PHP4 Installation
From PhoenixWing
This is the way I compile PHP on CentOS & RedHat based systems. Why not compile from source and use methods others might suggest? For one, I find no need for --enable-versioning, unless you are installing two different versions of PHP on the same machine (which, with PHP4, was only beneficial when upgrading from PHP3). Second, I also prefer to allow the end user to have access to XML, XSLT, and the necessary graphics libraries such as GD, ImageMagick and their dependencies: libpng, libjpeg, libtiff & freetype. This allows the user to install most web applications (insert Web 2.0 annoyance here) without having to email and/or call me every time they have a new PHP application. Plus, not every system has the same software, and not every customer has the same needs. This setup, will satisfy most folks utilizing PHP.
First, you need to install the following RPM packages using "yum install <pkgs>", or download them, and install using "rpm -ivh <package_name>:
libpng libpng-devel libjpeg libjpeg-devel libexif libexif-devel libtiff libtiff-devel libxslt libxslt-devel libxml2 libxml2-devel curl curl-devel zlib zlib-devel bzip2 bzip2-devel gd gd-devel gd-progs ImageMagick-devel ImageMagick-perl ImageMagick freetype freetype-devel fontconfig fontconfig-devel
In addition, you will need MySQL to be installed. My preferred method (and this has been debated on all sides) is to use the http://dev.mysql.com/ RPM packages for RHELx i386 (use the ones for your specific setup & processor type).
As of this writing, this is the latest version needed:
MySQL-client-community-5.0.67-0.rhel5.i386.rpm MySQL-server-community-5.0.67-0.rhel5.i386.rpm MySQL-devel-community-5.0.67-0.rhel5.i386.rpm MySQL-shared-compat-5.0.67-0.rhel5.i386.rpm
After installing MySQL, copy the config file from "/usr/share/doc/MySQL-server-community-5.0.67/my-large.cnf" to "/etc/my.cnf". Edit to suit, most of the time this is not needed, however I usually uncomment "skip-networking" on boxes that will not be connected to remotely, ie: that would be highly NOT recommended for a customers with backend database servers, see? Then run the command "mysql_secure_installation". Enter no password as by default root has none... and then when prompted to do so, set one. Be sure to write it down and add it to your notes. Say "yes" when prompted to remove anonymous users and the test database, and to flush the privileges. MySQL has been secured, congratulations! Now run "service mysql stop", and then "service mysql start" to make MySQL start up with the new configuration file.
Install the Perl DBD driver for MySQL:
perl-DBD-MySQL
Once those packages are installed, I configure php with the following in PHP's source directory:
./configure --prefix=/usr --with-apxs=/usr/sbin/apxs \ --sysconfdir=/etc --with-config-file-path=/etc --with-mysql=/usr --with-zlib \ --enable-mbstring --with-gd --with-gettext --enable-bcmath --enable-calendar \ --with-bz2 --with-curl --enable-exif --with-pear --with-openssl --enable-ftp \ --with-png-dir=/usr --with-jpeg-dir=/usr --with-tiff-dir=/usr --enable-shmop \ --enable-gd-native-ttf --with-freetype-dir=/usr --enable-magic-quotes \ --with-xml --with-xmlrpc --enable-inline-optimization --enable-sysvsem \ --enable-memory-limit
Follow this by running "make" to compile the source.
Next, if you have PHP rpm's installed, run "rpm -e php" to remove them.
Finally, "make install", to update apache & install PHP.
Locate the php.ini file ($SRCDIR/php.ini-recommended or similar) and copy to /etc/php.ini. Now, I try to make PHP as secure as I can, taking into account not all software is secure in itself.
At the very least, make sure "magic_quotes_gpc" is enabled, as it will save quite a few headaches. I tend not to want outsiders to see my errors, so I set "display_errors" to 'Off', "log_errors" to 'On' and "log_errors_max_len" to '0', this way errors end up in my apache error_log, in their entirety. I also set "register_globals" to 'Off' to support better programming. It helps to know who's updating their software to be more secure, and know that the older, less supported stuff may potentially be apt to hack attempts.
Once you've edited the php.ini file, restart apache using "apachectl stop" & "apachectl start (or startssl)".
Voila... all done.
Now, you can add another user with root-like privileges to MySQL and give that to the customer for use with their server. I personally wouldn't give a customer the root user without them specifically requesting it. To do so, simply follow this:
mysql -u root -p mysqlAdd the user:
GRANT ALL PRIVILEGES ON *.* TO 'username'@'localhost' IDENTIFIED BY 'C0mPl3xP4s5w0rD' WITH GRANT OPTION;Reload privileges:
FLUSH PRIVILEGES;Verify they are setup:
SELECT * FROM user WHERE User = 'username'\G
- NOTE: choose a better password than what I've mentioned. That's too easy ;)
