≡ Menu

centos 5

It appears that latest php version 5.1.6-20.el5_2.1 under RHEL / CentOS Linux v5.2 has made some major changes. As a result choort jail setup using previous instructions no longer works.

PHP is crashing with segmentation fault errors. So I had to trace php errors using strace command. After spending couple of hours I found solution for following errors:

Sep 15 03:26:59 lightyproxy kernel: php-cgi[19106]: segfault at 0000003151c1b4b8 rip 0000003151e98477 rsp 00007fff9ecdde20 error 6
Sep 15 03:26:59 lightyproxy kernel: php-cgi[19107]: segfault at 0000003151c1b4b8 rip 0000003151e98477 rsp 00007fff9ecdde20 error 6
Sep 15 03:26:59 lightyproxy kernel: php-cgi[19108]: segfault at 0000003151c1b4b8 rip 0000003151e98477 rsp 00007fff9ecdde20 error 6
Sep 15 03:26:59 lightyproxy kernel: php-cgi[19110]: segfault at 0000003151c1b4b8 rip 0000003151e98477 rsp 00007fff9ecdde20 error 6
WARNING! These examples / workaround is only for RHEL / CentOS 5.2 and not for Debian / Ubuntu / FreeBSD lighttpd chroot instructions.

You need to copy entire /etc/ and /usr/share/zoneinfo/ to jail. If your jail is located at /jail directory enter following commands:
# service lighttpd stop
# D=/path/to/chroot/jail
# mkdir /root/jail.etc
# /bin/cp -avr $D/etc/* /root/jail.etc
# /bin/cp -avr /etc/* $D/etc/

Copy back original customized files such as passwd, group, php.ini :
# cp -avr /root/jail.etc/* $D/etc/
Now copy /usr/share/zoneinfo/:
# cd $D/usr/share
# cp -avr /usr/share/zoneinfo/ .

Copy all latest php-cgi and all extensions to $D
# cd $D/usr/bin
# cp /usr/bin/php-cgi .
# l2chroot php-cgi

Copy php modules (for 64 bit use $D/usr/lib64):
# cd $D/usr/lib/
# cp -avr /usr/lib/php/ .
# cd php/modules
# for l in *.so; do l2chroot $l; done

Start lighttpd:
# service lighttpd start
This should fix all errors. Watch /var/log/messages for php errors:
# tail -f /var/log/messages

Postfix MTA updated to fix security vulnerabilities such as incorrectly checks the ownership of a mailbox. In some configurations, this allows for appending data to arbitrary files as root. This update has been rated as having moderate security impact.

All users of postfix should upgrade to these updated packages.

How do I patch Postfix under Debian / Ubuntu Linux?

First, update the internal database, enter:
# apt-get update
Install corrected Postfix package, enter:
# apt-get upgrade

How do I patch Postfix under RHEL / CentOS Linux?

Type the following command under RHEL / CentOS 5.x:
# yum update
Type the following command under RHEL <= 4.x: # up2date -u

How To Upgrade CentOS Linux To Version 5.2

CentOS Linux 5.2 has been released and available for immediate update via yum command or
the i386 and x86_64 Architectures. From the announcement page:

CentOS-5.2 is based on the upstream release EL 5.2.0, and includes packages from all variants including Server and Client. All upstream repositories have been combined into one, to make it easier for end users to work with. And the option to further enable external repositories at install time is now available in the installer.

How do I update from CentOS-5.0 and 5.1 to 5.2?

Simply type the following command as root user:
# yum update
OR
# yum upgrade
Sample output:

......
....
shadow-utils-4.0.17-13.el 100% |=========================|  50 kB    00:00
---> Package shadow-utils.i386 2:4.0.17-13.el5 set to be updated
---> Downloading header for cups to pack into transaction set.
cups-1.2.4-11.18.el5_2.1. 100% |=========================| 165 kB    00:00
Transaction Summary
=============================================================================
Install      8 Package(s)
Update     191 Package(s)
Remove       2 Package(s)
Total download size: 298 M
Is this ok [y/N]: y

Finally, reboot your computer, enter:
# reboot

nixCraft FAQ Roundup June 19, 2007

Recently updated/posted Linux and UNIX FAQ (mostly useful to Linux/UNIX new administrators or users) :

You should always aware of maximum amount of memory and maximum number of CPU supported by Linux systems / server.

This is an essential task for making out decisions. You must consider at least AMD and Intel platforms, tested under RHEL 5 only:
[click to continue…]