Solved

Newbie installing Apache+mod_ssl, PHP4 and MySQL 4.9 using ports

Posted on 2004-08-03
13
3,227 Views
Last Modified: 2013-11-22
I saw http://www.devx.com/opensource/Article/17534/0/page/1 and thought this would be relatively easy.

(1) I installed FreeBSD 4.9 from an ISO and got it up and running on the Internet
(2) I installed CVsup:
    cd /usr/ports/net/cvsup-without-gui
    make
    make install
    make clean
(3) I copied ports-supfile into /root/ports-supfile and made the edit:
    *default host=cvsup2.uk.FreeBSD.org.
(4) I rebooted
(5) I ran CVsup:
    cvsup -g -L 2 /root/ports-supfile

All well and good.

(5) I attempted to install Perl5:
    cd /usr/ports/lang/perl5
    make

I got the error: "There is no COMMENT variable defined for this port. Please rectify this." It transpires that it installed /usr/ports/lang/perl5/pkg-message, which is the old way of doing tings and didn't define a COMMENT variable, which is the new way of doing things.

I had a go at adding a COMMENT variable to the file and deleting pkg-message, but some other errors cropped up when I attempted to install mysql40-server (looking for libtooll13, when it only seemed to want to install libtooll15).

This made me think that I'm probably not going about this in the right way.

Should I expect to be able to install a stable version of FreeBSD with Apache, mod_ssl, PHP4 and MySQL by following a relatively mindless procedure... or is it the case that nobody in their right mind actually uses ports in FreeBSD?
0
Comment
Question by:rstaveley
  • 7
  • 4
  • 2
13 Comments
 
LVL 17

Author Comment

by:rstaveley
Comment Utility
Revisions really do seem to be in a mess using ports.

With respect to versions of mysql*-server, I see that only mysql41-server uses libtooll15, but it is marked as a "beta". mysql40-server looks like the stable release, but it depends on libtooll13, which is deprecated:

--------8<--------
/usr/ports/databases/mysql323-server/Makefile:
PORTVERSION=    3.23.58
USE_LIBTOOL_VER=        13

/usr/ports/databases/mysql40-server/Makefile:
PORTVERSION=    4.0.20
USE_LIBTOOL_VER=        13

/usr/ports/databases/mysql41-server/Makefile:
PORTVERSION=    4.1.3
DISTNAME=       ${PORTNAME}-${PORTVERSION}-beta
USE_LIBTOOL_VER=15

/usr/ports/databases/mysql50-server/Makefile:
PORTVERSION=    5.0.0
DISTNAME=       ${PORTNAME}-${PORTVERSION}-alpha
USE_LIBTOOL_VER=        13
--------8<--------

I want to install it in such a way that the procedure is standard and can easily be reproduced by another person at another site.

Am I making hard work for myself using ports to install MySQL?
0
 
LVL 1

Accepted Solution

by:
hvdhelm earned 240 total points
Comment Utility
As root:

Apache 1.3 + mod_ssl
cd /usr/ports/www/apache13-modssl
make install clean

PHP4 module for Apache
cd /usr/ports/www/mod_php4
make install clean

Mysql-server 4
cd /usr/ports/databases/mysql40-server
make install clean

for safety reboot.
0
 
LVL 61

Expert Comment

by:gheist
Comment Utility
There is no problem as such. Go to www.freebsd.org/handbook and read about CVSup update tools.
0
 
LVL 17

Author Comment

by:rstaveley
Comment Utility
I get "Error: Cannot find SSL binaries under /usr/local", when running make in /usr/ports/www/apache13-modssl.

Here's the output from make:
--------8<--------
freebox# pwd
/usr/ports/www/apache13-modssl
freebox# make install clean
===>  Vulnerability check disabled
You may use the following build options:

  WITH_APACHE_SUEXEC=yes        enable the suEXEC feature
                                [default is no]
  APACHE_SUEXEC_CALLER=user     set the suEXEC username of the allowed caller
                                [default is www]
  APACHE_SUEXEC_DOCROOT=dir     set the suEXEC root directory
                                [default is /usr/local/www/data]
  APACHE_SUEXEC_LOG=file        set the suEXEC logfile
                                [default is /var/log/httpd-suexec.log]
  APACHE_SUEXEC_USERDIR=dir     set the suEXEC user subdirectory
                                [default is public_html]
  APACHE_SUEXEC_UIDMIN=uid      set the suEXEC minimal allowed UID
                                [default is 1000]
  APACHE_SUEXEC_GIDMIN=gid      set the suEXEC minimal allowed GID
                                [default is 1000]
  APACHE_SUEXEC_SAFE_PATH=path  set the suEXEC safe PATH
                                [default is /bin:/usr/bin:/usr/local/bin]
  APACHE_SUEXEC_UMASK=umask     set the umask for the suEXEC'd script
                                [default is inherited from the Apache process]

  APACHE_HARD_SERVER_LIMIT=nr   Maximum number of Apache processes.
                                [default is 512]
  APACHE_FD_SETSIZE=nr          Maximum number of descriptors.
                                [default is 1024]

  APACHE_BUFFERED_LOGS=yes      Log entries are buffered before writing.
                                Writes may not be atomic, entries from multiple
                                children could become mixed together and your
                                web stats may be inaccurate.
                                [default is no]
  WITH_APACHE_PERF_TUNING=yes   CFLAGS optimization.
                                This setting may produce broken code and thus
                                is not recommended for production servers.
                                [default is no]

  WITH_APACHE_IPV6=yes          IPv6 support.
                                This setting turns IPv6 support on.
                                [default is no]

  WITH_APACHE_MODSNMP=yes       mod_snmp support.
                                This setting turns support for SNMP on.
                                [default is no]

  WITH_APACHE_MODACCEL=yes      mod_accel support.
                                This setting activates build of mod_accel.
                                [default is no]

  WITH_APACHE_MODDEFLATE=yes    mod_deflate support.
                                This setting activates build of mod_deflate.
                                [default is no]

  WITHOUT_APACHE_EXPAT=yes      don't compile in expat.
                                [default is no (expat is included)]

===>  Extracting for apache+mod_ssl-1.3.31+2.8.19
>> Checksum OK for apache_1.3.31.tar.gz.
>> Checksum OK for mod_ssl-2.8.19-1.3.31.tar.gz.
===>   apache+mod_ssl-1.3.31+2.8.19 depends on file: /usr/local/bin/perl5.6.1 - found
===>  Patching for apache+mod_ssl-1.3.31+2.8.19
===>   apache+mod_ssl-1.3.31+2.8.19 depends on file: /usr/local/lib/libcrypto.so.3 - found
===>   apache+mod_ssl-1.3.31+2.8.19 depends on file: /usr/local/bin/perl5.6.1 - found
===>   apache+mod_ssl-1.3.31+2.8.19 depends on file: /usr/local/bin/perl5.6.1 - found
===>  Applying mod_ssl-2.8.19 extension
Configuring mod_ssl/2.8.19 for Apache/1.3.31
 + Apache location: ../apache_1.3.31 (Version 1.3.31)
 + Auxiliary patch tool: ./etc/patch/patch (local)    
 + Applying packages to Apache source tree:
   o Extended API (EAPI)
   o Distribution Documents
   o SSL Module Source
   o SSL Support
   o SSL Configuration Additions
   o SSL Module Documentation
   o Addons
Done: source extension and patches successfully applied.
===>  Applying FreeBSD patches for apache+mod_ssl-1.3.31+2.8.19
===>   apache+mod_ssl-1.3.31+2.8.19 depends on file: /usr/local/lib/libcrypto.so.3 - found
===>   apache+mod_ssl-1.3.31+2.8.19 depends on file: /usr/local/bin/perl5.6.1 - found
===>   apache+mod_ssl-1.3.31+2.8.19 depends on shared library: mm.13 - found
===>   apache+mod_ssl-1.3.31+2.8.19 depends on shared library: expat.5 - found
===>  Configuring for apache+mod_ssl-1.3.31+2.8.19
Configuring for Apache, Version 1.3.31
 + using installation path layout: FreeBSD (config.layout)
Creating Makefile
Creating Configuration.apaci in src
 + enabling mod_so for DSO support
Creating Makefile in src
 + configured for FreeBSD 4.9 platform
 + setting C pre-processor to cc -E
 + using "tr [a-z] [A-Z]" to uppercase
 + checking for system header files
 + adding selected modules
    o rewrite_module uses ConfigStart/End
      enabling DBM support for mod_rewrite
    o db_auth_module uses ConfigStart/End
      using Berkeley-DB/1.x for mod_auth_db (-lc)
    o ssl_module uses ConfigStart/End
      + SSL interface: mod_ssl/2.8.19
      + SSL interface build type: DSO
      + SSL interface compatibility: enabled
      + SSL interface experimental code: disabled
      + SSL interface conservative code: disabled
      + SSL interface vendor extensions: disabled
      + SSL interface plugin: Vendor DBM (libc)
      + SSL library path: /usr/local/openssl
Error: Cannot find SSL binaries under /usr/local/openssl
===>  Building for apache+mod_ssl-1.3.31+2.8.19
===> src
make: don't know how to make all. Stop
*** Error code 2

Stop in /usr/ports/www/apache13-modssl/work/apache_1.3.31.
*** Error code 1

Stop in /usr/ports/www/apache13-modssl/work/apache_1.3.31.
*** Error code 1

Stop in /usr/ports/www/apache13-modssl.
--------8<--------

Here's the Makefile version:
--------8<--------
freebox# head Makefile
# New ports collection makefile for:    Apache + mod_ssl
# Date created:         Sat Aug 22 12:00:00 CDT 1998
# Whom:                 rse@engelschall.com
#
# $FreeBSD: ports/www/apache13-modssl/Makefile,v 1.157 2004/07/19 04:06:46 dinoex Exp $ #

PORTNAME=       apache+mod_ssl
PORTVERSION=    ${VERSION_APACHE}+${VERSION_MODSSL}
CATEGORIES?=    www security
--------8<--------

Was I wrong to have run CVsup?

I'll reinstall from the ISOs, if you reckon that was a wrong thing to have done.
0
 
LVL 17

Author Comment

by:rstaveley
Comment Utility
gheist,

> There is no problem as such

What do you reckon is going wrong then?

0
 
LVL 1

Assisted Solution

by:hvdhelm
hvdhelm earned 240 total points
Comment Utility
Add OpenSSL

cd /usr/ports/security/openssl
make install clean
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 17

Author Comment

by:rstaveley
Comment Utility
> Add OpenSSL

No joy.

It still has: Error: Cannot find SSL binaries under /usr/local/ssl

My feeling is that CVSup is the culprit. I'm going to try another installation from the ISOs, but this time, I'll not bother with the CVSup....
0
 
LVL 61

Assisted Solution

by:gheist
gheist earned 60 total points
Comment Utility
At some time they dropped ssl in base system (just after 4.9) so you need to install openssl from ports (cd /usr/ports/security/opensssl ; make install clean) before clean build of apche and ssl
0
 
LVL 17

Author Comment

by:rstaveley
Comment Utility
Sure enough it was CVSup that caused the problem.

Installing mod_ssl was fine once I got to grips with some FreeBSD conventions with respect to start-up scripts - specifically *-dist, which threw me.

Thanks everyone for your encouragement.
0
 
LVL 61

Expert Comment

by:gheist
Comment Utility
Read /usr/ports/UPDATING and match against your pkg_info , this will help you to avoid such poblem in future.
release tag must be RELENG_4_9 for system and . for ports, I hope you pinted this out yourself
if you go from RELENG_4_9 to RELENG_4 or RELENG_4_10, then you need to follow strict order - update all sources, build new kernel (this may break some ports) and reboot, make world in /usr/src and reboot (this may break some and bring some back), rebuild all ports or at least those affected. there is no strong need to upgrade system from 4_9 to 4_10, since RELENG_4_9 is patched against all security holes (look at uname -a, mine is FreeBSD 4.9-RELEASE-p11 , not 4.9-RELEASE anymore, installing packages with sysinstall does not work anymore but ports build fine)
0
 
LVL 17

Author Comment

by:rstaveley
Comment Utility
I can see /usr/src/UPDATING, which seems to be a revision history unrelated to ports, but no /usr/ports/UPDATING. Mine is simply FreeBSD 4.9-RELEASE.

I don't really want to put together a system which deviates too far from something shrink-wrapped, because it makes it tricky to reproduce. I'm putting together a box for local development, which will be as near as dammit replicated at an ISP. It's the business deal with the ISP that got me into FreeBSD in the first place. Having once been bitten by CVSup, I'm dubious about the value of upgrading the system for my purposes.
0
 
LVL 61

Expert Comment

by:gheist
Comment Utility
So I suggested to add only security patches and to upgrade to RELENG_4_9 from RELENG_4_9_RELEASE (same effect as fetching and installing eleven *.patch files from ftp.freebsd.org and rebuilding kernel and fwe components in base system)

this does not involve any incompatibilities to ports or whatever, just /stand/sysinstall refuses to fetch ready packages from ftp.freebsd.org without changing release to boxed version.

If you did not find it out upgrading is quite esy - either via portupgrade script for complex ports like kde, gnome or xfree or xorg, and simple make deinstall reinstall for simple ports like apache+ssl
0
 
LVL 17

Author Comment

by:rstaveley
Comment Utility
It is only fair to open another question for this, gheist, you are being very helpful. Here's the question: http:Q_21084480.html
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now