DotNux - Unix/Linux Technical Mini Howto

How to install PHP accelerator (APC) on Centos 5

admin — Sat, 15 Aug 2009 18:11:28 +0000

If you used PHP on Apache, whether on Centos, Gentoo, Ubuntu, etc., you probably noticed PHP gets slower as most modern PHP framework gets bigger in sizes, more layers, increasing database records, etc.

Then, try to install FREE php accelerator called APC (Alternative PHP Cache).
APC is a free, open, and robust framework for caching and optimizing PHP intermediate code.
In other words, APC will compile PHP code automatically, and can give a boost to your site without modification, 2, 5, 10 and perhaps even more performance boost.

One time I had mediawiki, and it was getting really slow, and after installing APC, it’s about 5 times faster.

Let’s get down to the detail:
yum install php-pear yum install php-devel yum install httpd-devel perc install apc echo "extension=apc.so" > /etc/php.d/apc.ini
and then restart apache!
/etc/init.d/httpd restart

Confirm the output of phpinfo() that APC works (look for APC block)

Simple (and easy) mysql database creation (db, user, privilege)

admin — Wed, 15 Jul 2009 15:42:07 +0000

Everytime I install a new PHP application, such as Joomla, drupal, php-nuke, zen-cart, oscommerce, etc., you have to install a new database.

If you have a SSH access to it, the following script will do a quick database creation job, with user name & password.

type ‘mysql’, and type the following SQL script.

mysql> create database [DATABASE_NAME]; Query OK, 1 row affected (0.06 sec)

mysql> create user '[USER_NAME]'@'localhost' identified by '[PASSWORD]'; Query OK, 0 rows affected (0.00 sec)

# SEE the comment below, regarding privilege
mysql> grant all privileges on [DATABASE_NAME].* to '[USER_NAME]'@'localhost'; Query OK, 0 rows affected (0.00 sec)

# Note
Now if you want to grant only limited privileges, like SELECT, INSERT, UPDATE, DELETE, then run the following:

mysql> grant SELECT,INSERT,UPDATE,DELETE,CREATE on [DATABASE_NAME].* to [USER_NAME]'@'localhost'; Query OK, 0 rows affected (0.00 sec)

You need ‘CREATE’, because, usually installers will try to create a database. You could also add ‘DROP’ so that the installer can delete any temporary tables that it has created.

and then finally, you need to flush privilege so that new permission can be in effect.

mysql> flush privileges; Query OK, 0 rows affected (0.14 sec)

and, you can check the privileges to make sure it’s set correctly by doing this:

mysql> show grants for '[USER_NAME]'@'localhost'; +--------------------------------------------------------------------+ | Grants for [USER_NAME]@% | +--------------------------------------------------------------------+ | GRANT ALL PRIVILEGES ON *.* TO '[USER_NAME]'@'%' WITH GRANT OPTION | +--------------------------------------------------------------------+ 1 row in set (0.00 sec)

“jail” sftp (OpenSSH based) to user’s home directory using ChrootDirectory option on Centos 5

admin — Tue, 30 Jun 2009 22:07:23 +0000

You probably do not want to open FTP as it’s insecure, and open up SFTP, for example, you want your dreamweaver users’ SFTP option. But, the problem here is that, SFTP uses SSH, which will give entire Linux / directory. You want to disable SSH shell access, but, enable SFTP to their home directory only.

First, you need latest version of OpenSSH (5.2 at this moment) for ChrootDirectory option to work.

If you try # yum install openssh, and it may give option of 4.2 only, then, you have to install OpenSSH 5.2 manually.
See this post on how to install OpenSSH 5.2 yourself.

Now that you have at least OpenSSH 5.2, let’s modify /etc/ssh/sshd_config

…

#Subsystem sftp /usr/libexec/openssh/sftp-server

Subsystem sftp internal-sftp

Match Group sftp

ChrootDirectory /home/%u

X11Forwarding no

AllowTcpForwarding no

ForceCommand internal-sftp

# comment this line below #Subsystem sftp /usr/libexec/openssh/sftp-server

# add these lines Subsystem sftp internal-sftp Match Group sftp ChrootDirectory /home/%u X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp

save it, and execute: (username is the user name of the account that you want to give sftp access)
# groupadd sftp # useradd username # passwd username (set the password of user) # usermod -d / username # usermod -g sftp username (user must have a group of 'sftp') # chown root.root /home/username
Voila! Try to connect your server via SFTP, and it works indeed.

Install OpenSSH 5.2 on CentOS 5

admin — Tue, 30 Jun 2009 21:56:12 +0000

Centos 5 yum doesn’t seem to support latest OpenSSH 5.2 which support many features. (it’s like 4.2)

Make sure you have development tools:
# yum install gcc # yum install openssl-devel # yum install pam-devel # yum install rpm-build
And then download openssh 5.2p1
# wget ftp://mirror.planetunix.net/pub/OpenBSD/OpenSSH/portable/openssh-5.2p1.tar.gz
Now, we’re going to build RPM based on tar.gz file:
# tar xvfz openssh-5.2p1.tar.gz # cp ./openssh-5.2p1/contrib/redhat/openssh.spec /usr/src/redhat/SPECS/ # cp ./openssh-5.2p1.tar.gz /usr/src/redhat/SOURCES/ # cd /usr/src/redhat/SPECS/ # perl -i.bak -pe 's/^(%define no_(gnome|x11)_askpass)\s+0$/$1 1/' openssh.spec # rpmbuild -bb openssh.spec # cd /usr/src/redhat/RPMS/`uname -i` # ls -l


drwxr-xr-x 2 root root   4096 Jun 30 12:39 .
drwxr-xr-x 9 root root   4096 Jun 30 12:35 ..
-rw-r--r-- 1 root root 271758 Jun 30 12:39 openssh-5.2p1-1.i386.rpm
-rw-r--r-- 1 root root 429852 Jun 30 12:39 openssh-clients-5.2p1-1.i386.rpm
-rw-r--r-- 1 root root 268302 Jun 30 12:39 openssh-server-5.2p1-1.i386.rpm
-rw-r--r-- 1 root root 271758 Jun 30 12:39 openssh-5.2p1-1.i386.rpm

-rw-r--r-- 1 root root 429852 Jun 30 12:39 openssh-clients-5.2p1-1.i386.rpm

-rw-r--r-- 1 root root 268302 Jun 30 12:39 openssh-server-5.2p1-1.i386.rpm

# rpm -Uvh openssh*rpm Preparing... ################################ 1: openssh #### 2: openssh-clients #### 3: openssh-server #### # service sshd restart
Then, RPM version of SSH installs. After restarting, it may say initlog is obsolete, but, you can ignore as that option is deprecated.