≡ Menu

install lighttpd

Lighttpd Install mod_geoip For Country / City Level Geo Targeting

Geolocation software is used to get the geographic location of visitor using IP address. You can determine country, organization and guess visitors location. This is useful for

a] Fraud detection

b] Geo marketing and ad serving

c] Target content

d] Spam fighting

e] And much more.

mod_geoip is a Lighttpd module for fast ip/location lookups. In this tutorial you will learn about mod_geoip installation and php server side examples to determine visitors country.
[click to continue…]

Troubleshooting Lighttpd Chrooted RedHat PHP Version 5.1.6-20.el5_2.1

It appears that latest php version 5.1.6-20.el5_2.1 under RHEL / CentOS Linux v5.2 has made some major changes. As a result choort jail setup using previous instructions no longer works.

PHP is crashing with segmentation fault errors. So I had to trace php errors using strace command. After spending couple of hours I found solution for following errors:

Sep 15 03:26:59 lightyproxy kernel: php-cgi[19106]: segfault at 0000003151c1b4b8 rip 0000003151e98477 rsp 00007fff9ecdde20 error 6
Sep 15 03:26:59 lightyproxy kernel: php-cgi[19107]: segfault at 0000003151c1b4b8 rip 0000003151e98477 rsp 00007fff9ecdde20 error 6
Sep 15 03:26:59 lightyproxy kernel: php-cgi[19108]: segfault at 0000003151c1b4b8 rip 0000003151e98477 rsp 00007fff9ecdde20 error 6
Sep 15 03:26:59 lightyproxy kernel: php-cgi[19110]: segfault at 0000003151c1b4b8 rip 0000003151e98477 rsp 00007fff9ecdde20 error 6
WARNING! These examples / workaround is only for RHEL / CentOS 5.2 and not for Debian / Ubuntu / FreeBSD lighttpd chroot instructions.

You need to copy entire /etc/ and /usr/share/zoneinfo/ to jail. If your jail is located at /jail directory enter following commands:
# service lighttpd stop
# D=/path/to/chroot/jail
# mkdir /root/jail.etc
# /bin/cp -avr $D/etc/* /root/jail.etc
# /bin/cp -avr /etc/* $D/etc/

Copy back original customized files such as passwd, group, php.ini :
# cp -avr /root/jail.etc/* $D/etc/
Now copy /usr/share/zoneinfo/:
# cd $D/usr/share
# cp -avr /usr/share/zoneinfo/ .

Copy all latest php-cgi and all extensions to $D
# cd $D/usr/bin
# cp /usr/bin/php-cgi .
# l2chroot php-cgi

Copy php modules (for 64 bit use $D/usr/lib64):
# cd $D/usr/lib/
# cp -avr /usr/lib/php/ .
# cd php/modules
# for l in *.so; do l2chroot $l; done

Start lighttpd:
# service lighttpd start
This should fix all errors. Watch /var/log/messages for php errors:
# tail -f /var/log/messages

CentOS / Redhat Enterprise Linux Setup Lighttpd in Chroot Jail

Many people asked me to write about setting up Lighttpd under CentOS or RHEL 5 Linux using chroot() call. The instructions are almost same but you need to make little modification as compare to Debian / Ubuntu Linux instructions.

For example purpose we will build jail at /webroot location.
=> Default document root : /home/lighttpd/default/
=> Port : 80
=> IP: Your Public IP address
=> Virtual domain1: /home/lighttpd/vdomain1.com/
=> Virtual domain1 access log file: /var/log/lighttpd/vomain1.com/
=> Default access log file:/var/log/lighttpd/access.log
=> Default error log file:/var/log/lighttpd/error.log
=> Default php error log file: /var/log/lighttpd/php.log


These installation instructions assume you have:

  • Linux distribution
  • Required RPMs (see below for installation instructions)
    • php, php-pear, php-common, php-pdo, php-ldap, php-gd, php-cli, php-mysql
    • mysql, mysql-server etc
    • lighttpd, lighttpd-fastcgi (rpm available here)
  • Installations were tested on Red Hat Enterprise Linux v4/5 or CentOS v4/5 or Fedora Linux 7

Step # 1: Install required packages

Install php and related packages:
# yum install php php-pear php-common php-pdo php-ldap php-gd php-cli php-mysql
Install mysql and related packages:
# yum install mysql mysql-server
Install lighttpd and mod_fastcgi for lighttpd:
# rpm -ivh http://dag.wieers.com/rpm/packages/lighttpd/lighttpd-1.4.18-1.el5.rf.i386.rpm
# rpm -ivh http://dag.wieers.com/rpm/packages/lighttpd/lighttpd-fastcgi-1.4.18-1.el5.rf.i386.rpm

Step # 2: Create /webroot and related directories

# mkdir /webroot
# cd /webroot
# mkdir etc
# mkdir tmp
# chmod 1777 tmp/
# mkdir -p usr/bin
# mkdir -p home/lighttpd/default
# mkdir -p var/run/lighttpd
# mkdir -p var/log/lighttpd
# chown lighttpd:lighttpd var/run/lighttpd/
# chown lighttpd:lighttpd var/log/lighttpd/
# chown -R lighttpd:lighttpd home/

Step # 3: Install chroot script

You need to download and install my script that will help you to build lighttpd in jail:
# cd /sbin/
# wget http://www.cyberciti.biz/files/lighttpd/l2chroot.txt
# mv l2chroot.txt l2chroot
# chmod +x l2chroot

Step # 4: Install php in jail

Now copy php-cgi binary and related shared libraries using l2chroot script:
# cd /webroot/usr/bin
# cp /usr/bin/php-cgi .
# l2chroot php-cgi

Step # 5: Copy required files to /etc

Now you must copy php.ini and related all files to /etc/
# cd /webroot/etc
# cp /etc/passwd .
# cp /etc/group .
# cp /etc/hosts .
# cp /etc/nsswitch.conf .
# cp /etc/resolv.conf .
# cp /etc/php.ini .
# cp -avr /etc/php.d/ .
# cp -avr /etc/ld* .

Update (Oct-1-2008, 1:52pm) : You need to copy entire /etc/ and /usr/share/zoneinfo files to work with latest php version:
# cd /webroot/etc
# /bin/cp -avr /etc/* .

Copy all files from /usr/share/zoneinfo/:
# mkdir -p /webroot/usr/share/
# cd /webroot/usr/share/
# cp -avr /usr/share/zoneinfo/ .

Open group and passwd file and only keep entries for root and lighttpd user:
# vi /webroot/etc/group
Make sure file look as follows:

Also open passwd file inside jail:
# vi /webroot/etc/passwd
Make sure file look as follows:
lighttpd:x:100:101:lighttpd web server:/srv/www/lighttpd:/sbin/nologin

Step # 5: Copy php modules

Now copy php mysql support, php gd and other all modules:
# cd /webroot/usr/lib/
# cp -avr /usr/lib/php/ .
# cd php/modules
# for l in *.so; do l2chroot $l; done

Step # 6: Configure lighttpd chroot call

Open /etc/lighttpd/lighttpd.conf file:
# vi /etc/lighttpd/lighttpd.conf
Setup default document root and chroot directory:
server.document-root = "/home/lighttpd/default/"

Save and close the file.

Step # 7: Restart lighttpd

Type the following command:
# /etc/init.d/lighttpd restart

Jail size

# du -ch /webroot/

12K     /webroot/var/log/lighttpd
16K     /webroot/var/log
4.0K    /webroot/var/run/lighttpd
8.0K    /webroot/var/run
28K     /webroot/var
8.0K    /webroot/etc/ld.so.conf.d
36K     /webroot/etc/php.d
160K    /webroot/etc
8.0K    /webroot/home/lighttpd/default
12K     /webroot/home/lighttpd
16K     /webroot/home
5.3M    /webroot/lib
4.0K    /webroot/tmp
872K    /webroot/usr/lib/sse2
1.4M    /webroot/usr/lib/mysql
676K    /webroot/usr/lib/php/modules
4.0K    /webroot/usr/lib/php/pear
684K    /webroot/usr/lib/php
9.9M    /webroot/usr/lib
2.9M    /webroot/usr/bin
13M     /webroot/usr
19M     /webroot/
19M     total


Always go thought /var/log/messages and server log files:
# tail -f /var/log/messages

Download mysql testing script

Copy and test php mysql connectivity with this script.