Search Linux.com:
Go to Section:
  Tuesday the 14th   About :: Contact :: Link Us! :: Logos :: Prefs :: Print :: Sections :: Staff :: Volunteer   November 2000  


Linux.com Newsletter
Sign up for the Linux.com newsletter @O'Reilly!

Use our news!
Snarf the latest headlines from Linux.com for use on your site.

Journal of Linux Technology



Installing and Configuring: MySQL, Apache with SSL, PHP, and mod_perl
  by Paul Summers - Fri, 10 Nov 2000 03:56:27am

The first thing you'll need is fairly obvious. A box of some form running a GNU/Linux flavor of some sort (Or BSD, Solaris, etc). Fortunately, there are lots of boxes laying around in most educational and business environments running this weird thing called windows that are perfect candidates for such liberations.

So, from this point forward, we'll assume you have a x86 computer running Debian GNU/Linux. We'll also assume you have a basic understanding of how to use a UNIX shell, and that you have superuser access to the machine. Everything in this example can be done remotely via ssh or telnet as well as locally from the machine console.

Step 1:

First off, you will want to set up a directory structure to install and compile everything. Some people use the standard locations when installing everything. If you're only running a few machines, or only one OS, there's nothing wrong with this. You can install everything in /usr/bin or /usr/local/bin or /export/home/web or wherever your OS of choice decides to put things.

Experience has shown me that using one general directory scheme for commonly messed with things (namely apache as I'm always adding vhosts and the like) is a good thing™. This way, I don't have to go hunting around for things and trying to remember each and every OS's directory scheme. So, when I'm setting up a new box for apache and mysql, I use /usr/www/ for apache's root directory, and /usr/db/ for mysql. So we do this:

# mkdir /usr/www
followed by:
# mkdir /usr/db
It's also a good idea to set up directories for everything we're going to build into apache. Keeps things tidy.
# mkdir /usr/www/php
# mkdir /usr/www/mod_ssl
# mkdir /usr/www/openssl
# mkdir /usr/www/mm
# mkdir /usr/www/logs

Now that we have our directory structure, we should set up user accounts to own these directories. Running daemons like apache or mysql as root is generally not a good idea. Now, mysql's build scripts create user accounts for itself, so all we have to deal with is apache. Add a user account www with whatever adduser utility you might prefer. Or, you can just add the entries right into /etc/passwd. I also create a www group for the www user to make things simple for future group-based permissions and the like. Under debian you'd do this:

# adduser
which would give you the standard adduser options:
Enter username to add: www Adding user www... Adding new group www (1002). Adding new user www (1002) with group www. Creating directory /home/www. Copying files from /etc/skel Enter new UNIX password: Retype new UNIX password: Changing user information for www . . . You can then edit /etc/passwd to disable logins for the www account. This is usually done by replacing the shell specification with something like /sbin/nologin. which is basically just a simple shell script that echos something like "Sorry, this account is disabled."

Now it's time to grab the source for the software you want to install. Assuming you have wget installed, it's quick and easy to grab it. If not, you can visit the mysql.com and apache.org web sites and get the source via http or ftp. However, if you have wget, you can do things the easy way. (If you don't, apt-get install wget under Debian)

# cd /usr/db
# wget http://www.mysql.com/Downloads/MySQL-3.22/mysql-3.22.32.tar.gz
# cd /usr/www
# wget http://httpd.apache.org/dist/apache_1.3.14.tar.gz
# wget http://perl.apache.org/dist/mod_perl-1.24.tar.gz
# wget "http://www.php.net/do_download.php?download_file=php-4.0.3pl1.tar.gz&source_site=www.php.net"
(note the quotes around the url due to the screwy download string for this one.)
# wget http://www.openssl.org/source/openssl-0.9.6.tar.gz
# wget http://www.modssl.org/source/mod_ssl-2.7.1-1.3.14.tar.gz
# wget http://www.engelschall.com/sw/mm/mm-1.1.3.tar.gz

Now, you can gunzip and untar the source.

# gunzip /usr/db/mysql-3.22.32.tar.gz
# gunzip /usr/www/apache_1.3.14.tar.gz
# gunzip /usr/www/openssl-0.9.6.tar.gz
# gunzip /usr/www/mod_ssl-2.7.1-1.3.14.tar.gz
# gunzip /usr/www/mm-1.1.3.tar.gz
# gunzip /usr/www/php-4.0.3pl1.tar.gz
# gunzip /usr/www/mod_perl-1.24.tar.gz
# cd /usr/db
# tar -xf mysql-3.22.32.tar
# cd /usr/www
# tar -xf apache_1.3.14.tar
# tar -xf openssl-0.9.6.tar.gz
# tar -xf mod_ssl-2.7.1-1.3.14.tar.gz
# tar -xf mm-1.1.3.tar
# tar -xf php-4.0.3pl1.tar.gz
# tar -xf mod_perl-1.24.tar.gz

Now, you can get rid of the source tarballs.

# rm /usr/db/mysql-3.22.32.tar
# rm /usr/www/*.tar

At this point, you can begin the build of MySQL. First, change to the source directory.
# cd /usr/db/mysql-3.22.32/

Now configure the source to build on your system. Note the directory location.
# configure --prefix=/usr/db

The configuration script will now check your system and attempt to configure the MySQL makefile for it. Assuming it doesn't run into any problems, it should complete without errors. Now you are ready to build the mysql source. How long the build takes will vary depending on your system, but it will usually grind away for anywhere between 3-15 minutes.
# make

The last output you should see will be something like:

make[2]: Leaving directory `/usr/db/mysql-3.22.32/support-files'
make[2]: Entering directory `/usr/db/mysql-3.22.32'
make[2]: Leaving directory `/usr/db/mysql-3.22.32/support-files'
make[1]: Leaving directory `/usr/db/mysql-3.22.32'

You can now begin the install of MySQL.
# make install

This will exit with a similar syntax, and you should now have the full MySQL directory structure in /usr/db/.

Now you'll want to install the MySQL database. While in /usr/db/mysql-3.22.32/.
# cd scripts
# make install
# chmod +x mysql_install_db.sh
# ./mysql_install_db.sh

Now remove the executable permission from the install db script.
# chmod -x mysql_install_db.sh

Now, you can start up the MySQL server and set a root password for the MySQL server:
# cd /usr/db/bin
# ./safe_mysqld &
# ./mysqladmin -u root password 'new-password'

If you use the mysql binaries often, you may want to add /usr/db/bin to your shell path variable. Now you can test out your MySQL server and make sure all is working properly.

# mysql --user=root -p

You should see something like:

# mysql --user=root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2 to server version: 3.22.32
mysql> status
mysql Ver 9.38 Distrib 3.22.32, for pc-linux-gnu (i686)

Connection id: 2
Current database:
Current user: root@localhost
Server version 3.22.32
Protocol version 10
Connection Localhost via UNIX socket
UNIX socket /tmp/mysql.sock
Uptime: 3 min 27 sec

Threads: 1 Questions: 15 Slow queries: 0 Opens: 7 Flush tables: 1 Open tables: 3


Step 2:

Now we move on to building all of the SSL software. Unlike PHP and mod_perl, mod_ssl is built directly into the Apache server, instead of running as a module. The first thing to do is install MM, the Shared Memory Library. Change to the mm source directory:

# cd /usr/www/mm-1.1.3

Then, configure the makefile:

# ./configure --prefix=/usr/www/mm

Now, build the source:

# make

Once built, test the build:

# make test

You should get a confirmation: "OK - ALL TESTS SUCCESSFULLY PASSED." Finally, install the files:

# make install

Step 3:

Now we build OpenSSL. First, change to the OpenSSL source directory:

# cd /usr/www/openssl-0.9.6

Now run the config script:

# ./config --prefix=/usr/www --openssldir=/usr/www/openssl

Then build it:

# make

Then test it:

# make test

And install it:

# make install

Step 4:

You're getting there. All that is left to do is build and install PHP and mod_perl, configure Apache, and start the server. Now we will build mod_ssl. Change to the mod_ssl source directory:

# cd /usr/www/mod_ssl-2.7.1-1.3.14

Now, you'll want to specify the options needed to configure the Makefile. If you already have a signer SSL certificate, specify it's location and key database in the config line. If not, you can generate/add them later. Note the prefix option, as well as the others. This configure line will enable the rewrite module, the speling module, and the DSO module.:

# ./configure --with-apache=/usr/www/apache_1.3.14 --with-ssl=/usr/www/openssl-0.9.6 --with-mm=/usr/www/mm [--with-crt=/path/to/server.cft] [--with-key=/path/to/server.key] --prefix=/usr/www --enable-shared=ssl --prefix=/usr/www --enable-module=rewrite --enable-shared=rewrite --enable-module=speling --enable-module=so

Once configured, you'll want to build the source. However, this is done in Apache's source directory. Change to that directory:

# cd /usr/www/apache_1.3.14

Now build the source. Again, the time it takes to compile will vary between systems. It usually takes less then 10 minutes.

# make

make will terminate with something like:

make[2]: Leaving directory `/usr/www/apache_1.3.14/src/support'
<=== src/support
make[1]: Leaving directory `/usr/www/apache_1.3.14'
<=== src

Then, make a certificate. You will be prompted for the information needed to make a self-signed certificate, which you can use in place of a signer certificate, or for development until you get one.

# make certificate

Finally, install the server.

# make install

When finished, you'll be given a message confirming the installation. Do not follow its instructions with regard to starting the server. Now the real fun starts, and we begin installing modules to take care of the other services we want.

Step 5:

Now we install PHP into Apache. First, move to the source directory.

# cd /usr/www/php-4.0.3pl1

Now, configure the Makefile. Using this string, we will enable mySQL support, and use Apache's DSO module to interface. As well, we specify where Apache's APXS script is, and where we want to dump the PHP files. You'll want to make sure you have flex installed before doing this, as the configure script seems to like it.

# ./configure --prefix=/usr/www/php --with-mysql --with-apxs=/usr/www/bin/apxs

The configure script should finish without error, and warn you about using built-in MySQL support. So long as you aren't using any other server modules which play with MySQL, you should be fine. Else, you may want to recompile Apache with mod_auth_mysql enabled. Now we build the source.

# make

The compile should complete without error, and will take around 10 minutes on the average system. Now, install the built source.

# make install

Once installed, you can verify the module has been loaded by inspecting /usr/www/conf/httpd.conf. You should have:

LoadModule php4_module libexec/libphp4.so
AddModule mod_php4.c

in the DSO section of the file. Also, you should uncomment the following lines:

#AddType application/x-httpd-php .php
#AddType application/x-httpd-php-source .phps

Step 6:

Now we install mod_perl into Apache. First, move to the source directory. Be sure that you have perl installed.

# cd /usr/www/mod_perl-1.24

Now build mod_perl. Note that you must have perl installed to do this. We want to use Apache's AXPS to auto-magically integrate mod_perl into the server, so...

# perl Makefile.PL NO_HTTPD=1 USE_APXS=1 WITH_APXS=/usr/www/bin/apxs APACHE_PREFIX=/usr/www

Note that this will build the base mod_perl. If you want some of the extra spiffy features enabled like PerlSSI and so forth, read the installation file and enable them by adding them to the makefile string. For example, # perl Makefile.PL NO_HTTPD=1 USE_APXS=/usr/www/bin/apxs PERL_SSI=1 would turn on PerlSSI.

Once configured, you can make and install mod_perl. If you get a warning about perl being linked against libgdbm, you can get away with symlinking; ln -s/usr/lib/libgdbm.so.1.7.3 /usr/lib/libgdbm.so and re-running the configure script should fix it. You may also wish to apt-get install libwww-perl.

# make

Once the compile is done, you can run # make test to make sure everything works, but if the compile finished without error, you can usually get away with skipping it and installing mod_perl.

# make install

Once installed, you can verify the module has been loaded by inspecting /usr/www/conf/httpd.conf. You should have:

LoadModule perl_module libexec/libperl.so
AddModule mod_perl.c

To keep things tidy, you can symlink the build directory to something less verbose.

# ln -s /usr/www/mod_perl-1.24 /usr/www/mod_perl

Step 7:

Now you'll want to configure Apache by editing the /usr/www/conf/httpd.conf file. Instead of go through the file step by step, I have included a slimmed down version (less the descriptions) here, with my own comments added in. This should successfully allow apache to start. So, crank up your favorite editor, and make httpd.conf look like this. :)

# vim /usr/www/conf/httpd.conf

## httpd.conf -- Apache HTTP server configuration file

ServerType standalone
ServerRoot "/usr/www"

#LockFile /var/run/apache.lock

PidFile /var/run/apache.pid
ScoreBoardFile /var/run/apache.scoreboard
ResourceConfig /dev/null
AccessConfig /dev/null

Timeout 300
KeepAlive On

MaxKeepAliveRequests 100
KeepAliveTimeout 15
MinSpareServers 5
MaxSpareServers 10
StartServers 5
MaxClients 256

MaxRequestsPerChild 0

#BindAddress *

# Dynamic Shared Object (DSO) Support

LoadModule vhost_alias_module libexec/mod_vhost_alias.so
LoadModule env_module libexec/mod_env.so
LoadModule define_module libexec/mod_define.so
LoadModule config_log_module libexec/mod_log_config.so
LoadModule mime_magic_module libexec/mod_mime_magic.so
LoadModule mime_module libexec/mod_mime.so
LoadModule negotiation_module libexec/mod_negotiation.so
LoadModule status_module libexec/mod_status.so
LoadModule info_module libexec/mod_info.so
LoadModule includes_module libexec/mod_include.so
LoadModule autoindex_module libexec/mod_autoindex.so
LoadModule dir_module libexec/mod_dir.so
LoadModule cgi_module libexec/mod_cgi.so
LoadModule asis_module libexec/mod_asis.so
LoadModule imap_module libexec/mod_imap.so
LoadModule action_module libexec/mod_actions.so
LoadModule speling_module libexec/mod_speling.so
LoadModule userdir_module libexec/mod_userdir.so
LoadModule alias_module libexec/mod_alias.so
LoadModule rewrite_module libexec/mod_rewrite.so
LoadModule access_module libexec/mod_access.so
LoadModule auth_module libexec/mod_auth.so
LoadModule anon_auth_module libexec/mod_auth_anon.so
LoadModule db_auth_module libexec/mod_auth_db.so
LoadModule digest_module libexec/mod_digest.so
LoadModule proxy_module libexec/libproxy.so
LoadModule cern_meta_module libexec/mod_cern_meta.so
LoadModule expires_module libexec/mod_expires.so
LoadModule headers_module libexec/mod_headers.so
LoadModule usertrack_module libexec/mod_usertrack.so
LoadModule unique_id_module libexec/mod_unique_id.so
LoadModule setenvif_module libexec/mod_setenvif.so
# Mod_Perl
LoadModule perl_module libexec/libperl.so
# PHP4
LoadModule php4_module libexec/libphp4.so
<IfDefine SSL>
LoadModule ssl_module libexec/libssl.so

# Reconstruction of the complete module list from all available modules
# (static and shared ones) to achieve correct module execution order.
AddModule mod_vhost_alias.c
AddModule mod_env.c
AddModule mod_define.c
AddModule mod_log_config.c
AddModule mod_mime_magic.c
AddModule mod_mime.c
AddModule mod_negotiation.c
AddModule mod_status.c
AddModule mod_info.c
AddModule mod_include.c
AddModule mod_autoindex.c
AddModule mod_dir.c
AddModule mod_cgi.c
AddModule mod_asis.c
AddModule mod_imap.c
AddModule mod_actions.c
AddModule mod_speling.c
AddModule mod_userdir.c
AddModule mod_alias.c
AddModule mod_rewrite.c
AddModule mod_access.c
AddModule mod_auth.c
AddModule mod_auth_anon.c
AddModule mod_auth_db.c
AddModule mod_digest.c
AddModule mod_proxy.c
AddModule mod_cern_meta.c
AddModule mod_expires.c
AddModule mod_headers.c
AddModule mod_usertrack.c
AddModule mod_unique_id.c
AddModule mod_so.c
AddModule mod_setenvif.c
AddModule mod_perl.c
AddModule mod_php4.c
<IfDefine SSL>
AddModule mod_ssl.c

#ExtendedStatus On

Port 80

## SSL Support

<IfDefine SSL>
Listen 80
Listen 443

#User nobody
#Group nobody
User www
Group www

ServerAdmin you@host.com
ServerName host.com

DocumentRoot "/usr/www/htdocs"

#<Directory />
# Options FollowSymLinks
# AllowOverride None

<Directory "/usr/www/htdocs">
Options All MultiViews
AllowOverride All
Order allow,deny
Allow from all
Deny from lus3r.haxX0r.org

UserDir public_html

DirectoryIndex index.html index.shtml index.htm index.pl index.cgi index.phtml index.php

AccessFileName .htaccess

<Files ~ "^\.ht">
Order allow,deny
Deny from all

UseCanonicalName On

TypesConfig /usr/www/conf/mime.types

DefaultType text/plain

<IfModule mod_mime_magic.c>
MIMEMagicFile /usr/www/conf/magic

HostnameLookups Off

ErrorLog /usr/www/logs/errors.log
LogLevel warn

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

#CustomLog /var/log/apache_access_log common
#CustomLog /var/log/apache_referer_log referer
#CustomLog /var/log/apache_agent_log agent
CustomLog /usr/www/logs/apache.access.log combined

ServerSignature Email

Alias /icons/ "/usr/www/htdocs/icons/"

<Directory "/usr/www/htdocs/icons">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all

ScriptAlias /cgi-bin/ "/usr/www/htdocs/cgi-bin/"

<Directory "/usr/www/htdocs/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all

IndexOptions FancyIndexing

AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip

AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*

AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core

AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^

DefaultIcon /icons/unknown.gif

AddDescription "GZIP compressed document" .gz
AddDescription "tar archive" .tar
AddDescription "GZIP compressed tar archive" .tgz

ReadmeName README
HeaderName HEADER

IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t

AddEncoding x-compress Z
AddEncoding x-gzip gz tgz

AddLanguage da .dk
AddLanguage nl .nl
AddLanguage en .en
AddLanguage et .ee
AddLanguage fr .fr
AddLanguage de .de
AddLanguage el .el
AddLanguage it .it
AddLanguage pt .pt
AddLanguage ltz .lu
AddLanguage ca .ca
AddLanguage es .es
AddLanguage sv .se
AddLanguage cz .cz

LanguagePriority en da nl et fr de el it pt ltz ca es sv

# And for PHP 4.x, use:
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps

AddType application/x-tar .tgz

AddHandler cgi-script .cgi

AddType text/html .shtml
AddHandler server-parsed .shtml

#AddHandler send-as-is asis
#AddHandler imap-file map
#AddHandler type-map var
#MetaDir .web
#MetaSuffix .meta

XBitHack full
CheckSpelling on

BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0

<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from localhost

<Location /server-info>
SetHandler server-info
Order deny,allow
Deny from all
Allow from localhost

PerlModule Apache::Registry

<Location /perl-bin>
SetHandler perl-script
PerlHandler Apache::Registry
Options ExecCGI
PerlSendHeader on

<Files ~ "\.pshtml$">
SetHandler perl-script
PerlHandler Apache:SSI

<Location /cgi-bin/phf*>
Deny from all
ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi


## SSL Global Context
## All SSL configuration in this context applies both to
## the main server and all SSL-enabled virtual hosts.

# Some MIME-types for downloading Certificates and CRLs
<IfDefine SSL>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl

<IfModule mod_ssl.c>

SSLPassPhraseDialog builtin

#SSLSessionCache none
#SSLSessionCache shm:/var/run/apache_ssl_scache(512000)
SSLSessionCache dbm:/var/run/apache_ssl_scache
SSLSessionCacheTimeout 300

SSLMutex file:/var/run/apache_ssl_mutex

# Use Builtin for *BSD
#SSLRandomSeed startup builtin
#SSLRandomSeed connect builtin
SSLRandomSeed startup file:/dev/random 512
SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect file:/dev/random 512
SSLRandomSeed connect file:/dev/urandom 512

SSLLog /var/log/apache_ssl_engine_log
SSLLogLevel info


<IfDefine SSL>
## SSL Virtual Host Context

DocumentRoot "/usr/www/htdocs"
ServerName secure.localhost.net
ServerAdmin you@host.com
ErrorLog /usr/www/logs/error.ssl.log
TransferLog /usr/www/logs/access.ssl.log
Options All MultiViews
IndexOptions FancyIndexing

SSLEngine on

SSLCertificateFile /usr/www/conf/ssl.crt/server.crt
#SSLCertificateFile /usr/www/conf/ssl.crt/server-dsa.crt
SSLCertificateKeyFile /usr/www/conf/ssl.key/server.key
#SSLCertificateKeyFile /usr/www/conf/ssl.key/server-dsa.key
#SSLCertificateChainFile /usr/www/conf/ssl.crt/ca.crt
#SSLCACertificatePath /usr/www/conf/ssl.crt
#SSLCACertificateFile /usr/www/conf/ssl.crt/ca-bundle.crt
#SSLCARevocationPath /usr/www/conf/ssl.crl
#SSLCARevocationFile /usr/www/conf/ssl.crl/ca-bundle.crl

#SSLVerifyClient require
#SSLVerifyDepth 10

#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
<Files ~ "\.(cgi|shtml)$">
SSLOptions +StdEnvVars
<Directory "/usr/www/htdocs/cgi-bin">
SSLOptions +StdEnvVars

SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog /var/log/apache_ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"



ServerName host.com
Redirect / http://www.host.com/

ServerName www.host.com
DocumentRoot /usr/www/htdocs
SSLEngine off
Options All MultiViews
IndexOptions FancyIndexing
ServerAdmin you@host.com
ErrorLog /usr/www/logs/host.com.error.log
TransferLog /usr/www/logs/host.com.access.log

Now, just fix the permissions on everything, and you should be ready to start.

# chown www /usr/www/*

# chown www /usr/www/*.*

# chown mysql /usr/db/*

# chown mysql /usr/db/*.*

That's It!

Now, just change to Apache's binary directory, and start it up!

# cd /usr/www/sbin

# ./apachectl startssl

You'll be promted for your SSL passphrase. Enter it, and the server will start right up. In theroy at least. If your server fails to start, check and double check the conf file, and be sure to take a look at the error_log. Most problems to do with this configuration are due to typos in the conf file, and not problems with the build of the server.

You should now be able to telnet to port 80 on the localhost machine, request the http header, and see something like this: Apache/1.3.14 (Unix) mod_ssl/2.7.1 OpenSSL/0.9.6 PHP/4.0.3 mod_perl/1.24 . Or, you can go to a site like netcraft and use their query utility on your machine's IP or hostname. You should also be able to connect to port 443 and try the https query. That's it, you now have a single Apache process which can serve both http and https requests, while parsing mod_perl and PHP4, while talking to a MySQL database. Cool, huh?

 Your Comments 

Static - 2000-11-13 03:49:46
But what if I'd like to compile all these modules staticly without using dso?
posted by
Thanx! - 2000-11-12 05:38:03
Don't wanna say much, just lotta thanx for the article
posted by
central frame -- too wide - 2000-11-12 02:19:50
The central frame is wider then 800 pixels , ever tryied to read this article in 800*600 monitor resolution ? I'm trying now :(
posted by
poor 800*600 reader
ApacheTools - 2000-11-11 19:48:39
Really really nice article, handles most everything that I have near the top of my "things i gotta do on linux"

But everyone might also want to check out http://apachetools.com

a script that lets you choose which parts you want and downloads, compiles the source, and configures it etc.
posted by
Slin Lee
I have to agree with FHS - 2000-11-11 17:33:27
Considering that so many Linux users will be following these instructions, it would have been nice if the Filesystem Hierarchy Standard was adhered to.
posted by
Very very good article - 2000-11-11 14:23:18
It makes sense!, I'm really excited to get in front of my computer and try all wrote down here, right this evening ... thank you, this is so useful and it gives me some ideas to improve some features to test on my little server, I was lost in how to get some packages described here .. :)
posted by
apachetools - 2000-11-11 05:50:56
very nice article, but all i have to add is : http://apachetools.com

a script that lets you choose which parts you want to install, downloads the source and then compiles and configures it.
posted by
Slin Lee
Response to "Evil Filesystem Recommendations" - 2000-11-10 19:54:12

I state quite clearly in the article why I recommend using a general directory scheme for installing apache/mysql.

Experience has shown me that using one general directory scheme for commonly messed with things (namely apache as I'm always adding vhosts and the like) is a good thing #153;. This way, I don't have to go hunting around for things and trying to remember each and every OS's directory scheme.

Having administrated thousands of machines with every OS under the sun on them, I can safely say that it is generally a good idea to have things under a common filesystem heirarchy. This is because there is no "STANDARD" filesystem heirarchy for each and every OS.

-- Paul Summers

posted by
Paul Summers
i'd do it like this: - 2000-11-10 16:21:55
If that really was a Debian box, I ould do:

# apt-get install openssl libapache-mod-ssl libapache-mod-perl apache mysql-server php4 php4-mysql ...

then setup mod_ssl, because it's the only thing that APT/Debian doesn't handle for you.

or, if I really wanted to compile everything from source:

# apt-get -b source openssl libapache-mod-ssl libapache-mod-perl apache mysql-server php4 php4-mysql ...
# dpkg -i ...

It's really that simple!
apt-get into it ;-)

Author's Comment: The reason I did not use apt-get to install everything (and yes, it is a Debian box) is that I wanted the article to have a level of platform-independance. apt-get won't do much for someone running FreeBSD or Solaris. :) I noted so in the article, but it seems to have disappeared in the editing process. :)

posted by
Received error in make in step 4 - 2000-11-10 12:05:54
I received the following error, and do not know where to go from here. I tried to hack at it the best I can, with no avail. Everything up to this worked fine.

Here is the output:
===> src/main
gcc -c -I/usr/www/mm/include -I../os/unix -I../include -DLINUX=2 -DMOD_SSL=207
101 -DUSE_HSREGEX -DEAPI -DEAPI_MM -DUSE_EXPAT -I../lib/expat-lite `../apaci` ge
lib/expat-lite `../apaci` -L/usr/www/mm/lib -o gen_test_char gen_test_char.o -
lm -lcrypt -lndbm -lmm -ldl
./gen_test_char >test_char.h
./gen_test_char: error in loading shared libraries: libmm.so.11: cannot open sha
red object file: No such file or directory
make[3]: *** [test_char.h] Error 127
make[2]: *** [subdirs] Error 1
make[2]: Leaving directory `/usr/www/apache_1.3.14/src'
make[1]: *** [build-std] Error 2
make[1]: Leaving directory `/usr/www/apache_1.3.14'
make: *** [build] Error 2

Any thoughts? Thanx in advance.

posted by
Layton Welborn
Awsome - 2000-11-10 10:38:20
This is a really good article. It helped me clear up some issues I was having
posted by
Evil path recommendations - 2000-11-10 09:36:19
Why do you make recommendations such as /usr/www when the FHS specifies /var/www for that?
There is a reason it is called the Filesystem Heirarchy STANDARD.
Teaching bad habits in a setting such as this is deplorable.
posted by
Thank you - 2000-11-10 08:20:56
Thank you for a great resource article. Definitely a keeper!
posted by
Michael Felzien
apache, mysql, ssl, etc - 2000-11-10 06:58:57
This is a very good article that i will try out in the next few days. A very nice future addition would be the creation of a simple database and web page that shows a secure transaction.
posted by

Please share a comment:

You are posting anonymously. Create an account.

Name (optional):



Allowed tags in comment body: B BR I P U

convert newlines to <BR> tags

Please note that comments are moderated. This is done by a volunteer staff. In other words, not all comments will actually be posted here. All of your comments are appreciated though, so please contribute a comment and we will try to post as many as possible.

Please also note that your comment may be displayed alongside your name, email address and url, as supplied on your account details.




 User Account 



Create Login


 Related Links 


User Friendly, the comic strip

 Community Ad 

Debian; apt-get into it.

advertise ]


©1999, 2000 Linux.com. Legal statement