• Github
  • StackOverflow
  • Linkedin

Tuesday, September 12, 2017

Creating local yum repository using only multiple cdrom iso

This time I will guide you how to install software for CentOS using only ISO cdrom/dvdrom that you'd downloaded from https://wiki.centos.org/Download. This article will save you a lot of times faster rather using online mode. This will install software from its own distributed bundled software from ISO installer of each CentOS version. This methods will works for both newer version and unsupported old CentOS version.

The first thing you need to prepare is your iso files of the CentOS installation cd/dvd. Just follow these steps :
  1. Backup your current yum repos configuration
    [root@localhost ~] tar -zcvf ~/yum.repo.tar.gz /etc/yum.repos.d/*
    
  2. Copy your CentOS iso files to your prefered dir
    [root@localhost ~] cp /media/usb/CentOS-*.iso ~/
    
  3. Create directory for each of iso
    [root@localhost ~] mkdir -p /media/iso/{1,2,3,4,5,6}
    
  4. Mount each of your iso files to those folders
    [root@localhost ~] mount -t iso9660 -o loop ~/CentOS-1of6.iso /media/iso/1
    [root@localhost ~] mount -t iso9660 -o loop ~/CentOS-2of6.iso /media/iso/2
    [root@localhost ~] mount -t iso9660 -o loop ~/CentOS-3of6.iso /media/iso/3
    [root@localhost ~] mount -t iso9660 -o loop ~/CentOS-4of6.iso /media/iso/4
    [root@localhost ~] mount -t iso9660 -o loop ~/CentOS-5of6.iso /media/iso/5
    [root@localhost ~] mount -t iso9660 -o loop ~/CentOS-6of6.iso /media/iso/6
    
  5. Install create repo from your mounted iso
    [root@localhost ~] cd /media/iso/5/CentOS
    [root@localhost CentOS] rpm -i createrepo*.noarch.rpm
    
  6. Clean your yum cache
    [root@localhost ~] yum clean all
    
  7. Register your mounted iso directory as repo
    [root@localhost ~] cd /media/iso
    [root@localhost iso] createrepo .
    
  8. Now you can install software as usual (this yum example will install software of yum groupinstall "Development Tools")
    [root@localhost ~] yum install gcc gcc-c++ automake autoconf flex bison pkgconfig rpm-build gettext gdb libtool binutils redhat-rpm-config
    
To make your mounted iso to be available after reboot, edit your /etc/fstab and insert every list of your iso to be mounted at boot.

~/CentOS-5.0-i386-bin-1of6.iso   /media/iso/1  iso9660 loop   0   0
~/CentOS-5.0-i386-bin-2of6.iso   /media/iso/2  iso9660 loop   0   0
~/CentOS-5.0-i386-bin-3of6.iso   /media/iso/3  iso9660 loop   0   0
etc


Thursday, September 7, 2017

Installing complete Apache 2.4 web server + PHP + Mod_fcgid + ModSecurity from source code on Ubuntu

Hey again, on this topic I will guide you how to install a complete web server from scratch without using apt-get repository. Maybe some of you may ask why don't we use the apt-get repository instead ?  Well, this topic is intended for somebody who need some guide on how to install Apache web server on ubuntu older release which is not supported by Canonical repository anymore. Ok then, the first thing to do we have to make sure that you'd already installed your ubuntu server version of your choice on your bare metal cpu.

Just login to your ubuntu server using ssh client such as putty if you access your server from another computer or you just simply login using your direct keyboard on your server.
Before you can do a compilation from source code you have to make sure to install development tools utility from your ubuntu server installation cd.
To mount your ubuntu server installation cd as your installation source you have to insert your cd to cdrom/dvdrom or if you only have an iso file just mount using loop :

 root@ubuntu:~$ mount -r -t iso9660 -o loop /home/user/ubuntu-x.xx-server-i386.iso /media/cdrom  

* notes : you can use another directory instead of /media/cdrom for mounting the iso file.

Then you have to backup your current apt configuration or you just delete it. To make your mounted cd iso available to your apt-get command just update your apt-get using apt-cdrom. After that install basic required packages for compiling the source code.

 root@ubuntu:~$ mv /etc/apt/sources.list /etc/apt/sources.list.bak  
 root@ubuntu:~$ apt-cdrom -d /media/cdrom add  
 root@ubuntu:~$ apt-get update  
 root@ubuntu:~$ apt-get install build-essential gcc make  

So after this you can open your web browser to download all required software source for your web server. Just download it all from these URL :

  1. Apache 2.4
    Dependencies :

    Website : http://httpd.apache.org/download.cgi or http://archive.apache.org/dist/httpd/

    File : http://archive.apache.org/dist/httpd/httpd-2.4.25.tar.gz
  2. Apache Mod_Fcgid
    Website : http://httpd.apache.org/mod_fcgid/

    File : http://www-us.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.9.tar.gz
  3. Nghttp2
    Dependencies :
    Website : https://nghttp2.org

    File : https://github.com/nghttp2/nghttp2/releases/download/v1.22.0/nghttp2-1.22.0.tar.gz
  4. Mod Security
    Dependencies :

    Website : https://www.modsecurity.org/

    File : https://www.modsecurity.org/tarball/2.9.1/modsecurity-2.9.1.tar.gz
  5. PHP
    Dependencies :

    Website : http://php.net

    File : http://php.net/get/php-5.6.30.tar.gz/from/this/mirror
  6. CURL
    Dependencies :

    Website : https://curl.haxx.se/

    File : https://github.com/curl/curl/releases/download/curl-7_54_0/curl-7.54.0.tar.gz

Now after you'd download all those required files, create an empty directory as an extraction folder to deploy.

Source Code Compilation Steps :
  1. Install zlib
    /your_extract_dir/zlib-1.2.11/configure --prefix=/usr/local/lib/zlib && make && make install
  2. Install Openssl
    /your_extract_dir/openssl-1.0.2l/config --prefix=/usr/local/lib/openssl-1.0.2l && make && make install
  3. Install LibreSSL
    /your_extract_dir/libressl-2.5.4/configure --prefix=/usr/local/lib/libressl --with-openssldir=/usr/local/lib/openssl-1.0.2l && make && make install
  4. Install m4
    /your_extract_dir/m4-1.4.17/configure --prefix=/usr/local/lib/m4 && make && make install
    export PATH=$PATH:/usr/local/lib/m4/bin
  5. Install autoconf
    /your_extract_dir/autoconf-2.69/configure --prefix=/usr/local/lib/autoconf && make && make install
    export PATH=$PATH:/usr/local/lib/autoconf/bin
  6. Install automake
    /your_extract_dir/automake-1.15/configure --prefix=/usr/local/lib/automake && make && make install
    export PATH=$PATH:/usr/local/lib/automake/bin
  7. Install libtool
    /your_extract_dir/libtool-2.4.6/configure --prefix=/usr/local/lib/libtool && make && make install
    export PATH=$PATH:/usr/local/lib/libtool/bin
  8. Install Apr
    /your_extract_dir/apr-1.5.2/configure --prefix=/usr/local/httpd/apr && make && make install
  9. Install Apr-Util
    /your_extract_dir/apr-util-1.5.4/configure --prefix=/usr/local/httpd/apr --with-apr=/usr/local/httpd/apr/bin/apr-1-config --with-openssl=/usr/local/lib/libressl --with-crypto && make && make install
  10. Install PCRE
    /your_extract_dir/pcre-8.40/configure --prefix=/usr/local/lib/pcre && make && make install
  11. Install LibXML2
    /your_extract_dir/libxml2-2.7.2/configure --prefix=/usr/local/lib/libxml2 --with-zlib=/usr/local/lib/zlib --with-xpath --with-writer --with-regexps --with-schemas --with-http --with-reader --with-ftp && make && make install
  12. Install Pkg-config
    /your_extract_dir/pkg-config-0.23/configure --prefix=/usr/local/lib/pkgconfig && make && make install
    export PATH=$PATH:/usr/local/lib/pkgconfig/bin
  13. Install Nghttp2
    /your_extract_dir/nghttp2-1.22.0/configure --prefix=/usr/local/lib/nghttp2 --with-libxml2 OPENSSL_CFLAGS='-I/usr/local/lib/openssl-1.0.2l/include' LIBXML2_CFLAGS='-I/usr/local/lib/libxml2/include' ZLIB_CFLAGS='-I/usr/local/lib/zlib/include' OPENSSL_LIBS='-I/usr/local/lib/openssl-1.0.2l/lib' LIBXML2_LIBS='-I/usr/local/lib/libxml2/lib' ZLIB_LIBS='-I/usr/local/lib/zlib/lib' && make && make install
  14. Install Httpd
    /your_extract_dir/httpd-2.4.25/configure --prefix=/usr/local/httpd --enable-so --enable-deflate --enable-unique-id --enable-actions --enable-authnz-fcgi --enable-ssl --enable-mpms-shared=all --enable-mods-shared="all cgi" --enable-cgid --enable-cgi --enable-dav --enable-rewrite --with-mpm=worker --with-pcre=/usr/local/lib/pcre --with-apr=/usr/local/httpd/apr/bin/apr-1-config --with-apr-util=/usr/local/httpd/apr/bin/apu-1-config --enable-suexec --with-suexec-caller=www-data --with-suexec-bin=/usr/local/httpd/bin/suexec --with-suexec-docroot=/your/prefered/varwww/ --with-suexec-logfile=/var/logs/suexec.log --with-suexec-uidmin=100 --with-suexec-gidmin=100 --enable-http2 --with-nghttp2=/usr/local/lib/nghttp2 --with-ssl=/usr/local/lib/openssl-1.0.2l --with-z=/usr/local/lib/zlib --with-libxml2=/usr/local/lib/libxml2 --enable-modules="actions rewrite dav ssl unixd version log_config suexec info cache cache_disk" && make && make install
  15. Install Mod_Fcgid
    APXS=/usr/local/httpd/bin/apxs /your_extract_dir/mod_fcgid-2.3.9/configure.apxs && make && make install
  16. Install ModSecurity dependencies
    • /your_extract_dir/ncurses-6.0/configure && make && make install
    • /your_extract_dir/readline-7.0/configure && make && make install 
    • cd /your_extract_dir/lua-5.1.5/ && make linux install
    • /your_extract_dir/libssh2-1.8.0/configure --prefix=/usr/local/lib/libssh2 --with-openssl --with-libz --with-libssl-prefix=/usr/local/lib/libressl --with-libz-prefix=/usr/local/lib/zlib && make && make install 
    • /your_extract_dir/libidn2-2.0.0/configure --prefix=/usr/local/lib/libidn2 && make && make install
    • /your_extract_dir/curl-7.54.0/configure --prefix=/usr/local/lib/libcurl --with-zlib=/usr/local/lib/zlib/ --enable-optimize --with-random=/dev/urandom --enable-cookies --enable-unix-sockets --enable-verbose --enable-ipv6 --enable-smtp --enable-imap --enable-pop3 --enable-telnet --enable-rtsp --enable-file --enable-ftp --enable-http --enable-warnings --enable-debug --with-libidn2=/usr/local/lib/libidn2 --with-libssh2=/usr/local/lib/libssh2 --with-nghttp2=/usr/local/lib/nghttp2 && make && make install
    Notes : if you encountered problem run time library cannot be linked, create a file on /etc/ld.so.conf.d/yourfile.conf and list
                 every installed library into the file, save the file and then run ldconfig on shell prompt. See example :

  17. Install ModSecurity
    /your_extract_dir/modsecurity-2.9.1/configure --prefix=/usr/local/httpd/modsec --with-pcre=/usr/local/lib/pcre --with-libxml=/usr/local/lib/libxml2 --with-apr=/usr/local/httpd/apr/bin/apr-1-config --with-apu=/usr/local/httpd/apr/bin/apu-1-config --with-idn2=/usr/local/lib/libidn2 --with-curl=/usr/local/lib/libcurl --with-apxs=/usr/local/httpd/bin/apxs && make && make install
  18. Copy generated modsecurity.so to httpd
    cp /usr/local/httpd/modsec/lib/mod_security2.so /usr/local/httpd/modules
  19. Enable modsecurity on /usr/local/httpd/conf/httpd.conf (Remove # sign if already exists)
    LoadModule security2_module modules/mod_security2.so
  20. Install PHP
    /your_extract_dir/php-5.6.30/configure --prefix=/usr/local/php/5.6.30 --enable-wddx --enable-sockets --enable-soap --enable-pcntl --enable-mbstring --enable-ftp --enable-calendar --enable-bcmath  --with-regex --with-libxml-dir=/usr/local/lib/libxml2 --with-zlib=/usr/local/lib/zlib --enable-dba --with-openssl=/usr/local/lib/openssl-1.0.2l --enable-sysvmsg --enable-sysvsem --enable-sysvshm --with-curl=/usr/local/lib/libcurl && make && make install
Now we can configure your apache 2.4 installation
  1. Edit /usr/local/httpd/conf/httpd.conf
  2. Replace
    User daemon
    Group daemon
    with
    User www-data
    Group www-data
  3. Uncomment ServerName and replace with localhost
    ServerName localhost:80
  4. On the end of line just add your own configuration file
    Include /your/prefered/varwww/conf/httpd.conf
  5. Save the file and create the file on step 4 above and fill with
     <VirtualHost *:80>  
        ServerAdmin webmaster@localhost  
        ServerName yourdomain.com  
        DocumentRoot /your/prefered/varwww/public_html  
        <IfModule mod_fcgid.c>  
           SuexecUserGroup username groupname  
           Action php-fcgi  /fcgi-bin/fcgi-exec  
           DefaultInitEnv PHPRC /your/prefered/varwww/conf/ #put your php.ini here  
           Alias /fcgi-bin/ /your/prefered/varwww/fcgi.d/default/  
           AddType application/x-httpd-php .php  
           FCGIWrapper /your/prefered/varwww/fcgi.d/default/fcgi-exec .php  
         </IfModule>  
         <Directory /your/prefered/varwww/public_html>  
            AddHandler fcgid-script .php  
            Options Indexes FollowSymLinks MultiViews ExecCGI  
            AllowOverride All  
            Require all granted  
         </Directory>  
          ErrorLog /your/prefered/varwww/logs/error.log  
          LogLevel warn  
          CustomLog /your/prefered/varwww/logs/access.log combined
    </VirtualHost>  
    
  6. Now you can create fast cgi exec as described on IfModule
     root@ubuntu~$ mkdir -p /your/prefered/varwww/fcgi.d/default  
     root@ubuntu~$ echo "#!/bin/bash" >> /your/prefered/varwww/fcgi.d/default/fcgi-exec  
     root@ubuntu~$ echo "export PHPRC=/your/prefered/varwww/conf/" >> /your/prefered/varwww/fcgi.d/default/fcgi-exec  
     root@ubuntu~$ echo "exec /usr/local/php/5.6.30/bin/php-cgi -c /your/prefered/varwww/conf/php.ini -d open_basedir=/your/prefered/varwww/public_html" >> /your/prefered/varwww/fcgi.d/default/fcgi-exec  
    
  7. Adjust file and directory permission
    root@ubuntu~$ groupadd your_groupname
    root@ubuntu~$ useradd -d /your/prefered/varwww -g 1001 -s /usr/sbin/nologin your_username 
    root@ubuntu~$ chmod 755 /your/prefered/varwww/fcgi.d/default/fcgi-exec  
    root@ubuntu~$ chown -cR username:groupname /your/prefered/varwww/fcgi.d/default
  8. Run apache with /usr/local/httpd/bin/apachectl -k start
Notes : if you cannot run php file change file owner to your newly created user, or you can chmod 777 /usr/local/httpd/logs/fcgidsock and restart apache.
You have successfully build your Apache 2.4 server.

Tuesday, September 5, 2017

Providing Yum Repository using CD/DVD installation for non supported repository

Hello there, if you were facing the same problem with me its okay. Sometimes we don't know how to install software for CentOS for spesific version which no longer supported by online repository or maybe you don't have internet connection. This solution below will give you a chance to install everything from only your cd/dvd installation media as your yum repository.

Firstly after you've finished installing CentOS, login to system using root access that you'd setup during installation, then follow these steps to make yum cdrom :

1. Create directory as an iso container
    mkdir -p /media/cdrom







2. Mount cdrom media to directory
    mount /dev/cdrom /media/cdrom







3. Backup your current repo files on your home dir
    mv /etc/yum.repo.d/CentOS-* ~







4. Insert cdrom repo file using nano
    nano /etc/yum.repo.d/cdrom.repo
    [cdrom]
    name=CDROM Repo
    baseurl=file:///media/cdrom
    enabled=1
    gpgcheck=1
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release








5. Save the file and then type yum update



There.... you're now can install your software from cdrom.