Page History

...

Note:

...

These

...

directions

...

are

...

not

...

complete,

...

and

...

may

...

contain

...

errors.

...

If

...

you

...

encounter

...

an

...

omission

...

or

...

error,

...

please

...

correct

...

this

...

document.

...

1. Request

...

1. Server

...

1. Ops

...

1. setup

...

1. the

...

1. standard

...

1. system

...

1. user

...

1. configuration

...

1. on

...

1. this

...

1. system.

...

1. This

...

1. will

...

1. include

...

1. groups

...

1. and

...

1. system

...

1. users

...

1. for

...

1. logs,

...

1. www,

...

1. and

...

1. db.

...

2. Secure

...

1. access

...

1. to

...

1. the

...

1. AMIT

...

1. Definative

...

1. Software

...

1. Library

...

1. on

...

1. afs.

...

1. If

...

1. you

...

1. have

...

1. afs

...

1. mounts

...

1. available,

...

1. it

...

1. is

...

1. located

...

1. at

...

1. /afs/athena.mit.edu/project/amit-dsl/Public.

...

1. If

...

1. you

...

1. have

...

1. an

...

1. athena

...

1. account,

...

1. you

...

1. can

...

1. cut

...

1. and

...

1. paste

...

1. the

...

1. following,

...

1. replacing

...

1. the

...

1. 'dracus'

...

1. username

...

1. with

...

1. your

...

1. own.

...

2. Download

...

1. the

...

1. following

...

1. software

...

1. from

...

1. the

...

1. ISDA

...

1. software

...

1. repository

...

1. onto

...

1. the

...

1. system

...

1. being

...

1. configured:

...

1. Code Block

...

1. mkdir -p /home/www/tmp cd /home/www/tmp scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/Apache/httpd-2.2.4.tar.gz \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/PHP/php-5.2.6.tar.gz \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/common-init/apache_home.sh \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/common-init/web \ /home/www/tmp

...

2. Check that the Apache installed is greater then version 2.2.3.

...

1. If

...

1. it

...

1. is

...

1. not,

...

1. and

...

1. this

...

1. is

...

1. RHEL

...

1. 5

...

1. or

...

1. greater,

...

1. use

...

1. YUM

...

1. to

...

1. install

...

1. it.

...

1. Code Block

...

1. yum -y install httpd-2.2.3 httpd-devel-2.2.3

...

2. If the installed Apache is version 2.2.3

...

1. or

...

1. greater,

...

1. link

...

1. the

...

1. config

...

1. directories

...

1. into

...

1. place.

...

1. Code Block

...

1. mkdir /home/www/apache-2.2.3 ln -s /home/www/apache-2.2.3 /home/www/apache scp -r dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/Apache/config-files/conf \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/Apache/config-files/logs \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/Apache/config-files/htdocs \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/Apache/config-files/icons \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/Apache/config-files/man\* \ /home/www/apache scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/common-init/apache_home.sh \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/common-init/web \ /home/www/tmp chown -R www:www /home/www mv /etc/httpd /etc/httpd.bak ln -s /home/www/apache /etc/httpd ln -s /usr/lib64/httpd/modules /home/www/apache/modules

...

2. If the current version of MySQL is below 5.0,

...

1. or

...

1. if

...

1. MySQL

...

1. is

...

1. not

...

1. installed,

...

1. update

...

1. it

...

1. to

...

1. a

...

1. recent

...

1. version.

...

1. 1. Download

...

1. 1. the

...

1. 1. needed

...

1. 1. packages

...

1. 1. for

...

1. 1. RHEL

...

1. 1. 4

...

1. 1. or

...

1. 1. 5.

...

1. 1. • RHEL

...

1. 1. • 5,

...

1. 1. • 32

...

1. 1. • bit

...

1. 1. • Code Block

...

1. 1. • mkdir -p /home/db/tmp cd /home/db/tmp scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/MySQL/5.0.45/rhel5/i386/* \ dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/MySQL/perl-DBI-1.52-1.rhel5.i386.rpm \ /home/db/tmp

...

1. 1. • On RHEL 5,

...

1. 1. • 64

...

1. 1. • bit

...

1. 1. • systems,

...

1. 1. • we

...

1. 1. • are

...

1. 1. • able

...

1. 1. • to

...

1. 1. • use

...

1. 1. • the

...

1. 1. • OS

...

1. 1. • provided

...

1. 1. • version

...

1. 1. • of

...

1. 1. • MySQL

...

1. 1. • (5.0.45),

...

1. 1. • installed

...

1. 1. • through

...

1. 1. • yum.

...

1. 1. • Code Block

...

1. 1. • yum -y install mysql-server

...

1. 1. • RHEL 4

        Code Block

        mkdir /home/db/tmp cd /home/db/tmp scp root@trogdor:/opt/software-repository-tmp/MySQL/MySQL-client-community-5.0.45-0.rhel4.i386.rpm \ root@trogdor:/opt/software-repository-tmp/MySQL/MySQL-server-community-5.0.45-0.rhel4.i386.rpm \ root@trogdor:/opt/software-repository-tmp/MySQL/MySQL-shared-community-5.0.45-0.rhel4.i386.rpm \ root@trogdor:/opt/software-repository-tmp/MySQL/MySQL-shared-compat-5.0.45-0.rhel4.i386.rpm \ root@trogdor:/opt/software-repository-tmp/MySQL/MySQL-test-community-5.0.45-0.rhel4.i386.rpm \ root@trogdor:/opt/software-repository-tmp/MySQL/perl-DBI-1.52-1.fc6.i386.rpm \ root@trogdor:/opt/software-repository-tmp/MySQL/my.cnf \ /home/db/tmp

...

1. 2. Stop the MySQL server if it is running, remove the old version, and install the new one.
      • RHEL 4

        Code Block

        /etc/init.d/mysql stop rpm -ev cyrus-sasl-sql-2.1.19-5.EL4.i386 rpm -ev dovecot-0.99.11-4.EL4.i386 rpm -ev mysql-4.1.20-1.RHEL4.1.i386 rpm -ev mysqlclient10-3.23.58-4.RHEL4.1.i386 rpm -ivh MySQL-client-community-5.0.45-0.rhel4.i386.rpm rpm -ivh MySQL-test-community-5.0.45-0.rhel4.i386.rpm rpm -ivh MySQL-devel-community-5.0.45-0.rhel4.i386.rpm rpm -ivh MySQL-server-community-5.0.45-0.rhel4.i386.rpm

...

1. 1. • RHEL 5,

...

1. 1. • 32

...

1. 1. • bit

...

1. 1. • Code Block

...

1. 1. • /etc/init.d/mysql stop rpm -ev cyrus-sasl-sql rpm -ev dovecot rpm -ev mysql rpm -ev mysqlclient10 rpm -ivh perl-DBI-1.52-1.rhel5.i386.rpm rpm -ivh MySQL-client-community-5.0.45-0.rhel5.i386.rpm rpm -ivh MySQL-test-community-5.0.45-0.rhel5.i386.rpm rpm -ivh MySQL-devel-community-5.0.45-0.rhel5.i386.rpm rpm -ivh MySQL-server-community-5.0.45-0.rhel5.i386.rpm

...

1. 1. • On RHEL 5,

...

1. 1. • 64

...

1. 1. • bit

...

1. 1. • system,

...

1. 1. • we

...

1. 1. • have

...

1. 1. • already

...

1. 1. • installed

...

1. 1. • MySQL

...

1. 1. • using

...

1. 1. • yum.

...

2. Stop

...

1. the

...

1. MySQL

...

1. server

...

1. and

...

1. reconfigure

...

1. my.cnf.

...

1. The

...

1. MySQL

...

1. server

...

1. startups

...

1. as

...

1. part

...

1. of

...

1. the

...

1. rpm

...

1. install

...

1. process.

...

1. Code Block

...

1. /etc/init.d/mysql stop mv /var/lib/mysql /home/db chown -R db:db /home/db ; chmod 755 /home/db cd /etc/ scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/MySQL/my.cnf . # this one seems busted; steal my.cnf from some working machine --amb /etc/init.d/mysql start

...

1. • Be certain to use the my.cnf

...

1. • file

...

1. • from

...

1. • the

...

1. • ISDA

...

1. • software

...

1. • repository,

...

1. • as

...

1. • it

...

1. • sets

...

1. • the

...

1. • database

...

1. • user

...

1. • to

...

1. • be

...

1. • 'db'

...

1. • (and

...

1. • not

...

1. • the

...

1. • default

...

1. • 'mysql'),

...

1. • and

...

1. • put

...

1. • the

...

1. • home

...

1. • and

...

1. • data

...

1. • directories

...

1. • into

...

1. • /home/db.

...

2. Install

...

1. OpenSSL

...

1. and

...

1. setup

...

1. certificates.

...

1. • If

...

1. • the

...

1. • version

...

1. • of

...

1. • OpenSSL

...

1. • is

...

1. • greater

...

1. • the

...

1. • 0.9.8,

...

1. • skip

...

1. • the

...

1. • install

...

1. • step.

...

1. • Code Block

...

1. • openssl version

...

1. • Install OpenSSL,

...

1. • if

...

1. • needed.

...

1. • Code Block

...

1. • mkdir /home/www/tmp cd /home/www/tmp tar -xzvf /root/openssl-0.9.8a.tar.gz cd openssl-0.9.8a ./config --prefix=/home/www/ssl --openssldir=/home/www/ssl make make install

...

2. Setup certificates
   1. Create home directories for ssl.

      Code Block
      mkdir /home/www/ssl mkdir /home/www/ssl/certs mkdir /home/www/ssl/private

...

1. 2. get the MIT CA cert from http://ca.mit.edu/mitClient.crt

...

1. 1. and save

...

1. 1. it

...

1. 1. as

...

1. 1. /home/www/ssl/certs/mitClient.crt

...

1. 1. and

...

1. 1. convert

...

1. 1. mitCA.crt

...

1. 1. to

...

1. 1. pem

...

1. 1. format:

...

1. 1. Code Block

...

1. 1. cd /home/www/ssl/certs/ wget http://ca.mit.edu/mitClient.crt openssl x509 -in mitClient.crt -inform DER -outform PEM -out mitCA.pem

...

1. 2. Alternatively,

...

1. 1. download

...

1. 1. mitCA.pem

...

1. 1. from

...

1. 1. the

...

1. 1. MAP

...

1. 1. repository.

...

1. 1. Code Block

...

1. 1. scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/common-init/mitCA.pem /home/www/ssl/certs

...

1. 2. Generate rsa key.

...

1. 1. This

...

1. 1. simply

...

1. 1. generates

...

1. 1. some

...

1. 1. random

...

1. 1. stuff:

...

1. 1. Code Block

...

1. 1. ps > /tmp/foo ps -elf >> /tmp/foo # this is pretty bad. /dev/random may be a better bet. --amb openssl genrsa -rand /tmp/foo 1024 >/home/www/ssl/private/`hostname`-key.pem

...

1. 2. Generate request for a certificate

      Code Block
      cd /home/www/ssl/private chmod 700 . openssl req -key `hostname`-key.pem -new > ../certs/`hostname`-req.pem

...

1. 1. send

...

1. 1. the

...

1. 1. file

...

1. 1. /usr/local/ssl/certs/`hostname`-req.pem

...

1. 1. to

...

1. 1. mitcert@mit.edu,

...

1. 1. • Please

...

1. 1. • be

...

1. 1. • aware,

...

1. 1. • the

...

1. 1. • organization

...

1. 1. • (O)

...

1. 1. • is

...

1. 1. • Massachusetts

...

1. 1. • Institute

...

1. 1. • of

...

1. 1. • Technology

...

1. 1. • and

...

1. 1. • the

...

1. 1. • common

...

1. 1. • name

...

1. 1. • (CN)

...

1. 1. • is

...

1. 1. • the

...

1. 1. • name

...

1. 1. • of

...

1. 1. • the

...

1. 1. • server

...

1. 1. • or

...

1. 1. • service,

...

1. 1. • including

...

1. 1. • the

...

1. 1. • domain

...

1. 1. • name

...

1. 1. • (.mit.edu).

...

1. 1. •   Also,

...

1. 1. • some

...

1. 1. • servers,

...

1. 1. • such

...

1. 1. • as

...

1. 1. • Thalia

...

1. 1. • servers,

...

1. 1. • can

...

1. 1. • represent

...

1. 1. • an

...

1. 1. • entire

...

1. 1. • subdomain.

...

1. 1. •   These

...

1. 1. • servers

...

1. 1. • will

...

1. 1. • need

...

1. 1. • certificates

...

1. 1. • issued

...

1. 1. • with

...

1. 1. • a

...

1. 1. • wildcard

...

1. 1. • in

...

1. 1. • the

...

1. 1. • domain

...

1. 1. • name,

...

1. 1. • such

...

1. 1. • as

...

1. 1. • *.isda-thalia-1.mit.edu.

...

1. 1. • Remember,

...

1. 1. • if

...

1. 1. • the

...

1. 1. • server

...

1. 1. • is

...

1. 1. • a

...

1. 1. • Thalia

...

1. 1. • server,

...

1. 1. • if

...

1. 1. • will

...

1. 1. • need

...

1. 1. • a

...

1. 1. • wildcard

...

1. 1. • certificate

...

1. 1. • and

...

1. 1. • DNS

...

1. 1. • record

...

1. 1. • for

...

1. 1. • *.

...

1. 1. • [hostname

...

1. 1. • ],

...

1. 1. • and

...

1. 1. • if

...

1. 1. • it

...

1. 1. • is

...

1. 1. • doing

...

1. 1. • any

...

1. 1. • type

...

1. 1. • of

...

1. 1. • authentication,

...

1. 1. • it

...

1. 1. • will

...

1. 1. • need

...

1. 1. • a

...

1. 1. • joint

...

1. 1. • client/server

...

1. 1. • certificate

...

1. 1. • to

...

1. 1. • be

...

1. 1. • able

...

1. 1. • to

...

1. 1. • connect

...

1. 1. • to

...

1. 1. • the

...

1. 1. • Shibboleth

...

1. 1. • server

...

1. 1. • (and

...

1. 1. • have

...

1. 1. • end

...

1. 1. • users

...

1. 1. • connect

...

1. 1. • to

...

1. 1. • it

...

1. 1. • as

...

1. 1. • well).

...

1. 2. Also

...

1. 1. generate

...

1. 1. a

...

1. 1. self

...

1. 1. signed

...

1. 1. temporary

...

1. 1. certificate,

...

1. 1. add

...

1. 1. the

...

1. 1. x509

...

1. 1. and

...

1. 1. nodes

...

1. 1. options

...

1. 1. to

...

1. 1. the

...

1. 1. openssl

...

1. 1. command

...

1. 1. line.

...

1. 1. This

...

1. 1. will

...

1. 1. allow

...

1. 1. continuation

...

1. 1. of

...

1. 1. the

...

1. 1. install

...

1. 1. process

...

1. 1. while

...

1. 1. waiting

...

1. 1. for

...

1. 1. the

...

1. 1. official

...

1. 1. certificate

...

1. 1. to

...

1. 1. be

...

1. 1. generated.

...

1. 1. Code Block

...

1. 1. cd /home/www/ssl/private openssl req -key `hostname`-key.pem -new -x509 -nodes > ../certs/`hostname`-temp-cert.pem

...

1. 2. When you receive a certificate from MIT Certificates, save it as /home/www/ssl/certs/`hostname`-cert.pem

...

1. 1. • to

...

1. 1. • look

...

1. 1. • at

...

1. 1. • a

...

1. 1. • request:

...

1. 1. • Code Block

...

1. 1. • openssl req -in ./req.pem -text

...

1. 1. • to look at the private key:

        Code Block
        openssl rsa -in /home/www/ssl/private/`hostname`-key.pem -text

...

1. 1. • to look at the server certificate:

        Code Block
        openssl x509 -in /home/www/ssl/certs/`hostname`-cert.pem -text

...

2. Install Apache.

...

1. If

...

1. you

...

1. are

...

1. using

...

1. RHEL

...

1. 5,

...

1. skip

...

1. this

...

1. step.

...

1. Code Block

...

1. cd /home/www/tmp tar \-xzvf /root/httpd-2.2.4.tar.gz cd httpd-2.2.4 ./configure \--prefix=/home/www/apache-2.2.4 \--enable-ssl \ \--with-ssl=/home/www/ssl \ \--enable-modules="most mod_rewrite" \--enable-so make make install ln \-s /home/www/apache-2.2.4 /home/www/apache

...

2. Install additional packages to support PHP, and build it.

   Code Block

   cd /home/www/tmp scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/PHP/php-5.2.6.tar.gz . yum -y remove php php-common php-cli php-ldap yum -y install libxml2-devel yum -y install openssl-devel yum -y install ncurses-devel yum -y install e2fsprogs-devel yum -y install krb5-devel yum -y install libidn-devel yum -y install bzip2-devel yum -y install curl-devel yum -y install libpng-devel yum -y install gmp-devel yum -y install libxslt-devel libxslt-python yum -y install openldap-devel yum -y install httpd-devel yum -y install mysql-devel tar -xzvf php-5.2.6.tar.gz cd php-5.2.6 ./configure --enable-shared --with-mysql=shared --with-kerberos=/usr/kerberos \ --with-jpeg-dir --with-libdir=lib64 --prefix=/home/www/php-5.2.6 --with-apxs2 \ --enable-fastcgi --with-openssl --with-mysql-sock=/home/db/mysql/mysql.sock \ --with-mysqli=shared --enable-sockets --enable-soap=shared \ --with-openssl-dir=/home/www/ssl --with-pear=/usr/share/pear \ --enable-bcmath=shared --with-bz2=shared --enable-calendar=shared \ --with-curl=shared --enable-dba=shared --enable-exif=shared --enable-ftp=shared \ --with-gd=shared --with-gmp=shared --without-iconv --with-ldap=shared \ --enable-mbstring=shared --with-ncurses --enable-pcntl --with-pcre-dir \ --with-pdo_mysql=shared --with-pdo_sqlite=shared --enable-posix \ --enable-reflection --enable-session --enable-shmop --enable-simplexml \ --enable-sockets --enable-spl --enable-sysvmsg --enable-sysvsem --enable-sysvshm \ --enable-tokenizer --disable-wddx --enable-xml=shared --enable-xmlreader=shared \ --enable-xmlwriter=shared --with-xsl --enable-zip --enable-filter --enable-hash \ --enable-json --enable-dom --enable-pdo=shared --with-sqlite=shared --enable-libxml make make test make install cd /usr/local ln -s php-5.2.6 php scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/PHP/php.ini /usr/local/php/lib scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/PHP/phpinfo.php /home/www/apache/html chown -R www:www /home/www

...

2. Configure PHP

   Code Block

3. Configure Apache
   1. edit /home/www/apache/conf/httpd.conf

...

1. 1. (

...

1. 1. N.B.:

...

1. 1. May

...

1. 1. not

...

1. 1. be

...

1. 1. necessary

...

1. 1. after

...

1. 1. above

...

1. 1. configuration

...

1. 1. steps,

...

1. 1. but

...

1. 1. do

...

1. 1. check..

...

1. 1. )
      • edit the following directives:

        Code Block
        ServerRoot "/home/www/apache" # change to apache home directory User www # change from daemon Group www # change from daemon Include conf/extra/httpd-vhosts.conf # Uncomment Include conf/extra/httpd-ssl.conf # Uncomment

...

1. 1. • add to /home/www/apache/conf/httpd.conf,

...

1. 1. • and

...

1. 1. • the

...

1. 1. • bottom

...

1. 1. • of

...

1. 1. • the

...

1. 1. • other

...

1. 1. • includes:

...

1. 1. • Code Block

...

1. 1. • # PHP module includes LoadModule php5_module modules/libphp5.so AddHandler php5-script .php AddType text/html .php DirectoryIndex index.php \#AddType application/x-httpd-php-source .phps

...

1. 2. edit /home/www/apache/conf/extra/httpd-vhosts.conf

...

1. 1. to

...

1. 1. have

...

1. 1. ONLY

...

1. 1. one

...

1. 1. of

...

1. 1. the

...

1. 1. following

...

1. 1. VirtualHost

...

1. 1. blocks:

...

1. 1. Code Block

...

1. 1. <VirtualHost *:80> RewriteEngine On RewriteRule ^/(.*) https://hostname.mit.edu/$1 [L,R] </VirtualHost>

...

1. 2. To prevent some web pages from being redirected to https, add an escape clause between "RewriteEngine On" and the RewriteRule:

      Code Block
      RewriteCond % {REQUEST_URI} \!/WarehouseService

...

1. 2. edit /home/www/apache/conf/extra/httpd-ssl.conf

...

1. 1. and

...

1. 1. alter

...

1. 1. the

...

1. 1. following

...

1. 1. directives:

...

1. 1. Code Block

...

1. 1. # points to directory for static html files DocumentRoot "/home/www/apache/htdocs" # the servername of the server ServerName gybe.mit.edu:443 # the admins of this server ServerAdmin map-support@mit.edu # error log file ErrorLog /home/www/apache/logs/error_log # access log file TransferLog /home/www/apache/logs/access_log # public server certificate SSLCertificateFile /usr/local/ssl/certs/gybe.mit.edu.pem # private server certificate SSLCertificateKeyFile /usr/local/ssl/private/https-key.pem \#certificate path SSLCACertificatePath /usr/local/ssl/certs # certificate authority key SSLCACertificateFile /usr/local/ssl/certs/mitCA.pem SSLVerifyClient require SSLVerifyDepth 10

...

1. 1. • Set the allow and deny line for "<Directory />"

...

1. 1. • section

...

1. 1. • from

...

1. 1. • "Deny

...

1. 1. • from

...

1. 1. • all"

...

1. 1. • to

...

1. 1. • "Allow

...

1. 1. • from

...

1. 1. • all"

...

1. 1. • if

...

1. 1. • you

...

1. 1. • are

...

1. 1. • testing

...

1. 1. • the

...

1. 1. • SSL

...

1. 1. • configuration.

...

1. 2. add

...

1. 1. the

...

1. 1. following

...

1. 1. after

...

1. 1. the

...

1. 1. '<Directory

...

1. 1. "/home/www/apache/cgi-bin">'

...

1. 1. block

...

1. 1. in

...

1. 1. /home/www/apache/conf/extras/httpd-ssl.conf

...

1. 1. Code Block

...

1. 1. SSLOptions +StdEnvVars +ExportCertData

...

2. Setup the home and init scripts, and link them into runlevels

   Code Block
   cp /home/www/tmp/web /etc/init.d cp /home/www/tmp/apache_home.sh /etc/profile.d/

...

1. 1. edit the variables in the top section of the web file to use the directories and binaries correct for this system
   2. be certain to check if apache is using a httpdctl or apachectl starter program, usually contained in /home/www/apache/bin,

...

1. 1. and

...

1. 1. set

...

1. 1. the

...

1. 1. apachectl

...

1. 1. variable

...

1. 1. accordingly

...

1. 2. set

...

1. 1. web

...

1. 1. to

...

1. 1. be

...

1. 1. executable

...

1. 1. Code Block

...

1. 1. chmod a+rx,a-w /etc/init.d/web /etc/profile.d/apache_home.sh

...

1. 2. link startweb and stopweb to the web program, from wherever it is located, and link start scripts in /etc/init.d

...

1. 1. :

...

1. 1. (this

...

1. 1. should

...

1. 1. be

...

1. 1. turned

...

1. 1. into

...

1. 1. a

...

1. 1. one-line

...

1. 1. chkconfig

...

1. 1. invocation

...

1. 1. --amb)

...

1. 1. Code Block

      ln -s /etc/init.d/web /root/startweb ln -s /etc/init.d/web /root/stopweb ln -s /etc/init.d/web /etc/rc.d/rc1.d/K15web ln -s /etc/init.d/web /etc/rc.d/rc2.d/K15web ln -s /etc/init.d/web /etc/rc.d/rc3.d/K15web ln -s /etc/init.d/web /etc/rc.d/rc4.d/K15web ln -s /etc/init.d/web /etc/rc.d/rc5.d/K15web ln -s /etc/init.d/web /etc/rc.d/rc6.d/K15web ln -s /etc/init.d/web /etc/rc.d/rc2.d/S15web ln -s /etc/init.d/web /etc/rc.d/rc3.d/S15web ln -s /etc/init.d/web /etc/rc.d/rc4.d/S15web ln -s /etc/init.d/web /etc/rc.d/rc5.d/S15web

...

2. update paths in /etc/profile,

...

1. by

...

1. adding

...

1. the

...

1. following

...

1. line

...

1. in

...

1. the

...

1. path

...

1. manipulation

...

1. code

...

1. block

...

1. (you

...

1. can

...

1. find

...

1. it

...

1. by

...

1. searching

...

1. for

...

1. /usr/local/sbin)

...

1. Code Block

...

1. pathmunge /usr/local/bin pathmunge /usr/kerberos/bin

...

2. If this is going to be a SDLS server, install Zend Platform. Otherwise, skip this step.
   1. Go to the web user temp directory, install the Zend Platform installer from Trogdor, and untar it.
      • If this is a 32 bit system, use the 32 bit installer.

        Code Block
        cd /home/www/tmp scp root@trogdor:/opt/software-repository-tmp/PHP/ZendPlatform-3.6.2-linux-glibc23-i386.tar.gz . tar \-xzvf ZendPlatform-3.6.2-linux-glibc23-i386.tar.gz cd ZendPlatform-3.6.2-linux-glibc23-i386

...

1. 1. • If this is a 64 bit system, use the 64 bit installer.

        Code Block
        cd /home/www/tmp scp root@trogdor:/opt/software-repository-tmp/PHP/ZendPlatform-3.6.2-linux-glibc23-x86_64.tar.gz . tar \-xzvf ZendPlatform-3.6.2-linux-glibc23-x86_64.tar.gz cd ZendPlatform-3.6.2-linux-glibc23-x86_64

...

1. 2. Check that /usr/lib

...

1. 1. is

...

1. 1. listed

...

1. 1. in

...

1. 1. /etc/ld.so.conf

...

1. 1. and

...

1. 1. update

...

1. 1. it

...

1. 1. if

...

1. 1. not.

...

1. 1. Code Block

...

1. 1. echo /usr/lib/ >> /etc/ld.so.conf ldconfig

...

1. 2. Shutdown Apache and (temporarily)

...

1. 1. disable

...

1. 1. vhosts

...

1. 1. and

...

1. 1. ssl.

...

1. 1. Zend

...

1. 1. Platform

...

1. 1. will

...

1. 1. not

...

1. 1. install

...

1. 1. if

...

1. 1. they

...

1. 1. are

...

1. 1. configured.

...

1. 1. Code Block

...

1. 1. /etc/init.d/web stop

...

1. 1. • Comment out the following lines in /home/www/apache/conf/httpd.conf:

...

1. 1. • Code Block

...

1. 1. • \#Include conf/extra/httpd-vhosts.conf \#Include conf/extra/httpd-ssl.conf

...

1. 2. Change to the Zend installer directory and start the installer.

      Code Block
      cd /home/www/tmp/ZendPlatform-3.6.2-linux-glibc23-x86_64 ./install

...

1. 2. Press enter through the opening screens, and accept their license.
   3. Pick option #4, 'Manually specify a different web server' when they ask you which web server to use.
   4. Give the path to the apachectl program.
      • If this is a OS installed version of Apache, give it the standard OS path.

        Code Block
        /usr/sbin/apachectl

...

1. 1. • If this is a custom build of Apache, give the Apache bin directory for the web user.

        Code Block
        /home/www/apache/bin/apachectl

...

1. 2. Select yes to autodetect the configuration directories, and confirm the startup command.
   3. Once the Zend installer detects the directories, confirm the directories listed are correct.
      • The PID file directory will need to be changed to include the full path: /home/www/apache-2.2.3/log/httpd.pid

...

1. 1. • The

...

1. 1. • URL

...

1. 1. • will

...

1. 1. • need

...

1. 1. • to

...

1. 1. • FQDN:

...

1. 1. • http://ist-dev-sdls1.mit.edu:80

...

1. 1. • Then

...

1. 1. • press

...

1. 1. • '<Ok.>'

...

1. 2. Select

...

1. 1. 'Custom

...

1. 1. installation'.

...

1. 2. Select

...

1. 1. 'Cluster

...

1. 1. Manager/Standalone

...

1. 1. server'.

...

1. 2. Specify

...

1. 1. '/home/www/Zend/Platform'

...

1. 1. as

...

1. 1. the

...

1. 1. install

...

1. 1. directory.

...

1. 2. Specify

...

1. 1. 'ZendPlatform'

...

1. 1. as

...

1. 1. the

...

1. 1. directory

...

1. 1. for

...

1. 1. administrative

...

1. 1. files.

...

1. 1. It

...

1. 1. will

...

1. 1. be

...

1. 1. created

...

1. 1. under

...

1. 1. /home/www/apache/htdocs.

...

1. 2. Enter

...

1. 1. and

...

1. 1. confirm

...

1. 1. a

...

1. 1. password.

...

1. 1. Make

...

1. 1. it

...

1. 1. unique,

...

1. 1. secure,

...

1. 1. etc.

...

1. 1. You

...

1. 1. will

...

1. 1. need

...

1. 1. to

...

1. 1. enter

...

1. 1. it

...

1. 1. twice.

...

1. 2. Review

...

1. 1. the

...

1. 1. install

...

1. 1. preferences,

...

1. 1. and

...

1. 1. if

...

1. 1. they

...

1. 1. are

...

1. 1. correct,

...

1. 1. press

...

1. 1. '<Yes>'.

...

1. 2. Enable

...

1. 1. Web

...

1. 1. Services.

...

1. 2. Do

...

1. 1. not

...

1. 1. configure

...

1. 1. a

...

1. 1. Java

...

1. 1. bridge.

...

1. 2. Enable

...

1. 1. Session

...

1. 1. Clustering.

...

1. 2. Enable

...

1. 1. High

...

1. 1. Availability

...

1. 1. mode.

...

1. 2. Skip

...

1. 1. the

...

1. 1. domain

...

1. 1. name

...

1. 1. cookie.

...

1. 2. Select

...

1. 1. the

...

1. 1. IP

...

1. 1. address

...

1. 1. of

...

1. 1. the

...

1. 1. system

...

1. 1. being

...

1. 1. configured

...

1. 1. to

...

1. 1. use

...

1. 1. for

...

1. 1. session

...

1. 1. clustering.

...

1. 2. Enter

...

1. 1. the

...

1. 1. number

...

1. 1. of

...

1. 1. processors

...

1. 1. on

...

1. 1. the

...

1. 1. system

...

1. 1. (available

...

1. 1. in

...

1. 1. /proc/cpuinfo).

...

1. 1. This

...

1. 1. is

...

1. 1. '1'

...

1. 1. for

...

1. 1. VMs.

...

1. 2. Cache

...

1. 1. data

...

1. 1. to

...

1. 1. the

...

1. 1. hard

...

1. 1. disk.

...

1. 2. Accept

...

1. 1. the

...

1. 1. default

...

1. 1. cache

...

1. 1. size.

...

1. 2. If

...

1. 1. this

...

1. 1. is

...

1. 1. a

...

1. 1. stand

...

1. 1. alone

...

1. 1. server,

...

1. 1. use

...

1. 1. '127.0.1.*'

...

1. 1. for

...

1. 1. the

...

1. 1. clustering

...

1. 1. IP

...

1. 1. range.

...

1. 1. If

...

1. 1. it

...

1. 1. is

...

1. 1. part

...

1. 1. of

...

1. 1. a

...

1. 1. larger

...

1. 1. cluster,

...

1. 1. put

...

1. 1. the

...

1. 1. IP

...

1. 1. addresses

...

1. 1. of

...

1. 1. the

...

1. 1. other

...

1. 1. systems

...

1. 1. in

...

1. 1. here.

...

1. 2. Select

...

1. 1. 'Write

...

1. 1. Through'

...

1. 1. to

...

1. 1. store

...

1. 1. cached

...

1. 1. sessions.

...

1. 2. Enable

...

1. 1. Job

...

1. 1. Queues.

...

1. 2. Select

...

1. 1. the

...

1. 1. IP

...

1. 1. address

...

1. 1. of

...

1. 1. the

...

1. 1. system

...

1. 1. being

...

1. 1. configured

...

1. 1. to

...

1. 1. use

...

1. 1. for

...

1. 1. Job

...

1. 1. Queues.

...

1. 2. Enter

...

1. 1. `FQDN`:10003

...

1. 1. for

...

1. 1. the

...

1. 1. URL

...

1. 1. and

...

1. 1. port

...

1. 1. for

...

1. 1. Job

...

1. 1. Queues.

...

1. 2. Enter

...

1. 1. and

...

1. 1. confirm

...

1. 1. a

...

1. 1. password

...

1. 1. for

...

1. 1. Job

...

1. 1. Queues.

...

1. 2. Enter

...

1. 1. an

...

1. 1. alias

...

1. 1. for

...

1. 1. the

...

1. 1. Queue

...

1. 1. server.

...

1. 1. May

...

1. 1. only

...

1. 1. contain

...

1. 1. letters

...

1. 1. and

...

1. 1. numbers.

...

1. 1. Example:

...

1. 1. 'sdlstestqueue'

...

1. 2. Enter

...

1. 1. the

...

1. 1. IP

...

1. 1. address

...

1. 1. of

...

1. 1. the

...

1. 1. system

...

1. 1. being

...

1. 1. configured

...

1. 1. and

...

1. 1. the

...

1. 1. IP

...

1. 1. cluster

...

1. 1. range

...

1. 1. from

...

1. 1. above.

...

1. 2. After

...

1. 1. a

...

1. 1. couple

...

1. 1. of

...

1. 1. minutes

...

1. 1. of

...

1. 1. processing,

...

1. 1. you

...

1. 1. should

...

1. 1. get

...

1. 1. an

...

1. 1. installation

...

1. 1. report.

...

1. 1. If

...

1. 1. all

...

1. 1. components

...

1. 1. installed

...

1. 1. successfully,

...

1. 1. press

...

1. 1. enter

...

1. 1. 3

...

1. 1. times

...

1. 1. to

...

1. 1. get

...

1. 1. out

...

1. 1. of

...

1. 1. the

...

1. 1. installer.

...

1. 1. If

...

1. 1. not,

...

1. 1. get

...

1. 1. out

...

1. 1. of

...

1. 1. the

...

1. 1. installer,

...

1. 1. use

...

1. 1. the

...

1. 1. uninstall

...

1. 1. script

...

1. 1. in

...

1. 1. /home/www/Zend/Platform/bin/uninstall_Plat.sh

...

1. 1. to

...

1. 1. remove

...

1. 1. the

...

1. 1. installation,

...

1. 1. and

...

1. 1. move

...

1. 1. the

...

1. 1. php.ini

...

1. 1. file

...

1. 1. from

...

1. 1. /etc

...

1. 1. before

...

1. 1. making

...

1. 1. corrections

...

1. 1. and

...

1. 1. trying

...

1. 1. again.

...

1. 2. If

...

1. 1. Zend

...

1. 1. Platform

...

1. 1. has

...

1. 1. been

...

1. 1. successfully

...

1. 1. installed,

...

1. 1. reconfigure

...

1. 1. Apache

...

1. 1. to

...

1. 1. use

...

1. 1. SSL

...

1. 1. and

...

1. 1. Vhosts

...

1. 1. by

...

1. 1. uncommenting

...

1. 1. their

...

1. 1. associated

...

1. 1. lines

...

1. 1. in

...

1. 1. /home/www/apache/conf/httpd.conf,

...

1. 1. and

...

1. 1. bounce

...

1. 1. Apache

...

1. 1. with

...

1. 1. /etc/init.d/web.

...

2. Install

...

1. the

...

1. PHP

...

1. info

...

1. file.

...

1. Code Block

...

1. scp dracus@athena.dialup.mit.edu:/afs/athena.mit.edu/project/amit-dsl/Public/PHP/phpinfo.php /home/www/apache/htdocs/

...

2. Make certain all files have appropriate ownership.

   Code Block
   chown -R www:www /home/www

...

2. To start and stop tomcat and apache, use the initialization scripts in /etc/init.d.

...

1. Be

...

1. certain

...

1. to

...

1. leave

...

1. them

...

1. running

...

1. when

...

1. you

...

1. are

...

1. finished.

...

1. • starting

     Code Block
     /etc/init.d/web start

...

1. • stopping

     Code Block
     /etc/init.d/web stop

...