/libxslt.so.1.1.22 to run correctly, you can
    change the file context to textrel_shlib_t. "chcon -t textrel_shlib_t
    /usr/local/lib/libxslt.so.1.1.22"

    The following command will allow this access:
    chcon -t textrel_shlib_t /usr/local/lib/libxslt.so.1.1.22

Additional Information        

Source Context                root:system_r:unconfined_t:SystemLow-SystemHigh
Target Context                system_u:object_r:lib_t
Target Objects                /usr/local/lib/libxslt.so.1.1.22 [ file ]
Affected RPM Packages         
Policy RPM                    selinux-policy-2.4.6-104.el5
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   plugins.allow_execmod
Host Name                     Kevin
Platform                      Linux Kevin 2.6.18-53.el5xen #1 SMP Wed Oct 10
                              17:06:12 EDT 2007 i686 i686
Alert Count                   2
Line Numbers                  

Raw Audit Messages            

avc: denied { execmod } for comm="php" dev=sda2 egid=0 euid=0
exe="/soft/php-5.2.5/sapi/cli/php" exit=-13 fsgid=0 fsuid=0 gid=0 items=0
path="/usr/local/lib/libxslt.so.1.1.22" pid=11348
scontext=root:system_r:unconfined_t:s0-s0:c0.c1023 sgid=0
subj=root:system_r:unconfined_t:s0-s0:c0.c1023 suid=0 tclass=file
tcontext=system_u:object_r:lib_t:s0 tty=pts0 uid=0

[root@Kevin php-5.2.5]# chcon -t textrel_shlib_t /usr/local/lib/libxslt.so.1.1.22

[root@Kevin php-5.2.5]# make install
安装成功

[root@Kevin php-5.2.5]# cp php.ini-dist /httpd/apache/conf/php.ini

[root@Kevin php-5.2.5]# vim /httpd/apache/conf/php.ini
;default_charset = "iso-8859-1"
在这行下面加一行
default_charset = "gbk"

配置apache
[root@Kevin php-5.2.5]# vim /httpd/apache/conf/httpd.conf
找到#AddType application/x-tar .tgz 这行,在下面加两行。
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
找到下面一行
<IfModule dir_module>
    DirectoryIndex index.html
</IfModule>


[root@Kevin php-5.2.5]# service httpd restart
在安装好PHP重新加载APACHE服务的时候又出现了同样的问题,同样的方法解决
httpd: Syntax error on line 108 of /httpd/apache/conf/httpd.conf: Cannot load
/httpd/apache/modules/libphp5.so into server:
/httpd/apache/modules/libphp5.so: cannot restore segment prot after reloc:
Permission denied

[root@Kevin ~]# tail /var/log/messages
Dec 23 13:11:05 Kevin setroubleshoot:      SELinux is preventing
/httpd/apache/bin/httpd from loading /httpd/apache/modules/libphp5.so which
requires text relocation.      For complete SELinux messages. run
sealert -l4568ea8d-d6f7-47f2-9b9a-2611e15833dc

[root@Kevin php-5.2.5]# sealert -l 4568ea8d-d6f7-47f2-9b9a-2611e15833dc
Summary
    SELinux is preventing /httpd/apache/bin/httpd from loading
    /httpd/apache/modules/libphp5.so which requires text relocation.

Detailed Description
    The /httpd/apache/bin/httpd application attempted to load
    /httpd/apache/modules/libphp5.so which requires text relocation.  This is
a
    potential security problem. Most libraries do not need this permission.
    Libraries are sometimes coded incorrectly and request this permission.
The
    http://people.redhat.com/drepper/selinux-mem.html web page explains how to
    remove this requirement.  You can configure SELinux temporarily to allow
    /httpd/apache/modules/libphp5.so to use relocation as a workaround, until
    the library is fixed. Please file a
    http://bugzilla.redhat.com/bugzilla/enter_bug.cgi against this package.

Allowing Access
    If you trust /httpd/apache/modules/libphp5.so to run correctly, you can
    change the file context to textrel_shlib_t. "chcon -t textrel_shlib_t
    /httpd/apache/modules/libphp5.so"

    The following command will allow this access:
    chcon -t textrel_shlib_t /httpd/apache/modules/libphp5.so

Additional Information        

Source Context                root:system_r:unconfined_t:SystemLow-SystemHigh
Target Context                root:object_r:etc_runtime_t
Target Objects                /httpd/apache/modules/libphp5.so [ file ]
Affected RPM Packages         
Policy RPM                    selinux-policy-2.4.6-104.el5
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   plugins.allow_execmod
Host Name                     Kevin
Platform                      Linux Kevin 2.6.18-53.el5xen #1 SMP Wed Oct 10
                              17:06:12 EDT 2007 i686 i686
Alert Count                   1
Line Numbers                  

Raw Audit Messages            

avc: denied { execmod } for comm="httpd" dev=sda2 egid=0 euid=0
exe="/httpd/apache/bin/httpd" exit=-13 fsgid=0 fsuid=0 gid=0 items=0
path="/httpd/apache/modules/libphp5.so" pid=10571
scontext=root:system_r:unconfined_t:s0-s0:c0.c1023 sgid=0
subj=root:system_r:unconfined_t:s0-s0:c0.c1023 suid=0 tclass=file
tcontext=root:object_r:etc_runtime_t:s0 tty=pts0 uid=0


[root@Kevin php-5.2.5]# chcon -t textrel_shlib_t /httpd/apache/modules/libphp5.so

[root@Kevin php-5.2.5]# service httpd restart
OK,成功

写个测试页面

vi /www/index.php

<?
phpinfo();
?>

打开网站http://localhost结果变成了下载PHP文件了
修改/httpd/apache/conf/httpd.conf  
AddType application/x-httpd-php .php .php5


[root@Kevin php-5.2.5]# service httpd restart  

OK

用 http://loclahost/index.php or http://localhost 测试你的php and apache

五、安装;zend and phpadmin
1.install zendoptimizer
[root@Kevin soft]# tar xzvf ZendOptimizer-3.3.0-linux-glibc21-i386.tar.gz
[root@Kevin php-5.2.5]# cd ZendOptimizer-3.3.0-linux-glibc21-i386
[root@Kevin ZendOptimizer-3.3.0-linux-glibc21-i386]# ./install.sh
[ok]->[exit]->[yes]->[/httpd/zend]->[/httpd/apache/conf]->[yes]->[/httpd/apache/bin/apachectl]->
[ok]->[ok]->[no]
这个我是在图形界面下安装的,就没有截图了,基本的顺序就是这样子的。
use http://localhost/index.php or http://localhost test the zend program.

2.install phpMyadmin
[root@Kevin soft]# tar xjvf phpMyAdmin-2.11.3-all-languages.tar.gz
[root@Kevin php-5.2.5]# cp -rf phpMyAdmin-2.11.3-all-languages /www/phpmyadmin
[root@Kevin php-5.2.5]# cp config.sample.inc.php config.inc.php
[root@Kevin php-5.2.5]# vim config.inc.php

phpMyadmin可以各人发挥了,每个人的需求不一样,所以配置肯定也不一样了。以下是我的配置:
CODE:
[Copy to clipboard]
$cfg['blowfish_secret'] = 'cookie'; (使用cookie加密)


CODE:
[Copy to clipboard]
$cfg['Servers'][$i]['connect_type']  = 'socket';  (以socket方式连接MySQL)


CODE:
[Copy to clipboard]
$cfg['Servers'][$i]['compress']      = TRUE; (启用压缩以提高速度,如果访问不正常请改回FALSE)


CODE:
[Copy to clipboard]
$cfg['Servers'][$i]['auth_type']     = 'cookie'; (使用cookie进行身份验证)

visite http://localhost/phpmyadmin

用mysql的root登陆,前面我们为root设置了密码的,如果不设置密码,用空密码登陆也会出现一个警告吧 算是,你
用密码登陆就没有问题了。
还有一个提示错误,可能是php高版本的问题,需要用到mcrypt,我在前面没有安装,有时间我再做一次吧。

错误提示信息如下:
Cannot load mcrypt extension. Please check your PHP configuration.

因为之前没有安装mcrypt,在编译php的时候也没有--with-mcrypt
所以现在出现这个错误了。如果要解决只有重新编译mcrypt and php (网上没有找到答案。。。。。。)
这个问题我在网上找了很多资料,以及google,没有找到答案,如果有人知道怎么弄的话,请告诉我,谢谢!!
这样就不用重新编译了。

昨天做了一通宵,终于完成了在SELlinux下面配置好LAMP。

第一次在CU发贴,有问题请各位多多赐教!~ 谢谢




[ 本帖最后由 HonestQiao 于 2008-1-18 21:17 编辑 ]

linux.rar

6.21 KB, 下载次数: 585

文档打包了,呵呵

论坛徽章:
0
发表于 2007-12-23 13:25 |显示全部楼层
  自己先来一个  嘿嘿

论坛徽章:
0
发表于 2007-12-24 12:03 |显示全部楼层
支持 期待完整版本 呵呵

论坛徽章:
0
发表于 2007-12-24 17:06 |显示全部楼层
不错。支持你。

论坛徽章:
0
发表于 2008-01-09 20:25 |显示全部楼层
请教楼主一个问题,现在RHEL5.1是GLIBC2.5的,而楼主下的ZendOptimizer是GLIBC2.1的,这个不知道楼主是解决的。谢谢

论坛徽章:
0
发表于 2008-01-09 23:35 |显示全部楼层
我现在用的环境还是在AS4下,因为AS5要个序列号,我就没有想法用了.
楼主的功劳不可埋没,加精华.

论坛徽章:
0
发表于 2008-01-11 11:47 |显示全部楼层
搭车做个广告:《SELinux和Apache、Zend Optimizer、MySQL共建和谐服务器》
http://leopku.blog.sohu.com/73263692.html

基于CentOS 4的

论坛徽章:
0
发表于 2008-01-18 18:00 |显示全部楼层
原帖由 er_shi 于 2008-1-9 20:25 发表
请教楼主一个问题,现在RHEL5.1是GLIBC2.5的,而楼主下的ZendOptimizer是GLIBC2.1的,这个不知道楼主是解决的。谢谢



你在装这个的时候有出错吗?把错误贴出来看看??

论坛徽章:
0
发表于 2008-01-19 12:01 |显示全部楼层
帖子:6
精华:1
才看到  加精华了  哈哈哈  高兴啊  谢谢谢谢
您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

SACC2019中国系统架构师大会

【数字转型 架构演进】SACC2019中国系统架构师大会,8.5折限时优惠重磅来袭!
2019年10月31日~11月2日第11届中国系统架构师大会(SACC2019)将在北京隆重召开。四大主线并行的演讲模式,1个主会场、20个技术专场、超千人参与的会议规模,100+来自互联网、金融、制造业、电商等领域的嘉宾阵容,将为广大参会者提供一场最具价值的技术交流盛会。

限时8.5折扣期:2019年9月30日前


----------------------------------------

大会官网>>
  

北京盛拓优讯信息技术有限公司. 版权所有 16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122
中国互联网协会会员  联系我们:huangweiwei@it168.com
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP