Upgrade currently installed PHP packages to version 7.1

By Sture | 2017-07-16 | Comments 0 Comment

Preparation for Installation

Start PuTTY on a Windows PC, Terminal on a Mac or similar terminal application on a Linux PC.

In this example Terminal on a Mac is used.

Open a remote SSH session to the server with:

Mac:~ user$ ssh user@192.168.1.4 [enter]

N.B.: Replace user@192.168.1.4 with User ID and IP Address on Your server!

[user@server ~]$

Enable superuser privileges with:

[user@server ~]$ sudo -s [enter]
Password: <-- passwd [enter]
[root@server /usr/home/user]#

N.B.: Enter user password, not the root password!

Add all currently installed PHP packages to file ‘installed-php-ports-list’ and then display the list with:

[root@server /usr/home/user]# pkg info \*php\* > ~/installed-php-ports-list; cat ~/installed-php-ports-list [enter]
php70-7.0.21
php70-bz2-7.0.21
php70-ctype-7.0.21
php70-curl-7.0.21
php70-dom-7.0.21
php70-extensions-1.1
php70-filter-7.0.21
php70-ftp-7.0.21
php70-gd-7.0.21
php70-hash-7.0.21
php70-iconv-7.0.21
php70-json-7.0.21
php70-mbstring-7.0.21_1
php70-mcrypt-7.0.21
php70-mysqli-7.0.21
php70-opcache-7.0.21
php70-openssl-7.0.21
php70-pdo-7.0.21
php70-pdo_sqlite-7.0.21
php70-phar-7.0.21
php70-posix-7.0.21
php70-session-7.0.21
php70-simplexml-7.0.21
php70-sqlite3-7.0.21
php70-tokenizer-7.0.21
php70-xml-7.0.21
php70-xmlreader-7.0.21
php70-xmlwriter-7.0.21
php70-zip-7.0.21
php70-zlib-7.0.21
mod_php70-7.0.21
[root@server /usr/home/user]#

N.B.: The next command will delete all PHP packages listed in file installed-php-ports-list WITHOUT any confirmation from you!

Delete all currently installed packages listed in file installed-php-ports-list with:

[root@server /usr/home/user]# cat ~/installed-php-ports-list | xargs pkg delete -fy [enter]
Checking integrity... done (0 conflicting)
Deinstallation has been requested for the following 31 packages (of 0 packages in the universe):

Installed packages to be REMOVED:
        php70-7.0.21
        php70-bz2-7.0.21
        php70-ctype-7.0.21
        php70-curl-7.0.21
        php70-dom-7.0.21
        php70-extensions-1.1
        php70-filter-7.0.21
        php70-ftp-7.0.21
        php70-gd-7.0.21
        php70-hash-7.0.21
        php70-iconv-7.0.21
        php70-json-7.0.21
        php70-mbstring-7.0.21_1
        php70-mcrypt-7.0.21
        php70-mysqli-7.0.21
        php70-opcache-7.0.21
        php70-openssl-7.0.21
        php70-pdo-7.0.21
        php70-pdo_sqlite-7.0.21
        php70-phar-7.0.21
        php70-posix-7.0.21
        php70-session-7.0.21
        php70-simplexml-7.0.21
        php70-sqlite3-7.0.21
        php70-tokenizer-7.0.21
        php70-xml-7.0.21
        php70-xmlreader-7.0.21
        php70-xmlwriter-7.0.21
        php70-zip-7.0.21
        php70-zlib-7.0.21
        mod_php70-7.0.21

Number of packages to be removed: 31

The operation will free 28 MiB.
[1/31] Deinstalling php70-extensions-1.1...
[2/31] Deinstalling php70-pdo_sqlite-7.0.21...
[2/31] Deleting files for php70-pdo_sqlite-7.0.21: 100%
[3/31] Deinstalling php70-phar-7.0.21...
[3/31] Deleting files for php70-phar-7.0.21: 100%
[4/31] Deinstalling php70-xmlreader-7.0.21...
[4/31] Deleting files for php70-xmlreader-7.0.21: 100%
[5/31] Deinstalling php70-bz2-7.0.21...
[5/31] Deleting files for php70-bz2-7.0.21: 100%
[6/31] Deinstalling php70-ctype-7.0.21...
[6/31] Deleting files for php70-ctype-7.0.21: 100%
[7/31] Deinstalling php70-curl-7.0.21...
[7/31] Deleting files for php70-curl-7.0.21: 100%
[8/31] Deinstalling php70-dom-7.0.21...
[8/31] Deleting files for php70-dom-7.0.21: 100%
[9/31] Deinstalling php70-filter-7.0.21...
[9/31] Deleting files for php70-filter-7.0.21: 100%
[10/31] Deinstalling php70-ftp-7.0.21...
[10/31] Deleting files for php70-ftp-7.0.21: 100%
[11/31] Deinstalling php70-gd-7.0.21...
[11/31] Deleting files for php70-gd-7.0.21: 100%
[12/31] Deinstalling php70-hash-7.0.21...
[12/31] Deleting files for php70-hash-7.0.21: 100%
[13/31] Deinstalling php70-iconv-7.0.21...
[13/31] Deleting files for php70-iconv-7.0.21: 100%
[14/31] Deinstalling php70-json-7.0.21...
[14/31] Deleting files for php70-json-7.0.21: 100%
[15/31] Deinstalling php70-mbstring-7.0.21_1...
[15/31] Deleting files for php70-mbstring-7.0.21_1: 100%
[16/31] Deinstalling php70-mcrypt-7.0.21...
[16/31] Deleting files for php70-mcrypt-7.0.21: 100%
[17/31] Deinstalling php70-mysqli-7.0.21...
[17/31] Deleting files for php70-mysqli-7.0.21: 100%
[18/31] Deinstalling php70-opcache-7.0.21...
[18/31] Deleting files for php70-opcache-7.0.21: 100%
[19/31] Deinstalling php70-openssl-7.0.21...
[19/31] Deleting files for php70-openssl-7.0.21: 100%
[20/31] Deinstalling php70-pdo-7.0.21...
[20/31] Deleting files for php70-pdo-7.0.21: 100%
[21/31] Deinstalling php70-posix-7.0.21...
[21/31] Deleting files for php70-posix-7.0.21: 100%
[22/31] Deinstalling php70-session-7.0.21...
[22/31] Deleting files for php70-session-7.0.21: 100%
[23/31] Deinstalling php70-simplexml-7.0.21...
[23/31] Deleting files for php70-simplexml-7.0.21: 100%
[24/31] Deinstalling php70-sqlite3-7.0.21...
[24/31] Deleting files for php70-sqlite3-7.0.21: 100%
[25/31] Deinstalling php70-tokenizer-7.0.21...
[25/31] Deleting files for php70-tokenizer-7.0.21: 100%
[26/31] Deinstalling php70-xml-7.0.21...
[26/31] Deleting files for php70-xml-7.0.21: 100%
[27/31] Deinstalling php70-xmlwriter-7.0.21...
[27/31] Deleting files for php70-xmlwriter-7.0.21: 100%
[28/31] Deinstalling php70-zip-7.0.21...
[28/31] Deleting files for php70-zip-7.0.21: 100%
[29/31] Deinstalling php70-zlib-7.0.21...
[29/31] Deleting files for php70-zlib-7.0.21: 100%
[30/31] Deinstalling php70-7.0.21...
[30/31] Deleting files for php70-7.0.21: 100%
[31/31] Deinstalling mod_php70-7.0.21...
[preparing module `php7' in /usr/local/etc/apache24/httpd.conf]
[31/31] Deleting files for mod_php70-7.0.21: 100%
Install all packages deleted with the new version as in this example with:
[root@server /usr/home/user]#

[root@server /usr/home/user]# pkg install php71 php71-bz2 php71-ctype php71-curl php71-dom php71-extensions php71-filter php71-ftp php71-gd php71-hash php71-iconv php71-json php71-mbstring php71-mcrypt php71-mysqli php71-opcache php71-openssl php71-pdo php71-pdo_sqlite php71-phar php71-posix php71-session php71-simplexml php71-sqlite3 php71-tokenizer php71-xml php71-xmlreader php71-xmlwriter php71-zip php71-zlib mod_php71 [enter]
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 31 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
        php71: 7.1.7
        php71-bz2: 7.1.7
        php71-ctype: 7.1.7
        php71-curl: 7.1.7
        php71-dom: 7.1.7
        php71-extensions: 1.0
        php71-filter: 7.1.7
        php71-ftp: 7.1.7
        php71-gd: 7.1.7
        php71-hash: 7.1.7
        php71-iconv: 7.1.7
        php71-json: 7.1.7
        php71-mbstring: 7.1.7_1
        php71-mcrypt: 7.1.7
        php71-mysqli: 7.1.7
        php71-opcache: 7.1.7
        php71-openssl: 7.1.7
        php71-pdo: 7.1.7
        php71-pdo_sqlite: 7.1.7
        php71-phar: 7.1.7
        php71-posix: 7.1.7
        php71-session: 7.1.7
        php71-simplexml: 7.1.7
        php71-sqlite3: 7.1.7
        php71-tokenizer: 7.1.7
        php71-xml: 7.1.7
        php71-xmlreader: 7.1.7
        php71-xmlwriter: 7.1.7
        php71-zip: 7.1.7
        php71-zlib: 7.1.7
        mod_php71: 7.1.7

Number of packages to be installed: 31

The process will require 29 MiB more space.
5 MiB to be downloaded.

Proceed with this action? [y/N]: y
[1/31] Fetching php71-7.1.7.txz: 100%    2 MiB   1.1MB/s    00:02
[2/31] Fetching php71-bz2-7.1.7.txz: 100%   11 KiB  10.9kB/s    00:01
[3/31] Fetching php71-ctype-7.1.7.txz: 100%    6 KiB   6.6kB/s    00:01
[4/31] Fetching php71-curl-7.1.7.txz: 100%   27 KiB  27.9kB/s    00:01
[5/31] Fetching php71-dom-7.1.7.txz: 100%   54 KiB  55.3kB/s    00:01
[6/31] Fetching php71-extensions-1.0.txz: 100%    1 KiB   1.1kB/s    00:01
[7/31] Fetching php71-filter-7.1.7.txz: 100%   18 KiB  18.9kB/s    00:01
[8/31] Fetching php71-ftp-7.1.7.txz: 100%   22 KiB  22.5kB/s    00:01
[9/31] Fetching php71-gd-7.1.7.txz: 100%  130 KiB 133.5kB/s    00:01
[10/31] Fetching php71-hash-7.1.7.txz: 100%  119 KiB 121.6kB/s    00:01
[11/31] Fetching php71-iconv-7.1.7.txz: 100%   18 KiB  18.0kB/s    00:01
[12/31] Fetching php71-json-7.1.7.txz: 100%   20 KiB  20.4kB/s    00:01
[13/31] Fetching php71-mbstring-7.1.7_1.txz:  66%  472 KiB 483.3kB/s    00:00 ET[13/31] Fetching php71-mbstring-7.1.7_1.txz: 100%  714 KiB 730.7kB/s    00:01   
[14/31] Fetching php71-mcrypt-7.1.7.txz: 100%   15 KiB  14.9kB/s    00:01
[15/31] Fetching php71-mysqli-7.1.7.txz: 100%   39 KiB  40.1kB/s    00:01
[16/31] Fetching php71-opcache-7.1.7.txz: 100%  143 KiB 146.8kB/s    00:01
[17/31] Fetching php71-openssl-7.1.7.txz: 100%   53 KiB  53.9kB/s    00:01
[18/31] Fetching php71-pdo-7.1.7.txz: 100%   43 KiB  44.1kB/s    00:01
[19/31] Fetching php71-pdo_sqlite-7.1.7.txz: 100%   12 KiB  12.1kB/s    00:01   
[20/31] Fetching php71-phar-7.1.7.txz: 100%  102 KiB 104.9kB/s    00:01
[21/31] Fetching php71-posix-7.1.7.txz: 100%   11 KiB  11.4kB/s    00:01
[22/31] Fetching php71-session-7.1.7.txz: 100%   31 KiB  32.1kB/s    00:01
[23/31] Fetching php71-simplexml-7.1.7.txz: 100%   23 KiB  23.3kB/s    00:01
[24/31] Fetching php71-sqlite3-7.1.7.txz: 100%   17 KiB  17.8kB/s    00:01
[25/31] Fetching php71-tokenizer-7.1.7.txz: 100%    9 KiB   8.8kB/s    00:01
[26/31] Fetching php71-xml-7.1.7.txz: 100%   20 KiB  20.1kB/s    00:01
[27/31] Fetching php71-xmlreader-7.1.7.txz: 100%   13 KiB  12.9kB/s    00:01
[28/31] Fetching php71-xmlwriter-7.1.7.txz: 100%   13 KiB  13.1kB/s    00:01
[29/31] Fetching php71-zip-7.1.7.txz: 100%   20 KiB  20.4kB/s    00:01
[30/31] Fetching php71-zlib-7.1.7.txz: 100%   17 KiB  17.6kB/s    00:01
[31/31] Fetching mod_php71-7.1.7.txz: 100%    1 MiB   1.2MB/s    00:01
Checking integrity... done (0 conflicting)
[1/31] Installing php71-7.1.7...
[1/31] Extracting php71-7.1.7: 100%
[2/31] Installing php71-dom-7.1.7...
[2/31] Extracting php71-dom-7.1.7: 100%
[3/31] Installing php71-hash-7.1.7...
[3/31] Extracting php71-hash-7.1.7: 100%
[4/31] Installing php71-pdo-7.1.7...
[4/31] Extracting php71-pdo-7.1.7: 100%
[5/31] Installing php71-ctype-7.1.7...
[5/31] Extracting php71-ctype-7.1.7: 100%
[6/31] Installing php71-filter-7.1.7...
[6/31] Extracting php71-filter-7.1.7: 100%
[7/31] Installing php71-iconv-7.1.7...
[7/31] Extracting php71-iconv-7.1.7: 100%
[8/31] Installing php71-json-7.1.7...
[8/31] Extracting php71-json-7.1.7: 100%
[9/31] Installing php71-opcache-7.1.7...
[9/31] Extracting php71-opcache-7.1.7: 100%
[10/31] Installing php71-pdo_sqlite-7.1.7...
[10/31] Extracting php71-pdo_sqlite-7.1.7: 100%
[11/31] Installing php71-phar-7.1.7...
[11/31] Extracting php71-phar-7.1.7: 100%
[12/31] Installing php71-posix-7.1.7...
[12/31] Extracting php71-posix-7.1.7: 100%
[13/31] Installing php71-session-7.1.7...
[13/31] Extracting php71-session-7.1.7: 100%
[14/31] Installing php71-simplexml-7.1.7...
[14/31] Extracting php71-simplexml-7.1.7: 100%
[15/31] Installing php71-sqlite3-7.1.7...
[15/31] Extracting php71-sqlite3-7.1.7: 100%
[16/31] Installing php71-tokenizer-7.1.7...
[16/31] Extracting php71-tokenizer-7.1.7: 100%
[17/31] Installing php71-xml-7.1.7...
[17/31] Extracting php71-xml-7.1.7: 100%
[18/31] Installing php71-xmlreader-7.1.7...
[18/31] Extracting php71-xmlreader-7.1.7: 100%
[19/31] Installing php71-xmlwriter-7.1.7...
[19/31] Extracting php71-xmlwriter-7.1.7: 100%
[20/31] Installing php71-bz2-7.1.7...
[20/31] Extracting php71-bz2-7.1.7: 100%
[21/31] Installing php71-curl-7.1.7...
[21/31] Extracting php71-curl-7.1.7: 100%
[22/31] Installing php71-extensions-1.0...
[23/31] Installing php71-ftp-7.1.7...
[23/31] Extracting php71-ftp-7.1.7: 100%
[24/31] Installing php71-gd-7.1.7...
[24/31] Extracting php71-gd-7.1.7: 100%
[25/31] Installing php71-mbstring-7.1.7_1...
[25/31] Extracting php71-mbstring-7.1.7_1: 100%
[26/31] Installing php71-mcrypt-7.1.7...
[26/31] Extracting php71-mcrypt-7.1.7: 100%
[27/31] Installing php71-mysqli-7.1.7...
[27/31] Extracting php71-mysqli-7.1.7: 100%
[28/31] Installing php71-openssl-7.1.7...
[28/31] Extracting php71-openssl-7.1.7: 100%
[29/31] Installing php71-zip-7.1.7...
[29/31] Extracting php71-zip-7.1.7: 100%
[30/31] Installing php71-zlib-7.1.7...
[30/31] Extracting php71-zlib-7.1.7: 100%
[31/31] Installing mod_php71-7.1.7...
Extracting mod_php71-7.1.7: 100%
[activating module `php7' in /usr/local/etc/apache24/httpd.conf]
Message from php71-dom-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-dom.ini
configuration file to automatically load the installed extension:

extension=dom.so

****************************************************************************
Message from php71-hash-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-hash.ini
configuration file to automatically load the installed extension:

extension=hash.so

****************************************************************************
Message from php71-pdo-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-pdo.ini
configuration file to automatically load the installed extension:

extension=pdo.so

****************************************************************************
Message from php71-ctype-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-ctype.ini
configuration file to automatically load the installed extension:

extension=ctype.so

****************************************************************************
Message from php71-filter-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-filter.ini
configuration file to automatically load the installed extension:

extension=filter.so

****************************************************************************
Message from php71-iconv-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-iconv.ini
configuration file to automatically load the installed extension:

extension=iconv.so

****************************************************************************
Message from php71-json-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-json.ini
configuration file to automatically load the installed extension:

extension=json.so

****************************************************************************
Message from php71-opcache-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-10-opcache.ini
configuration file to automatically load the installed extension:

zend_extension=opcache.so

****************************************************************************
Message from php71-pdo_sqlite-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-30-pdo_sqlite.ini
configuration file to automatically load the installed extension:

extension=pdo_sqlite.so

****************************************************************************
Message from php71-phar-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-30-phar.ini
configuration file to automatically load the installed extension:

extension=phar.so

****************************************************************************
Message from php71-posix-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-posix.ini
configuration file to automatically load the installed extension:

extension=posix.so

****************************************************************************
Message from php71-session-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-18-session.ini
configuration file to automatically load the installed extension:

extension=session.so

****************************************************************************
Message from php71-simplexml-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-simplexml.ini
configuration file to automatically load the installed extension:

extension=simplexml.so

****************************************************************************
Message from php71-sqlite3-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-sqlite3.ini
configuration file to automatically load the installed extension:

extension=sqlite3.so

****************************************************************************
Message from php71-tokenizer-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-tokenizer.ini
configuration file to automatically load the installed extension:

extension=tokenizer.so

****************************************************************************
Message from php71-xml-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-xml.ini
configuration file to automatically load the installed extension:

extension=xml.so

****************************************************************************
Message from php71-xmlreader-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-30-xmlreader.ini
configuration file to automatically load the installed extension:

extension=xmlreader.so

****************************************************************************
Message from php71-xmlwriter-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-xmlwriter.ini
configuration file to automatically load the installed extension:

extension=xmlwriter.so

****************************************************************************
Message from php71-bz2-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-bz2.ini
configuration file to automatically load the installed extension:

extension=bz2.so

****************************************************************************
Message from php71-curl-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-curl.ini
configuration file to automatically load the installed extension:

extension=curl.so

****************************************************************************
Message from php71-ftp-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-ftp.ini
configuration file to automatically load the installed extension:

extension=ftp.so

****************************************************************************
Message from php71-gd-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-gd.ini
configuration file to automatically load the installed extension:

extension=gd.so

****************************************************************************
Message from php71-mbstring-7.1.7_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-mbstring.ini
configuration file to automatically load the installed extension:

extension=mbstring.so

****************************************************************************
Message from php71-mcrypt-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-mcrypt.ini
configuration file to automatically load the installed extension:

extension=mcrypt.so

****************************************************************************
Message from php71-mysqli-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-mysqli.ini
configuration file to automatically load the installed extension:

extension=mysqli.so

****************************************************************************
Message from php71-openssl-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-openssl.ini
configuration file to automatically load the installed extension:

extension=openssl.so

****************************************************************************
Message from php71-zip-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-zip.ini
configuration file to automatically load the installed extension:

extension=zip.so

****************************************************************************
Message from php71-zlib-7.1.7:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-zlib.ini
configuration file to automatically load the installed extension:

extension=zlib.so

****************************************************************************
Message from mod_php71-7.1.7:
***************************************************************

Make sure index.php is part of your DirectoryIndex.

You should add the following to your Apache configuration file:

<FilesMatch "\.php$">
    SetHandler application/x-httpd-php

<FilesMatch "\.phps$">
    SetHandler application/x-httpd-php-source


***************************************************************
[root@server /usr/home/user]#

Restart the Apache Web service with:

[root@server /usr/home/user]# service apache24 restart [enter]
Performing sanity check on apache24 configuration:
Syntax OK
Stopping apache24.
Waiting for PIDS: 2375.
Performing sanity check on apache24 configuration:
Syntax OK
Starting apache24.
[root@server /usr/home/user]#

…and verify that the new PHP version is used by accessing the Web server from your browser with:

http://server.example.net/info.php

Finally, delete file installed-php-ports-list with:

[root@server /usr/home/user]# rm ~/installed-php-ports-list [enter]
[root@server /usr/home/user]#

Disk Imaging and Partitioning Utilities

By Sture | 2017-03-05 | Comments 0 Comment

Description

So what do you do when you do not have an optical drive for a computer or server and you would like to install Linux?

You have two options, use a USB device (CD-ROM, Hard Drive, or Thumb drive) or PXE booting and doing a full network install. This article will discuss the latter.

Requirements

The following application(s) must be installed, configured and running before tftp-hpa is installed:

Preparation for Installation

Start PuTTY on a Windows PC, Terminal on a Mac or similar terminal application on a Linux PC.

In this example Terminal on a Mac is used.

Open a remote SSH session to the server with:

Mac:~ user$ ssh user@192.168.1.4 [enter]

N.B.: Replace user@192.168.1.4 with User ID and IP Address on Your server!

[user@server ~]$

Enable superuser privileges with:

[user@server ~]$ sudo -s [enter]
Password: <-- passwd [enter]
[root@server /usr/home/user]#

N.B.: Enter user password, not the root password!

Installation

The server used in this example is configured to contain one partition called /tftpboot used for PXE related files.

Add the Disk Imaging and Partitioning Utility option to the PXE Boot Main Menu with:

[root@server /usr/home/user]# ee /tftpboot/pxelinux.cfg/default [enter]

…the add the following text, example:

...
MENU COLOR HOTKEY 0 #ff00ff00 #ee000000 std
MENU COLOR HOTSEL 0 #ffffffff #85000000 std

LABEL f1
MENU LABEL ^1)  Disk Imaging and Partitioning Utilities
KERNEL vesamenu.c32
APPEND top.cfg f01.cfg bottom.cfg

LABEL blank
MENU LABEL
...

The PXE Boot Sub-Menu for Disk Imaging and Partitioning Utilities is defined in file /tftpboot/f01.cfg.

Create this file with:

[root@server /usr/home/user]# ee /tftpboot/f01.cfg [enter]

..and then add the following text, example:

MENU TITLE  Disk Imaging and Partitioning Utilities

Change file modes

Change file modes for file /tftpboot/f01.cfg with:

[root@server ~]# chmod -R 755 /tftpboot/f01.cfg [enter]
[root@server /usr/home/user]#

Create a folder for Disk Imaging and Partitioning Utilities files with:

[root@server /usr/home/user]# mkdir /tftpboot/f01 [enter]
[root@server /usr/home/user]#

NFSv4 Server Setup

Service start on boot

List installed NFS services with:

[root@server /usr/home/user]# service -r | grep /nfs [enter]
/etc/rc.d/nfsclient
/etc/rc.d/nfsuserd
/etc/rc.d/nfsd
/etc/rc.d/nfscbd
[root@server /usr/home/user]#

Find the rcvar for /etc/rc.d/nfsclient with:

[root@server /usr/home/user]# /etc/rc.d/nfsclient rcvar [enter]
# nfsclient : NFS client setup
#
nfs_client_enable="NO"
#   (default: "")

[root@server /usr/home/user]#

Find the rcvar for /etc/rc.d/nfsuserd with:

[root@server /usr/home/user]# /etc/rc.d/nfsuserd rcvar [enter]
# nfsuserd : Load user and group information into the kernel for NFSv4 services and support manage-gids for all NFS versions
#
nfsuserd_enable="NO"
#   (default: "")

[root@server /usr/home/user]#

Find the rcvar for /etc/rc.d/nfsd with:

[root@server /usr/home/user]# /etc/rc.d/nfsd rcvar [enter]
# nfsd : Remote NFS server
#
nfs_server_enable="NO"
#   (default: "")

[root@server /usr/home/user]#

Find the rcvar for /etc/rc.d/nfscbd with:

[root@server /usr/home/user]# /etc/rc.d/nfscbd rcvar [enter]
# nfscbd : NFSv4 client side callback daemon
#
nfscbd_enable="NO"
#   (default: "")

[root@server /usr/home/user]#

N.B.: Since an NFSv4 mount uses the host uuid to identify the client uniquely to the server, you cannot safely do an NFSv4 mount when
it is set to hostid_enable=”NO”!

Add the following to /etc/rc.conf, assuming they’re not already there:

[root@server /usr/home/user]# echo '' >> /etc/rc.conf; echo '# NFS Server' >> /etc/rc.conf; echo 'rpcbind_enable="YES"' >> /etc/rc.conf; echo 'mountd_enable="YES"' >> /etc/rc.conf; echo 'nfs_server_enable="YES"' >> /etc/rc.conf; echo 'nfsv4_server_enable="YES"' >> /etc/rc.conf; echo 'nfsuserd_enable="YES"' >> /etc/rc.conf [enter]

Export Settings

Now we need to create an NFS export settings file /etc/exports with:

[root@server /usr/home/user]# ee /etc/exports [enter]

…and the add the following text:

V4: /
/tmp \
-maproot=root -network 192.168.1.0 -mask 255.255.255.0

This example assumes your network is 192.168.1.0/24; if it’s something else, you’ll need to make appropriate changes.

Now start all of the above services:

[root@server /usr/home/user]# service rpcbind start [enter]
Starting rpcbind.
[root@server /usr/home/user]#

[root@server /usr/home/user]# service mountd start [enter]
Starting mountd.
[root@server /usr/home/user]#

[root@server /usr/home/user]# service nfsd start [enter]
Starting nfsd.
[root@server /usr/home/user]#

Verify that the NFS mount is being exported with:

[root@server /usr/home/user]# showmount -e [enter]
Exports list on localhost:
/tmp                               192.168.1.0
[root@server /usr/home/user]#

After you have performed an update of file /etc/exports, re-read the exports settings with:

[root@server /usr/home/user]# service mountd reload [enter]
[root@server /usr/home/user]#

If your NFS exported directories will not be accessed locally (and Samba counts as local access), then you can enable NFSv4 delegations to improve performance. On a FreeBSD NFS server, they may be enabled globally for all exports by adding the following line to /etc/sysctl.conf with:

[root@server /usr/home/user]# echo 'vfs.nfsd.issue_delegations=1' >> /etc/sysctl.conf [enter]
[root@server /usr/home/user]#

packet filter (pf)

Access to the tftpd service must be enabled in the packet filter (pf) configuration file.

Start editing file /etc/pf.conf with:

[root@server /usr/home/user]# ee /etc/pf.conf [enter]

…and add port information to enable access to the NFS service from clients on the local network as in this example:

...
# Ports:
...
#  111 TCP UDP   Open Network Computing Remote Procedure Call (ONC RPC, sometimes referred to as Sun RPC)
...
# 2049 TCP UDP	Network File System (NFS)
...
tcp_pass="{ ... 111, ... 2049, ... }"
udp_pass="{ ... 111, ... 2049, ... }"
...

Check /etc/pf.conf for errors, but do not load ruleset with:

[root@server /usr/home/user]# pfctl -vvnf /etc/pf.conf [enter]

…and then reload /etc/pf.conf with:

[root@server /usr/home/user]# service pf reload  [enter]
Reloading pf rules.
[root@server /usr/home/user]#

GParted Live

GNOME Partition Editor for creating, reorganizing, and deleting disk partitions. It uses libparted from the parted project to detect and manipulate partition tables. Optional file system tools permit managing file systems not included in libparted.

GParted Live is a small bootable GNU/Linux distribution for x86 based computers.

It enables you to use all the features of the latest versions of the GParted application.

WWW: http://gparted.sourceforge.net/livecd.php/.

Files: https://sourceforge.net/projects/gparted/files/.

Requirements

GParted is a free partition manager that enables you to resize, copy, and move partitions without data loss.

amd64

The 64-bit version of GParted runs on x86-64 based computers, with the ability to access more than 4 gigabytes of memory, and supports the use of multiple processor cores.

For newer (>2010) computers with UEFI instead of legacy BIOS try this one.

Download gparted-live-0.28.1-1-amd64.zip, 271 MB, with:

[root@server /usr/home/user]# wget https://sourceforge.net/projects/gparted/files/gparted-live-stable/0.28.1-1/gparted-live-0.28.1-1-amd64.zip [enter]

Create direcory /tftpboot/f01/gparted with:

[root@server /usr/home/user]# mkdir -p /tftpboot/f01/gparted [enter]
[root@server /usr/home/user]#

Extract zip file gparted-live-0.28.1-1-amd64.zip into directory /tftpboot/f01/gparted/i686/ with:

[root@server /usr/home/user]# unzip gparted-live-0.28.1-1-amd64.zip live/* -d /tftpboot/f01/gparted/amd64 [enter]
Archive:  gparted-live-0.28.1-1-amd64.zip
 extracting: /tftpboot/f01/gparted/amd64/live/memtest  
 extracting: /tftpboot/f01/gparted/amd64/live/GParted-Live-Version  
 extracting: /tftpboot/f01/gparted/amd64/live/initrd.img  
 extracting: /tftpboot/f01/gparted/amd64/live/filesystem.packages-remove  
 extracting: /tftpboot/f01/gparted/amd64/live/filesystem.packages  
 extracting: /tftpboot/f01/gparted/amd64/live/vmlinuz  
 extracting: /tftpboot/f01/gparted/amd64/live/filesystem.squashfs
[root@server /usr/home/user]#

Delete downloaded zip files with:

[root@server /usr/home/user]# rm gparted-live-0.28.1-1-amd64.zip [enter]
[root@server /usr/home/user]#

The TFTP root directory permission plays an important role. Make sure that the permission and ownership are set correctly with:

[root@server /usr/home/user]# chown -R tftpd:nobody /tftpboot/f01/gparted [enter]
[root@server /usr/home/user]# chmod -R 755 /tftpboot/f01/gparted/amd64/live [enter]
[root@server /usr/home/user]#

Edit file /tftpboot/f01.cfg with:

[root@server /usr/home/user]# ee /tftpboot/f01.cfg [enter]

…and add the following lines:

LABEL f1
MENU LABEL ^1)  GParted Live v. 0.28.1-1-amd64
MENU PASSWD
TEXT HELP
GParted is used for creating, reorganizing and deleting disk partitions.
The amd64 version runs on x86-64 based computers, with ability to access
more than 4 gigabytes of memory and supports use of multiple processor cores.
For newer (>2010) computers with UEFI instead of legacy BIOS 
ENDTEXT
KERNEL f01/gparted/amd64/live/vmlinuz
APPEND initrd=f01/gparted/amd64/live/initrd.img boot=live union=overlay username=tftpd config components quiet noswap edd=on nomodeset nodmraid noeject locales="en_US.UTF-8" keyboard-layouts="se" ocs_live_run="ocs-live-general" ocs_live_extra_param="" ocs_live_batch=no vga=791 ip= net.ifnames=0 nosplash i915.blacklist=yes radeonhd.blacklist=yes nouveau.blacklist=yes vmwgfx.enable_fbdev=1 netboot=nfs nfsroot=$nfsserverIP:/tftpboot/f01/gparted/amd64/

N.B.: Replace $nfsserverIP with the IP address of your NFS server!

NFS Export Update

Edit file /etc/exports with:

[root@server /usr/home/user]# ee /etc/exports [enter]

…and add the following text:

V4: /
/tftpboot/f01/gparted/amd64 \
-maproot=root -network 192.168.1.0 -mask 255.255.255.0

Reload the NFS mount setup with:

[root@server /usr/home/user]# service mountd reload [enter]
[root@server /usr/home/user]#

Display the NFS mount setup with:

[root@server /usr/home/user]# showmount -e [enter]
Exports list on localhost:
/tftpboot/f01/gparted/amd64        192.168.1.0
[root@server /usr/home/user]#

i686 PAE (Physical Address Extension)

The 32-bit version of Gparted runs on x86 (i686 and higher) and x86-64 based computers, with Physical Address Extension to access more than 4 gigabytes of memory, and supports the use of multiple processor cores.

Download 0.28.1-1-i686-pae, 273 MB, with:

[root@server /usr/home/user]# wget https://sourceforge.net/projects/gparted/files/gparted-live-stable/0.28.1-1/gparted-live-0.28.1-1-i686-pae.zip [enter]

Extract zip file ~/gparted-live-0.28.1-1-i686-pae.zip into directory /tftpboot/f01/gparted/i686-pae/ with:

[root@server /usr/home/user]# unzip gparted-live-0.28.1-1-i686-pae.zip live/* -d /tftpboot/f01/gparted/i686-pae [enter]
Archive:  gparted-live-0.28.1-1-i686-pae.zip
 extracting: /tftpboot/f01/gparted/i686-pae/live/memtest  
 extracting: /tftpboot/f01/gparted/i686-pae/live/GParted-Live-Version  
 extracting: /tftpboot/f01/gparted/i686-pae/live/initrd.img  
 extracting: /tftpboot/f01/gparted/i686-pae/live/filesystem.packages-remove  
 extracting: /tftpboot/f01/gparted/i686-pae/live/filesystem.packages  
 extracting: /tftpboot/f01/gparted/i686-pae/live/vmlinuz  
 extracting: /tftpboot/f01/gparted/i686-pae/live/filesystem.squashfs
[root@server /usr/home/user]#

Delete downloaded zip files with:

[root@server /usr/home/user]# rm gparted-live-0.28.1-1-i686-pae.zip [enter]
[root@server /usr/home/user]#

The TFTP root directory permission plays an important role. Make sure that the permission and ownership are set correctly with:

[root@server /usr/home/user]# chown -R tftpd:nobody /tftpboot/f01/gparted [enter]
[root@server /usr/home/user]# chmod -R 755 /tftpboot/f01/gparted/i686-pae/live [enter]
[root@server /usr/home/user]#

Edit file /tftpboot/f01.cfg with:

[root@server /usr/home/user]# ee /tftpboot/f01.cfg [enter]

…and add the following lines:

LABEL f2
MENU LABEL ^2)  GParted Live v. 0.28.1-1-i686-pae (Physical Address Extension)
MENU PASSWD
TEXT HELP
GParted is used for creating, reorganizing and deleting disk partitions.
The i686-pae version runs on x86 (i686 and higher) and x86-64 based computers, with
Physical Address Extension to access more than 4 gigabytes of memory, and supports
use of multiple processor cores.
ENDTEXT
KERNEL f01/gparted/i686-pae/live/vmlinuz
APPEND initrd=f01/gparted/i686-pae/live/initrd.img boot=live union=overlay username=tftpd config components quiet noswap edd=on nomodeset nodmraid noeject locales="en_US.UTF-8" keyboard-layouts="se" ocs_live_run="ocs-live-general" ocs_live_extra_param="" ocs_live_batch=no vga=788 ip= net.ifnames=0 nosplash i915.blacklist=yes radeonhd.blacklist=yes nouveau.blacklist=yes vmwgfx.enable_fbdev=1 netboot=nfs nfsroot=$nfsserverIP:/tftpboot/f01/gparted/i686-pae/

N.B.: Replace $nfsserverIP with the IP address of your NFS server!

NFS Export Update

Edit file /etc/exports with:

[root@server /usr/home/user]# ee /etc/exports [enter]

…and add the following text:

V4: /
/tftpboot/f01/gparted/amd64 \
/tftpboot/f01/gparted/i686-pae \
-maproot=root -network 192.168.1.0 -mask 255.255.255.0

Reload the NFS mount setup with:

[root@server /usr/home/user]# service mountd reload [enter]
[root@server /usr/home/user]#

Display the NFS mount setup with:

[root@server /usr/home/user]# showmount -e [enter]
Exports list on localhost:
/tftpboot/f01/gparted/i686-pae     192.168.1.0
/tftpboot/f01/gparted/amd64        192.168.1.0
[root@server /usr/home/user]#

i686

32-bit version of GParted runs on x86 and x86-64 based computers, limited to physical address space of 4 gigabytes, and uses one processor only.

If in doubt, try this one first!

Download gparted-live-0.28.1-1-i686.zip, 272 MB, with:

[root@server /usr/home/user]# wget https://sourceforge.net/projects/gparted/files/gparted-live-stable/0.28.1-1/gparted-live-0.28.1-1-i686.zip [enter]

Extract zip file ~/gparted-live-0.28.1-1-i686.zip into directory /tftpboot/f01/gparted/i686/ with:

[root@server /usr/home/user]# unzip gparted-live-0.28.1-1-i686.zip live/* -d /tftpboot/f01/gparted/i686 [enter]
Archive:  gparted-live-0.28.1-1-i686.zip
 extracting: /tftpboot/f01/gparted/i686/live/memtest  
 extracting: /tftpboot/f01/gparted/i686/live/GParted-Live-Version  
 extracting: /tftpboot/f01/gparted/i686/live/initrd.img  
 extracting: /tftpboot/f01/gparted/i686/live/filesystem.packages-remove  
 extracting: /tftpboot/f01/gparted/i686/live/filesystem.packages  
 extracting: /tftpboot/f01/gparted/i686/live/vmlinuz  
 extracting: /tftpboot/f01/gparted/i686/live/filesystem.squashfs
[root@server /usr/home/user]#

Delete downloaded zip files with:

[root@server /usr/home/user]# rm gparted-live-0.28.1-1-i686.zip [enter]
[root@server /usr/home/user]#

The TFTP root directory permission plays an important role. Make sure that the permission and ownership are set correctly with:

[root@server /usr/home/user]# chown -R tftpd:nobody /tftpboot/f01/gparted [enter]
[root@server /usr/home/user]# chmod -R 755 /tftpboot/f01/gparted/i686/live [enter]
[root@server /usr/home/user]#

Edit file /tftpboot/f01.cfg with:

[root@server /usr/home/user]# ee /tftpboot/f01.cfg [enter]

…and add the following lines:

LABEL f3
MENU LABEL ^3)  GParted Live v. 0.28.1-1-i686
MENU PASSWD
TEXT HELP
GParted is used for creating, reorganizing and deleting disk partitions.
The i686 version runs on x86 and x86-64 based computers, limited to physical
address space of 4 gigabytes, and uses one processor only.
-- If in doubt, try this one first! --
ENDTEXT
KERNEL f01/gparted/i686/live/vmlinuz
APPEND initrd=f01/gparted/i686/live/initrd.img boot=live union=overlay username=tftpd config components quiet noswap edd=on nomodeset nodmraid noeject locales="en_US.UTF-8" keyboard-layouts="se" ocs_live_run="ocs-live-general" ocs_live_extra_param="" ocs_live_batch=no vga=788 ip= net.ifnames=0 nosplash i915.blacklist=yes radeonhd.blacklist=yes nouveau.blacklist=yes vmwgfx.enable_fbdev=1 netboot=nfs nfsroot=$nfsserverIP:/tftpboot/f01/gparted/i686/

N.B.: Replace $nfsserverIP with the IP address of your NFS server!

NFS Export Update

Edit file /etc/exports with:

[root@server /usr/home/user]# ee /etc/exports [enter]

…and add the following text:

V4: /
/tftpboot/f01/gparted/amd64 \
/tftpboot/f01/gparted/i686-pae \
/tftpboot/f01/gparted/i686 \
-maproot=root -network 192.168.1.0 -mask 255.255.255.0

Reload the NFS mount setup with:

[root@server /usr/home/user]# service mountd reload [enter]
[root@server /usr/home/user]#

Display the NFS mount setup with:

[root@server /usr/home/user]# showmount -e [enter]
Exports list on localhost:
/tftpboot/f01/gparted/i686-pae     192.168.1.0 
/tftpboot/f01/gparted/i686         192.168.1.0 
/tftpboot/f01/gparted/amd64        192.168.1.0
[root@server /usr/home/user]#

Clonezilla Live

You’re probably familiar with the popular proprietary commercial package Norton Ghost®. The problem with this kind of software packages is that it takes a lot of time to massively clone systems to many computers. You’ve probably also heard of Symantec’s solution to this problem, Symantec Ghost Corporate Edition® with multicasting. Well, now there is an OpenSource clone system (OCS) solution called Clonezilla with unicasting and multicasting!

Clonezilla, based on DRBL, Partclone and udpcast, allows you to do bare metal backup and recovery. Two types of Clonezilla are available, Clonezilla live and Clonezilla SE (server edition). Clonezilla live is suitable for single machine backup and restore. While Clonezilla SE is for massive deployment, it can clone many (40 plus!) computers simultaneously. Clonezilla saves and restores only used blocks in the harddisk. This increases the cloning efficiency. At the NCHC’s Classroom C, Clonezilla SE was used to clone 41 computers simultaneously. It took only about 10 minutes to clone a 5.6 GBytes system image to all 41 computers via multicasting!

WWW: http://clonezilla.org/.

Files: https://sourceforge.net/projects/clonezilla/files/.

amd64

Download Clonezilla Live Stable amd64, 187 MB, optimized for use on PCs with amd64 CPU computers with:

[root@server /usr/home/user]# wget https://sourceforge.net/projects/clonezilla/files/clonezilla_live_stable/2.5.0-25/clonezilla-live-2.5.0-25-amd64.zip [enter]

Create direcory /tftpboot/f01/clonezilla/amd64 with:

[root@server /usr/home/user]# mkdir -p /tftpboot/f01/clonezilla/amd64 [enter]
[root@server /usr/home/user]#

Extract zip file clonezilla-live-2.5.0-25-amd64.zip to /tftpboot/f01/clonezilla/amd64 with:

[root@srvgw ~]# unzip clonezilla-live-2.5.0-25-amd64.zip live/* -d /tftpboot/f01/clonezilla/amd64 [enter]
Archive:  /clonezilla-live-2.5.0-25-amd64.zip
 extracting: /tftpboot/f01/clonezilla/amd64/live/ipxe.efi  
 extracting: /tftpboot/f01/clonezilla/amd64/live/filesystem.packages-remove  
 extracting: /tftpboot/f01/clonezilla/amd64/live/vmlinuz  
 extracting: /tftpboot/f01/clonezilla/amd64/live/ipxe.lkn  
 extracting: /tftpboot/f01/clonezilla/amd64/live/initrd.img  
 extracting: /tftpboot/f01/clonezilla/amd64/live/freedos.img  
 extracting: /tftpboot/f01/clonezilla/amd64/live/filesystem.packages  
 extracting: /tftpboot/f01/clonezilla/amd64/live/memtest  
 extracting: /tftpboot/f01/clonezilla/amd64/live/Clonezilla-Live-Version  
 extracting: /tftpboot/f01/clonezilla/amd64/live/filesystem.squashfs
[root@server /usr/home/user]#

Delete downloaded .zip file with;

[root@server /usr/home/user]# rm clonezilla-live-2.5.0-25-amd64.zip [enter]
[root@server /usr/home/user]#

The TFTP root directory permission plays an important role. Make sure that the permission and ownership are set correctly with:

[root@server /usr/home/user]# chown -R tftpd:nobody /tftpboot/f01/clonezilla/amd64/live [enter]
[root@server /usr/home/user]# chmod -R 755 /tftpboot/f01/clonezilla/amd64/live [enter]
[root@server /usr/home/user]#

PXE Boot Sub-Menu

Edit file /tftpboot/f01.cfg with:

[root@server /usr/home/user]# ee /tftpboot/f01.cfg

..and add the following text, example:

LABEL f4
MENU LABEL ^4)  CloneZilla v. 2.5.0-25 amd64
MENU PASSWD
TEXT HELP
Cloning of PC hard disks for backup or deploy a common setup on a number
of PCs using a Server.
The amd64 version runs on x86-64 based computers, with ability to access more
than 4 gigabytes of memory and supports use of multiple processor cores.
ENDTEXT
KERNEL f01/clonezilla/amd64/live/vmlinuz
APPEND initrd=f01/clonezilla/amd64/live/initrd.img boot=live toram union=overlay username=tftpd config components quiet noswap edd=on nomodeset nodmraid noeject locales="en_US.UTF-8" keyboard-layouts="se" ocs_live_run="ocs-live-general" ocs_live_extra_param="" ocs_live_batch=no vga=791 ip= net.ifnames=0 nosplash i915.blacklist=yes radeonhd.blacklist=yes nouveau.blacklist=yes vmwgfx.enable_fbdev=1 netboot=nfs nfsroot=$nfsserverIP:/tftpboot/f01/clonezilla/amd64/

N.B.: Replace $nfsserverIP with the IP address of your NFS server!

NFS Export Update

Edit file /etc/exports with:

[root@server /usr/home/user]# ee /etc/exports [enter]

…and add the following text:

V4: /
...
/tftpboot/f01/clonezilla/amd64 \
-maproot=root -network 192.168.1.0 -mask 255.255.255.0

Reload the NFS mount setup with:

[root@server /usr/home/user]# service mountd reload [enter]
[root@server /usr/home/user]#

Display the NFS mount setup with:

[root@server /usr/home/user]# showmount -e [enter]
Exports list on localhost:
...
/tftpboot/f01/clonezilla/amd64     192.168.1.0
[root@server /usr/home/user]#

i686-PAE (Physical Address Extension)

Download Clonezilla Live Stable i686-pae, 188 MB, optimized for use on PCs with i686 CPU computers with:

[root@server /usr/home/user]# wget https://sourceforge.net/projects/clonezilla/files/clonezilla_live_stable/2.5.0-25/clonezilla-live-2.5.0-25-i686-pae.zip [enter]

Create directory /tftpboot/f01/clonezilla/i686-pae with:

[root@server /usr/home/user]# mkdir -p /tftpboot/f01/clonezilla/i686-pae [enter]
[root@server /usr/home/user]#

Extract zip file clonezilla-live-2.5.0-25-i686-pae.zip to /tftpboot/f01/clonezilla/i686-pae with:

[root@srvgw ~]# unzip clonezilla-live-2.5.0-25-i686-pae.zip live/* -d /tftpboot/f01/clonezilla/i686-pae [enter]
Archive:  /clonezilla-live-2.5.0-25-i686-pae.zip
 extracting: /tftpboot/f01/clonezilla/i686-pae/live/ipxe.efi  
 extracting: /tftpboot/f01/clonezilla/i686-pae/live/filesystem.packages-remov  |
 extracting: /tftpboot/f01/clonezilla/i686-pae/live/vmlinuz  
 extracting: /tftpboot/f01/clonezilla/i686-pae/live/ipxe.lkn  
 extracting: /tftpboot/f01/clonezilla/i686-pae/live/initrd.img  
 extracting: /tftpboot/f01/clonezilla/i686-pae/live/freedos.img  
 extracting: /tftpboot/f01/clonezilla/i686-pae/live/filesystem.packages  
 extracting: /tftpboot/f01/clonezilla/i686-pae/live/memtest  
 extracting: /tftpboot/f01/clonezilla/i686-pae/live/Clonezilla-Live-Version  
 extracting: /tftpboot/f01/clonezilla/i686-pae/live/filesystem.squashfs
[root@server /usr/home/user]#

Delete downloaded .zip file with;

[root@server /usr/home/user]# rm clonezilla-live-2.5.0-25-i686-pae.zip [enter]
[root@server /usr/home/user]#

The TFTP root directory permission plays an important role. Make sure that the permission and ownership are set correctly with:

[root@server /usr/home/user]# chown -R tftpd:nobody /tftpboot/f01/clonezillai686-pae/live [enter]
[root@server /usr/home/user]# chmod -R 755 /tftpboot/f01/clonezilla/i686-pae/live [enter]
[root@server /usr/home/user]#

PXE Boot Sub-Menu

Edit file /tftpboot/f01.cfg with:

[root@server /usr/home/user]# ee /tftpboot/f01.cfg [enter]

..and add the following text, example:

LABEL f5
MENU LABEL ^5)  CloneZilla v. 2.5.0-25 i686-pae (Physical Address Extension)
MENU PASSWD
TEXT HELP
Cloning of PC hard disks for backup or deploy a common setup on a number
of PCs using a Server.
The i686-pae version runs on x86 (i686 and higher) and x86-64 based computers, with
Physical Address Extension to access more than 4 gigabytes of memory, and supports
use of multiple processor cores.
ENDTEXT
KERNEL f01/clonezilla/i686-pae/live/vmlinuz
APPEND initrd=f01/clonezilla/i686-pae/live/initrd.img boot=live union=overlay username=tftpd config components quiet noswap edd=on nomodeset nodmraid noeject locales="en_US.UTF-8" keyboard-layouts="se" ocs_live_run="ocs-live-general" ocs_live_extra_param="" ocs_live_batch=no vga=791 ip= net.ifnames=0 nosplash i915.blacklist=yes radeonhd.blacklist=yes nouveau.blacklist=yes vmwgfx.enable_fbdev=1 netboot=nfs nfsroot=$nfsserverIP:/tftpboot/f01/clonezilla/i686-pae/

N.B.: Replace $nfsserverIP with the IP address of your NFS server!

NFS Export Update

Edit file /etc/exports with:

[root@server /usr/home/user]# ee /etc/exports [enter]

…and add the following text:

V4: /
...
/tftpboot/f01/clonezilla/amd64 \
/tftpboot/f01/clonezilla/i686-pae \
-maproot=root -network 192.168.1.0 -mask 255.255.255.0

Reload the NFS mount setup with:

[root@server /usr/home/user]# service mountd reload [enter]
[root@server /usr/home/user]#

Display the NFS mount setup with:

[root@server /usr/home/user]# showmount -e [enter]
Exports list on localhost:
...
/tftpboot/f01/clonezilla/i686-pae  192.168.1.0
/tftpboot/f01/clonezilla/amd64     192.168.1.0
[root@server /usr/home/user]#

i686

Download Clonezilla Live Stable i686, 188 MB, optimized for use on PCs with i686 CPU computers with:

[root@server /usr/home/user]# wget https://sourceforge.net/projects/clonezilla/files/clonezilla_live_stable/2.5.0-25/clonezilla-live-2.5.0-25-i686.zip [enter]

Create directory /tftpboot/f01/clonezilla/i686 with:

[root@server /usr/home/user]# mkdir -p /tftpboot/f01/clonezilla/i686 [enter]
[root@server /usr/home/user]#

Extract zip file clonezilla-live-2.5.0-25-i686.zip to /tftpboot/f01/clonezilla/i686 with:

[root@srvgw ~]# unzip clonezilla-live-2.5.0-25-i686.zip live/* -d /tftpboot/f01/clonezilla/i686 [enter]
Archive:  /clonezilla-live-2.5.0-25-i686.zip
 extracting: /tftpboot/f01/clonezilla/i686/live/ipxe.efi  
 extracting: /tftpboot/f01/clonezilla/i686/live/filesystem.packages-remove  
 extracting: /tftpboot/f01/clonezilla/i686/live/vmlinuz  
 extracting: /tftpboot/f01/clonezilla/i686/live/ipxe.lkn  
 extracting: /tftpboot/f01/clonezilla/i686/live/initrd.img  
 extracting: /tftpboot/f01/clonezilla/i686/live/freedos.img  
 extracting: /tftpboot/f01/clonezilla/i686/live/filesystem.packages  
 extracting: /tftpboot/f01/clonezilla/i686/live/memtest  
 extracting: /tftpboot/f01/clonezilla/i686/live/Clonezilla-Live-Version  
 extracting: /tftpboot/f01/clonezilla/i686/live/filesystem.squashfs
[root@server /usr/home/user]#

Delete downloaded .zip file with;

[root@server /usr/home/user]# rm clonezilla-live-2.5.0-25-i686.zip [enter]
[root@server /usr/home/user]#

The TFTP root directory permission plays an important role. Make sure that the permission and ownership are set correctly with:

[root@server /usr/home/user]# chown -R tftpd:nobody /tftpboot/f01/clonezilla/i686/live [enter]
[root@server /usr/home/user]# chmod -R 755 /tftpboot/f01/clonezilla/i686/live [enter]
[root@server /usr/home/user]#

PXE Boot Sub-Menu

Edit file /tftpboot/f01.cfg with:

[root@server /usr/home/user]# ee /tftpboot/f01.cfg [enter]

..and add the following text, example:

LABEL f6
MENU LABEL ^6)  CloneZilla v. 2.5.0-25 i686
MENU PASSWD
TEXT HELP
Cloning of PC hard disks for backup or deploy a common setup on a number
of PCs using a Server.
The i686 version runs on x86 and x86-64 based computers, limited to physical
address space of 4 gigabytes, and uses one processor only.
-- If in doubt, try this one first! --
ENDTEXT
KERNEL f01/clonezilla/i686/live/vmlinuz
APPEND initrd=f01/clonezilla/i686/live/initrd.img boot=live union=overlay username=tftpd config components quiet noswap edd=on nomodeset nodmraid noeject locales="en_US.UTF-8" keyboard-layouts="se" ocs_live_run="ocs-live-general" ocs_live_extra_param="" ocs_live_batch=no vga=791 ip= net.ifnames=0 nosplash i915.blacklist=yes radeonhd.blacklist=yes nouveau.blacklist=yes vmwgfx.enable_fbdev=1 netboot=nfs nfsroot=$nfsserverIP:/tftpboot/f01/clonezilla/i686/

N.B.: Replace $nfsserverIP with the IP address of your NFS server!

NFS Export Update

Edit file /etc/exports with:

[root@server /usr/home/user]# ee /etc/exports [enter]

…and add the following text:

V4: /
...
/tftpboot/f01/clonezilla/amd64 \
/tftpboot/f01/clonezilla/i686-pae \
/tftpboot/f01/clonezilla/i686 \
-maproot=root -network 192.168.1.0 -mask 255.255.255.0

Reload the NFS mount setup with:

[root@server /usr/home/user]# service mountd reload [enter]
[root@server /usr/home/user]#

Display the NFS mount setup with:

[root@server /usr/home/user]# showmount -e [enter]
Exports list on localhost:
...
/tftpboot/f01/clonezilla/i686-pae  192.168.1.0
/tftpboot/f01/clonezilla/i686      192.168.1.0
/tftpboot/f01/clonezilla/amd64     192.168.1.0
[root@server /usr/home/user]#

G4L

G4L is a hard disk and partition imaging and cloning tool. The created images are optionally compressed and transferred to an FTP server or cloned locally. CIFS(Windows), SSHFS and NFS support included, and udpcast and fsarchiver options.

WWW: https://sourceforge.net/projects/g4l/.

Download

Download ISO CD-ROM Image g4l-v0.52.iso, 99 MB, with:

[root@server /usr/home/user]# wget https://sourceforge.net/projects/g4l/files/g4l%20ISO%20images/g4l-v0.52.iso -P /tftpboot/f01/ [enter]

Change file mode with:

[root@server /usr/home/user]# chmod 755 /tftpboot/f01/g4l-v0.52.iso [enter]
[root@server /usr/home/user]#

PXE Boot Sub-Menu

The PXE Boot Sub-Menu for PXE Boot for G4L is defined in file /tftpboot/f01.cfg.

Edit this file with:

[root@server /usr/home/user]# ee /tftpboot/f01.cfg [enter]

..and add the following text, example:

LABEL f7
MENU LABEL ^7)  G4L v. 0.52
TEXT HELP
G4L is a hard disk and partition imaging and cloning tool.
The created images are optionally compressed and transferred
to an FTP server or cloned locally.
ENDTEXT
KERNEL memdisk
APPEND initrd=f01/g4l-v0.52.iso iso raw

G4U (“ghosting for unix”)

G4U is a hard disk and partition imaging and cloning tool. The created images are optionally compressed and transferred to an FTP server or cloned locally. CIFS(Windows), SSHFS and NFS support included, and udpcast and fsarchiver options.

WWW: http://fehu.org/~feyrer/g4u/.

Download

Download ISO CD-ROM Image g4u-2.5.iso, 4.9 MB, with:

[root@server /usr/home/user]# wget http://fehu.org/~feyrer/g4u/g4u-2.5.iso -P /tftpboot/f01/ [enter]

[root@server /usr/home/user]# chmod 755 /tftpboot/f01/g4u-2.5.iso [enter]
[root@server /usr/home/user]#

PXE Boot Sub-Menu

The PXE Boot Sub-Menu for PXE Boot for G4U is defined in file /tftpboot/f01.cfg.

Edit this file with:

[root@server /usr/home/user]# ee /tftpboot/f01.cfg [enter]

..and add the following text, example:

LABEL f8
MENU LABEL ^8)  G4U v. 2.5
TEXT HELP
G4U is a NetBSD-based bootfloppy/CD-ROM that allows easy cloning of
PC harddisks to deploy a common setup on a number of PCs using FTP. 
ENDTEXT
KERNEL memdisk
APPEND initrd=f01/g4u-2.5.iso iso raw

SystemRescueCd 32bit and 64bit kernel

SystemRescueCd is a Linux system rescue disk available as a bootable CD-ROM or USB stick for administrating or repairing your system and data after a crash. It aims to provide an easy way to carry out admin tasks on your computer, such as creating and editing the hard disk partitions. It comes with a lot of Linux software such as system tools (parted, partimage, fstools, …) and basic tools (editors, midnight commander, network tools). It requires no installation. It can be used on Linux servers, Linux desktops or windows boxes. The kernel supports the important file systems (ext2/ext3/ext4, reiserfs, reiser4, btrfs, xfs, jfs, vfat, ntfs, iso9660), as well as network filesystems (samba and nfs).

WWW: http://www.sysresccd.org/.

Files: https://sourceforge.net/projects/systemrescuecd/files/.

Download and Install

Download systemrescuecd-x86-4.9.3.iso, 492 MB, with:

[root@server /usr/home/user]# wget https://sourceforge.net/projects/systemrescuecd/files/sysresccd-x86/4.9.3/systemrescuecd-x86-4.9.3.iso [enter]

Create a memory disk out of the cd9660 image file systemrescuecd-x86-4.9.3.iso, using the first available md(4) device, with:

[root@server /usr/home/user]# mdconfig -a -t vnode -f systemrescuecd-x86-4.9.0.iso [enter]
md0
[root@server /usr/home/user]#

…and then mount it with:

[root@server /usr/home/user]# mount -t cd9660 /dev/md0 /mnt [enter]
[root@server /usr/home/user]#

Create a new directory for the content of the iso image, using this command:

[root@server /usr/home/user]# mkdir -p /tftpboot/f01/rescuecd [enter]
[root@server /usr/home/user]#

Copy the content of the iso file to the new directories, using this commands:

[root@server /usr/home/user]# rsync -e ssh -avz --delete /mnt/ /tftpboot/f01/rescuecd/ [enter]
sending incremental file list
./
readme.txt
...
usb_inst/xorriso

sent 504,580,569 bytes  received 6,810 bytes  32,554,024.45 bytes/sec
total size is 514,891,736  speedup is 1.02
[root@server /usr/home/user]#

Unmount the iso image, using this command:

[root@server /usr/home/user]# umount /mnt [enter]
[root@server /usr/home/user]#

List configured and enabled memory disks on your system, using this command:

[root@server /usr/home/user]# mdconfig -lv [enter]
md0	vnode	  492M	/usr/home/user/systemrescuecd-x86-4.9.3.iso
[root@server /usr/home/user]#

Delete memory disk – in this example md0– with this command:

[root@server /usr/home/user]# mdconfig -d -u 0 [enter]
[root@server /usr/home/user]#

Delete the SystemRescueCd iso image with:

[root@server /usr/home/user]# rm systemrescuecd-x86-4.9.3.iso [enter]
[root@server /usr/home/user]#

Edit file ‘/tftpboot/f01.cfg’ and add the following lines:

[root@server /usr/home/user]# ee /tftpboot/f01.cfg [enter]

LABEL f9
MENU LABEL ^9)  SystemRescueCd 64bit kernel v. 4.9.3
MENU PASSWD
TEXT HELP
SystemRescueCd is a Linux system rescue disk available for administrating or
repairing your system and data after a crash.
ENDTEXT
KERNEL f01/rescuecd/isolinux/rescue64
APPEND setkmap=se initrd=f01/rescuecd/isolinux/initram.igz dodhcp dostartx netboot=nfs://$nfsserverIP:/tftpboot/f01/rescuecd
LABEL f0
MENU LABEL ^0)  SystemRescueCd 32bit kernel v. 4.9.3
MENU PASSWD
TEXT HELP
SystemRescueCd is a Linux system rescue disk available for administrating or
repairing your system and data after a crash.
ENDTEXT
KERNEL f01/rescuecd/isolinux/rescue32
APPEND setkmap=se initrd=f01/rescuecd/isolinux/initram.igz dodhcp dostartx netboot=nfs://$nfsserverIP:/tftpboot/f01/rescuecd
LABEL f9
MENU LABEL ^9)  Hardware Detection Tool v. 0.5.0
MENU PASSWD
TEXT HELP
Reports S.M.A.R.T. data, firmware errorlog, runs firmware tests, scans surface
reporting access times per sector and much more.
ENDTEXT
KERNEL memdisk
APPEND initrd=f01/rescuecd/bootdisk/hdt.img

N.B.: Replace $nfsserverIP with the IP address of your NFS server!

NFS Export Update

Edit file /etc/exports with:

[root@server /usr/home/user]# ee /etc/exports [enter]

…and add the following text:

V4: /
...
/tftpboot/f01/rescuecd \
-maproot=root -network 192.168.1.0 -mask 255.255.255.0

Reload the NFS mount setup with:

[root@server /usr/home/user]# service mountd reload [enter]
[root@server /usr/home/user]#

Display the NFS mount setup with:

[root@server /usr/home/user]# showmount -e [enter]
Exports list on localhost:
...
/tftpboot/f01/rescuecd             192.168.1.0
[root@server /usr/home/user]#

PXE Boot Menu with Sub-menus

By Sture | 2017-03-05 | Comments 0 Comment

Description

A simple GUI menu system with sub-menus is used for selecting between different tasks.

WWW: http://syslinux.zytor.com/wiki/index.php/Menu.

Files: https://www.kernel.org/pub/linux/utils/boot/syslinux/.

Syslinux 5 Changelog:http://www.syslinux.org/wiki/index.php/Syslinux_6_Changelog#Changes_in_6.03/Menu.

Requirements

The following application(s) must be installed, configured and running before tftp-hpa is installed:

isc-dhcp – ISC Dynamic Host Configuration Protocol server
tftp-hpa – BSD derived TFTP Server

Preparation for Installation

Start PuTTY on a Windows PC, Terminal on a Mac or similar terminal application on a Linux PC.

In this example Terminal on a Mac is used.

Open a remote SSH session to the server with:

Mac:~ user$ ssh user@192.168.1.4 [enter]

N.B.: Replace user@192.168.1.4 with User ID and IP Address on Your server!

[user@server ~]$

Enable superuser privileges with:

[user@server ~]$ sudo -s [enter]
Password: <-- passwd [enter]
[root@server /usr/home/user]#

N.B.: Enter user password, not the root password!

Download

Download file syslinux-6.03.tar.xz, about 6.5M, with;;

[root@server /usr/home/user]# wget https://www.kernel.org/pub/linux/utils/boot/syslinux/syslinux-6.03.tar.xz --no-check-certificate [enter]
--2017-03-02 17:46:01--  https://www.kernel.org/pub/linux/utils/boot/syslinux/syslinux-6.03.tar.xz
Resolving www.kernel.org (www.kernel.org)... 199.204.44.194, 149.20.4.69, 198.145.20.140, ...
Connecting to www.kernel.org (www.kernel.org)|199.204.44.194|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 6855224 (6,5M) [application/x-xz]
Saving to: ‘syslinux-6.03.tar.xz’

syslinux-6.03.tar.xz                         100%[============================================================================================>]   6,54M   765KB/s    in 9,8s    

2017-03-02 17:46:12 (683 KB/s) - ‘syslinux-6.03.tar.xz’ saved [6855224/6855224]
[root@server /usr/home/user]#

Wait for download to be completed and than extract ~/syslinux-6.03.tar.xz with:

[root@server /usr/home/user]# tar -xf syslinux-6.03.tar.xz [enter]
[root@server /usr/home/user]#

Installation

For the lwIP embedded TCP/IP network stack copy file syslinux-6.03/bios/core/pxelinux.0 to /tftpboot/ with:

[root@server /usr/home/user]# cp syslinux-6.03/bios/core/pxelinux.0 /tftpboot/ [enter]
[root@server /usr/home/user]#

For the new lwIP embedded TCP/IP network stack copy file ~/syslinux-6.03/bios/core/lpxelinux.0 to /tftpboot/ with:

[root@server /usr/home/user]# cp syslinux-6.03/bios/core/lpxelinux.0 /tftpboot/ [enter]
[root@server /usr/home/user]#

For the legacy TCP/IP network stack copy file syslinux-6.03/bios/gpxe/gpxelinux.0 to /tftpboot/ with:

[root@server /usr/home/user]# cp syslinux-6.03/bios/gpxe/gpxelinux.0 /tftpboot/ [enter]
[root@server /usr/home/user]#

Copy file ~/syslinux-6.03/bios/com32/lib/libcom32.c32 to /tftpboot/ with:

[root@server /usr/home/user]# cp syslinux-6.03/bios/com32/lib/libcom32.c32 /tftpboot/ [enter]
[root@server /usr/home/user]#

Copy file ~/syslinux-6.03/bios/com32/libutil/libutil.c32 to /tftpboot/ with:

[root@server /usr/home/user]# cp syslinux-6.03/bios/com32/libutil/libutil.c32 /tftpboot/ [enter]
[root@server /usr/home/user]#

Copy file ~/syslinux-6.03/bios/com32/menu/menu.c32 to /tftpboot/ with:

[root@server /usr/home/user]# cp syslinux-6.03/bios/com32/menu/menu.c32 /tftpboot/ [enter]
[root@server /usr/home/user]#

Copy file ~/syslinux-6.03/bios/com32/menu/vesamenu.c32 to /tftpboot/ with:

[root@server /usr/home/user]# cp syslinux-6.03/bios/com32/menu/vesamenu.c32 /tftpboot/ [enter]
[root@server /usr/home/user]#

Copy file ~/syslinux-6.03/bios/com32/modules/linux.c32 to /tftpboot/ with:

[root@server /usr/home/user]# cp syslinux-6.03/bios/com32/modules/linux.c32 /tftpboot/ [enter]
[root@server /usr/home/user]#

Copy file ~/syslinux-6.03/bios/com32/elflink/ldlinux/ldlinux.c32 to /tftpboot/ with:

[root@server /usr/home/user]# cp syslinux-6.03/bios/com32/elflink/ldlinux/ldlinux.c32 /tftpboot/ [enter]
[root@server /usr/home/user]#

Copy file ~/syslinux-6.03/bios/com32/modules/reboot.c32 to /tftpboot/ with:

[root@server /usr/home/user]# cp syslinux-6.03/bios/com32/modules/reboot.c32 /tftpboot/ [enter]
[root@server /usr/home/user]#

Copy file ~/syslinux-6.03/bios/com32/chain/chain.c32 to /tftpboot/ with:

[root@server /usr/home/user]# cp syslinux-6.03/bios/com32/chain/chain.c32 /tftpboot/ [enter]
[root@server /usr/home/user]#

Copy file ~/syslinux-6.03/sample/syslinux_splash.jpg to /tftpboot/ with:

[root@server /usr/home/user]# cp syslinux-6.03/sample/syslinux_splash.jpg /tftpboot/ [enter]
[root@server /usr/home/user]#

Copy file ~/syslinux-6.03/bios/memdisk/memdisk to /tftpboot/ with:

[root@server /usr/home/user]# cp syslinux-6.03/bios/memdisk/memdisk /tftpboot/ [enter]
[root@server /usr/home/user]#

Display files in directory /tftpboot with:

[root@server /usr/home/user]# ls -l /tftpboot/ [enter]
total 1343
-rwxr-xr-x  1 root  wheel   24560 Mar  2 18:48 chain.c32
-rw-r--r--  1 root  wheel  111334 Mar  2 18:44 gpxelinux.0
drwxr-xr-x  2 root  wheel       2 Mar  2 11:37 images
-rwxr-xr-x  1 root  wheel  122308 Mar  2 18:48 ldlinux.c32
-rwxr-xr-x  1 root  wheel  186500 Mar  2 18:44 libcom32.c32
-rwxr-xr-x  1 root  wheel   24148 Mar  2 18:44 libutil.c32
-rwxr-xr-x  1 root  wheel    4660 Mar  2 18:44 linux.c32
-rw-r--r--  1 root  wheel   91550 Mar  2 18:43 lpxelinux.0
-rw-r--r--  1 root  wheel   26140 Mar  2 18:49 memdisk
-rwxr-xr-x  1 root  wheel   26596 Mar  2 18:44 menu.c32
-rw-r--r--  1 root  wheel   46909 Mar  2 18:41 pxelinux.0
drwxr-xr-x  2 root  wheel       2 Mar  2 11:37 pxelinux.cfg
-rwxr-xr-x  1 root  wheel    1376 Mar  2 18:48 reboot.c32
-rw-r--r--  1 root  wheel   56299 Mar  2 18:49 syslinux_splash.jpg
-rwxr-xr-x  1 root  wheel   27104 Mar  2 18:44 vesamenu.c32
[root@server /usr/home/user]#

Delete the extracted folder and the downloaded .xz file with;

[root@server /usr/home/user]# rm -R syslinux-6.03; rm syslinux-6.03.tar.xz [enter]
[root@server /usr/home/user]#

Configuration

Critical Tasks Password

openssl passwd command can be used to compute the MD5-based hash of password used in the PXE Boot Menus.

[root@server /usr/home/user]# openssl passwd -1 passwd
$1$./xB0ZYM$EaUHney4jC51AtxBjdln2/
[root@server /usr/home/user]#

PXE Boot Main Menu

The PXE Boot Main Menu is defined in file /tftpboot/pxelinux.cfg/default.

Create this file with:

[root@server /usr/home/user]# ee /tftpboot/pxelinux.cfg/default

…and add the following text:

DEFAULT vesamenu.c32
PROMT 0
NOESCAPE 1
TIMEOUT 300
TOTALTIMEOUT 450

MENU WIDTH 78
MENU MARGIN 1
MENU ROWS 20
MENU TIMEOUTROW 25
MENU HELPMSGROW 26

MENU BACKGROUND syslinux_splash.jpg

MENU MASTER PASSWD $1$./xB0ZYM$EaUHney4jC51AtxBjdln2/
MENU PASSPROMT Enter Password

MENU TITLE PXE Boot Main Menu - server.example.net

MENU COLOR BORDER 0 #ffffffff #ee000000 std
MENU COLOR TITLE 0 #ffffffff #ee000000 std
MENU COLOR SEL 0 #ff00ff00 #ff000000 std
MENU COLOR UNSEL 0 #ffffffff #ee000000 std
MENU COLOR PWDHEADER 0 #ff000000 #99ffffff rev
MENU COLOR PWDBORDER 0 #ff000000 #99ffffff rev
MENU COLOR PWDENTRY 0 #ff000000 #99ffffff rev
MENU COLOR HOTKEY 0 #ff00ff00 #ee000000 std
MENU COLOR HOTSEL 0 #ffffffff #85000000 std

LABEL blank
MENU LABEL

LABEL hd
MENU LABEL ^H)  Boot to Local Hard Disk
LOCALBOOT 0x80

LABEL floppy
MENU LABEL ^F)  Boot to Local Floppy Disk
LOCALBOOT 0x00

LABEL cr
MENU LABEL ^R)  Coold Reboot
COM32 reboot.c32

LABEL wr
MENU LABEL ^W)  Warm Reboot
COM32 reboot.c32
APPEND -w

LABEL next
MENU LABEL ^N)  Skip PXE Boot (Boot Next Device)
MENU DEFAULT
LOCALBOOT -1

N.B.: Remember to change MENU MASTER PASSWD and MENU TITLE PXE!

PXE Boot Sub-Menus – Top Part

PXE Boot Sub-Menus top part is defined in file tftpboot/top.cfg:

Create this file with:

[root@server /usr/home/user]# ee /tftpboot/top.cfg

…and add the following text:

DEFAULT vesamenu.c32
PROMT 0
NOESCAPE 1
TIMEOUT 300
TOTALTIMEOUT 450

MENU WIDTH 78
MENU MARGIN 1
MENU ROWS 20
MENU TIMEOUTROW 25
MENU HELPMSGROW 26

MENU BACKGROUND syslinux_splash.jpg

MENU MASTER PASSWD $1$./xB0ZYM$EaUHney4jC51AtxBjdln2/
MENU PASSPROMT Enter Password

MENU COLOR BORDER 0 #ffffffff #ee000000 std
MENU COLOR TITLE 0 #ffffffff #ee000000 std
MENU COLOR SEL 0 #ff00ff00 #ff000000 std
MENU COLOR UNSEL 0 #ffffffff #ee000000 std
MENU COLOR PWDHEADER 0 #ff000000 #99ffffff rev
MENU COLOR PWDBORDER 0 #ff000000 #99ffffff rev
MENU COLOR PWDENTRY 0 #ff000000 #99ffffff rev
MENU COLOR HOTKEY 0 #ff00ff00 #ee000000 std
MENU COLOR HOTSEL 0 #ffffffff #85000000 std

N.B.: Remember to change MENU MASTER PASSWD!

PXE Boot Sub-Menus – Bottom Part

PXE Boot Sub-Menus bottom part is defined in file tftpboot/bottom.cfg:

Create this file with:

[root@server /usr/home/user]# ee /tftpboot/bottom.cfg

…and add the following text:

LABEL blank
MENU LABEL

LABEL hd
MENU LABEL ^H)  Boot to Local Hard Disk
localboot 0x80

LABEL floppy
MENU LABEL ^F)  Boot to Local Floppy Disk
localboot 0x00

LABEL cr
MENU LABEL ^R)  Coold Reboot
COM32 reboot.c32

LABEL wr
MENU LABEL ^W)  Warm Reboot
COM32 reboot.c32
APPEND -w

LABEL  return
MENU LABEL ^R)  Return to PXE Boot Main Menu
MENU DEFAULT
KERNEL vesamenu.c32
APPEND ~

Change file modes

Change file modes for all files in directory /tftpboot with:

[root@server ~]# chmod -R 755 /tftpboot [enter]
[root@server /usr/home/user]#

The sub-menus in this example will be named tftpboot/f01.cfg, tftpboot/f02.cfg,… and any files used in the sub-menus will be stored in directory named tftpboot/f01, tftpboot/f02, …

phpSysInfo

By Sture | 2017-02-27 | Comments 0 Comment

Description

phpSysInfo is a PHP script that displays information about the host being accessed. It will displays things like Uptime, CPU, Memory, SCSI, IDE, PCI, Ethernet, Floppy, and Video Information.

WWW: http://phpsysinfo.github.io/phpsysinfo/.

Requirements

The following applications must be installed, configured and running:

Preparation for Installation

Start PuTTY on a Windows PC, Terminal on a Mac or similar terminal application on a Linux PC.

In this example Terminal on a Mac is used.

Open a remote SSH session to the server with:

Mac:~ user$ ssh user@192.168.1.4 [enter]

N.B.: Replace user@192.168.1.4 with User ID and IP Address on Your server!

[user@server ~]$

Enable superuser privileges with:

[user@server ~]$ sudo -s [enter]
Password: <-- passwd [enter]
[root@server /usr/home/user]#

N.B.: Enter user password, not the root password!

Download

[root@server /usr/home/user]# wget https://github.com/phpsysinfo/phpsysinfo/archive/v3.2.7.tar.gz
--2017-02-20 19:03:01--  https://github.com/phpsysinfo/phpsysinfo/archive/v3.2.7.tar.gz
Resolving github.com (github.com)... 192.30.253.112, 192.30.253.113
Connecting to github.com (github.com)|192.30.253.112|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://codeload.github.com/phpsysinfo/phpsysinfo/tar.gz/v3.2.7 [following]
--2017-02-20 19:03:01--  https://codeload.github.com/phpsysinfo/phpsysinfo/tar.gz/v3.2.7
Resolving codeload.github.com (codeload.github.com)... 192.30.253.120, 192.30.253.121
Connecting to codeload.github.com (codeload.github.com)|192.30.253.120|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 986821 (964K) [application/x-gzip]
Saving to: ‘v3.2.7.tar.gz’

v3.2.7.tar.gz       100%[===================>] 963,69K   837KB/s    in 1,2s    

2017-02-20 19:03:03 (837 KB/s) - ‘v3.2.7.tar.gz’ saved [986821/986821]

[root@server /usr/home/user]#

Installation

Extract file v3.2.7.tar.gz to /usr/local/www/ with:

[root@server /usr/home/user]# tar -zxvf v3.2.7.tar.gz  -C /usr/local/www/ [enter]
[root@server /usr/home/user]#

Delete file v3.2.7.tar.gz with:

[root@server /usr/home/user]# rm v3.2.7.tar.gz [enter]
[root@server /usr/home/user]#

Install shared php extension php70-mbstring and php70-xml with:

[root@server /usr/home/user]# pkg install php70-mbstring php70-xml [enter]
[root@server /usr/home/user]#

Configuration

Create a configure file for phpSysInfo with:

[root@server /usr/home/user]# cp /usr/local/www/phpsysinfo-3.2.7/phpsysinfo.ini.new /usr/local/www/phpsysinfo-3.2.7/phpsysinfo.ini [enter]
[root@server /usr/home/user]#

Edit file /usr/local/www/phpsysinfo-3.2.7/phpsysinfo.ini if needed with: with:

[root@server /usr/home/user]# ee /usr/local/www/phpsysinfo-3.2.7/phpsysinfo.ini

To make phpsysinfo available through the local web site:

[root@server /usr/home/user]# ee /usr/local/etc/apache24/Includes/phpsysinfo.conf

…and add the following text:

Alias /phpsysinfo/ "/usr/local/www/phpsysinfo-3.2.7/"
<Directory "/usr/local/www/phpsysinfo-3.2.7/">
  AllowOverride All
  Require all granted
</Directory&gt

Restart apache24 with:

[root@server /usr/home/user]# service apache24 restart [enter]
Performing sanity check on apache24 configuration:
Syntax OK
Stopping apache24.
Waiting for PIDS: 1302.
Performing sanity check on apache24 configuration:
Syntax OK
Starting apache24.
[root@server /usr/home/user]#

How to use

Start a browser and go to URL: http://server.example.net/phpsysinfo/.

phpMyAdmin with PHP v. 7.0

By Sture | 2017-02-27 | Comments 0 Comment

Description

phpMyAdmin is a free software tool written in PHP, intended to handle the administration of MySQL over the Web. phpMyAdmin supports a wide range of operations on MySQL and MariaDB. Frequently used operations (managing databases, tables, columns, relations, indexes, users, permissions, etc) can be performed via the user interface, while you still have the ability to directly execute any SQL statement.

WWW: http://www.phpmyadmin.net.

Requirentments

The following applications must be installed, configured and running before installation of phpMyAdmin:

Preparation for Installation

Start PuTTY on a Windows PC, Terminal on a Mac or similar terminal application on a Linux PC.

In this example Terminal on a Mac is used.

Open a remote SSH session to the server with:

Mac:~ user$ ssh user@192.168.1.4 [enter]

N.B.: Replace user@192.168.1.4 with User ID and IP Address on Your server!

[user@server ~]$

Enable superuser privileges with:

[user@server ~]$ sudo -s [enter]
Password: <-- passwd [enter]
[root@server /usr/home/user]#

N.B.: Enter user password, not the root password!

Warning!

N.B.: Do NOT install phpMyAdmin from port if the PHP version installed is > 5.6!

Verify version of PHP installed with:

[root@server /usr/home/user]# php -v [enter]
PHP 7.0.15 (cli) (built: Jan 24 2017 01:18:59) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
    with Zend OPcache v7.0.15, Copyright (c) 1999-2017, by Zend Technologies
[root@server /usr/home/user]#

In this example PHP version 7.0 is installed. Due to this phpMyAdmin will be downloaded from the phpMyAdmin site.

Download and Verification

[root@server /usr/home/user]# wget https://files.phpmyadmin.net/phpMyAdmin/4.6.6/phpMyAdmin-4.6.6-all-languages.zip [enter]
Resolving files.phpmyadmin.net (files.phpmyadmin.net)... 185.59.222.19
Connecting to files.phpmyadmin.net (files.phpmyadmin.net)|185.59.222.19|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 11349727 (11M) [application/zip]
Saving to: ‘phpMyAdmin-4.6.6-all-languages.zip’

phpMyAdmin-4.6.6-al 100%[===================>]  10,82M  2,62MB/s    in 4,3s    

2017-02-22 00:00:00 (2,55 MB/s) - ‘phpMyAdmin-4.6.6-all-languages.zip’ saved [11349727/11349727]

[root@server /usr/home/user]#

[root@server /usr/home/user]# wget https://files.phpmyadmin.net/phpMyAdmin/4.6.6/phpMyAdmin-4.6.6-all-languages.zip.asc [enter]
--2017-02-22 12:12:36--  https://files.phpmyadmin.net/phpMyAdmin/4.6.6/phpMyAdmin-4.6.6-all-languages.zip.asc
Resolving files.phpmyadmin.net (files.phpmyadmin.net)... 185.76.9.11
Connecting to files.phpmyadmin.net (files.phpmyadmin.net)|185.76.9.11|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 819 [application/octet-stream]
Saving to: ‘phpMyAdmin-4.6.6-all-languages.zip.asc’

phpMyAdmin-4.6.6-al 100%[===================>]     819  --.-KB/s    in 0s      

2017-02-22 00:00:00 (61,9 MB/s) - ‘phpMyAdmin-4.6.6-all-languages.zip.asc’ saved [819/819]
[root@server /usr/home/user]#

Download the keyring from the phpMyAdmin download server with:

[root@server /usr/home/user]# wget https://files.phpmyadmin.net/phpmyadmin.keyring [enter]
--2017-02-22 12:49:01--  https://files.phpmyadmin.net/phpmyadmin.keyring
Resolving files.phpmyadmin.net (files.phpmyadmin.net)... 185.76.9.11
Connecting to files.phpmyadmin.net (files.phpmyadmin.net)|185.76.9.11|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 34198 (33K) [application/octet-stream]
Saving to: ‘phpmyadmin.keyring’

phpmyadmin.keyring  100%[===================>]  33,40K  --.-KB/s    in 0,006s  

2017-02-22 00:00:00 (5,27 MB/s) - ‘phpmyadmin.keyring’ saved [34198/34198]
[root@server /usr/home/user]#

…and then import the keyring data with:

[root@server /usr/home/user]# gpg --import phpmyadmin.keyring [enter]
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 9C27B31342B7511D: public key "Michal Čihař <michal@cihar.com>" imported
gpg: key FEFC65D181AF644A: public key "Marc Delisle <marc@infomarc.info>" imported
gpg: key CE752F178259BD92: public key "Isaac Bennetch <bennetch@gmail.com>" imported
gpg: key DA68AB39218AB947: public key "phpMyAdmin Security Team <security@phpmyadmin.net>" imported
gpg: Total number processed: 4
gpg:               imported: 4
[root@server /usr/home/user]#

N.B.: Verify the public keys corresponds with the information publiced the phpMyAdmin web site: Verifying phpMyAdmin releases.

[root@server /usr/home/user]# gpg --verify phpMyAdmin-4.6.6-all-languages.zip.asc [enter]
gpg: assuming signed data in 'phpMyAdmin-4.6.6-all-languages.zip'
gpg: Signature made Mon 23 Jan 20:22:46 2017 CET
gpg:                using RSA key CE752F178259BD92
gpg: Good signature from "Isaac Bennetch <bennetch@gmail.com>" [unknown]
gpg:                 aka "Isaac Bennetch <isaac@bennetch.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 3D06 A59E CE73 0EB7 1B51  1C17 CE75 2F17 8259 BD92
[root@server /usr/home/user]#

Beginning in January 2016, the release manager for phpMyAdmin is Isaac Bennetch. His RSA key id is:

CE752F178259BD92

…and his PGP primary key fingerprint is:

3D06 A59E CE73 0EB7 1B51 1C17 CE75 2F17 8259 BD92

You should verify that the signature matches the archive you have downloaded. This way you can be sure that you are using the same code that was released. You should also verify the date of the signature to make sure that you downloaded the latest version.

Installation

Extract file phpMyAdmin-4.6.6-all-languages.zip to /usr/local/www/ with:

[root@server /usr/home/user]# unzip phpMyAdmin-4.6.6-all-languages.zip  -d /usr/local/www [enter]
Archive:  phpMyAdmin-4.6.6-all-languages.zip
   creating: /usr/local/www/phpMyAdmin-4.6.6-all-languages/
 extracting: /usr/local/www/phpMyAdmin-4.6.6-all-languages/CONTRIBUTING.md  
 extracting: /usr/local/www/phpMyAdmin-4.6.6-all-languages/ChangeLog  
 extracting: /usr/local/www/phpMyAdmin-4.6.6-all-languages/DCO  
 extracting: /usr/local/www/phpMyAdmin-4.6.6-all-languages/LICENSE  
 extracting: /usr/local/www/phpMyAdmin-4.6.6-all-languages/README  
 extracting: /usr/local/www/phpMyAdmin-4.6.6-all-languages/RELEASE-DATE-4.6.6  
.
.
.
 extracting: /usr/local/www/phpMyAdmin-4.6.6-all-languages/url.php  
 extracting: /usr/local/www/phpMyAdmin-4.6.6-all-languages/user_password.php  
 extracting: /usr/local/www/phpMyAdmin-4.6.6-all-languages/version_check.php  
 extracting: /usr/local/www/phpMyAdmin-4.6.6-all-languages/view_create.php  
 extracting: /usr/local/www/phpMyAdmin-4.6.6-all-languages/view_operations.ph  |
[root@server /usr/home/user]#

Delete file phpMyAdmin-4.6.6-all-languages.zip with:

[root@server /usr/home/user]# rm phpMyAdmin-4.6.6-all-languages.zip [enter]
[root@server /usr/home/user]#

Rename folder /usr/local/www/phpMyAdmin-4.6.6-all-languages to /usr/local/www/phpMyAdmin with:

[root@server /usr/home/user]# mv /usr/local/www/phpMyAdmin-4.6.6-all-languages /usr/local/www/phpMyAdmin [enter]
[root@server /usr/home/user]#

N.B.: Only not installed required PHP shared extension will be installed with the following command!

Install shared PHP extension required by phpMyAdmin with:

[root@server /usr/home/user]# pkg install php70-session php70-xml php70-bz2 php70-ctype php70-filter php70-zip php70-openssl php70-gd php70-mcrypt php70-mbstring php70-mysqli php70-json php70-zlib [enter]
Updating FreeBSD repository catalogue...
FreeBSD repository is up-to-date.
All repositories are up-to-date.
The following 9 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	php70-session: 7.0.15
	php70-bz2: 7.0.15
	php70-ctype: 7.0.15
	php70-openssl: 7.0.15
	php70-mcrypt: 7.0.15
	php70-mbstring: 7.0.15
	php70-json: 7.0.15
	libltdl: 2.4.6
	libmcrypt: 2.5.8_3

Number of packages to be installed: 9

The process will require 5 MiB more space.
988 KiB to be downloaded.

Proceed with this action? [y/N]: y [enter]
Fetching php70-session-7.0.15.txz: 100%   32 KiB  32.3kB/s    00:01    
Fetching php70-bz2-7.0.15.txz: 100%   11 KiB  11.0kB/s    00:01    
Fetching php70-ctype-7.0.15.txz: 100%    7 KiB   6.8kB/s    00:01    
Fetching php70-openssl-7.0.15.txz: 100%   44 KiB  44.7kB/s    00:01    
Fetching php70-mcrypt-7.0.15.txz: 100%   15 KiB  14.9kB/s    00:01    
Fetching php70-mbstring-7.0.15.txz: 100%  712 KiB 728.9kB/s    00:01    
Fetching php70-json-7.0.15.txz: 100%   19 KiB  19.9kB/s    00:01    
Fetching libltdl-2.4.6.txz: 100%   36 KiB  36.6kB/s    00:01    
Fetching libmcrypt-2.5.8_3.txz: 100%  114 KiB 116.9kB/s    00:01    
Checking integrity... done (0 conflicting)
[1/9] Installing libltdl-2.4.6...
[1/9] Extracting libltdl-2.4.6: 100%
[2/9] Installing libmcrypt-2.5.8_3...
[2/9] Extracting libmcrypt-2.5.8_3: 100%
[3/9] Installing php70-session-7.0.15...
[3/9] Extracting php70-session-7.0.15: 100%
[4/9] Installing php70-bz2-7.0.15...
[4/9] Extracting php70-bz2-7.0.15: 100%
[5/9] Installing php70-ctype-7.0.15...
[5/9] Extracting php70-ctype-7.0.15: 100%
[6/9] Installing php70-openssl-7.0.15...
[6/9] Extracting php70-openssl-7.0.15: 100%
[7/9] Installing php70-mcrypt-7.0.15...
[7/9] Extracting php70-mcrypt-7.0.15: 100%
[8/9] Installing php70-mbstring-7.0.15...
[8/9] Extracting php70-mbstring-7.0.15: 100%
[9/9] Installing php70-json-7.0.15...
[9/9] Extracting php70-json-7.0.15: 100%
Message from libmcrypt-2.5.8_3:
===>   NOTICE:

The libmcrypt port currently does not have a maintainer. As a result, it is
more likely to have unresolved issues, not be up-to-date, or even be removed in
the future. To volunteer to maintain this port, please create an issue at:

https://bugs.freebsd.org/bugzilla

More information about port maintainership is available at:

https://www.freebsd.org/doc/en/articles/contributing/ports-contributing.html#maintain-port
Message from php70-session-7.0.15:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-18-session.ini
configuration file to automatically load the installed extension:

extension=session.so

****************************************************************************
Message from php70-bz2-7.0.15:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-bz2.ini
configuration file to automatically load the installed extension:

extension=bz2.so

****************************************************************************
Message from php70-ctype-7.0.15:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-ctype.ini
configuration file to automatically load the installed extension:

extension=ctype.so

****************************************************************************
Message from php70-openssl-7.0.15:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-openssl.ini
configuration file to automatically load the installed extension:

extension=openssl.so

****************************************************************************
Message from php70-mcrypt-7.0.15:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-mcrypt.ini
configuration file to automatically load the installed extension:

extension=mcrypt.so

****************************************************************************
Message from php70-mbstring-7.0.15:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-mbstring.ini
configuration file to automatically load the installed extension:

extension=mbstring.so

****************************************************************************
Message from php70-json-7.0.15:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-json.ini
configuration file to automatically load the installed extension:

extension=json.so

****************************************************************************
[root@server /usr/home/user]#

Configuration

Change file owner and group recursively for /usr/local/www/phpMyAdmin with:

[root@server /usr/home/user]# chown -R www:www /usr/local/www/phpMyAdmin [enter]
[root@server /usr/home/user]#

To make phpMyAdmin available on the web site:

[root@server /usr/home/user]# ee /usr/local/etc/apache24/Includes/phpmyadmin.conf [enter]

Add the following lines;

Alias /phpmyadmin/ "/usr/local/www/phpMyAdmin/"
<Directory "/usr/local/www/phpMyAdmin/">
  AllowOverride All
  Require all granted
</Directory>

…the restart the apache24 service with:

[root@server /usr/home/user]# service apache24 restart [enter]
Performing sanity check on apache24 configuration:
Syntax OK
Stopping apache24.
Waiting for PIDS: 12555.
Performing sanity check on apache24 configuration:
Syntax OK
Starting apache24.
[root@server /usr/home/user]#

N.B.: The phpMyAdmin documentation is stored on your server at: http://www.example.com/phpmyadmin/doc/html/!

Start your browser and go to: http://server.example.net/phpmyadmin/setup/

Create file /usr/local/www/phpMyAdmin/config.inc.php with:

[root@server /usr/home/user]# ee /usr/local/www/phpMyAdmin/config.inc.php [enter]

…and copy the following text – example – that was created for you:

<?php
/*
 * Generated configuration file
 * Generated by: phpMyAdmin 4.6.6 setup script
 * Date: Tue, 22 Feb 2017 00:00:00 +0000
 */

/* Servers configuration */
$i = 0;

/* Server: localhost [1] */
$i++;
$cfg['Servers'][$i]['verbose'] = '';
$cfg['Servers'][$i]['host'] = 'localhost';
$cfg['Servers'][$i]['port'] = '';
$cfg['Servers'][$i]['socket'] = '';
$cfg['Servers'][$i]['ssl'] = true;
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['compress'] = true;
$cfg['Servers'][$i]['auth_type'] = 'cookie';
$cfg['Servers'][$i]['user'] = 'root';
$cfg['Servers'][$i]['password'] = '';

/* End of servers configuration */

$cfg['blowfish_secret'] = '----------------------------------';
$cfg['DefaultLang'] = 'en';
$cfg['ServerDefault'] = 1;
$cfg['UploadDir'] = '';
$cfg['SaveDir'] = '';
?>

WordPress with PHP v. 7.0

By Sture | 2017-02-27 | Comments 0 Comment

Description

WordPress is a state-of-the-art semantic personal publishing platform with a focus on aesthetics, web standards, and usability.

More simply, WordPress is what you use when you want to work with your blogging software, not fight it.

WWW: http://wordpress.org/.

Requirements

The following applications must be installed, configured and running before installation of WordPress:

Preparation for Installation

Start PuTTY on a Windows PC, Terminal on a Mac or similar terminal application on a Linux PC.

In this example Terminal on a Mac is used.

Open a remote SSH session to the server with:

Mac:~ user$ ssh user@192.168.1.4 [enter]

N.B.: Replace user@192.168.1.4 with User ID and IP Address on Your server!

[user@server ~]$

Enable superuser privileges with:

[user@server ~]$ sudo -s [enter]
Password: <-- passwd [enter]
[root@server /usr/home/user]#

N.B.: Enter user password, not the root password!

Warning!

N.B.: Do NOT install WordPress from port if the PHP version installed is > 5.6!

Verify version of PHP installed with:

[root@server /usr/home/user]# php -v <enter>
PHP 7.0.15 (cli) (built: Jan 24 2017 01:18:59) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
    with Zend OPcache v7.0.15, Copyright (c) 1999-2017, by Zend Technologies
[root@server /usr/home/user]#

In this example PHP version 7.0 is installed. Due to this WordPress will be downloaded from the WordPress site.

Download

Download the latest version of WordPress with:

[root@server /usr/home/user]# wget https://wordpress.org/latest.tar.gz <enter>
--2017-02-22 18:26:38--  https://wordpress.org/latest.tar.gz
Resolving wordpress.org (wordpress.org)... 66.155.40.249, 66.155.40.250
Connecting to wordpress.org (wordpress.org)|66.155.40.249|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 7997959 (7,6M) [application/octet-stream]
Saving to: ‘latest.tar.gz’

latest.tar.gz       100%[===================>]   7,63M  1,74MB/s    in 6,0s    

2017-02-22 18:26:45 (1,27 MB/s) - ‘latest.tar.gz’ saved [7997959/7997959]

[root@server /usr/home/user]#

Installation

Extract file latest.tar.gz to /usr/local/www/ with:

[root@server /usr/home/user]# tar -xzvf latest.tar.gz  -C /usr/local/www <enter>
x wordpress/
x wordpress/wp-settings.php
x wordpress/wp-cron.php
x wordpress/wp-comments-post.php
x wordpress/wp-activate.php
x wordpress/wp-admin/
.
.
x wordpress/wp-includes/comment.php
x wordpress/wp-includes/class-wp-text-diff-renderer-table.php
x wordpress/wp-config-sample.php
[root@server /usr/home/user]#

Delete file latest.tar.gz with:

[root@server /usr/home/user]# rm latest.tar.gz <enter>
[root@server /usr/home/user]#

N.B.: Only not installed required PHP shared extension will be installed with the following command!

Install shared PHP extension required by phpMyAdmin with:

[root@server /usr/home/user]# pkg install curl php70-curl libnghttp2 php70-gd php70-hash php70-xml php70-tokenizer php70-mysqli php70-zip php70-ftp php70-zlib <enter>
Updating FreeBSD repository catalogue...
FreeBSD repository is up-to-date.
All repositories are up-to-date.
The following 4 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	curl: 7.52.1_1
	php70-curl: 7.0.15
	libnghttp2: 1.18.0
	php70-ftp: 7.0.15

Number of packages to be installed: 4

The process will require 4 MiB more space.
1 MiB to be downloaded.

Proceed with this action? [y/N]: y <enter>
Fetching curl-7.52.1_1.txz: 100%    1 MiB   1.1MB/s    00:01    
Fetching php70-curl-7.0.15.txz: 100%   26 KiB  26.8kB/s    00:01    
Fetching libnghttp2-1.18.0.txz: 100%  104 KiB 106.4kB/s    00:01    
Fetching php70-ftp-7.0.15.txz: 100%   22 KiB  22.4kB/s    00:01    
Checking integrity... done (0 conflicting)
[1/4] Installing libnghttp2-1.18.0...
[1/4] Extracting libnghttp2-1.18.0: 100%
[2/4] Installing curl-7.52.1_1...
[2/4] Extracting curl-7.52.1_1: 100%
[3/4] Installing php70-curl-7.0.15...
[3/4] Extracting php70-curl-7.0.15: 100%
[4/4] Installing php70-ftp-7.0.15...
[4/4] Extracting php70-ftp-7.0.15: 100%
Message from php70-curl-7.0.15:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-curl.ini
configuration file to automatically load the installed extension:

extension=curl.so

****************************************************************************
Message from php70-ftp-7.0.15:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-ftp.ini
configuration file to automatically load the installed extension:

extension=ftp.so

****************************************************************************
[root@server /usr/home/user]#

Configuration

Change file owner and group recursively for /usr/local/www/wordpress with:

[root@server /usr/home/user]# chown -R www:www /usr/local/www/wordpress <enter>
[root@server /usr/home/user]#

Change file modes recursively for /usr/local/www/wordpress with:

[root@server /usr/home/user]# chmod -R 755 /usr/local/www/wordpress <enter>
[root@server /usr/home/user]#

Enable the Apache rewrite_module with:

[root@server /usr/home/user]# perl -pi -e 's/#LoadModule rewrite_module/LoadModule rewrite_module/g' /usr/local/etc/apache24/httpd.conf <enter>
[root@server /usr/home/user]#

To make wordpress available on the web site:

[root@server /usr/home/user]# ee /usr/local/etc/apache24/Includes/wordpress.conf <enter>

Add the following lines;

Alias /wp/ "/usr/local/www/wordpress/"
<Directory "/usr/local/www/wordpress/">
  AllowOverride All
  Require all granted
</Directory>

…the restart the apache24 service with:

[root@server /usr/home/user]# service apache24 restart <enter>
Performing sanity check on apache24 configuration:
Syntax OK
Stopping apache24.
Waiting for PIDS: 12555.
Performing sanity check on apache24 configuration:
Syntax OK
Starting apache24.
[root@server /usr/home/user]#

Prepare MySQL Database

WordPress uses a relational database, such as MySQL, to manage and store site and user information.

[root@server /usr/home/user]# mysql -u root -p <enter>
Enter password: <-- password <enter>
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 422
Server version: 5.7.17-log Source distribution

Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

root@localhost [(none)]>

Create a MySQL wordpress database with:

root@localhost [(none)]> CREATE DATABASE wordpress; &enter>
Query OK, 1 row affected (0,02 sec)

root@localhost [(none)]>

Create a MySQL user account wpadmin that WordPress will use to interact with the wordpress database with:

root@localhost [(none)]> CREATE USER wpadmin@localhost IDENTIFIED BY 'password'; &enter>
Query OK, 0 rows affected (0,44 sec)

root@localhost [(none)]>

Grant the WordPress wpadmin user full access to the wordpress database with:

root@localhost [(none)]> GRANT ALL PRIVILEGES ON wordpress.* TO wpadmin@localhost; &enter> Query OK, 0 rows affected (0,44 sec) root@localhost [(none)]>

Before this privileges change will go into effect, we must flush the privileges with:

root@localhost [(none)]> FLUSH PRIVILEGES; &enter>
Query OK, 0 rows affected (0,43 sec)

root@localhost [(none)]>

Exit the MySQL prompt with:

root@localhost [(none)]> exit &enter>
Bye
[root@server /usr/home/user]#

Make a copy of the WordPress sample configuration file with:

[root@server /usr/home/user]# cp /usr/local/www/wordpress/wp-config-sample.php /usr/local/www/wordpress/wp-config.php <enter>
[root@server /usr/home/user]#

Start editing file /usr/local/www/wordpress/wp-config.php with:

[root@server /usr/home/user]# ee /usr/local/www/wordpress/wp-config.php <enter>

…and update DB_NAME, DB_USER and DB_PASSWORD as in this example:

<?php
/**
 * The base configuration for WordPress
 *
 * The wp-config.php creation script uses this file during the
 * installation. You don't have to use the web site, you can
 * copy this file to "wp-config.php" and fill in the values.
 *
 * This file contains the following configurations:
 *
 * * MySQL settings
 * * Secret keys
 * * Database table prefix
 * * ABSPATH
 *
 * @link https://codex.wordpress.org/Editing_wp-config.php
 *
 * @package WordPress
 */

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'wordpress');

/** MySQL database username */
define('DB_USER', 'wpadmin');

/** MySQL database password */
define('DB_PASSWORD', 'password');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY',         'put your unique phrase here');
define('SECURE_AUTH_KEY',  'put your unique phrase here');
define('LOGGED_IN_KEY',    'put your unique phrase here');
define('NONCE_KEY',        'put your unique phrase here');
define('AUTH_SALT',        'put your unique phrase here');
define('SECURE_AUTH_SALT', 'put your unique phrase here');
define('LOGGED_IN_SALT',   'put your unique phrase here');
define('NONCE_SALT',       'put your unique phrase here');

/**#@-*/

/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
 */
$table_prefix  = 'wp_';

/**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 *
 * For information on other constants that can be used for debugging,
 * visit the Codex.
 *
 * @link https://codex.wordpress.org/Debugging_in_WordPress
 */
define('WP_DEBUG', false);

/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
	define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');
?>

Authentication Unique Keys and Salts

You can generate the unique keys at: https://api.wordpress.org/secret-key/1.1/salt/

Run WordPress Installation Script

Start your browser and got to http://www.example.net/wp/ and complete the installation of WordPress.

PHP

By Sture | 2017-02-27 | Comments 0 Comment

Description

PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML.

WWW: http://www.php.net.

Requirements

The following application(s) must be installed, configured and running before PHP is installed:

Apache HTTP Server

Preparation for Installation

Start PuTTY on a Windows PC, Terminal on a Mac or similar terminal application on a Linux PC.

In this example Terminal on a Mac is used.

Open a remote SSH session to the server with:

Mac:~ user$ ssh user@192.168.1.4 [enter]

N.B.: Replace user@192.168.1.4 with User ID and IP Address on Your server!

[user@server ~]$

Enable superuser privileges with:

[user@server ~]$ sudo -s [enter]
Password: <-- passwd [enter]
[root@server /usr/home/user]#

N.B.: Enter user password, not the root password!

Installation

N.B.: Current version of Appache will be installed if missing!
Search for “mod_php” in the remote package repositories with:

[root@server /usr/home/user]# pkg search "mod_php" [enter]
mod_php56-5.6.30               PHP Scripting Language
mod_php70-7.0.20_1             PHP Scripting Language
mod_php71-7.1.6_1              PHP Scripting Language
[root@server /usr/home/user]#

In this example php71, php71-extensions and mod_php71 will be installed with;

[root@server /usr/home/user]# pkg install php71 php71-extensions mod_php71 [enter]
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 27 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
        php71: 7.1.6_1
        php71-extensions: 1.0
        mod_php71: 7.1.6_1
        libxml2: 2.9.4
        php71-session: 7.1.6_1
        php71-opcache: 7.1.6_1
        php71-xmlwriter: 7.1.6_1
        php71-xmlreader: 7.1.6_1
        php71-dom: 7.1.6_1
        php71-xml: 7.1.6_1
        php71-simplexml: 7.1.6_1
        php71-ctype: 7.1.6_1
        php71-posix: 7.1.6_1
        php71-hash: 7.1.6_1
        php71-filter: 7.1.6_1
        php71-tokenizer: 7.1.6_1
        php71-json: 7.1.6_1
        php71-sqlite3: 7.1.6_1
        sqlite3: 3.19.3_1
        php71-pdo_sqlite: 7.1.6_1
        php71-pdo: 7.1.6_1
        php71-iconv: 7.1.6_1
        php71-phar: 7.1.6_1
        apache24: 2.4.26
        apr: 1.5.2.1.5.4_2
        gdbm: 1.13_1
        db5: 5.3.28_6

Number of packages to be installed: 27

The process will require 109 MiB more space.
23 MiB to be downloaded.

Proceed with this action? [y/N]: y
[1/27] Fetching php71-7.1.6_1.txz: 100%    2 MiB   2.2MB/s    00:01
[2/27] Fetching php71-extensions-1.0.txz: 100%    1 KiB   1.1kB/s    00:01
[3/27] Fetching mod_php71-7.1.6_1.txz: 100%    1 MiB   1.2MB/s    00:01
[4/27] Fetching libxml2-2.9.4.txz: 100%  802 KiB 821.1kB/s    00:01
[5/27] Fetching php71-session-7.1.6_1.txz: 100%   31 KiB  32.3kB/s    00:01
[6/27] Fetching php71-opcache-7.1.6_1.txz: 100%  137 KiB 140.0kB/s    00:01
[7/27] Fetching php71-xmlwriter-7.1.6_1.txz: 100%   13 KiB  13.1kB/s    00:01   
[8/27] Fetching php71-xmlreader-7.1.6_1.txz: 100%   13 KiB  12.9kB/s    00:01   
[9/27] Fetching php71-dom-7.1.6_1.txz: 100%   54 KiB  55.4kB/s    00:01
[10/27] Fetching php71-xml-7.1.6_1.txz: 100%   20 KiB  20.1kB/s    00:01
[11/27] Fetching php71-simplexml-7.1.6_1.txz: 100%   23 KiB  23.3kB/s    00:01  
[12/27] Fetching php71-ctype-7.1.6_1.txz: 100%    6 KiB   6.6kB/s    00:01
[13/27] Fetching php71-posix-7.1.6_1.txz: 100%   11 KiB  11.4kB/s    00:01
[14/27] Fetching php71-hash-7.1.6_1.txz: 100%  118 KiB 121.3kB/s    00:01
[15/27] Fetching php71-filter-7.1.6_1.txz: 100%   18 KiB  18.9kB/s    00:01
[16/27] Fetching php71-tokenizer-7.1.6_1.txz: 100%    9 KiB   8.8kB/s    00:01  
[17/27] Fetching php71-json-7.1.6_1.txz: 100%   20 KiB  20.4kB/s    00:01
[18/27] Fetching php71-sqlite3-7.1.6_1.txz: 100%   17 KiB  17.9kB/s    00:01
[19/27] Fetching sqlite3-3.19.3_1.txz: 100%  707 KiB 723.9kB/s    00:01
[20/27] Fetching php71-pdo_sqlite-7.1.6_1.txz: 100%   12 KiB  12.1kB/s    00:01 
[21/27] Fetching php71-pdo-7.1.6_1.txz: 100%   43 KiB  44.1kB/s    00:01
[22/27] Fetching php71-iconv-7.1.6_1.txz: 100%   18 KiB  18.0kB/s    00:01
[23/27] Fetching php71-phar-7.1.6_1.txz: 100%  102 KiB 104.2kB/s    00:01
[24/27] Fetching apache24-2.4.26.txz: 100%    5 MiB   5.0MB/s    00:01
[25/27] Fetching apr-1.5.2.1.5.4_2.txz: 100%  410 KiB 419.7kB/s    00:01
[26/27] Fetching gdbm-1.13_1.txz: 100%  150 KiB 153.5kB/s    00:01
[27/27] Fetching db5-5.3.28_6.txz: 100%   12 MiB   6.4MB/s    00:02
Checking integrity... done (0 conflicting)
[1/27] Installing libxml2-2.9.4...
[1/27] Extracting libxml2-2.9.4: 100%
[2/27] Installing php71-7.1.6_1...
[2/27] Extracting php71-7.1.6_1: 100%
[3/27] Installing gdbm-1.13_1...
[3/27] Extracting gdbm-1.13_1: 100%
[4/27] Installing db5-5.3.28_6...
[4/27] Extracting db5-5.3.28_6: 100%
[5/27] Installing php71-dom-7.1.6_1...
[5/27] Extracting php71-dom-7.1.6_1: 100%
[6/27] Installing php71-hash-7.1.6_1...
[6/27] Extracting php71-hash-7.1.6_1: 100%
[7/27] Installing sqlite3-3.19.3_1...
[7/27] Extracting sqlite3-3.19.3_1: 100%
[8/27] Installing php71-pdo-7.1.6_1...
[8/27] Extracting php71-pdo-7.1.6_1: 100%
[9/27] Installing apr-1.5.2.1.5.4_2...
[9/27] Extracting apr-1.5.2.1.5.4_2: 100%
[10/27] Installing php71-session-7.1.6_1...
[10/27] Extracting php71-session-7.1.6_1: 100%
[11/27] Installing php71-opcache-7.1.6_1...
[11/27] Extracting php71-opcache-7.1.6_1: 100%
[12/27] Installing php71-xmlwriter-7.1.6_1...
[12/27] Extracting php71-xmlwriter-7.1.6_1: 100%
[13/27] Installing php71-xmlreader-7.1.6_1...
[13/27] Extracting php71-xmlreader-7.1.6_1: 100%
[14/27] Installing php71-xml-7.1.6_1...
[14/27] Extracting php71-xml-7.1.6_1: 100%
[15/27] Installing php71-simplexml-7.1.6_1...
[15/27] Extracting php71-simplexml-7.1.6_1: 100%
[16/27] Installing php71-ctype-7.1.6_1...
[16/27] Extracting php71-ctype-7.1.6_1: 100%
[17/27] Installing php71-posix-7.1.6_1...
[17/27] Extracting php71-posix-7.1.6_1: 100%
[18/27] Installing php71-filter-7.1.6_1...
[18/27] Extracting php71-filter-7.1.6_1: 100%
[19/27] Installing php71-tokenizer-7.1.6_1...
[19/27] Extracting php71-tokenizer-7.1.6_1: 100%
[20/27] Installing php71-json-7.1.6_1...
[20/27] Extracting php71-json-7.1.6_1: 100%
[21/27] Installing php71-sqlite3-7.1.6_1...
[21/27] Extracting php71-sqlite3-7.1.6_1: 100%
[22/27] Installing php71-pdo_sqlite-7.1.6_1...
[22/27] Extracting php71-pdo_sqlite-7.1.6_1: 100%
[23/27] Installing php71-iconv-7.1.6_1...
[23/27] Extracting php71-iconv-7.1.6_1: 100%
[24/27] Installing php71-phar-7.1.6_1...
[24/27] Extracting php71-phar-7.1.6_1: 100%
[25/27] Installing apache24-2.4.26...
===> Creating groups.
Using existing group 'www'.
===> Creating users
Using existing user 'www'.
[25/27] Extracting apache24-2.4.26: 100%
[26/27] Installing php71-extensions-1.0...
[27/27] Installing mod_php71-7.1.6_1...
Extracting mod_php71-7.1.6_1: 100%
[activating module `php7' in /usr/local/etc/apache24/httpd.conf]
Message from php71-dom-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-dom.ini
configuration file to automatically load the installed extension:

extension=dom.so

****************************************************************************
Message from php71-hash-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-hash.ini
configuration file to automatically load the installed extension:

extension=hash.so

****************************************************************************
Message from php71-pdo-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-pdo.ini
configuration file to automatically load the installed extension:

extension=pdo.so

****************************************************************************
Message from php71-session-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-18-session.ini
configuration file to automatically load the installed extension:

extension=session.so

****************************************************************************
Message from php71-opcache-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-10-opcache.ini
configuration file to automatically load the installed extension:

zend_extension=opcache.so

****************************************************************************
Message from php71-xmlwriter-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-xmlwriter.ini
configuration file to automatically load the installed extension:

extension=xmlwriter.so

****************************************************************************
Message from php71-xmlreader-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-30-xmlreader.ini
configuration file to automatically load the installed extension:

extension=xmlreader.so

****************************************************************************
Message from php71-xml-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-xml.ini
configuration file to automatically load the installed extension:

extension=xml.so

****************************************************************************
Message from php71-simplexml-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-simplexml.ini
configuration file to automatically load the installed extension:

extension=simplexml.so

****************************************************************************
Message from php71-ctype-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-ctype.ini
configuration file to automatically load the installed extension:

extension=ctype.so

****************************************************************************
Message from php71-posix-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-posix.ini
configuration file to automatically load the installed extension:

extension=posix.so

****************************************************************************
Message from php71-filter-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-filter.ini
configuration file to automatically load the installed extension:

extension=filter.so

****************************************************************************
Message from php71-tokenizer-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-tokenizer.ini
configuration file to automatically load the installed extension:

extension=tokenizer.so

****************************************************************************
Message from php71-json-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-json.ini
configuration file to automatically load the installed extension:

extension=json.so

****************************************************************************
Message from php71-sqlite3-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-sqlite3.ini
configuration file to automatically load the installed extension:

extension=sqlite3.so

****************************************************************************
Message from php71-pdo_sqlite-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-30-pdo_sqlite.ini
configuration file to automatically load the installed extension:

extension=pdo_sqlite.so

****************************************************************************
Message from php71-iconv-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-20-iconv.ini
configuration file to automatically load the installed extension:

extension=iconv.so

****************************************************************************
Message from php71-phar-7.1.6_1:
****************************************************************************

The following line has been added to your /usr/local/etc/php/ext-30-phar.ini
configuration file to automatically load the installed extension:

extension=phar.so

****************************************************************************
Message from apache24-2.4.26:
To run apache www server from startup, add apache24_enable="yes"
in your /etc/rc.conf. Extra options can be found in startup script.

Your hostname must be resolvable using at least 1 mechanism in
/etc/nsswitch.conf typically DNS or /etc/hosts or apache might
have issues starting depending on the modules you are using.

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

- apache24 default build changed from static MPM to modular MPM
- more modules are now enabled per default in the port
- icons and error pages moved from WWWDIR to DATADIR

   If build with modular MPM and no MPM is activated in
   httpd.conf, then mpm_prefork will be activated as default
   MPM in etc/apache24/modules.d to keep compatibility with
   existing php/perl/python modules!

Please compare the existing httpd.conf with httpd.conf.sample
and merge missing modules/instructions into httpd.conf!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Message from mod_php71-7.1.6_1:
***************************************************************

Make sure index.php is part of your DirectoryIndex.

You should add the following to your Apache configuration file:


    SetHandler application/x-httpd-php


    SetHandler application/x-httpd-php-source


***************************************************************
[root@server /usr/home/user]#

Configuration

Create a configurations file for PHP from the recommended production template file with:

[root@server /usr/home/user]# cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini [enter]
[root@server /usr/home/user]#

…and then edit /usr/local/etc/php.ini to meet your demands with:

[root@server /usr/home/user]# ee /usr/local/etc/php.ini [enter]

Got to line 663 and increase post_max_size from 8M to 32M;

; Maximum size of POST data that PHP will accept.
; http://php.net/post-max-size
post_max_size = 32M

Exit ee by pressing <esc> and save your changes.

Create an Includes configuration file, /usr/local/etc/apache24/Includes/php.conf, with:

[root@server /usr/home/user]# ee /usr/local/etc/apache24/Includes/php.conf [enter]

…and add the following text:

<IfModule dir_module>
    DirectoryIndex index.php index.shtml index.html
    <FilesMatch "\.php$">
        SetHandler application/x-httpd-php
    </FilesMatch>
    <FilesMatch "\.phps$">
        SetHandler application/x-httpd-php-source
    </FilesMatch>
</IfModule>

Exit ee by pressing <esc> and save your changes.

PHP Locale Settings

Display current active locale setting on the system with:

[root@server /usr/home/user]# locale [enter]
LANG=en_SE.UTF-8
LC_CTYPE="en_SE.UTF-8"
LC_COLLATE="en_SE.UTF-8"
LC_TIME="en_SE.UTF-8"
LC_NUMERIC="en_SE.UTF-8"
LC_MONETARY="en_SE.UTF-8"
LC_MESSAGES="en_SE.UTF-8"
LC_ALL=
[root@server /usr/home/user]#

You can list all UTF-8 locales on the system with:

[root@server /usr/home/user]# locale -a | grep '\.UTF-8$' [enter]

Locale settings for the server in this example is en_SE.UTF-8. This is a customized locale setting based on en_US.UTF-8 with modified TIME settings for 24h only display and with Swedish MONITARY and NUMERIC settings.

PHP will not read the locale settings when the charset type is appended to the locale name. ( ie: sv_SE.ISO8859-1, en_SE.UTF-8 ). The solution is to create a symbolic link to the selected locale directory.

Create a symbolic link to en_SE with:

[root@server /usr/home/user]# ln -s /usr/share/locale/en_SE.UTF-8 /usr/share/locale/en_SE [enter]

Restart Apache Service

Restart apache24 with:

[root@server /usr/home/user]# service apache24 restart [enter]
Performing sanity check on apache24 configuration:
Syntax OK
Stopping apache24.
Waiting for PIDS: 1302.
Performing sanity check on apache24 configuration:
Syntax OK
Starting apache24.
[root@server /usr/home/user]#

Test your PHP installation

Create a test file with:

[root@server /usr/home/user]# echo "<?php phpinfo() ?>" > /usr/local/www/apache24/data/info.php [enter]

…then point your browser to: http://www.example.net/info.php.

Compiled in Modules

Show compiled in modules with:

[root@server /usr/home/user]# php -m [enter]
[PHP Modules]
Core
ctype
date
dom
filter
hash
iconv
json
libxml
mysqlnd
pcre
PDO
pdo_sqlite
Phar
posix
Reflection
session
SimpleXML
SPL
sqlite3
standard
tokenizer
xml
xmlreader
xmlwriter
Zend OPcache

[Zend Modules]
Zend OPcache

[root@server /usr/home/user]#

OpenSSL – Open Secure Sockets Layer

By Sture | 2017-02-27 | Comments 0 Comment

OpenSSL – Open Secure Sockets Layer

Description

The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL tookit and its related documentation.

OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an Apache-style licence, which basically means that you are free to get and use it for commercial and non-commercial purposes subject to some simple license conditions.

WWW: http://www.openssl.org/.

Preparation for Installation

Start PuTTY on a Windows PC, Terminal on a Mac or similar terminal application on a Linux PC.

In this example Terminal on a Mac is used.

Open a remote SSH session to the server with:

Mac:~ user$ ssh user@192.168.1.4 [enter]

N.B.: Replace user@192.168.1.4 with User ID and IP Address on Your server!

[user@server ~]$

Enable superuser privileges with:

[user@server ~]$ sudo -s [enter]
Password: <-- passwd [enter]
[root@server /usr/home/user]#

N.B.: Enter user password, not the root password!

Installation

Install the OpenSSL port with;

[root@server /usr/home/user]# pkg install openssl [enter]
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
        openssl: 1.0.2l,1

Number of packages to be installed: 1

The process will require 12 MiB more space.
3 MiB to be downloaded.

Proceed with this action? [y/N]: y [enter]
[1/1] Fetching openssl-1.0.2l,1.txz: 100%    3 MiB   1.5MB/s    00:02
Checking integrity... done (0 conflicting)
[1/1] Installing openssl-1.0.2l,1...
Extracting openssl-1.0.2l,1: 100%
Message from openssl-1.0.2l,1:
Edit /usr/local/openssl/openssl.cnf to fit your needs.
[root@server /usr/home/user]#

Configuration

Disable use of the old version of openssl in directory /usr/bin/ with:

[root@server /usr/home/user]# mv /usr/bin/openssl /usr/bin/openssl.default [enter]
[root@server /usr/home/user]#

Create a symbolic link to enable the use the new version of openssl with:

[root@server /usr/home/user]# ln -s /usr/local/bin/openssl /usr/bin/ [enter]
[root@server /usr/home/user]#

Edit /usr/local/openssl/openssl.cnf to fit your needs with:

[root@server /usr/home/user]# ee /usr/local/openssl/openssl.cnf [enter]

.
[ req_distinguished_name ]
countryName                     = Country Name (2 letter code)
countryName_default             = SE
countryName_min                 = 2
countryName_max                 = 2

stateOrProvinceName             = State or Province Name (full name)
stateOrProvinceName_default     = Example State

localityName                    = Locality Name (eg, city)
localityName_default            = Example City

0.organizationName              = Organization Name (eg, company)
0.organizationName_default      = Example Company

# we can do this but it is not needed normally :-)
#1.organizationName             = Second Organization Name (eg, company)
#1.organizationName_default     = World Wide Web Pty Ltd

organizationalUnitName          = Organizational Unit Name (eg, section)
organizationalUnitName_default  = Example Unit

commonName                      = Common Name (e.g. server FQDN or YOUR name)
commonName_max                  = 64

emailAddress                    = Email Address
emailAddress_max                = 64
emailAddress_default            = your.mail@example.net

# SET-ex3                       = SET extension number 3
.

CA requires some setup stuff to be done before it can be used. To makes things easier run script:

[root@server /usr/home/user]# /usr/local/openssl/misc/CA.sh -newca [enter]
[root@server /usr/home/user]#

Generating Certificates

If a signature from a CA is not required, a self-signed certificate can be created. First, generate the RSA key:

[root@server /usr/home/user]# openssl genrsa -rand -genkey -out cert.key 2048 [enter]
0 semi-random bytes loaded
Generating RSA private key, 2048 bit long modulus
................................................+++
......+++
e is 65537 (0x10001)
[root@server /usr/home/user]#

Use this key to create a self-signed certificate valid for filve years. Follow the usual prompts for creating a certificate:

[root@server /usr/home/user]# openssl req -new -x509 -days 1825 -key cert.key -out cert.crt -sha256 [enter]
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [SE]: [enter]
State or Province Name (full name) [Example State]: [enter]
Locality Name (eg, city) [Example City]: [enter]
Organization Name (eg, company) [Example Company]: [enter]
Organizational Unit Name (eg, section) [Example Unit]: [enter]
Common Name (e.g. server FQDN or YOUR name) []:server.example.net [enter]
Email Address [your.mail@example.net]: [enter]
[root@server /usr/home/user]#

Two new files has been created in the current directory: a private key file cert.key, and the certificate itself, cert.crt. These files should be placed in a directory, preferably under /usr/local/etc/ssl/. Permissions of 0700 are appropriate for these files and can be set using chmod.

[root@server /usr/home/user]# mv cert.* /usr/local/etc/ssl/ [enter]
[root@server /usr/home/user]#

[root@server /usr/home/user]# chmod 0700 /usr/local/etc/ssl/cert.* [enter]
[root@server /usr/home/user]#

Apache HTTP Server

By Sture | 2017-02-27 | Comments 0 Comment

Description

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for various modern desktop and server operating systems, such as UNIX and Windows NT. The goal of this project is to provide a secure, efficient and extensible server which provides HTTP services in sync with the current HTTP standards.

The 2.x branch of Apache Web Server includes several improvements like threading, use of APR, native IPv6 and SSL support, and many more.

WWW: http://httpd.apache.org/.

In order for public access to your website, you must have a valid domain name.

Requirements

The following software must be installed before Apache HTTP Server:

OpenSSL – Open Secure Sockets Layer

Preparation for Installation

Start PuTTY on a Windows PC, Terminal on a Mac or similar terminal application on a Linux PC.

In this example Terminal on a Mac is used.

Open a remote SSH session to the server with:

Mac:~ user$ ssh user@192.168.1.4 [enter]

N.B.: Replace user@192.168.1.4 with User ID and IP Address on Your server!

[user@server ~]$

Enable superuser privileges with:

[user@server ~]$ sudo -s [enter]
Password: <-- passwd [enter]
[root@server /usr/home/user]#

N.B.: Enter user password, not the root password!

Installation

Search for “apache2” in the remote package repositories with:

[root@server /usr/home/user]# pkg search "apache2" [enter]
apache22-2.2.31_1              Version 2.2.x of Apache web server with prefork MPM
apache22-event-mpm-2.2.31_1    Version 2.2.x of Apache web server with event MPM
apache22-itk-mpm-2.2.31_1      Version 2.2.x of Apache web server with itk MPM
apache22-peruser-mpm-2.2.31_1  Version 2.2.x of Apache web server with peruser MPM
apache22-worker-mpm-2.2.31_1   Version 2.2.x of Apache web server with worker MPM
apache24-2.4.25_1              Version 2.4.x of Apache web server
p5-Apache2-SOAP-0.73_4         Apache2 mod_perl2 SOAP Server
p5-Apache2-SiteControl-1.05_3  Perl web site authentication/authorization system
[root@server /usr/home/user]#

In this example apache24 will be installed.

Install Apache HTTP Server 2.4 with;

[root@server /usr/home/user]# pkg install apache24 [enter]
Updating FreeBSD repository catalogue...
FreeBSD repository is up-to-date.
All repositories are up-to-date.
The following 5 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	apache24: 2.4.25_1
	libxml2: 2.9.4
	apr: 1.5.2.1.5.4_2
	gdbm: 1.12
	db5: 5.3.28_6

Number of packages to be installed: 5

The process will require 81 MiB more space.
18 MiB to be downloaded.

Proceed with this action? [y/N]: y [enter]
Fetching apache24-2.4.25_1.txz: 100%    5 MiB   1.6MB/s    00:03    
Fetching libxml2-2.9.4.txz: 100%  802 KiB 821.6kB/s    00:01    
Fetching apr-1.5.2.1.5.4_2.txz: 100%  410 KiB 419.5kB/s    00:01    
Fetching gdbm-1.12.txz: 100%  145 KiB 148.5kB/s    00:01    
Fetching db5-5.3.28_6.txz: 100%   12 MiB   2.1MB/s    00:06    
Checking integrity... done (0 conflicting)
[1/5] Installing gdbm-1.12...
[1/5] Extracting gdbm-1.12: 100%
[2/5] Installing db5-5.3.28_6...
[2/5] Extracting db5-5.3.28_6: 100%
[3/5] Installing libxml2-2.9.4...
[3/5] Extracting libxml2-2.9.4: 100%
[4/5] Installing apr-1.5.2.1.5.4_2...
[4/5] Extracting apr-1.5.2.1.5.4_2: 100%
[5/5] Installing apache24-2.4.25_1...
===> Creating groups.
Using existing group 'www'.
===> Creating users
Using existing user 'www'.
[5/5] Extracting apache24-2.4.25_1: 100%
Message from apache24-2.4.25_1:
To run apache www server from startup, add apache24_enable="yes"
in your /etc/rc.conf. Extra options can be found in startup script.

Your hostname must be resolvable using at least 1 mechanism in
/etc/nsswitch.conf typically DNS or /etc/hosts or apache might
have issues starting depending on the modules you are using.

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

- apache24 default build changed from static MPM to modular MPM
- more modules are now enabled per default in the port
- icons and error pages moved from WWWDIR to DATADIR

   If build with modular MPM and no MPM is activated in
   httpd.conf, then mpm_prefork will be activated as default
   MPM in etc/apache24/modules.d to keep compatibility with
   existing php/perl/python modules!

Please compare the existing httpd.conf with httpd.conf.sample
and merge missing modules/instructions into httpd.conf!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[root@server /usr/home/user]#

Configuration

packet filter (pf)

Access to the Apache service must be enabled in the packet filter (pf) configuration file.

Start editing file /etc/pf.conf with:

[root@server /usr/home/user]# ee /etc/pf.conf [enter]

…and add port information to enable access to the Apache service from clients on the local network as in this example:

.
# Ports:
#  80 TCP       Hypertext Transfer Protocol (HTTP)
# 123 TCP       Network Time Protocol
# 443 TCP       Hypertext Transfer Protocol over TLS/SSL (HTTPS)
# 445 TCP       Microsoft-DS SMB file sharing

tcp_pass="{ 80, 123, 443, 445 }"
.

Check /etc/pf.conf for errors, but do not load ruleset with:

[root@server /usr/home/user]# pfctl -vvnf /etc/pf.conf [enter]

…and then reload /etc/pf.conf with:

[root@server /usr/home/user]# service pf reload [enter]
Reloading pf rules.
[root@server /usr/home/user]#

Service start on Boot

List installed apache services with:

[root@server /usr/home/user]# service -r | grep /apache [enter]
/usr/local/etc/rc.d/apache24
[root@server /usr/home/user]#

Find the rcvar for /usr/local/etc/rc.d/apache24 with:

[root@server /usr/home/user]# /usr/local/etc/rc.d/apache24 rcvar [enter]
# apache24
#
apache24_enable="NO"
#   (default: "")

[root@server /usr/home/user]#

To start the Apache HTTP Server on system boot:

[root@server /usr/home/user]# echo '' >> /etc/rc.conf; echo '# Apache HTTP Server' >> /etc/rc.conf; echo 'apache24_enable="YES"' >> /etc/rc.conf [enter]
[root@server /usr/home/user]#

Rotate Loggfile

To automatically rotate the /var/log/httpd-error.log log file with:

[root@server /usr/home/user]# echo '/var/log/httpd-error.log                600  9   100000 *     Z' >> /etc/newsyslog.conf [enter]
[root@server /usr/home/user]#

Hosts Database Setup

Hostname must be resolvable or Apache might have issues starting depending on the modules you are using.

Edit file /etc/hosts to allow Apache HTTP Server 2.4 to resolve hostname(s):

[root@server /usr/home/user]# ee /etc/hosts

This is a example:

# $FreeBSD: releng/11.1/etc/hosts 109997 2003-01-28 21:29:23Z dbaker $
#
# Host Database
#
# This file should contain the addresses and aliases for local hosts that
# share this file.  Replace 'my.domain' below with the domainname of your
# machine.
#
# In the presence of the domain name service or NIS, this file may
# not be consulted at all; see /etc/nsswitch.conf for the resolution order.
#
#
::1                     localhost localhost.example.net
127.0.0.1               localhost localhost.example.net
#
# Imaginary network.
#10.0.0.2               myname.my.domain myname
#10.0.0.3               myfriend.my.domain myfriend
#
# According to RFC 1918, you can use the following IP networks for
# private nets which will never be connected to the Internet:
#
#       10.0.0.0        -   10.255.255.255
#       172.16.0.0      -   172.31.255.255
#       192.168.0.0     -   192.168.255.255
#
# In case you want to be able to connect to the Internet, you need
# real official assigned numbers.  Do not try to invent your own network
# numbers but instead get one from your network provider (if any) or
# from your regional registry (ARIN, APNIC, LACNIC, RIPE NCC, or AfriNIC.)
#
192.168.1.1     server.exemple.net

Display where the configuration file should be put with:

[root@server /usr/home/user]# grep httpd.conf /usr/local/etc/rc.d/apache24 [enter]
required_files=/usr/local/etc/apache24/httpd.conf
[root@server /usr/home/user]#

‘ServerAdmin’ Email Address

Update ServerAdmin email address in file /usr/local/etc/apache24/httpd.conf as in this example with:

[root@server /usr/home/user]# perl -pi -e 's/admin\@your-domain.com/{your.name}\@{example.net}/g' /usr/local/etc/apache24/httpd.conf [enter]
[root@server /usr/home/user]#

SSL certificates

The server can hold multiple certificates, but only one per listening IP Address. So, if the server is listening on one IP address, only one certificate can be used for the server. All of your virtual domains can share the same certificate, but clients will get warning prompts when they connect to a secure site where the certificate does not match the domain name. If your server is listening on multiple IP addresses, your virtual hosts have to be IP-based — not name-based. This is something to consider when creating your certificate.

In this example we will use be using self signed certificates created with OpenSSL.

Copy the Server Certificate file server.crt and Server Private Key file server.key files into the appropriate directori with:

[root@server /usr/home/user]# cp /usr/local/etc/ssl/*.key /usr/local/etc/apache24/server.key; cp /usr/local/etc/ssl/*.crt /usr/local/etc/apache24/server.crt [enter]
[root@server /usr/home/user]#

Enable use of Certificate files

Update the Apache configuration files /usr/local/etc/apache24/httpd.conf to use Certificate files with:

[root@server /usr/home/user]# perl -pi -e 's/#LoadModule socache_shmcb_module/LoadModule socache_shmcb_module/g' /usr/local/etc/apache24/httpd.conf [enter]
[root@server /usr/home/user]# perl -pi -e 's/#LoadModule ssl_module/LoadModule ssl_module/g' /usr/local/etc/apache24/httpd.conf [enter]
[root@server /usr/home/user]# perl -pi -e 's/Options Indexes FollowSymLinks/Options Indexes Includes FollowSymLinks/g' /usr/local/etc/apache24/httpd.conf [enter]
[root@server /usr/home/user]# perl -pi -e 's/#Include etc\/apache24\/extra\/httpd-ssl.conf/Include etc\/apache24\/extra\/httpd-ssl.conf/g' /usr/local/etc/apache24/httpd.conf [enter]
[root@server /usr/home/user]#

Update ServerName and ServerAdmin in file /usr/local/etc/apache24/extra/httpd-ssl.conf as in this example.

[root@server /usr/home/user]# perl -pi -e 's/www.example.com/{www.example.net}/g' /usr/local/etc/apache24/extra/httpd-ssl.conf [enter]
[root@server /usr/home/user]# perl -pi -e 's/you\@example.com/{your.name}\@{example.net}/g' /usr/local/etc/apache24/extra/httpd-ssl.conf [enter]
[root@server /usr/home/user]#

Update all Certificate names in file /usr/local/etc/apache24/extra/httpd-ssl.conf as in this example.

[root@server /usr/home/user]# perl -pi -e 's/apache24\/server/apache24\/{server}/g' /usr/local/etc/apache24/extra/httpd-ssl.conf [enter]
[root@server /usr/home/user]#

Optional: Virtual Hosts

Please see the documentation at <URL:http://httpd.apache.org/docs/2.4/vhosts/> for further details before you try to setup virtual hosts.

Name-based virtual hosting is usually simpler, since you need only configure your DNS server to map each hostname to the correct IP address and then configure the Apache HTTP Server to recognize the different hostnames. Name-based virtual hosting also eases the demand for scarce IP addresses. Name-based virtual hosting cannot be used with SSL secure servers because of the nature of the SSL protocol.

As the term IP-based indicates, the server must have a different IP address for each IP-based virtual host. This can be achieved by the machine having several physical network connections, or by use of virtual interfaces.

There are two ways of configuring apache to support multiple hosts. Either by running a separate httpd daemon for each hostname, or by running a single daemon which supports all the virtual hosts.

The following example shows how Apache HTTP Server 2.4 can be configured to host the original IP (192.168.1.1) plus two additional domains on additional IPs (192.168.100.1 and 192.168.200.1). For this case, a single httpd will service requests for the main server and all the virtual hosts. This particular example only works on an intranet, because IPs ranging from 192.168.0.0 to 192.168.255.0 are not routed on the Internet.

Once IP aliasing has been set up on the system or the host has been configured with several network cards, Apache HTTP Server 2.4 can be configured. Specify a separate VirtualHost block for every virtual server.

Update the Apache configuration files /usr/local/etc/apache24/httpd.conf to use Virtual Hosts with:

[root@server /usr/home/user]# perl -pi -e 's/#Include etc\/apache24\/extra\/httpd-vhosts.conf/Include etc\/apache24\/extra\/httpd-vhosts.conf/g' /usr/local/etc/apache24/httpd.conf [enter]
[root@server /usr/home/user]#

Then edit file /usr/local/etc/apache24/extra/httpd-vhosts.conf by specify a separate VirtualHost block for every virtual server with:

[root@server /usr/home/user]# ee /usr/local/etc/apache24/extra/httpd-vhosts.conf [enter]

Example:

#
# IP-based Virtual Hosts
#
<VirtualHost 192.168.1.4:80>
  DocumentRoot "/usr/local/www/apache24/data"
  ServerName www.example.net
  <Directory "/usr/local/www/apache24/data">
    AllowOverride All
    Options Indexes FollowSymLinks
    Order allow,deny
    Allow from all
  </Directory>
</VirtualHost>

<VirtualHost 192.168.1.4:443>
  DocumentRoot "/usr/local/www/apache24/data"
  ServerName www.example.net
  SSLEngine on
  SSLCertificateFile "/usr/local/etc/apache24/www.crt"
  SSLCertificateKeyFile "/usr/local/etc/apache24/www.key"
  <Directory "/usr/local/www/apache24/data">
    AllowOverride All
    Options Indexes FollowSymLinks
    Order allow,deny
    Allow from all
  </Directory>
</VirtualHost>

It is now time to create your own certificate for the virtual host using the OpenSSL utility.

Now, you need to understand that one server can hold multiple certificates, but only one per listening IP address. So, if your server is listening on one IP address, you can only have one certificate for the server. All of your virtual domains can share the same certificate, but clients will get warning prompts when they connect to a secure site where the certificate does not match the domain name. If your server is listening on multiple IP addresses, your virtual hosts have to be IP-based — not name-based. This is something to consider when creating your certificate.

In this example we will use be using self signed certificates created with OpenSSL.

Generate a Private Key for srv with:

[root@server /usr/home/user]# openssl genrsa -out www.key 1024 [enter]
Generating RSA private key, 1024 bit long modulus
...........................................................++++++
...........................++++++
e is 65537 (0x10001)
[root@server /usr/home/user]#

Generating a Self Signed Certificate with:

[root@server /usr/home/user]# openssl req -outform PEM -new -key www.key -x509 -days 1825 -out www.crt [enter]
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:SE
State or Province Name (full name) [Some-State]:.
Locality Name (eg, city) []:Your City
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Your Organization Name
Organizational Unit Name (eg, section) []:Your Organizational Unit Name
Common Name (eg, YOUR name) []:www.example.net
Email Address []:your.name@example.net
[root@server /usr/home/user]#

N.B.: Set Common Name (eg, YOUR name) to your servers DNS entry in file /etc/hosts!

N.B.: The produced Certificate will be valid for 1825 days, about 5 years.

Copy Server Certificate file www.crt and Server Private Key file www.key files into appropriate directories with:

[root@server /usr/home/user]# cp /usr/home/user/*.key /usr/local/etc/apache24/; cp /usr/home/user/*.crt /usr/local/etc/apache24/ [enter]
[root@server /usr/home/user]#

Verify your virtual host configuration with:

[root@server /usr/home/user]# httpd -S [enter]
VirtualHost configuration:
192.168.1.1:80         www.example.net (/usr/local/etc/apache24/extra/httpd-vhosts.conf:4)
192.168.1.1:443        www.example.net (/usr/local/etc/apache24/extra/httpd-vhosts.conf:15)
*:443                  www.example.net (/usr/local/etc/apache24/extra/httpd-ssl.conf:121)
ServerRoot: "/usr/local"
Main DocumentRoot: "/usr/local/www/apache24/data"
Main ErrorLog: "/var/log/httpd-error.log"
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/run/" mechanism=default 
Mutex mpm-accept: using_defaults
Mutex ssl-stapling-refresh: using_defaults
PidFile: "/var/run/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www" id=80
Group: name="www" id=80
[root@server /usr/home/user]#

HTTP Accept Filter

accf_http – buffer incoming connections until a certain complete HTTP requests arrive

Load the kernel modules accf_http at boot by adding the following to file /etc/rc.conf with:

[root@server /usr/home/user]# sysrc kld_list+="accf_http" [enter]
kld_list: ... -> ... accf_http
[root@server /usr/home/user]#

Manually load the HTTP Accept Filter with:

[root@server /usr/home/user]# kldload -v accf_http.ko [enter]
Loaded accf_http.ko, id=21
[root@server /usr/home/user]#

Data Accept Filter

accf_data – buffer incoming connections until data arrives

Load the kernel modules accf_data at boot by adding the following to file /etc/rc.conf with:

[root@server /usr/home/user]# sysrc kld_list+="accf_data" [enter]
kld_list: ... -> ... accf_data
[root@server /usr/home/user]#

Manually load the Data Accept Filter with:

[root@server /usr/home/user]# kldload -v accf_data.ko [enter]
Loaded accf_data.ko, id=22
[root@server /usr/home/user]#

Start Apache HTTP Server

Start Apache HTTP Server with:

[root@server /usr/home/user]# service apache24 start [enter]
Performing sanity check on apache24 configuration:
Syntax OK
Starting apache24.
[root@server /usr/home/user]#

Verify apache24 status with:

[root@server /usr/home/user]# service apache24 status [enter]
apache24 is running as pid 53785.
[root@server /usr/home/user]#

Check the httpd error log for possible errors:

[root@server /usr/home/user]# tail /var/log/httpd-error.log [enter]
[root@server /usr/home/user]#

Optional – Enable Server Side Includes, SSI

Update the Apache configuration files /usr/local/etc/apache24/httpd.conf to use Server Side Includes, SSI, with:

[root@server /usr/home/user]# perl -pi -e 's/#LoadModule include_module/LoadModule include_module/g' /usr/local/etc/apache24/httpd.conf [enter]
[root@server /usr/home/user]# perl -pi -e 's/Options Indexes/Options Indexes Includes/g' /usr/local/etc/apache24/httpd.conf [enter]
[root@server /usr/home/user]# perl -pi -e 's/DirectoryIndex index/DirectoryIndex index.shtml index/g' /usr/local/etc/apache24/httpd.conf [enter]
[root@server /usr/home/user]# perl -pi -e 's/#AddType text\/html .shtml/AddType text\/html .shtml/g' /usr/local/etc/apache24/httpd.conf [enter]
[root@server /usr/home/user]# perl -pi -e 's/#AddOutputFilter INCLUDES .shtml/AddOutputFilter INCLUDES .shtml/g' /usr/local/etc/apache24/httpd.conf [enter]
[root@server /usr/home/user]#

Update the Apache configuration files /usr/local/etc/apache24/extra/httpd-vhosts.conf to use Server Side Includes, SSI, with:

[root@server /usr/home/user]# perl -pi -e 's/Options Indexes/Options Indexes Includes/g' /usr/local/etc/apache24/extra/httpd-vhosts.conf [enter]
[root@server /usr/home/user]#

Restart apache24 with:

[root@server /usr/home/user]# service apache24 restart [enter]
Performing sanity check on apache24 configuration:
Syntax OK
Stopping apache24.
Waiting for PIDS: 1302.
Performing sanity check on apache24 configuration:
Syntax OK
Starting apache24.
[root@server /usr/home/user]#

Test your SSI setup by creating a test file, ssi.shtml, with:

[root@server /usr/home/user]# ee /usr/local/www/apache24/data/ssi.shtml [enter]

Add the following lines:

<html>
<head>
<title>SSI Test Page</title>
</head>
<body>
<h1>Test of Server Side Include, SSI</h1>
<p>Date/Time Format information can be found <a href="http://www.oreilly.com/openbook/cgi/ch05_08.html">here</a></p>
<!--#config timefmt="%A, %e %B %Y, %H:%M %Z"-->
<p>This page was last updated <!--#echo var="last_modified" --></p>
<p>(If no date and time is displayed: Did you miss to restart Apache?)</p>
</body>
</html>

Start your favorite browser and go to the testpage on the server as in this example, http://www.example.net/ssi.shtml