Monthly Archives: August 2009

Compile PHP 5.3 on Red Hat Linux

Leave a reply

I recently compiled PHP 5.3 on RHEL 5.3, and I thought that I would share my configuration options.

First install the dependencies:
yum install mysql mysql-server mysql-devel perl-DBD-MySQL perl-DBI httpd httpd-devel httpd-suexec apr apr-devel apr-util apr-util-devel gd gd-devel gd-progs libjpeg-devel libpng-devel freetype-devel freetype-utils libxml2-devel curl-devel

./configure \
–build=i386-redhat-linux \
–host=i386-redhat-linux \
–target=i386-redhat-linux-gnu \
–program-prefix= \
–prefix=/usr \
–exec-prefix=/usr \
–bindir=/usr/bin \
–sbindir=/usr/sbin \
–sysconfdir=/etc \
–datadir=/usr/share \
–includedir=/usr/include \
–libdir=/usr/lib \
–libexecdir=/usr/libexec \
–localstatedir=/var \
–sharedstatedir=/usr/com \
–mandir=/usr/share/man \
–infodir=/usr/share/info \
–with-libdir=lib \
–with-config-file-path=/etc \
–with-config-file-scan-dir=/etc/php.d \
–disable-debug \
–disable-versioning \
–with-pic \
–disable-rpath \
–with-pear \
–with-curl \
–with-exec-dir=/usr/bin \
–with-freetype-dir=/usr \
–without-gdbm \
–with-gettext \
–with-iconv \
–with-expat-dir=/usr \
–with-zlib \
–with-layout=GNU \
–enable-exif \
–enable-ftp \
–enable-magic-quotes \
–enable-sockets \
–enable-sysvsem \
–enable-sysvshm \
–enable-sysvmsg \
–enable-track-vars \
–enable-trans-sid \
–enable-yp \
–enable-wddx \
–with-kerberos \
–enable-ucd-snmp-hack \
–without-unixODBC \
–enable-memory-limit \
–enable-shmop \
–enable-calendar \
–enable-dbx \
–enable-dio \
–with-mysql=/usr \
–with-mysql-sock=/var/lib/mysql/mysql.sock \
–with-mysqli=/usr/bin/mysql_config \
–with-apxs2=/usr/sbin/apxs \
–without-sqlite \
–with-xml \
–without-odbc \
–enable-dom \
–disable-dba \
–enable-pdo \
–enable-xmlreader \
–enable-xmlwriter \
–with-xmlrpc \
–with-soap \
–with-gd \
–with-openssl \
–with-libxml-dir=/usr \
–disable-cgi

make
make test
make install

You should have a working version of PHP 5.

Check your version:
php -v

Check your modules:
php -i

Setup name based virtual hosts in Apache

Leave a reply

Setting up name based virtual hosts in Apache is fairly easy. Create a new file in /etc/httpd/conf.d, which on Red Hat will be loaded automatically by /etc/httpd/conf/httpd.conf.

Using the vi editor, I will create the following file.
vi /etc/httpd/conf.d/virtualhosts.conf

The file contents:

Options Indexes FollowSymLinks
AllowOverride FileInfo
Order allow,deny
Allow from all

NameVirtualHost *:80


ServerAdmin webmaster@sample.com
DocumentRoot “/www/docs/www.sample.com”
ServerName www.sample.com
ErrorLog logs/www.sample.com-error_log
CustomLog logs/www.sample.com-access_log common


ServerAdmin webmaster@sample.com
DocumentRoot “/www/docs/www2.sample.com”
ServerName www2.sample.com
ErrorLog logs/www2.sample.com-error_log
CustomLog logs/www2.sample.com-access_log common


ServerAdmin webmaster@sample.com
DocumentRoot “/www/docs/www3.sample.com”
ServerName www3.sample.com
ErrorLog logs/www3.sample.com-error_log
CustomLog logs/www3.sample.com-access_log common

The above configuration file will create three virtual hosts in the /www/docs directory.

If you have selinux enabled, use the following command to make this directory tree readable by Apache–“-R” means recursive.

chcon -R system_u:object_r:httpd_sys_content_t /www

Verify the selinux permissions:
ls -Z /www

Encrypt a partition with Dm-crypt and Linux Unified Key Setup

Leave a reply

Dm-crypt is preferred over TrueCrypt, since dm-crypt is included in the linux kernel and since most distributions include the cryptsetup or cryptsetup-luks package. Moreover, volume encryption (rather than the per file encryption that you get with ecryptfs) is preferred, unless you need to do incremental backups of your file system. LUKS (or Linux Unified Key Setup) is the upcoming standard for Linux hard disk encryption. So, I recommend the cryptsetup-luks package.

First, fill an encrypted disk with initial random data. This makes breaking the passphrase so much harder.
/sbin/badblocks -c 10240 -s -w -t random -v /dev/sdd
OR
dd if=/dev/urandom of=/dev/sdd

Next, partition the new drive.
/sbin/fdisk /dev/sdd

Next, it is time to create a LUKS passphrase.
cryptsetup –verbose –verify-passphrase luksFormat /dev/sdd1
Enter a passphrase of your choice, the longer and more complex the better.

Now, map the logical partition to the physical partition.
cryptsetup luksOpen /dev/sdd1 crypt1
OR
cryptsetup luksOpen /dev/sdd1 sdd1
After you map it, confirm that you created a logical device
ls -al /dev/mapper

Next, format the logical device.
/sbin/mkfs.ext3 -j /dev/mapper/sdc1

Finally, mount the logical device.
mkdir /data
mount /dev/mapper/crypt1 /data

A good Web site for the commands above is:
saout.de

To add an additional passphrase key:
cryptsetup luksAddKey /dev/sdd1

To delete the first passphrase key:
cryptsetup luksDelKey /dev/sdd1 0
Warning: Your data will be lost forever if you delete all of your keys.

To unmount and close:
umount /data
cryptsetup luksClose sdd1

To remount:
cryptsetup luksOpen /dev/sdd1 sdd1
mount /dev/mapper/crypt1 /data