Contents |
If you've been following along so far, we've installed a total of 49 packages by hand. That's a lot of packages! That's a lot of different programs, no less.
Now that we have a comfortable system down, it's time to get down to business.
If you followed the compile anything link in my last article, you can handle compiling large things. Hoever, there are some caveats to keep in mind.
This particular article will be a tremendous challenge. It's Mount Everest compared to the previous foothills. It's like jumping on a double-black diamond skiing course when you've just mastered going straight. Expect one chunk of this to take you a significant amount of time, and don't feel bad if it does. This part, it is not meant to be easy, or friendly, or funny. This is what happens when someone slams a deadline a week earlier then it should be after I've been focused on a different project, so PLEASE, don't get angry if you have trouble. Just ask questions on the discussions page (will require a wiki account.).
I will not spend, again, lots of times defining or explaining what I'm doing. It's assumed, if you want to get to this level, you'll learn to research things on your own. If you're already learning, great. If you're trying and it's just not clicking for you, don't worry. I've been doing this for over a decade. Expect to spend a couple months to understand what I'm doing here.
Alright. Now that we have all the caveats out of the way, lets dive in to 100mph mode here.
Version 4.7 is broken on some OSes. Blame Oracle. You can either get it and muck around with making it work, or snag the version slackware uses - that's what I did, Oracle's site won't let me get to their repository right now, just loads forever.
From dbfoo/build_unix, run this;
http://slackware.mirrors.easynews.com/linux/slackware/slackware-12.1/source/l/db44/patch.4.4.20.2.gz
make install. test target not supported, dunno why, if it works, dun care.
I'm going to need an LDAP server for authentication.
confy --enable-slapd --enable-dbd --enable-hdb=no --enable-crypt --localstatedir=/var/openldap
Please note, in this configuration, slapd will eat 25MB of RAM. To trim it down, please configure all backends and features as modules and load only the ones you need - I've had slapd use 10Mb of RAM total in a "light" configuration.
Make test can't bind port 9011, so we'll ignore it. (Does anyone know why we can't bind port 9011 on loopback, or does this have to do with the PtP venet bound to lo?)
compman doesn't check for section 8 manpages, bzip2 -9 them by hand.
Also, usr/lib libraries aren't +x. Go ahead chmod them appropriately.
Modify slapd.conf to put its db in /srv/ldap.
Modify slapd.conf to look for its pid and args files in /var/run if it isn't already set to look there.
Don't forget to Modify slapd.conf so that the dc reflects your site.
At this point, slaptest -u should pass, so go ahead and try to start slapd:
/usr/libexec/slapd
If it was successful, ps ax should list a running slapd. That's good, but now we need to try and connect to it.
This is a snippet from the OpenLDAP Quick Start Guide:
To check to see if the server is running and configured correctly, you can run a search against it with ldapsearch(1). By default, ldapsearch is installed as /usr/local/bin/ldapsearch:
ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts
I run this, get good output.
Recompiled to trim it down. (You can uninstall without borking your config files if you remembered to name them .new and such.)
ended up using this line: confy --enable-hdb=no --enable-monitor=mod --enable-relay=mod --enable-seqmod=mod --enable-syncprov=mod --enable-bdb=mod --with-threads --localstatedir=/var/ldap --enable-debug=no --enable-dynamic --with-tls --with-gnu-ld --with-threads --enable-local
We now have a slapd using 3 megs of real RAM and 12MB of virtual. Vast improvement.
Now, we could spend a long time remembering LDIF format manually, or say F this, phpLDAPAdmin is better-er. That requires apache.
We'll also worry about what schema to install. If you want to know what I'm talking about, go look in /etc/openlda/schema/core.schema
It has RFC numbers. Read 'em. You'll love them - They're a great light reading before bed to brush up on something.
Get httpd from apache.org
You need to get the layout patch from Slackware. It's available at your local slackware FTP repository. httpd, of course, is under N for Networking.
zcat /path/to/config.layout.diff.gz | patch -Np0
Getting apache to compile requires passing --with-ldap to configure, which in turn passes it on to the internal APR / APR-Util and such. However, the regular httpd doesn't list it as an option, because it takes --enable-ldap.
./configure --enable-ldap --enable-authnz-ldap --enable-modules=all --enable-mods-shared=all \ --enable-layout=Slackware-FHS --with-ldap --enable-ssl
make DESTDIR=/tmp/httpd install
So many config files - I made this script to assist with the new doinst.sh
movenew ()
{
mv $1 $1.new;
echo "( if ! [ -e /`pwd | cut -f 4- -d "/"`/$1 ]; then cp /`pwd | cut -f 4- -d "/"`/$1.new /`pwd | cut -f 4 -d "/"`/$1; fi; )"
}
Well, I rebuilt httpd about 30 times getting it perfect, and ended up with this script
find . | while read filename;
do
if ! [ -d $filename ]; then
mv $filename $filename.new
echo "( if ! [ -e /`pwd | cut -f 4- -d /``echo $filename | cut -f 2- -d .` ]; then mv /`pwd | cut -f 4- -d /``echo $filename | cut -f 2- -d .`.new /`pwd | cut -f 4- -d /``echo $filename | cut -f 2- -d .`; \ fi; )"; fi;
done;
Caveats: it works when destdir is /tmp/package, but /tmp/package/test123/ will leave test123 on the file names and such in the output it gives you so that you can create doinst.
Also, it works on anything that is not a directory in the etc dir you're in.
Oh, and it doesn't have to be called by hand 25 times for apache, just once.
If you want the multilanguage local manual, uncomment line #444 in httpd.conf
Voila. This gives us an apache httpd that uses 6MB of shared RAM, and an additional 2MB per client thread. My default httpd.conf gives me 12 httpd threads (11 plus one mother).
So, all of httpd, slapd, finch, couple screens, a plethora of bashes, and I'm using a total of 56MB of RAM. That's not very bad, imho.
MySQL 5.1.30 has just been made the GA release. There are lots of complaints and people giving reasons why 5.1 is not ready for GA status. You can find many of them discussed here. Now, if you need super stability, in my opinion, stick with 5.0 for now. I'm using 5.1 just because I like new things; but honestly, some of the things I've run into (Namely, bugs that appear to be in the test suite, or that only appear when configure is not passed certain options for features that I don't need anyway). Anyway. This tells you how to compile Mysql 5.1.30 so that it passes more of make check. Cool huh? :)
But bug #31048 seems to be still a problem for us. Occasionally. When it feels like not passing - sometimes it passes, sometimes it doesn't. It behaves better running the test perl script by hand.
Decompress to /usr/src because it requires !root for tests.
Everything I'm going to run requires (Well, really wants) a SQL backend.
Some of them don't like PostgreSQL... So MySQL it is, even if it has become quite the memory hog.
I threw --prefix=/usr --infodir=/usr/info --mandir=/usr/man --sysconfdir=/etc --enable-assembler --with-plugins=innobase,myisam --with-mysqld-user=mysql --with-ssl --with-big-tables --localstatedir=/srv/mysql --with-unix-socket-path=/var/run/mysql/mysql.sock at mine. Also, it should be noted, my CFLAGS for this program are -Os -mmmx -msse -msse2 -march=native -maccumulate-outgoing-args -felide-constructors -fno-exceptions -fno-rtti. Note, -felide, -fno-exceptions and -fno-rtti are kind of required for a good MySQL.
Go ahead and make.
Now, mysql gets touchy if make test is run as root. the --with-mysqld-user tells it which user to expect. Your Slackware 12.1 should have a user and group mysql already. So to run make test, we do this:
chmod mysql.mysql * -R su mysql cd mysql-test ./mysql-test-run.pl --ssl
and it should successfully self-test... IF you passed it --with-big-tables. If you don't pass it --with-big-tables, it runs into some errors on main.limit - This appears to be a bug in the test cases, not in the DB itself, in that truncation behavior changes based on --with0big-tables.
Okay. So if you're as lucky as I am, you now have a MySQL that actually passes its test suite.
Now for the install. That's a regular DESTDIR install.
Then,
ginstall -d etc/rc.d cp usr/share/mysql/my-small.cnf etc/my.cnf.new cp usr/share/mysql/mysql.server etc/rc.d/rc.mysqld.new
Edit etc/my.cnf.new and add this to the [mysqld] section:
skip-innodb
It will probably save you 90MB of virtual RAM allocation.
Also, uncomment the skip_networking line. If you need this; learn how to secure it first.
create the directory tree for srv/mysql/log, and chown mysql.mysql -R srv/mysql - ginstall -d srv/mysql/log is good for the first command. chmod 0750 srv/mysql afterwards - Nobody who isn't root or group mysql needs to see this stuff.
chmod 0644 etc/rc.d/rc.mysqld.new
the chmod is important. Never ship a package with the startup script with the executable bits set. Otherwise, somebody might install this for the mysql client libs, and end up with a horribly abused mysql server.
I know, I know Pat uses his own init script. This one, however, supports the three options we need - stop, start, and restart - and will interoperate seamlessly with /etc/rc.d/rc.M. Check it yourself if you want.
Delete utterly the usr/sql-bench and usr/mysql-test filetrees. We don't need those installed, we have 'em in source.
Add these lines to install/doinst.sh
( if ! [ -e /etc/my.cnf ]; then cp /etc/my.cnf.new /etc/my.cnf; fi; ) ( if ! [ -e /etc/rc.d/rc.mysqld ]; then cp /etc/rc.d/rc.mysqld.new /etc/rc.d/rc.mysqld; fi; )
Run this line from usr/lib:
ln -sf mysql/libmysqlclient{,_r}.so{,.16} .
It should create four symlinks. (We *nix geeks do almost anything to avoid typing as much as possible. Go figure, eh?)
Remember to chmod mysql.mysql srv/mysql -R. If you reset directory permissions in creating the package, then you'll have to chmod it after install - Which can be a very annoying bug to track down if you're not the package creator. Also, the perms and such outlined above.
ginstall -d var/run/mysql chmod 0755 var/run/mysql chown mysql.mysql var/run/mysql
Make your package and install it withOUT resetting directory permissions.
su mysql -c "mysql_install_db" bash /etc/rc.d/rc.mysqld start su mysql -c "mysql_secure_installation"
Voila. You now have a secure MySQL.
I'm running mysql in 14MB of virtual and a tad under 4MB of resident memory. slapd: 22mb virtual, 3mb of resident. httpd, 11 threads, only really takes up about 10MB for 11 threads.
All in all, a couple of logged in ssh's, mysql, slapd, httpd, and I'm using 48MB of RAM.
Now, on to..
Snag it from php.net.
It also wants to be tested as !root, so decompress into /usr/src.
I tossed this at it:
confy --with-apxs2 --enable-force-cgi-redirect --with-config-file-path=/etc/httpd --with-config-file-scan-dir=/etc/php --with-zlib=shared --with-bz2=shared --enable-bcmath=shared --with-openssl --with-db4 --with-ldap --with-mysql
For those of you who don't know about confy, it's a script in one of the earlier parts. You can do the footwork on your own ;)
When you make test, expect to see these failures:
===================================================================== FAILED TEST SUMMARY --------------------------------------------------------------------- iconv stream filter [ext/iconv/tests/iconv_stream_filter.phpt] Test array_pad() function : usage variations - unexpected values for 'pad_size' argument(Bug#43482) [ext/standard/tests/array/array_pad_variation2.phpt] Test closedir() function : usage variations - close a file pointer [ext/standard/tests/dir/closedir_variation3.phpt] Test readdir() function : usage variations - empty directories [ext/standard/tests/dir/readdir_variation2.phpt] Test readdir() function : usage variations - use file pointers [ext/standard/tests/dir/readdir_variation7.phpt] Test rewinddir() function : basic functionality [ext/standard/tests/dir/rewinddir_basic.phpt] Test rewinddir() function : usage variations - operate on a closed directory [ext/standard/tests/dir/rewinddir_variation2.phpt] Test rewinddir() function : usage variations - file pointers [ext/standard/tests/dir/rewinddir_variation3.phpt] Test setlocale() function : usage variations - Setting all available locales in the platform [ext/standard/tests/strings/setlocale_variation2.phpt] Bug #35447 (xml_parse_into_struct() chokes on the UTF-8 BOM) [ext/xml/tests/bug35447.phpt] XML Parser test: concat character data and set empty handlers [ext/xml/tests/xml011.phpt] =====================================================================
Now, if you use rewindder() like it's supposed to be used, not a problem. iconv is basically a mess, per the php authors, and this bug is intermittently fixed and not fixed, depending on your version of iconv. On ours, it appears to be not fixed. If you don't use multibyte characters, you're probably OK - I've never had a problem with it.
setlocale is expected to fail, it's just failing slightly differently then expected, as near as I can figure with a quick google.
My XML Parsers are not configured with UTF8, so they should choke on UTF8.
Don't use closedir() to close a file pointer.
Basically, use things properly and you won't have any problems.
PHP always fails .3% of its tests for me. I've no idea if this is actually normal, but it appears to be on a slackware system - or I'm just missing something.
Install 'er anyway.
ginstall -d /tmp/php/etc/httpd cp /etc/httpd/httpd.conf /tmp/php/etc/httpd make INSTALL_ROOT=/tmp/php install rm /tmp/php/etc/httpd/httpd.conf
The httpd.conf stuff is a hack - php insists on adding itself to httpd.conf automatically on make install.
All it does is add something like LoadModule php5_module /tmp/php/usr/lib/httpd/modules/libphp5.so, and as we can tell, that's the wrong directory anyway, so nuke it.
Then copy the php.ini-recommended or php.ini-dist into etc/httpd/php.ini
Make your package and install it.
Edit your /etc/httpd/httpd.ini to point to the right php5_module.
Add FileMatch as desired to httpd.conf.
Then add index.php as an index for the desired Directory directives. (I'm not going to decipher httpd conf files for you here, sorry.)
restart apache.
Voila.
However, if you configured with the same mpm as I did, you've just increased your apache thread size to 3MB resident, and 22MB shared or so.
I'll have to play with shrinking that at another time.
In any case, now you have a LAMP stack that can fit in a VPSLink2 account, if you limit the number of httpd threads and such with care. Or, if you don't run an OpenLDAP server.
Voila, and thank you for reading the longest howto ever written!
--Shadows 13:03, 30 November 2008 (PST)[JMD]
Copyright © 2010 VPSLink, a subsidiary of Spry
