一、系统约定
软件源代码包存放位置:/usr/local/src源码包编译安装位置(prefix):/usr/local/software_name
脚本以及维护程序存放位置:/usr/local/sbin
MySQL 数据库位置:/var/lib/MySQL(可按情况设置)
Apache 网站根目录:/home/www/wwwroot(可按情况设置)
Apache 虚拟主机日志根目录:/home/www/logs(可按情况设置)
Apache 运行账户:www:www
二、系统环境部署及调整
1. 检查系统是否正常
1 2 3 4 |
# more /var/log/messages(检查有无系统级错误信息)
# dmesg(检查硬件设备是否有错误信息) # ifconfig(检查网卡设置是否正确) # ping www.163.com(检查网络是否正常) |
1 2 3 4 5 6 7 8 9 10 |
# ntsysv
以下仅列出需要启动的服务,未列出的服务一律推荐关闭: atd crond irqbalance microcode_ctl network sendmail sshd syslog |
1 |
# init 6
|
1 |
# vi /root/.bashrc
|
1 |
# echo 'syntax on' > /root/.vimrc
|
1 2 |
# yum install ntp vim-enhanced gcc gcc-c++ gcc-g77 flex
bison autoconf automake bzip2-devel ncurses-devel libjpeg-devel libpng-devel libtiff-devel freetype-devel pam-devel kerne |
1 |
# crontab -e
|
1 |
*/30 * * * * ntpdate 210.72.145.44
|
需要下载的文件
1 2 3 4 5 6 7 |
gd-2.0.34.tar.gz
libxml2-2.6.30.tar.bz2 libmcrypt-2.5.8.tar.bz2 cronolog-1.7.0-beta.tar.gz openssl-0.9.8e.tar.gz (可选) openssl-0.9.8e.tar.gz (可选) |
1 2 3 4 5 6 |
# cd /usr/local/src
# tar xzvf gd-2.0.34.tar.gz # cd gd-2.0.34 # ./configure --prefix=/usr/local/gd2 # make # make install |
1 2 3 4 5 6 |
# cd /usr/local/src
# tar xjvf libxml2-2.6.30.tar.bz2 # cd libxml2-2.6.30 # ./configure --prefix=/usr/local/libxml2 # make # make install |
1 2 3 4 5 6 |
# cd /usr/local/src
# tar xjvf libmcrypt-2.5.8.tar.bz2 # cd libmcrypt-2.5.8 # ./configure –prefix=/usr/local/libmcrypt # make # make install |
1 2 3 4 5 6 |
# cd /usr/local/src
# tar xzvf cronolog-1.7.0-beta.tar.gz # cd cronolog-1.7.0-beta # ./configure –prefix=/usr/local/cronolog # make # make install |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
# cd /usr/local/src
# tar xzvf openssl-0.9.8e.tar.gz # cd openssl-0.9.8e # ./config --prefix=/usr/local/openssl # make # make test # make install # cd .. # tar xzvf openssh-4.7p1.tar.gz # cd openssh-4.7p1 # ./configure "--prefix=/usr" "--with-pam" "--with-zlib" "--sysconfdir=/etc/ssh" "--with-ssl-dir=/usr/local/openssl" "--with-md5-passwords" # make # make install |
1 |
#Protocol 2,1
|
1 |
Protocol 2
|
1 2 |
# useradd username
# passwd username |
1 |
#PermitRootLogin yes
|
1 |
PermitRootLogin no
|
1 2 |
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes |
1 |
#UseDNS yes
|
1 |
UseDNS no
|
1 |
# vi /etc/ssh/ssh_config
|
1 |
GSSAPIAuthentication yes
|
最后,确认修改正确后重新启动 SSH 服务
1 2 |
# service sshd restart
# ssh -v |
三、编译安装L.A.M.P环境
1. 下载软件1 |
# cd /usr/local/src
|
1 2 3 |
http://www.apache.org/ (推荐版本:2.2.21)
http://www.php.net/ (推荐版本:5.2.17) http://www.mysql.com/ |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
# tar xzvf MySQL-5.0.45-linux-i686-glibc23.tar.gz
# mv MySQL-5.0.45-linux-i686-glibc23 /usr/local/ # ln -s /usr/local/ MySQL-5.0.45-linux-i686-glibc23 /usr/local/MySQL # useradd MySQL # chown -R MySQL:root /usr/local/MySQL/ # cd /usr/local/MySQL # ./scripts/MySQL_install_db --user=MySQL # cp ./support-files/MySQL.server /etc/rc.d/init.d/MySQLd # chown root:root /etc/rc.d/init.d/MySQLd # chmod 755 /etc/rc.d/init.d/MySQLd # chkconfig --add MySQLd # chkconfig --level 3 5 MySQLd on # cp ./support-files/my-huge.cnf /etc/my.cnf # mv /usr/local/MySQL/data /var/lib/MySQL # chown -R MySQL:MySQL /var/lib/MySQL/ # vi /etc/my.cnf |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
# cd /usr/local/src
# tar xjvf httpd-2.2.21.tar.bz2 # cd httpd-2.2.21 # ./configure "--prefix=/usr/local/apache2" "--with-included-apr" "--enable-so" "--enable-deflate=shared" "--enable-expires=shared" "--enable-rewrite=shared" "--enable-static-support" "--disable-userdir" # make # make install # echo '/usr/local/apache2/bin/apachectl start ' >> /etc/rc.local |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
# cd /usr/local/src
# tar xjvf php-5.2.17.tar.bz2 # cd php-5.2.17 # ./configure "--prefix=/usr/local/php" "--with-apxs2=/usr/local/apache2/bin/apxs" "--with-config-file-path=/usr/local/php/etc" "--with-MySQL=/usr/local/MySQL" "--with-libxml-dir=/usr/local/libxml2" "--with-gd=/usr/local/gd2" "--with-jpeg-dir" "--with-png-dir" "--with-bz2" "--with-freetype-dir" "--with-iconv-dir" "--with-zlib-dir " "--with-openssl=/usr/local/openssl" "--with-mcrypt=/usr/local/libmcrypt" "--enable-soap" "--enable-gd-native-ttf" "--enable-ftp" "--enable-mbstring" "--enable-exif" "--disable-ipv6" "--disable-cgi" "--disable-cli" # make # make install # mkdir /usr/local/php/etc # cp php.ini-dist /usr/local/php/etc/php.ini |
1 |
# vi /usr/local/apache2/conf/httpd.conf
|
1 |
AddType application/x-gzip .gz .tgz
|
1 |
AddType application/x-httpd-php .php
|
1 |
DirectoryIndex index.html
|
1 |
DirectoryIndex index.html index.htm index.php
|
1 2 3 4 |
#Include conf/extra/httpd-mpm.conf
#Include conf/extra/httpd-info.conf #Include conf/extra/httpd-vhosts.conf #Include conf/extra/httpd-default.conf |
1 |
# /usr/local/apache2/bin/apachectl restart
|
在网站根目录放置 phpinfo.php 脚本,检查phpinfo中的各项信息是否正确。
确认 PHP 能够正常工作后,在 php.ini 中进行设置提升 PHP 安全性。
1 |
# vi /etc/php.ini
|
1 |
disable_functions =
|
1 2 |
phpinfo,passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,
ini_alter,ini_restore,dl,pfsockopen,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server |
转载请注明来源网址:青锋建站-http://www.sjzphp.com/webdis/lamp_install_823.html