Difference between pages "Apache" and "MySQL"

From Wikislax
(Difference between pages)
Jump to: navigation, search
(Configuring Apache)
 
(Using MySQL)
 
Line 1: Line 1:
 
{{RightTOC}}
 
{{RightTOC}}
  
== What is Apache ? ==
+
== What is MySQL ? ==
  
[http://httpd.apache.org Apache] is the most widespread and powerful Open Source HTTP server.
+
[http://www.mysql.com MySQL] is the traditional Database software companion to Apache and PHP. MySQL was previously a property of MySQL AB but was acquired by Oracle Corporation in 2010. This created some worries in the OpenSource community, which led to create a fork, [https://mariadb.org/ MariaDB], which is a plug-in replacement for MySQL and the one included in the Slackware distribution.
  
Apache is included in the base Slackware distribution so it is possible to skip installation alltogether and proceed to [[Apache#Configuring Apache|Configuring Apache]] below. As part of Slackware, Apache benefits from Slackware security advisories.
+
== Installing MySQL ==
  
== Installing Apache ==
+
The quickest way to install MySQL is to NOT install it and use instead [https://mariadb.org/ MariaDB], included with Slackware. If this is your choice, please note that '''/usr''' will be the root directory of the software instead of '''/usr/local/mysql''', and proceed to [[MySQL#Running SQL|Running SQL]].
  
[http://httpd.apache.org/download.cgi Download] Apache and untar under /usr/local. The [http://httpd.apache.org/docs/2.2 documentation] is available online. By default apache is installed in '''/usr/local/apache2'''. Here we split apache in directories '''/etc''', '''/usr/local''' and '''/var/www'''. '''--enable-authnz-ldap''' and '''--enable-ldap''' enable LDAP based authentication, '''--enable-ssl''' enables SSL/TLS support, '''--with-openssl''' specifies the location of the openssl source and '''--enable-so''' is required for '''PHP''', to be installed at the next step.
+
'''apr''' and '''apr-util''', used by apache, refer to MySQL so the latter must be installed first. [http://dev.mysql.com/downloads/mysql/ Download] the latest stable version, choosing "Source Code" when asked to Select platform. [http://dev.mysql.com/doc/ Documentation] is available from the web site. Here MySQL is compiled with OpenSSL support to be able to encrypt MySQL connections on port 3306 (just in case, as we don't intend to open port 3306 to the external world at the moment).
  
  # groupadd apache
+
  # groupadd mysql
  # useradd -g apache apache
+
  # useradd -g mysql mysql
  # tar -C /usr/local -xvf httpd-x.y.z.txz
+
  # tar -C /usr/local -xvf mysql-x.y.z.tar.gz
  # cd /usr/local/httpd*
+
  # cd /usr/local/mysql-x.y.z
  # ./configure --prefix=/var/www --bindir=/usr/local/bin \
+
  # chown -R root:root .
  --sbindir=/usr/local/sbin --sysconfdir=/etc/httpd \
+
# less INSTALL-SOURCE
  --libdir=/usr/local/lib64 --includedir=/usr/local/include \
+
# rm CMakeCache.txt
  --datarootdir=/usr/local/share --mandir=/usr/local/man \
+
# make clean
  --enable-authnz-ldap --enable-ldap --enable-ssl \
+
  # cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DINSTALL_LIBDIR=lib64 \
--with-openssl=/usr/local/openssl-1.0.2a \
+
  -DINSTALL_PLUGINDIR=lib64/plugin -DMYSQL_DATADIR=/var/lib/mysql \
--enable-so --enable-mime-magic
+
  -DDEFAULT_CHARSET=latin1 -DDEFAULT_COLLATION=latin1_swedish_ci \
 +
  -DMYSQL_UNIX_ADDR=/var/run/mysql/mysql.sock -DWITH_SSL=yes
 
  # make
 
  # make
  # removepkg /var/log/packages/httpd-x.y.z
+
  # removepkg /var/log/packages/mysql-5.1.46-x86_64-2
# mv /etc/httpd /etc/httpd.0
 
 
  # make install
 
  # make install
 
  # make clean
 
  # make clean
  # cd /var
+
  # cp -R /usr/local/mysql/man /usr/local
  # chown -R apache:apache www
+
# cp support-files/my-default.cnf /etc/my.cnf
 +
# chmod u+x scripts/mysql_install_db
 +
  # scripts/mysql_install_db --user=mysql --basedir=/usr/local/mysql --datadir=/var/lib/mysql
  
== Configuring Apache ==
+
== Configuring MySQL ==
  
Edit '''/etc/httpd/httpd.conf''' to change the '''User''' and '''Group''' to '''apache''', enter the '''ServerAdmin''' e-mail address. To prevent apache from displaying version information, specify '''ServerSignature Off''' and '''ServerTokens prod'''. To prevent users from viewing directory content, remove the '''Indexes''' option in section '''<Directory "/var/www/htdocs">'''. Check section '''<IfModule dir_module>''' to make sure which file names will be served if a directory is requested (by default '''index.html''').
+
MySQL ('''5.6.24''') works correctly out of the box so there is nothing to do really. In the past we had to edit '''/etc/my.cnf''' to uncomment line '''#skip-networking''' to prevent MySQL network connections. We also had to include in this file, after the '''[client]''' tag a line '''default-character-set=''charset_name''''' (for instance '''utf8''' or '''latin1''') to eliminate this warning when launching a client :
  
  User '''apache'''
+
  # mysql -u root -p
  Group '''apache'''
+
Enter password:
 +
'''mysql: Unknown OS character set 'ISO-8859-15'.'''
 +
  '''mysql: Switching to the default character set 'latin1'.'''
 +
Welcome to the MySQL monitor.  Commands end with ; or \g.
 
  . . .
 
  . . .
ServerAdmin '''postmaster@inner'''
 
 
'''ServerSignature Off'''
 
'''ServerTokens prod'''
 
 
<Directory "/var/www/htdocs">
 
. . .
 
Options '''Indexes''' FollowSymLinks
 
. . .
 
</Directory>
 
 
<IfModule dir_module>
 
    DirectoryIndex '''index.html index.htm index.php'''
 
</IfModule>
 
  
== Running Apache ==
+
This is no longer necessary, so let us directly update '''/etc/rc.d/rc.mysqld''' with new paths and options :
 +
 
 +
# Start mysqld:
 +
mysqld_start() {
 +
  if [ -x /usr'''/local/mysql'''/bin/mysqld_safe ]; then
 +
    # If there is an old PID file (no mysqld running), clean it up:
 +
    if [ -r /var/run/mysql/mysql.pid ]; then
 +
      if ! ps axc | grep mysqld 1> /dev/null 2> /dev/null ; then
 +
        echo "Cleaning up old /var/run/mysql/mysql.pid."
 +
        rm -f /var/run/mysql/mysql.pid
 +
      fi
 +
    fi
 +
    /usr'''/local/mysql'''/bin/mysqld_safe '''--character_set_server=utf8''' \
 +
        '''--basedir=/usr/local/mysql''' --datadir=/var/lib/mysql \
 +
        --pid-file=/var/run/mysql/mysql.pid $SKIP &
 +
  fi
 +
}
 +
 
 +
== Running SQL ==
 +
 
 +
Give execution rights to the rc.mysqld script and launch the daemon :
 +
 
 +
# chmod u+x /etc/rc.d/rc.mysqld
 +
# /etc/rc.d/rc.mysqld start
 +
 
 +
== Using MySQL ==
 +
 
 +
If you have time to invest, MySQL comes with a very exhaustive [http://dev.mysql.com/doc documentation], including a tutorial. A few quick notes however :
  
To automatically launch apache at startup, edit '''/etc/rc.d/rc.httpd''' and update the paths to reflect installation of the software under '''/usr/local/sbin'''. Give the file execution rights, launch the software using '''/etc/rc.d/rc.httpd start''', check if it's running by a '''ps -ef | grep httpd''', point your browser to http://localhost which should load the apache test page with the message '''It works!''', then open port 80 on the firewall.
+
Mysql defines a root user without an initial password. '''mysqladmin''' makes is possible to specify one by typing '''/usr(/local/mysql)/bin/mysqladmin -u root -p password ‘new-password’'''. The old password is then requested. Type return (the old password is empty). From that point, the password will need to be specified for every  client invocation, for example : '''"/usr(/local/mysql)/bin/mysql -u root -p mysql_db"'''. '''"-p"''' with no value means that the password will be requested interactively. '''mysql_db''' is the database name. Not specifying the password on the command line affords avoiding potential disclosure to other users using '''ps'''.
  
# '''vi /etc/rc.d/rc.httpd'''
+
You can use '''mysql''' to configure itself. Refer to the [http://dev.mysqm.com/doc/ documentation] for the '''SQL''' syntax, or use [[phpMyAdmin]], a PHP application to manage MySql from your browser.
. . .
 
case "$1" in
 
  'start')
 
    /usr'''/local/sbin'''/apachectl -k start
 
  ;;
 
  'stop')
 
    /usr'''/local/sbin'''/apachectl -k stop
 
    killall httpd
 
    rm -f /var/www/logs/httpd/*.pid
 
  ;;
 
  'restart')
 
    /usr'''/local/sbin'''/apachectl -k restart
 
  ;;
 
  'graceful')
 
    /usr'''/local/sbin'''/apachectl -k graceful
 
  ;;
 
  'graceful-stop')
 
    /usr'''/local/sbin'''/apachectl -k graceful-stop
 
  ;;
 
  *)
 
    echo "Usage: $0 {start|stop|restart|graceful|graceful-stop}"
 
  ;;
 
esac
 
''':x'''
 
# '''chmod u+x /etc/rc.d/rc.httpd'''
 
# '''/etc/rc.d/rc.httpd start'''
 
# '''ps -ef | grep httpd'''
 
root      9875    1  1 07:52 ?        00:00:00 /usr/local/sbin/httpd -k start
 
apache    9876  9875  0 07:52 ?        00:00:00 /usr/local/sbin/httpd -k start
 
apache    9877  9875  0 07:52 ?        00:00:00 /usr/local/sbin/httpd -k start
 
apache    9878  9875  0 07:52 ?        00:00:00 /usr/local/sbin/httpd -k start
 
apache    9879  9875  0 07:52 ?        00:00:00 /usr/local/sbin/httpd -k start
 
apache    9880  9875  0 07:52 ?        00:00:00 /usr/local/sbin/httpd -k start
 
root      9882  3198  0 07:52 pts/1    00:00:00 grep httpd
 
# '''vi /etc/rc.d/rc.firewall'''
 
. . .
 
iptables -A INPUT -p tcp -j ACCEPT --dport 80 -m state --state NEW
 
. . .
 
''':x'''
 
# '''/etc/rc.d/rc.firewall restart'''
 
  
== Using encryption ==
+
To invoke MySQL, use '''mysql -u user''' then enter queries at the mysql> prompt, '''quit''' to terminate the invocation. Commands can be entered uppercase or lowercase. It is possible to enter formulas, for example '''select sin(pi()/4), (4+1)*5, current_date;. "\c"''' at the end of a command affords cancelling.
  
As we use HTTP applications that require login with passwords, we configure httpd.conf with SSL/TLS. This is described simply in the Apache documentation [https://httpd.apache.org/docs/2.4/en/ssl/ssl_howto.html SSL/TLS Strong Encryption: How-To]. At least the directives below are required in '''/etc/httpd/httpd.conf'''. The '''SSLCipherSuite''' directive enables only the strongest ciphers. '''apache.mtacert.pem.unsecure''' is a copy of your server certificate owned by '''apache:apache''' :
+
Queries may be entered on several lines. When awaiting input on a new line, mysql displays '''->''' if a command completion is awaited, '''<nowiki>'></nowiki> for a string that began with a '''<nowiki>'</nowiki>, '''“>''' for a string that began with a '''“''', '''`>''' for an identifier that began with a '''`''', '''/*>''' for a comment that began with a '''/*'''.
  
LoadModule ssl_module modules/mod_ssl.so
+
'''show databases;''' to view a list of existing databases. '''use database''' (without a semicolon) to use a specific database. GRANT ALL ON database.* TO 'your_mysql_name'@'your_client_host'; must have been used first by the admin to grant access. '''CREATE DATABASE database;''' to create a database then '''USE database'''.
 
Listen 443
 
<VirtualHost *:443>
 
    ServerName inner.studioware.com
 
    SSLEngine on
 
    SSLCertificateFile "/etc/ssl/certs/mtacert.pem"
 
    SSLCertificateKeyFile "/etc/ssl/private/apache.mtacert.pem.unsecure"
 
    SSLCipherSuite HIGH:!aNULL:!MD5
 
</VirtualHost>
 
  
For this example to work in Firefox with your self-signed CA certificate, you need to import it using the "Preferences" "Advanced" "Certificates" "View certificates" "Authorities" "Import" menu. We have chosen to encrypt all the site but it is possible to restrict directives to specific areas. More details can be found in the [https://httpd.apache.org/docs/2.4/en/mod/mod_ssl.html Apache Module mod_ssl] and [https://httpd.apache.org/docs/2.4/en/ Apache] documentations.
+
Alternatively it is possible to specify the database name as the last parameter on the mysql command eg '''mysql -h host -u user -p database. select database();''' affords viewing which database is in use.
  
 
<br/>
 
<br/>
  
{{pFoot|[[MySQL]]|[[Main Page]]|[[PHP]]}}
+
{{pFoot|[[Milter]]|[[Main Page]]|[[Apache]]}}

Revision as of 12:45, 12 January 2025

What is MySQL ?

MySQL is the traditional Database software companion to Apache and PHP. MySQL was previously a property of MySQL AB but was acquired by Oracle Corporation in 2010. This created some worries in the OpenSource community, which led to create a fork, MariaDB, which is a plug-in replacement for MySQL and the one included in the Slackware distribution.

Installing MySQL

The quickest way to install MySQL is to NOT install it and use instead MariaDB, included with Slackware. If this is your choice, please note that /usr will be the root directory of the software instead of /usr/local/mysql, and proceed to Running SQL.

apr and apr-util, used by apache, refer to MySQL so the latter must be installed first. Download the latest stable version, choosing "Source Code" when asked to Select platform. Documentation is available from the web site. Here MySQL is compiled with OpenSSL support to be able to encrypt MySQL connections on port 3306 (just in case, as we don't intend to open port 3306 to the external world at the moment). 

# groupadd mysql
# useradd -g mysql mysql
# tar -C /usr/local -xvf mysql-x.y.z.tar.gz
# cd /usr/local/mysql-x.y.z
# chown -R root:root .
# less INSTALL-SOURCE
# rm CMakeCache.txt
# make clean
# cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DINSTALL_LIBDIR=lib64 \
-DINSTALL_PLUGINDIR=lib64/plugin -DMYSQL_DATADIR=/var/lib/mysql \
-DDEFAULT_CHARSET=latin1 -DDEFAULT_COLLATION=latin1_swedish_ci \
-DMYSQL_UNIX_ADDR=/var/run/mysql/mysql.sock -DWITH_SSL=yes
# make
# removepkg /var/log/packages/mysql-5.1.46-x86_64-2
# make install
# make clean
# cp -R /usr/local/mysql/man /usr/local
# cp support-files/my-default.cnf /etc/my.cnf
# chmod u+x scripts/mysql_install_db
# scripts/mysql_install_db --user=mysql --basedir=/usr/local/mysql --datadir=/var/lib/mysql

Configuring MySQL

MySQL (5.6.24) works correctly out of the box so there is nothing to do really. In the past we had to edit /etc/my.cnf to uncomment line #skip-networking to prevent MySQL network connections. We also had to include in this file, after the [client] tag a line default-character-set=charset_name (for instance utf8 or latin1) to eliminate this warning when launching a client : 

# mysql -u root -p
Enter password: 
mysql: Unknown OS character set 'ISO-8859-15'.
mysql: Switching to the default character set 'latin1'.
Welcome to the MySQL monitor.  Commands end with ; or \g.
. . .

This is no longer necessary, so let us directly update /etc/rc.d/rc.mysqld with new paths and options : 

# Start mysqld:
mysqld_start() {
  if [ -x /usr/local/mysql/bin/mysqld_safe ]; then
    # If there is an old PID file (no mysqld running), clean it up:
    if [ -r /var/run/mysql/mysql.pid ]; then
      if ! ps axc | grep mysqld 1> /dev/null 2> /dev/null ; then
        echo "Cleaning up old /var/run/mysql/mysql.pid."
        rm -f /var/run/mysql/mysql.pid
      fi
    fi
    /usr/local/mysql/bin/mysqld_safe --character_set_server=utf8 \
        --basedir=/usr/local/mysql --datadir=/var/lib/mysql \
        --pid-file=/var/run/mysql/mysql.pid $SKIP &
  fi
}

Running SQL

Give execution rights to the rc.mysqld script and launch the daemon : 

# chmod u+x /etc/rc.d/rc.mysqld
# /etc/rc.d/rc.mysqld start

Using MySQL

If you have time to invest, MySQL comes with a very exhaustive documentation, including a tutorial. A few quick notes however :

Mysql defines a root user without an initial password. mysqladmin makes is possible to specify one by typing /usr(/local/mysql)/bin/mysqladmin -u root -p password ‘new-password’. The old password is then requested. Type return (the old password is empty). From that point, the password will need to be specified for every client invocation, for example : "/usr(/local/mysql)/bin/mysql -u root -p mysql_db". "-p" with no value means that the password will be requested interactively. mysql_db is the database name. Not specifying the password on the command line affords avoiding potential disclosure to other users using ps.

You can use mysql to configure itself. Refer to the documentation for the SQL syntax, or use phpMyAdmin, a PHP application to manage MySql from your browser.

To invoke MySQL, use mysql -u user then enter queries at the mysql> prompt, quit to terminate the invocation. Commands can be entered uppercase or lowercase. It is possible to enter formulas, for example select sin(pi()/4), (4+1)*5, current_date;. "\c" at the end of a command affords cancelling.

Queries may be entered on several lines. When awaiting input on a new line, mysql displays -> if a command completion is awaited, '> for a string that began with a ', “> for a string that began with a , `> for an identifier that began with a `, /*> for a comment that began with a /*.

show databases; to view a list of existing databases. use database (without a semicolon) to use a specific database. GRANT ALL ON database.* TO 'your_mysql_name'@'your_client_host'; must have been used first by the admin to grant access. CREATE DATABASE database; to create a database then USE database.

Alternatively it is possible to specify the database name as the last parameter on the mysql command eg mysql -h host -u user -p database. select database(); affords viewing which database is in use.


Milter Main Page Apache
Retrieved from "http://studioware.com/wikislax/index.php?title=Apache&oldid=109"