Cent OS 5.1 APM 설치 문서.
1. CentOS 5.1 설치
- Default 로만 설치 하기.
- SELinux 사용안함 설정
# vi /etc/selinux/config
- SELINUX=disabled
# vi /etc/sysconfig/i18n
- LANG="ko_KR.eucKR"
- SUPPORTED="ko_KR.eucKR:ko_KR:ko"
#reboot
2. 업데이트, 컴파일러 확인, 라이브러리 설치
2-1. 전체 업데이트 및 필요 패키지 업데이트
- 전체 업데이트 확인 및 업데이트
# yum check-update
# yum update
- 귀찮으면 다음의 방법으로...
# yum install gcc
# yum install gcc-c++
# yum install termcap
# yum install libtermcap
# yum install libtermcap-devel
# yum install gdbm-devel
# yum install zlib*
# yum install libxml*
# yum install freetype*
# yum install libpng*
# yum install libjpeg*
compat-libstdc++
libstdc++-devel
libstdc++
2-2. 확인
# rpm -qa gcc* cpp* compat-gcc* flex*
# rpm -qa libjpeg* libpng* freetype* gd-*
2-3. 설치
# yum -y install gcc cpp gcc-c++ compat-gcc-32-g77 flex
# yum -y install libjpeg-devel libpng-devel freetype-devel gd-devel
2-4. 최신 라이브러리 소스 컴파일 설치
2-4-1. libpng 설치
# libpng : http://www.libpng.org
# wget http://prdownloads.sourceforge.net/libpng/libpng-1.2.25.tar.gz?download
# wget ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.25.tar.gz
# ./configure && make && make install
2-4-2. libjpeg 설치.
# jpeg : http://www.ijg.org
# wget ftp://ftp.uu.net/graphics/jpeg/jpegsrc.v6b.tar.gz
# mkdir -p /usr/local/man/man1
# ./configure --enable-shared --enable-static
# make && make install
2-4-3. freetype 설치
# freetype : http://www.freetype.org
# wget http://download.savannah.gnu.org/releases/freetype/freetype-2.3.4.tar.gz
# wget http://download.savannah.gnu.org/releases/freetype/freetype-2.3.5.tar.gz
# ./configure && make && make install
2-4-4. gd 설치
# gd : http://www.libgd.org
# wget http://www.libgd.org/releases/gd-2.0.35.tar.gz
# ./configure && make && make install
2-5. source download
# apache
# wget http://www.lug.or.kr/files/centos_book/download/apache_php_mysql/httpd-2.2.6.tar.gz
# wget http://ftp.apache-kr.org/httpd/httpd-2.2.6.tar.gz
# wget http://ftp.kaist.ac.kr/pub/Apache/httpd/httpd-2.2.8.tar.gz
# php
# wget http://kr2.php.net/get/php-4.4.8.tar.gz/from/this/mirror
# wget http://www.lug.or.kr/files/centos_book/download/apache_php_mysql/php-5.2.4.tar.gz
# wget http://kr2.php.net/get/php-5.2.5.tar.gz/from/this/mirror
# mysql
# wget http://www.lug.or.kr/files/centos_book/download/apache_php_mysql/mysql-5.0.45.tar.gz
#### 설치 순서 . mysql -> apache -> php
#### 설치 디렉토리 : /usr/local/server 에 설치.
3. mysql 설치
- mysql 버젼 : mysql-5.0.45.tar.gz
- 설치 위치 : /usr/local/server/mysql
3-1. mysql user 생성
# useradd -M -s /bin/false mysql
3-2. mysql configuration
# ./configure --prefix=/usr/local/server/mysql \
--with-charset=utf8 \
--with-extra-charsets=all
# make && make install
** mysqli 옵션 이용시 --enable-thread-safe-client 추가.
3-3. mysql 환경설정 파일 복사, 시작스크립트 복사
# pwd
/usr/local/src/mysql-5.0.45
# cp support-files/my-huge.cnf /etc/my.cnf
3-4. mysql 데이터베이스 초기화 및 디렉토리 퍼미션 설정
# cd /usr/local/server/mysql
# bin/mysql_install_db --user=mysql
# chown -R root .
# chown -R mysql var
# chgrp -R mysql .
3-5. 변수 설정.
# vi ~/.bash_profile
PATH=$PATH:$HOME/bin:/usr/local/server/mysql/bin
# source ~/.bash_profile
또는 mysql 을 /bin/ 밑으로 복사.
3-6. 자동 실행 설정.
# cp share/mysql/mysql.server /etc/init.d/mysqld
# chkconfig --add mysqld
# chkconfig --list | grep mysqld
** 레벨수정 (안해도됨)
# chkconfig --level 24 mysqld off
# chkconfig --list mysqld
mysqld 0:해제 1:해제 2:해제 3:활성 4:해제 5:활성 6:해제
3-7. 실행 및 root 암호 설정.
# /etc/init.d/mysqld start
Starting MySQL [ OK ]
3-8. 실행
# mysql
3-9. 암호 설정.
- 일반적 업데이트
# mysqladmin -u root password 암호
- 접속해서 바꾸는 방법.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.0.51-log Source distribution
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('newpwd');
Query OK, 0 rows affected (0.00 sec)
또는
mysql> update user set password=password('newpwd') where user='root';
mysql> quit
Bye
4. 아파치 설치
- httpd 버전 : httpd-2.2.6.tar.bz2
- httpd 설치경로 : /usr/local/server/apache
4-1. configure 및 실행.
- 일반적 config
# ./configure \
# --prefix=/usr/local/server/apache \
# --enable-so \
# --enable-mods-shared=all \
# --enable-rewrite
- ssl 포함해 컴파일 할때 openssl install 후 컴파일 하기.
# yum install openssl*
# ./configure \
# --prefix=/usr/local/server/apache \
# --enable-so \
# --enable-mods-shared=all \
# --enable-ssl \
# --with-ssl \
# --enable-rewrite
# make && make install
4-2. 자동 실행 설정.
# cp /usr/local/server/apache/bin/apachectl /etc/init.d/httpd
# chkconfig --add httpd
# chkconfig --list httpd
*** 에러남 httpd 2번째 줄부터 다음 내용 삽입 후 설정.
# chkconfig:2345 90 90
# description: init file for Apache server daemon
# processname: /usr/local/server/apache/bin/apachectl
# config: /usr/local/server/apache/conf/httpd.conf
# pidfile: /usr/local/server/apache/logs/httpd.pid
4-3. 환경 설정.
- user,group -> nobody 로 설정. 143라인
- ServerName 설정 하기.
4-4. 실행 및 테스트
# /etc/init.d/httpd start
- iptable 포트 확인 요망.
# vi /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
# /etc/init.d/iptables restart
5. PHP 설치
- php 버전 : php-5.2.4.tar.bz2
- php 설치경로 : /usr/local/server/php
** configure시 에러메세지 확인 후 libc-client와 libc-client-devel 패키지를 인스톨해 주었다.
** 그리고 net-snmp-devel 패키지도 설치해 주었다.
** 필요 패키지 업데이트.
yum install libc-client libc-client-devel net-snmp-devel bzip
yum install bzip2-devel curl-devel ncurses-devel
-- 책과 홈페이지 짱뽕.
./configure \
--prefix=/usr/local/server/php \
--with-apxs2=/usr/local/server/apache/bin/apxs \
--with-mysql=/usr/local/server/mysql \
--with-mysqli=/usr/local/server/mysql/bin/mysql_config \
--with-pdo-mysql=/usr/local/server/mysql \
--with-config-file-path=/usr/local/server/apache/conf \
--disable-debug \
--enable-safe-mode \
--enable-track-vars \
--enable-sockets \
--with-mod_charset \
--with-charset=utf8 \
--with-xml \
--with-language=korean \
--enable-mailparse \
--enable-calender \
--enable-sysvmsg=yes \
--enable-sysvsem=yes \
--enable-sysvshm=yes \
--enable-ftp \
--enable-magic-quotes \
--enable-gd-native-ttf \
--enable-url-includes \
--enable-trans-id \
--enable-inline-optimization \
--enable-bcmath \
--with-snmp \
--with-zlib \
--with-jpeg \
--with-png \
--with-zlib-dir=/usr \
--with-jpeg-dir=/usr \
--with-png-dir=/usr/lib \
--with-freetype=dir=/usr \
--with-libxml-dir=/usr \
--with-pcre-dir=/usr \
--enable-exif \
--with-gd \
--with-ttf \
--with-gettext \
--with-imap \
--with-imap-ssl \
--with-kerberos \
--with-curl \
--with-ncurses \
--enable-sqlite-utf8 \
--with-regex=php \
--with-bz2 \
--enable-sigchild \
--enable-mbstring \
--with-openssl=/usr
** 홈페이지 에서 설정한 옵션.
./configure \
--prefix=/usr/local/server/php \
--with-apxs2=/usr/local/server/apache/bin/apxs \
--with-mysql=/usr/local/server/mysql \
--with-mysqli=/usr/local/server/mysql/bin/mysql_config \
--with-pdo-mysql=/usr/local/server/mysql \
--with-config-file-path=/usr/local/server/apache/conf \
--enable-magic-quotes \
--enable-mod-charset \
--enable-mbstring \
--enable-sigchild \
--enable-safe-mode \
--enable-bcmath \
--enable-calendar \
--enable-sysvmsg \
--enable-sysvsem \
--enable-sysvshm \
--enable-sockets \
--enable-ftp \
--with-snmp \
--with-openssl=/usr \
--with-zlib=/usr \
--with-zlib-dir=/usr \
--with-jpeg-dir=/usr \
--with-png-dir=/usr \
--with-freetype-dir=/usr \
--with-gd=/usr \
--enable-gd-native-ttf \
--with-ttf \
--with-gettext \
--enable-exif \
--with-xpm-dir=/usr \
--with-libxml-dir=/usr \
--with-pcre-dir=/usr \
--with-imap \
--with-imap-ssl \
--with-kerberos \
--with-curl \
--with-ncurses \
--enable-sqlite-utf8 \
--with-regex=php \
--with-bz2
# make && make install
6. pnp.ini 파일 복사
# pwd
/usr/local/src/php-5.2.5
# cp php.ini-dist /usr/local/server/apache/conf/php.ini
7. apache conf 설정
# cd /usr/local/server/apache/conf/
# vi httpd.conf
<IfModule dir_module>
DirectoryIndex index.php index.html
</IfModule>
<IfModule mime_module>
...생략...
#AddType text/html .shtml
#AddOutputFilter INCLUDES .shtml
AddHandler php5-script .phtml .php .inc .ini .html
# AddType application/x-httpd-php .php .inc .ini .html .php3 .php4 .phtml
AddType application/x-httpd-php-source .phps .incs .inis
</IfModule>
7. apm config 설정 및 튜닝 하기..
-- 추후 추가.
8. mysqladmin 설치.
# wget http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5-all-languages-utf-8-only.tar.gz?download
# wget http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.11.5-all-languages.tar.gz?download
# vi libraries/config.default.php -> 아래 내용 수정.
$cfg['PmaAbsoluteUri'] = 'http://centdev.tsnit.co.kr/phpmyadmin/'
$cfg['Servers'][$i]['auth_type']; = 'http'
파일 복사.
mv
9. ZendOptimizer 설치.
- www.zend.com
# wget http://www.tsnit.com/temp/ZendOptimizer-3.3.3-linux-glibc23-i386.tar.gz
# ./install.sh
- /usr/local/server/Zend - 설치 위치
- /usr/local/server/apache/conf - php.ini 위치
- /usr/local/server/apache/bin/apachectl - apachectl 설치 위치
10. 트래픽 관리 (mod_cband)
- 1.3.x 는 mod_throttle 모듈 사용.
- 2.x : mod_cband 사용
- cband.linux.pl
# wget http://www.lug.or.kr/files/centos_book/download/apache_php_mysql/mod-cband-0.9.7.5.tgz
# ./configure --with-apxs=/usr/local/server/apache/bin/apxs
# make && make install
<ifModule cband_module>
CBandDefaultExceededURL http://www.kideagle.net
<Location /cband-status-me>
SetHandler cband-status-me
</Location>
</ifModule>
==> 616 page 참조..
11. DOS 공격 방어 ( mod_evasive )
- wget http://www.lug.or.kr/files/centos_book/download/apache_php_mysql/mod_evasive_1.10.1.tar.gz
mod_evasive.c -> apache 1.3.x
mod_evasive20.c -> apache 2.x
# cd mod_evasive
# /usr/local/server/apache/bin/apxs -iac mod_evasive20.c
<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 3
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 30
</IfModule>
12. Webalizer 설치.
- wget ftp://ftp.mrunix.net/pub/webalizer/webalizer-2.01-10-src.tgz
- directory 생성 해주기. /usr/local/server/ 하위에
webalizer/bin/webalizer
webalizer/man/man1
# mkdir /usr/local/server/webalizer
# mkdir /usr/local/server/webalizer/bin
# mkdir /usr/local/server/webalizer/bin/webalizer
# mkdir /usr/local/server/webalizer/man
# mkdir /usr/local/server/webalizer/man/man1
# ./configure --prefix=/usr/local/server/webalizer --with-language=korean
# make && make install
- 사용자 Directory 에 weblog 폴더 생성.
# mkdir /usr/local/server/apache/htdocs/weblog
# cp /etc/webalizer.conf.sample /etc/webalizer.conf
# vi webalizer.conf
LogFile /usr/local/server/apache/logs/access_log
OutputDir /usr/local/server/apache/htdocs/weblog
Historyname centdev.tsnit.co.kr
HostName centdev.tsnit.co.kr
- 실행
# /usr/local/server/webalizer/bin/webalizer/webalizer
- cron 등록
# vi /etc/cron.etc/webalizer.sh
#!/bin/bash
/usr/local/server/webalizer/bin/webalizer/webalizer
# crontab -e
*/5 * * * * '/etc/cron.etc/webalizer.sh' --> 5분마다 실행.
- 가상호스트별로 생성 가능.
- 디렉토리 생성.
# mkdir ~book/logs -> 사용자 디렉토리에 apache 로그 폴더 생성.
# mkdir ~book/public_html/weblog -> 사용자 계정에 출력 디렉토리 생성.
- httpd-vhosts.conf 에 각 호스트마다 log 파일 경로 지정.
<VirtualHost *:80>
..
ErrorLog /home/book/logs/error_log
CustomLog /home/book/logs/access_log common
</VirtualHost>
- 환경 설정 파일 생성.
cp /etc/webalizer.conf.sample /etc/webalizer_book.conf
vi /etc/webalizer_book.conf
LogFile /home/book/logs/access_log
OutputDir /home/book/public_html/weblog
HistoryName book.tsnit.co.kr
HostName book.tsnit.co.kr
- 실행 스크립트 생성.
/usr/local/server/webalizer/bin/webalizer/webalizer -c /etc/webalizer-book.conf
- cron 에 등록된 내용에 추가.
# vi /etc/cron.etc/webalizer.sh
/usr/local/server/webalizer/bin/webalizer/webalizer -c /etc/webalizer-book.conf
===============================================================
[CentOS 5.1 zbxe 설치를 위한 APM 설정 설명서]
일반적으로 웹페이지를 운영할때 아파치 자체 디렉토리에서 운영하지 않는다.
즉, 계정 디렉토리에서 운영한다. 계정 디렉토리에서 운영해야 추후 ftp가 가능한 편집기를 이용해서 php소스 수정하기가 편리하다.
아래는 노트북에 설치된 CentOS 5.1에서 제 개인 계정인 multi 유저계정에서 방금 설정한 내용이다.
1. zbxe 다운로드(svn 이용)
* 각 계정은 기본 생성시 700 퍼미션으로 생성되므로 other가 읽을 수 있도록 701퍼미션을 부여하고, 생성하는 public_html 디렉토리 역시 701 퍼미션을 부여한다.
제로보드 XE 설치시 php 상에서 디렉토리를 생성하도록 하고 있으므로 zbxe 디렉토리는 707로 퍼미션을 부여한다.
[multi@localhost multi]# pwd
/home/multi
[multi@localhost multi]# chmod 701 ~multi
[multi@localhost multi]# ls -l /home
합계 12
drwx-----x 22 multi multi 4096 1월 23 16:18 multi
drwx------ 8 test test 4096 1월 12 17:21 test
[multi@localhost multi]# mkdir public_html
[multi@localhost multi]# chmod 701 public_html/
[multi@localhost multi]# ls -al | grep public_html
drwx-----x 4 multi multi 4096 1월 23 16:49 public_html
[multi@localhost multi]# cd public_html/
[multi@localhost public_html]# svn checkout svn://kldp.net/svnroot/zbxe/trunk zbxe
...생략...
A zbxe/classes/handler
A zbxe/classes/handler/Handler.class.php
A zbxe/index.php
체크아웃된 리비전 21.
[multi@localhost public_html]# chmod 707 zbxe
[multi@localhost public_html]$ ls -al | grep zbxe
drwx---rwx 11 multi multi 4096 1월 23 16:28 zbxe
[multi@localhost public_html]#
2. 아파치 설정
multi 계정아래의 public_html 디렉토리를 사용하며, 아래와 같이 아파치 설정파일인 httpd.conf 파일에서 # 주석을 해제해 준다. 그리고 버추얼호스트부분인 httpd-vhosts.conf 파일을 아래와 같이 추가해 준다.
[multi@localhost public_html]$ su -
암호:
[root@localhost ~]# cd /usr/local/server/httpd/conf/
[root@localhost conf]# vi httpd.conf
# Supplemental configuration
#
# The configuration files in the conf/extra/ directory can be
# included to add extra features or to modify the default configuration of
# the server, or you may simply copy their contents here and change as
# necessary.
# Server-pool management (MPM specific)
Include conf/extra/httpd-mpm.conf
# Multi-language error messages
Include conf/extra/httpd-multilang-errordoc.conf
# Fancy directory listings
Include conf/extra/httpd-autoindex.conf
# Language settings
Include conf/extra/httpd-languages.conf
# User home directories
Include conf/extra/httpd-userdir.conf
# Real-time info on requests and configuration
#Include conf/extra/httpd-info.conf
# Virtual hosts
Include conf/extra/httpd-vhosts.conf
# Local access to the Apache HTTP Server Manual
#Include conf/extra/httpd-manual.conf
# Distributed authoring and versioning (WebDAV)
#Include conf/extra/httpd-dav.conf
# Various default settings
Include conf/extra/httpd-default.conf
[root@localhost conf]# vi extra/httpd-vhosts.conf
[root@localhost conf]# vi /usr/local/server/httpd/conf/extra/httpd-vhosts.conf
#
# Virtual Hosts
#
# If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
# <URL:http://httpd.apache.org/docs/2.2/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.
#
# Use name-based virtual hosting.
#
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin webmaster@dummy-host2.example.com
DocumentRoot "/home/multi/public_html"
ServerName 192.168.1.98
# ErrorLog "logs/dummy-host2.example.com-error_log"
# CustomLog "logs/dummy-host2.example.com-access_log common"
</VirtualHost>
[root@localhost conf]#
3. mysql 디비 생성 (디비명 zbxe)
[root@localhost conf]# /usr/local/server/mysql/bin/mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 51
Server version: 5.0.51-log Source distribution
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> create database zbxe;
Query OK, 1 row affected (0.05 sec)
mysql> quit
Bye
[root@localhost conf]#
4. 아파치 재시작
[root@localhost conf]# /etc/init.d/httpd restart
5. http://192.168.1.98/zbxe 로 접속해서 설치한다.
ps.
아 파치에서 일반적으로 디렉토리에 관한 권한 설정은 conf/extra/httpd-userdir.conf 에서 관리하도록 되어 있는데, 여기에 보면 각 계정의 public_html 디렉토리에 대한 권한 설정이 기본적으로 만들어져 있기 때문에 각 계정아래에 public_html 디렉토리만 만들어 주면 되며, httpd.conf 파일에서 Include conf/extra/httpd-userdir.conf 주석을 해제해 주었다.
[root@localhost conf]# cat /usr/local/server/httpd/conf/extra/httpd-userdir.conf
# Settings for user home directories
#
# Required module: mod_userdir
#
# UserDir: The name of the directory that is appended onto a user's home
# directory if a ~user request is received. Note that you must also set
# the default access control for these directories, as in the example below.
#
UserDir public_html
#
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
<Directory "/home/*/public_html">
AllowOverride FileInfo AuthConfig Limit Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
<Limit GET POST OPTIONS>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST OPTIONS>
Order deny,allow
Deny from all
</LimitExcept>
</Directory>
[root@localhost conf]#
아파치에 대한 다른 추가적인 내용들은 CentOS 리눅스 구축관리실무 서적을 참고한다.