如何基于Oracle Linux 9.x编译安装PHP-FPM 8.x?

PHP

1 前言

一个问题,一篇文章,一出故事。
PHP-FPM可以跟Nginx配合使Nginx环境具备运行解析PHP脚本的能力。
PHP-FPM常见环境有LNMP即Linux+Ngingx+MySQL+PHP。

2 安装PHP-FPM

2.1 环境配置

2.1.1 准备操作系统

OS = Oracle Linux 9.x x86_64
IP Address= any
Host Name = any.cmdschool.org

2.1.2 安装常用工具

dnf install -y vim bzip2 wget net-tools

2.1.3 配置编译环境

dnf install -y gcc gcc-c++ make expat-devel autoconf

2.1.4 下载php二进制安装包

cd ~
wget --no-check-certificate https://www.php.net/distributions/php-8.3.7.tar.bz2

如果需要其他版本或者下载异常,请从以下连接下载,
https://www.php.net/releases/

2.1.5 创建运行用户

groupadd  -g 48 apache
useradd -u 48 -g 48 -d /usr/share/httpd -s /sbin/nologin apache

2.1.6 配置防火墙(可选)

firewall-cmd --permanent --add-port 9000/tcp
firewall-cmd --reload
firewall-cmd --list-all

2.2 编译安装

2.2.1 解压安装包

cd ~/
tar -xf php-8.3.7.tar.bz2

2.2.2 安装前构建

cd ~/php-8.3.7
./configure --bindir=/usr/bin/ \
--sbindir=/usr/sbin/ \
--sysconfdir=/etc/ \
--libdir=/usr/lib64/ \
--mandir=/usr/share/man/ \
--includedir=/usr/include/ \
--with-config-file-path=/etc/php.ini \
--with-config-file-scan-dir=/etc/php.d/ \
--with-fpm-user=apache \
--with-fpm-group=apache \
--enable-fpm \
--with-fpm-systemd \
--with-libdir=lib64 \
--enable-zts \
--enable-static \
--enable-shared

根据配置的需求,你可能需要手动创建如下目录,

mkdir -p /etc/php.d/

如果遇到如下错误,

configure: error: Package requirements (libsystemd >= 209) were not met:

Package 'libsystemd', required by 'virtual:world', not found

可通过如下命令解决依赖关系,

dnf install -y systemd-devel

如果遇到如下错误,

configure: error: Package requirements (libxml-2.0 >= 2.9.0) were not met:

Package 'libxml-2.0', required by 'virtual:world', not found

可通过如下命令解决依赖关系,

dnf install -y libxml2-devel

如果遇到如下错误,

configure: error: Package requirements (sqlite3 >= 3.7.7) were not met:

Package 'sqlite3', required by 'virtual:world', not found

可通过如下命令解决依赖关系,

dnf install -y sqlite-devel

如果遇到如下错误,

configure: error: Package requirements (oniguruma) were not met:

Package 'oniguruma', required by 'virtual:world', not found

可通过如下命令解决依赖关系,

cat > /etc/yum.repos.d/OracleLinux-R9-U0-x86_64.repo << "EOF"
[codeready]
name=codeready
baseurl=https://yum.oracle.com/repo/OracleLinux/OL9/codeready/builder/x86_64/
gpgcheck=0
gpgkey=https://yum.oracle.com/repo/OracleLinux/OL9/RPM-GPG-KEY-oracle-ol9
EOF
dnf install -y oniguruma-devel
rm -f /etc/yum.repos.d/OracleLinux-R9-U0-x86_64.repo

2.2.3 编译并安装

make
make install | tee install.log

2.3 配置PHP-FPM

2.3.1 配置php.ini

cp php.ini-development /etc/php.ini
sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo = 0/g' /etc/php.ini
sed -i 's/;date.timezone =/date.timezone = Asia\/Shanghai/g' /etc/php.ini
sed -i 's~;extension_dir = "ext"~extension_dir = "/usr/lib64/php-zts/modules"~g' /etc/php.ini

根据配置的需求,你需要执行如下命令创建模块所需的目录,

mkdir -p /usr/lib64/php-zts/modules

配置修改后,你可以使用如下命令查看配置,

cat /etc/php.ini

2.3.2 创建配置

cp ./sapi/fpm/php-fpm.conf /etc/php-fpm.conf
sed -i 's~;pid = run/php-fpm.pid~pid = /run/php-fpm/php-fpm.pid~g' /etc/php-fpm.conf
sed -i 's~;error_log = log/php-fpm.log~error_log = /var/log/php-fpm/error.log~g' /etc/php-fpm.conf

根据以上配置的需求,你需要手动建立如下目录,

mkdir /var/log/php-fpm/
mkdir /run/php-fpm/

配置修改后,你可以使用如下命令查看配置,

cat /etc/php-fpm.conf

且创建以下配置文件,

cp ./sapi/fpm/www.conf /etc/php-fpm.d/www.conf
sed -i 's~pm.max_children = 5~pm.max_children = 50~g' /etc/php-fpm.d/www.conf
sed -i 's~pm.start_servers = 2~pm.start_servers = 5~g' /etc/php-fpm.d/www.conf
sed -i 's~pm.min_spare_servers = 1~pm.min_spare_servers = 5~g' /etc/php-fpm.d/www.conf
sed -i 's~pm.max_spare_servers = 3~pm.max_spare_servers = 35~g' /etc/php-fpm.d/www.conf
sed -i 's~;slowlog = log/$pool.log.slow~slowlog = /var/log/php-fpm/www-slow.log~g' /etc/php-fpm.d/www.conf
sed -i 's~;php_admin_value\[error_log\] = /var/log/fpm-php.www.log~php_admin_value\[error_log\] = /var/log/php-fpm/www-err
or.log~g' /etc/php-fpm.d/www.conf
sed -i 's~;php_admin_flag\[log_errors\] = on~php_admin_flag\[log_errors\] = on~g' /etc/php-fpm.d/www.conf
sed -i 's~;env\[HOSTNAME\] = $HOSTNAME~env\[HOSTNAME\] = $HOSTNAME~g' /etc/php-fpm.d/www.conf
sed -i 's~;env\[PATH\] = /usr/local/bin:/usr/bin:/bin~env\[PATH\] = /usr/local/bin:/usr/bin:/bin~g' /etc/php-fpm.d/www.conf
sed -i 's~;env\[TMP\] = /tmp~env\[TMP\] = /tmp~g' /etc/php-fpm.d/www.conf
sed -i 's~;env\[TMPDIR\] = /tmp~env\[TMPDIR\] = /tmp~g' /etc/php-fpm.d/www.conf
sed -i 's~;env\[TEMP\] = /tmp~env\[TEMP\] = /tmp~g' /etc/php-fpm.d/www.conf
cat >> /etc/php-fpm.d/www.conf << "EOF"

; Set session path to a directory owned by process user
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session
EOF

根据以上配置的需求,你需要手动建立如下目录,

mkdir -p /etc/php-fpm.d/
mkdir -p /var/lib/php/session/
chown -R apache: /var/lib/php/session/

配置修改后,你可以使用如下命令查看配置,

cat /etc/php-fpm.d/www.conf

2.3.3 测试fpm启动

/usr/sbin/php-fpm &

2.3.4 查询服务状态

pgrep -u apache php-fpm -a
netstat -antp | grep php-fpm

2.3.5 手动关闭服务

kill 2 `pgrep -u root php-fpm`

2.4 配置服务启动

2.4.1 配置启动脚本

cp ./sapi/fpm/php-fpm.service /usr/lib/systemd/system/php-fpm.service
vim /usr/lib/systemd/system/php-fpm.service

加入如下配置,

# It's not recommended to modify this file in-place, because it
# will be overwritten during upgrades.  If you want to customize,
# the best way is to use the "systemctl edit" command.

[Unit]
Description=The PHP FastCGI Process Manager
After=network.target

[Service]
Type=notify
PIDFile=/run/php-fpm/php-fpm.pid
ExecStartPre=/bin/bash -c "mkdir -p /run/php-fpm"
ExecStart=/usr/sbin/php-fpm --nodaemonize -c /etc/php.ini --fpm-config /etc/php-fpm.conf
ExecReload=/bin/kill -USR2 $MAINPID

# Set up a new file system namespace and mounts private /tmp and /var/tmp directories
# so this service cannot access the global directories and other processes cannot
# access this service's directories.
PrivateTmp=true

# Mounts the /usr, /boot, and /etc directories read-only for processes invoked by this unit.
ProtectSystem=full

# Sets up a new /dev namespace for the executed processes and only adds API pseudo devices
# such as /dev/null, /dev/zero or /dev/random (as well as the pseudo TTY subsystem) to it,
# but no physical devices such as /dev/sda.
PrivateDevices=true

# Explicit module loading will be denied. This allows to turn off module load and unload
# operations on modular kernels. It is recommended to turn this on for most services that
# do not need special file systems or extra kernel modules to work.
ProtectKernelModules=true

# Kernel variables accessible through /proc/sys, /sys, /proc/sysrq-trigger, /proc/latency_stats,
# /proc/acpi, /proc/timer_stats, /proc/fs and /proc/irq will be made read-only to all processes
# of the unit. Usually, tunable kernel variables should only be written at boot-time, with the
# sysctl.d(5) mechanism. Almost no services need to write to these at runtime; it is hence
# recommended to turn this on for most services.
ProtectKernelTunables=true

# The Linux Control Groups (cgroups(7)) hierarchies accessible through /sys/fs/cgroup will be
# made read-only to all processes of the unit. Except for container managers no services should
# require write access to the control groups hierarchies; it is hence recommended to turn this on
# for most services
ProtectControlGroups=true

# Any attempts to enable realtime scheduling in a process of the unit are refused.
RestrictRealtime=true

# Restricts the set of socket address families accessible to the processes of this unit.
# Protects against vulnerabilities such as CVE-2016-8655
RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK AF_UNIX

# Takes away the ability to create or manage any kind of namespace
RestrictNamespaces=true

[Install]
WantedBy=multi-user.target

配置环境文件,

echo '# Additional environment file for php-fpm' > /etc/sysconfig/php-fpm

重载控制脚本

systemctl daemon-reload

2.4.2 启动服务并配置默认启动

systemctl start php-fpm
systemctl enable php-fpm

3 配置扩展模块

3.1.1 配置模块的基本步骤

如何编译安装php-fpm的模块?

3.1.2 编译安装模块pdo_mysql

cd ~/php-8.3.7/ext/pdo_mysql
phpize
./configure --with-php-config=/usr/bin/php-config --with-pdo-mysql=/usr
make
make install
rsync -avP /usr/lib64/extensions/no-debug-zts-20230831/ /usr/lib64/php-zts/modules
echo 'extension=pdo_mysql' > /etc/php.d/pdo_mysql.ini
systemctl reload php-fpm

如果你遇到以下错误提示,

configure: error: Package requirements (libzip >= 0.11 libzip != 1.3.1 libzip != 1.7.0) were not met:

可按照如下方法解决依赖关系,

dnf install -y libzip-devel

如果编译遇到以下错误提示,

In file included from /root/php-8.3.7/ext/pdo_mysql/pdo_mysql.c:28:
/root/php-8.3.7/ext/pdo_mysql/php_pdo_mysql_int.h:27:17: fatal error: mysql.h: No such file or directory
   27 | #       include 
      |                 ^~~~~~~~~
compilation terminated.
make: *** [Makefile:211: pdo_mysql.lo] Error 1

你需要使用如下命令解决依赖关系,

dnf install -y mysql-devel

参阅文档
=======================

官方文档
————
https://www.php.net/manual/zh/install.php
https://www.php.net/manual/zh/configure.about.php
https://www.php.net/manual/zh/install.unix.debian.php

非官方文档
————
https://www.fr.linuxfromscratch.org/view/blfs-stable/general/php.html
https://serverfault.com/questions/224685/php-ini-disable-scan-this-dir-for-additional-ini-files

没有评论

发表回复

PHP
如何隐藏PHP的版本号?

1 前言 一个问题,一篇文章,一出故事。 最近外部的安全扫描发现我们一个站点对外宣告PHP的版本号, …

PHP
如何编译安装php-fpm的模块?

1 前言 一个问题,一篇文章,一出故事。 笔者最新部署了一个PHP-FPM的环境,本章将整理如何部署 …

PHP
如何获取PHP编译的配置参数?

1 前言 一个问题,一篇文章,一出故事。 笔者有时候编译PHP需要参考其他组织的编译的配置参数,于是 …