• Centos_6_4_Installation

CentOS 6.4 Installation

Incomplete - These notes are from CenTOS 6.4 installation in May 2013. The very basic installation was performed by the Axpo personal, not even mysql and php was installed.

CentOS Installation and Configuration

Installation of CentOS 6.4 from DVD

Allow password free login from SABDN471

 [root@SABDN471 ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub sibdn821
 [root@SABDN471 ~]# ssh sibdn821
 [root@sibdn821 ~]# restorecon -R -v /root/.ssh/

Install development tools

 $ yum groupinstall 'Development Tools'
 $ yum install php

Install mysqld

The MySQL version in the CentOS repository is old and buggy, we need at least V5.5

 $ rpm -Uvh http://mirror.webtatic.com/yum/el6/latest.rpm
 $ rpm -e --nodeps mysql-libs-5.1.69-1.el6_4.x86_64
 $ yum install mysql55 mysql55-server --enablerepo=webtatic
 $ /sbin/chkconfig --levels 235 mysqld on
 $ /etc/rc.d/init.d/mysqld start
 $ /usr/bin/mysql_secure_installation

 vi /etc/my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1

# Disabling symbolic-links is recommended to prevent assorted security risks;
# to do so, uncomment this line:
# symbolic-links=0

character_set_server=utf8

innodb_buffer_pool_size = 256M
innodb_additional_mem_pool_size = 32M
innodb_lock_wait_timeout = 30
innodb_file_per_table

# From mysql 5.5.3 use lock_wait_timeout instead of table_lock_wait_timeout
lock_wait_timeout=30

[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

 $ /etc/init.d/mysqld start
 $ /usr/bin/mysql_secure_installation

Install additional php packages and pear

 $ yum install php-mbstring php-pear php-mysql php-posix
 $ yum install php-devel zlib-devel libcurl-devel # needed fpr pecl/http

Note that you might get errors that state the the version of pear is too low to be able to installed the desired package. In this case you must upgrade pear (pear upgrade --force pear)

Configure php.ini

  cd /etc
  cp php.ini php.ini-ORIG
  diff php.ini-ORIG php.ini
221c221
< allow_call_time_pass_reference = Off
---
> allow_call_time_pass_reference = On
312c312
< max_execution_time = 30     ; Maximum execution time of each script, in seconds
---
> max_execution_time = 120     ; Maximum execution time of each script, in seconds
367c367
< display_errors = Off
---
> display_errors = On
421c421
< ;error_log = filename
---
> error_log = /var/log/php_errors.log
477c477
< post_max_size = 8M
---
> post_max_size = 128M
512c512
< ;include_path = ".:/php/includes"
---
> include_path = ".:/php/includes:/usr/share/pear"
582c582
< upload_max_filesize = 2M
---
> upload_max_filesize = 128M
626c626,627
<   
---
> extension=http.so
> 
841c842
< ;browscap = extra/browscap.ini
---
> browscap = /etc/browscap.ini
944c945
< session.gc_divisor     = 1000
---
> session.gc_divisor     = 500
948c949
< session.gc_maxlifetime = 1440
---
> session.gc_maxlifetime = 36000

The session timeout (timeout for automatic logout) is set also in php.ini. See Setting Session Timeout.

Install a browscap.ini file. Download php_browscap.ini from http://browsers.garykeith.com/downloads.asp, change the name to browscap.ini, and save it in the /etc.

httpd Configuration

Configure httpd:

  cd /etc/httpd/conf/
  cp httpd.conf httpd.conf-ORIG

  diff httpd.conf-ORIG httpd.conf
276a277
> ServerName drawmgt.axpo.ch:80
565a567,589
>     Alias /uploads "/home/linthal/www/shtml/prod2/var/linthal/drawmgt-pswlimmern.axpo.ch-prod2/data/upload"
> 
>     <Directory "/home/linthal/www/shtml/prod2/var/linthal/drawmgt-pswlimmern.axpo.ch-prod2/data/upload">
>       Dav On
> 
>       RewriteEngine Off
> 
>       Order Allow,Deny
>       Allow from all
> 
>       AuthType Basic
>       AuthName DAV-upload
> 
>       AddDefaultCharset UTF-8
> 
>       # You can use the htdigest program to create the password database:
>       #   htpasswd [-c] "/home/linthal/www/shtml/dav/user.passwd" <user>
>       AuthUserFile "/home/linthal/www/shtml/prod2/var/linthal/drawmgt-pswlimmern.axpo.ch-prod2/config/user.passwd"
>       AuthDigestProvider file
> 
>       # Allow universal read-access, but writes are restricted
>       Require valid-user
>     </Directory>
759c783
< AddDefaultCharset UTF-8
---
> #AddDefaultCharset UTF-8
990c1014
< #NameVirtualHost *:80
---
> NameVirtualHost *:80
1009a1034,1045
> 
> <VirtualHost *:80>
>       DocumentRoot /home/linthal/www/shtml
>       ServerName drawmgt-pswlimmern.axpo.ch
>       ServerAlias drawmgt-pswlimmern
>       ServerAlias drawmgt-pswlimmern-localhost
>       ServerAlias sibdn821
>       Options       -Indexes
>       <Directory /home/linthal/www/shtml>
>               AllowOverride All
>       </Directory>
> </VirtualHost>

Start httpd:

  /sbin/chkconfig --levels 235 httpd on
  /etc/rc.d/init.d/httpd start

Create test documents root at /home/linthal/www/shtml, for showing that httpd can serve files and run php programs.

    vi test.php
    <?php phpinfo(); ?>

Turn off firewall

  cd /etc/rc.d/init.d
  ./iptables stop
  /sbin/chkconfig --levels 235 iptables off

User Setup

Add user drawmgt

• groupadd drawmgt
• useradd drawmgt -c'DrawMGT User' -g drawmgt -G apache
• usermod apache -G drawmgt

Install PHP Modules

 pear install Log Mail Mail_Mime Mail_mimeDecode Net_SMTP Net_Socket Services_JSON
 pear install pecl/pecl_http

Add the line "extension=http.so" to /etc/php.ini and restart httpd

Mysql Cofiguration

Configure mysqld

  /usr/bin/mysqladmin -u root  password 'sqladmin'
  /usr/bin/mysql_secure_installation

For other steps see at FreeBSD installation.

Install Image Magick

To allow to create thumbnail files ghostscript and ImageMagick must be installed. The versions in the CentOS distribution are quite old. Newer versions must be installed:

  # Ghostscript must be installed from source
  wget --no-proxy http://downloads.ghostscript.com/public/ghostscript-9.06.tar.gz
  tar xvf ghostscript-9.06.tar.gz
  cd ghostscript-9.06
  ./configure
  make
  make install

  # There are precompiled ImageMagick for CentOS at 
  # http://www.imagemagick.org/download/linux/CentOS/ but they don't work on CentOS 6 but only on 5
  # install ImageMagick from CentOS repository

  yum install ImageMagick
   
  # Edit ImageMagick configuration to use the new ghostscript
  cp /usr/lib64/ImageMagick-6.5.4/config/delegates.xml /usr/lib64/ImageMagick-6.5.4/config/delegates.xml.orig
  vi /usr/lib64/ImageMagick-6.5.4/config/delegates.xml
    :%s:"gs":\"/usr/local/bin/gs\":g
    :x

Install TexLive 2012

To allow to create LaTeX submital/transmittal cover letters TexLive 2011 or 2012 must be installed as root.

  wget http://mirror.ctan.org/systems/texlive/tlnet/install-tl-unx.tar.gz
  tar xvf install-tl-unx.tar.gz
  cd install-tl-20120827
  install-tl

  PATH="$PATH:/usr/local/texlive/2012/bin/i386-linux"

  mkdir /usr/local/texlive/2012/texmf/tex/latex/ltablex/
  cd /usr/local/texlive/2012/texmf/tex/latex/ltablex/
  wget http://ctan.ijs.si/tex-archive/macros/latex/contrib/ltablex/ltablex.sty
  texhash

  # change PATH to contain texlive binaries
  cat > /etc/profile.d/texlive.csh
if ( "${path}" !~ */usr/local/texlive/2012/bin/i386-linux* ) then
        set path = ( /usr/local/texlive/2012/bin/i386-linux $path )
endif
^D

  cat > /etc/profile.d/texlive.sh
if ! echo ${PATH} | /bin/grep -q /usr/local/texlive/2012/bin/i386-linux ; then
        PATH=/usr/local/texlive/2012/bin/i386-linux:${PATH}
fi
^D

Install htmldoc

  yum install htmldoc

System Administration Commands

To start/stop services:

  cd /etc/rc.d/init.d
  ./{service_script} start | stop | status

To enable/disable services at boot: use 'chkconfig' and/or 'service'

  chkconfig --list  # List services and whether they are enabled/disabled at each run level

  chkconfig {service} on|off

To shutdown the system:

  init 0