SEARU.ORG
当前位置:SEARU.ORG > Linux 教程 > 正文

CentOS安装PHP-5.6.4+扩展安装+安全配置+性能配置

注:以下所有操作均在CentOS 6.5 x86_64位系统下完成。

#准备工作#

前段时间PHP官方发布了一个重要的安全升级公告,修复了两个unserialize函数的严重漏洞,目前受影响的版本有:

  • <5.4.36
  • <5.5.20
  • <5.6.4

这里我们直接下载5.6.4的版本进行安装配置,并且在这之前需要先把MySQL和Apache已经安装好,最好Nginx也先安装好,具体见:《CentOS 6.5安装MySQL 5.6.10及安全配置》、《CentOS安装Apache-2.4.10及安全配置》

#PHP的安装#

开始下载PHP并进行编译安装: 

# wget http://cn2.php.net/distributions/php-5.6.4.tar.gz
# tar zxf php-5.6.4.tar.gz
# cd php-5.6.4
# export LD_LIBRARY_PATH=/usr/local/mysql/lib
# ./configure --prefix=/usr/local/php-5.6.4 --with-config-file-path=/usr/local/php-5.6.4/etc --with-mysql=/usr/local/mysql --with-pdo-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-apxs2=/usr/local/apache/bin/apxs --enable-fpm --enable-shared --enable-zip --with-bz2 --enable-ftp --with-jpeg-dir --with-png-dir --with-freetype-dir --with-libxml-dir --with-xmlrpc --with-zlib-dir --with-gd --with-gmp --enable-gd-native-ttf --with-curl --with-regex=php --with-pic --with-xsl --enable-wddx --with-iconv --with-gettext --with-pear --enable-ctype --enable-calendar --enable-mbstring --enable-bcmath --enable-sockets  --enable-exif --disable-rpath  --with-mcrypt --with-mhash  --with-openssl --enable-sysvsem --enable-sigchild --enable-sysvshm --enable-soap  --disable-fileinfo --enable-opcache=no
...
Thank you for using PHP.

config.status: creating php5.spec
config.status: creating main/build-defs.h
config.status: creating scripts/phpize
config.status: creating scripts/man1/phpize.1
config.status: creating scripts/php-config
config.status: creating scripts/man1/php-config.1
config.status: creating sapi/cli/php.1
config.status: creating sapi/fpm/php-fpm.conf
config.status: creating sapi/fpm/init.d.php-fpm
config.status: creating sapi/fpm/php-fpm.service
config.status: creating sapi/fpm/php-fpm.8
config.status: creating sapi/fpm/status.html
config.status: creating sapi/cgi/php-cgi.1
config.status: creating ext/phar/phar.1
config.status: creating ext/phar/phar.phar.1
config.status: creating main/php_config.h
config.status: executing default commands

# make
...
Build complete.
Don't forget to run 'make test'.

# make install
...
Installing PHP SAPI module:       apache2handler
/usr/local/apache-2.4.10/build/instdso.sh SH_LIBTOOL='/usr/local/apr/build-1/libtool' libphp5.la /usr/local/apache-2.4.10/modules
/usr/local/apr/build-1/libtool --mode=install install libphp5.la /usr/local/apache-2.4.10/modules/
install .libs/libphp5.so /usr/local/apache-2.4.10/modules/libphp5.so
install .libs/libphp5.lai /usr/local/apache-2.4.10/modules/libphp5.la
libtool: install: warning: remember to run `libtool --finish /usr/local/src/php-5.6.4/libs'
chmod 755 /usr/local/apache-2.4.10/modules/libphp5.so
[activating module `php5' in /usr/local/apache-2.4.10/conf/httpd.conf]
Installing PHP CLI binary:        /usr/local/php-5.6.4/bin/
Installing PHP CLI man page:      /usr/local/php-5.6.4/php/man/man1/
Installing PHP FPM binary:        /usr/local/php-5.6.4/sbin/
Installing PHP FPM config:        /usr/local/php-5.6.4/etc/
Installing PHP FPM man page:      /usr/local/php-5.6.4/php/man/man8/
Installing PHP FPM status page:   /usr/local/php-5.6.4/php/fpm/
Installing PHP CGI binary:        /usr/local/php-5.6.4/bin/
Installing PHP CGI man page:      /usr/local/php-5.6.4/php/man/man1/
Installing build environment:     /usr/local/php-5.6.4/lib/php/build/
Installing header files:          /usr/local/php-5.6.4/include/php/
Installing helper programs:       /usr/local/php-5.6.4/bin/
  program: phpize
  program: php-config
Installing man pages:             /usr/local/php-5.6.4/php/man/man1/
  page: phpize.1
  page: php-config.1
Installing PEAR environment:      /usr/local/php-5.6.4/lib/php/
[PEAR] Archive_Tar    - installed: 1.3.12
[PEAR] Console_Getopt - installed: 1.3.1
[PEAR] Structures_Graph- installed: 1.0.4
[PEAR] XML_Util       - installed: 1.2.3
[PEAR] PEAR           - installed: 1.9.5
Wrote PEAR system config file at: /usr/local/php-5.6.4/etc/pear.conf
You may want to add: /usr/local/php-5.6.4/lib/php to your php.ini include_path
/usr/local/src/php-5.6.4/build/shtool install -c ext/phar/phar.phar /usr/local/php-5.6.4/bin
ln -s -f /usr/local/php-5.6.4/bin/phar.phar /usr/local/php-5.6.4/bin/phar
Installing PDO headers:          /usr/local/php-5.6.4/include/php/ext/pdo/

# ln -s /usr/local/php-5.6.4/ /usr/local/php

给PHP的upload和session添加目录支持:

# mkdir -p /data/php/upload
# mkdir -p /data/php/session

至此,PHP已经安装完毕。

#PHP-FPM的启动/关闭/重启#

自PHP-5.3.3开始,php源码中包含了php-fpm,不需要再单独通过布丁的方式来安装php-fpm,在编译的时候加入参数–enable-fpm即可。 

FPM(FastCGI Process Manager)用于替换PHP FastCGI的大部分附加功能,对于高负载网站非常有用。

首先将bin/php-fpm加入到系统PATH中:

# vim /etc/profile

export PHP_HOME=/usr/local/php
export PATH=$PATH:$PHP_HOME/bin:$PHP_HOME/sbin

$ source /etc/profile

$ php -version
PHP 5.6.4 (cli) (built: Jan  3 2015 11:16:17)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2014 Zend Technologies

然后复制默认的配置文件:

# cp /usr/local/src/php-5.6.4/php.ini-production /usr/local/php-5.6.4/etc/php.ini
# cp /usr/local/php-5.6.4/etc/php-fpm.conf.default /usr/local/php-5.6.4/etc/php-fpm.conf

接下来修改默认配置文件:

# vim /usr/local/php/etc/php.ini

date.timezone = Asia/Shanghai

# vim /usr/local/php/etc/php-fpm.conf

[global]
pid = /usr/local/php-5.6.4/var/run/php-fpm.pid
error_log = /usr/local/php-5.6.4/var/log/php-fpm.log
log_level = error

[www]
user = www
group = www
listen = 127.0.0.1:9000
listen.owner = www
listen.group = www
listen.mode = 0666

添加启动脚本,之后可以使用service来启动php-fpm程序,并且设置开机自启动:

# cp /usr/local/src/php-5.6.4/sapi/fpm/init.d.php-fpm /etc/init.d/php-fpm
# chmod +x /etc/init.d/php-fpm
# service php-fpm
Usage: /etc/init.d/php-fpm {start|stop|force-quit|restart|reload|status}
# chkconfig php-fpm on

启动php-fpm:

# service php-fpm start
Starting php-fpm  done

如果启动的时候出现错误(实际操作中发现存在该情况):

Starting php-fpm /usr/local/php-5.6.4/sbin/php-fpm: error while loading shared libraries: libmysqlclient.so.18: cannot open shared object file: No such file or directory
 failed

则将MySQL的so库文件copy到系统下:

# cp /usr/local/mysql/lib/libmysqlclient.so.18 /usr/lib64/

再来重新启动PHP,这次启动成功。

#PHP+Nginx#

现在来编辑nginx.conf以支持php解析,查看当前php环境是否可以正常运行:

# vim /usr/local/nginx/conf/nginx.conf

http {
    server {
        listen       80;
        server_name  localhost;
        root         html;
        index        index.html index.php;
        location ~ \.php$ {
            try_files      $uri = 404;
            include        fastcgi.conf;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        }
    }
}

然后编写一个简单的php文件,用来显示当前PHP环境信息:

# vim /usr/local/nginx-1.6.2/html/phpinfo.php

<?php
phpinfo();
?>

# chown -R www:www /usr/local/nginx-1.6.2

启动Nginx,并打开浏览器访问地址http://youripaddress/phpinfo.php应该可以看到:

至此,Nginx与PHP已经可以正常协同工作。

未经允许不得转载:SEARU.ORG » CentOS安装PHP-5.6.4+扩展安装+安全配置+性能配置

赞 (0)
分享到:更多 ()

评论 0