我正在使用 SCL 测试 PHP 升级。测试是在本地虚拟机上进行的,因此在我们开发程序时可以破坏一些东西。下列的SCL 存储库我能够将 Python 更新到 2.7.13 并通过 激活它profiles.d/
。我现在正在尝试升级 Apache 和 PHP。
根据阿帕奇下载最新的是 Apache 2.4.29。当我尝试更新 Apache 时,yum install httpd
我被告知软件包 httpd-2.4.6-67.el7.centos.6.x86_64 已安装且最新。如果我使用,yum install httpd24
那么 SCL 会尝试安装 Apache 1.18。
yum search httpd
没那么有帮助。它列出了软件包(有时还注明 SCL),但缺少版本号。
使用SCL程序时如何安装最新的Apache和PHP?
答案1
以下是我对 Apache、Python 和 PHP 升级的现场笔记。它也包括mod_ssl
,但缺乏mod_security
。我mod_security
在 SCL 中找不到。
##################################################
# https://access.redhat.com/solutions/527703
# https://www.hogarthuk.com/?q=node/15
# https://developers.redhat.com/blog/2014/03/19/permanently-enable-a-software-collection/
##################################################
# Enable SCL
##################################################
yum -y install centos-release-scl
yum-config-manager --enable rhel-server-rhscl-7-rpms
##################################################
# Python 2.7
##################################################
yum -y install python27
# Add enable-scl-python27.sh
cat /etc/profile.d/enable-scl-python27.sh
#!/usr/bin/env bash
source scl_source enable python27
##################################################
# PHP 7.1
##################################################
yum -y install rh-php71 rh-php71-php rh-php71-ssl rh-php71-php-mysqlnd
# Config at /etc/opt/rh/rh-php71/php.ini
# Add enable-scl-php71.sh
cat /etc/profile.d/enable-scl-php71.sh
#!/usr/bin/env bash
source scl_source enable rh-php71
##################################################
# Apache 2.4
##################################################
yum -y install httpd24
yum -y install httpd24-httpd-tools httpd24-mod_php httpd24-mod_ssl
# Add enable-scl-php71.sh
cat /etc/profile.d/enable-scl-httpd24.sh
#!/usr/bin/env bash
source scl_source enable httpd24
# Disable old, enable new
systemctl disable httpd.service
systemctl enable httpd24-httpd.service
# Config at /opt/rh/httpd24/root/etc/httpd/httpd.conf
# or /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf
# Config at /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf
##################################################
# httpd-ssl-pass-dialog
# The original ssl.conf probably includes this:
# SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
# Change it to this:
# /opt/rh/httpd24/root/usr/libexec/httpd-ssl-pass-dialog
##################################################
# !!! TEST APACHE !!!
apachectl configtest
# ps -aux | egrep 'apache|http'
root 1424 0.1 1.2 319644 13376 ? Ss 00:54 0:00 /opt/rh/httpd24/root/usr/sbin/httpd -DFOREGROUND
apache 1425 0.0 0.8 361184 8400 ? Sl 00:54 0:00 /opt/rh/httpd24/root/usr/sbin/httpd -DFOREGROUND
...
##################################################
# Backup fresh CONF
##################################################
cp /etc/opt/rh/rh-php71/php.ini /etc/opt/rh/rh-php71/php.ini.bu
cp /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf.bu
cp /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf.bu
##################################################
# Copy old CONF to new CONF
##################################################
# Copy httpd.conf and ssl.conf from /etc/httpd to /opt/rh/httpd24/root/etc/httpd
# Change SERVER_ROOT from /etc/httpd to /opt/rh/httpd24/root/etc/httpd
# Leave DOCUMENT_ROOT unchanged. The new server can serve from the old location.
# Leave mod_ssl unchanged. The old and new mod_ssl use /etc/pki/tls/certs and /etc/pki/tls/private.
# php.ini is too different between version 5 and version 7. Manually copy the hardening.
##################################################
# Hardening
##################################################
# List unneeded functions from PHP in disable_functions
# Comment unneeded modules in /opt/rh/httpd24/root/etc/httpd/conf.modules.d
##################################################
# Important Diff's after cp
##################################################
diff /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf.bu /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf
diff /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf.bu /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf