PDA

View Full Version : Installing/Configuring LiteSpeed with CHRoot



qads
07-26-2011, 05:25 PM
1.0 INSTALLING LITESPEED/PHP
1.1 Installing LiteSpeed with CHRoot
useradd -g HTTPD -s /bin/false LSWS
mkdir -p /chroot/lsws
cd /usr/src
wget http://www.litespeedtech.com/packages/3.0/lsws-3.3.24-ent-i386-linux.tar.gz
tar -zxvf lsws-3.3.24-ent-i386-linux.tar.gz
cd lsws-3.3.24
(DOWNLOAD AND WGET A NEW trial.key)
./install.sh
Do you agree with above license? Yes
Destination [/opt/lsws]: /chroot/lsws
Chroot Path /chroot
User name [admin]: admin
Password: 123456 (change with your own admin password)
Retype password: 123456
User [nobody]: LSWS (use a non-system user that doesn't have a shell access and home directory)
Group [nobody]: HTTPD (group the webserver will be running as)
HTTP port [8088]: 80
Admin HTTP port [7080]: 7080
Don't forget, both these ports should be enabled in the firewall
Setup up PHP [Y/n]: Y
Suffix for PHP script(comma separated list) [php]: php
Would you like to change PHP opcode cache setting [y/N]? N
Would you like to install AWStats Add-on module [y/N]? N
Would you like to import Apache configuration [y/N]? N
Would you like to have LiteSpeed Web Server started automatically when the machine restarts [Y/n]? Y
Would you like to start it right now [Y/n]? Y


cd ..
1.2 Installing PHP for LiteSpeed

wget http://us2.php.net/get/php-5.2.9.tar.gz/from/us.php.net/mirror
tar -zxvf php-5.2.9.tar.gz
MAIL PATCH
cd /usr/src
wget http://choon.net/opensource/php/php-5.2.9-mail-header.patch
cd php-5.2.9
patch -p1 < ../php-5.2.9-mail-header.patch
SUHOSIN PATCH
cd /usr/src
wget http://download.suhosin.org/suhosin-patch-5.2.9-0.9.7.patch.gz
wget http://download.suhosin.org/suhosin-0.9.27.tgz
gunzip suhosin-patch-5.2.9-0.9.7.patch.gz
cd php-5.2.9
patch -p 1 -i ../suhosin-patch-5.2.9-0.9.7.patch
phpize
./configure
make
make install

cd /usr/src/php-5.2.9/sapi
wget http://www.litespeedtech.com/packages/lsapi/php-litespeed-4.9.tgz
tar -zxvf php-litespeed-4.9.tgz
cd ..
touch ac*
./buildconf --force-- IF ERROR ON ./buildconf:
--------------------------
install autoconf-2.13
--------------------------
wget http://ftp.gnu.org/gnu/autoconf/autoconf-2.13.tar.gz
tar zfvx autoconf-2.13.tar.gz
cd autoconf-2.13
./configure
make
make install
cd ..
./buildconf --force


Depending on your install, you will need to install packages/sources. This list cover most of the common ones needed just so you don't get error on install.

yum install libxml2-devel openssl-devel bzip2-devel libcurl-devel libpng-devel libjpeg-devel libXpm-devel freetype-devel libc-client-devel libmcrypt-devel libmhash-devel imap-devel libxslt-devel pcre-devel aspell-devel net-snmp-devel libxml expat-devel

The most important to make sure you include is --with-litespeed

./configure --enable-bcmath --enable-calendar --enable-dbase --enable-exif --enable-gd-native-ttf --enable-libxml --enable-ftp --enable-magic-quotes --enable-mbstring --enable-soap --enable-wddx --enable-zip --prefix=/usr/local --with-litespeed --with-config-file-path=/usr/local/lib --enable-suhosin --with-bz2 --with-curl=/opt/curlssl/ --with-curlwrappers --with-freetype-dir=/usr --with-gd --with-gettext --with-imap=/opt/php_with_imap_client/ --with-kerberos --with-imap-ssl=/usr --with-jpeg-dir=/usr/lib --with-png-dir=/usr/lib --with-libexpat-dir=/usr --with-libxml-dir=/opt/xml2 --with-libxml-dir=/opt/xml2/ --with-mcrypt --with-mhash=/opt/mhash/ --with-mime-magic --with-mm --with-mysql=/usr --with-mysql-sock=/var/lib/mysql/mysql.sock --with-mysqli=/usr/bin/mysql_config --with-openssl --enable-pdo=shared --with-pdo-mysql=shared --with-pdo-sqlite=shared --with-sqlite=shared --with-pic --with-png-dir=/usr --with-ttf --with-xmlrpc --with-xpm-dir=/usr --with-xsl=/opt/xslt/ --with-zlib --with-zlib-dir=/usr --with-pspell --with-pear --enable-sockets --with-snmp --enable-ucd-snmp-hack --with-tidy=/opt/tidy
Compile and Install...

make
make install

Now that we have PHP done, lets get the new binary moved over:

cd /opt/lsws/fcgi-bin
mv lsphp lsphp.old
cp /usr/src/php-5.2.9/sapi/litespeed/php ./lsphp
(RESTART LSWS)


2.0 CONFIGURING SERVICES
2.1 Configuring LiteSpeed with CHRoot
Because we are running in a CHRoot Environment now, we need to copy over the needed binaries for PHP.

/chroot/lsws/admin/misc/chroot.sh /chroot/ /chroot/lsws/fcgi-bin/lsphp

2.2 Configuring PHP for LSWS CHRoot

vim /chroot/lsws/usr/local/lib/php.ini
Find the following and set the socket location...

[MySQL]
...
mysql.default_socket = /tmp/mysqld/mysqld.sock

2.3 Configuring MySQL for LSWS CHRoot

vim /etc/my.cnf
Find and edit MySQL so that it sets the sock in the CHRoot:

[client]
socket=/chroot/lsws/tmp/mysqld/mysqld.sock
[mysqld]
socket=/chroot/lsws/tmp/mysqld/mysqld.sock

note: not mine copied from http://r00tsecurity.org/forums/topic/9280-installingconfiguring-litespeed-with-chroot/