Commandes utiles

De Wiki de Jordan LE NUFF
Sauter à la navigation Sauter à la recherche
 
(5 révisions intermédiaires par le même utilisateur non affichées)
Ligne 28 : Ligne 28 :
  
 
'''Attention :''' ces astuces peuvent ne pas fonctionner si le BIOS n'était pas à l'heure le jour de l'installation.
 
'''Attention :''' ces astuces peuvent ne pas fonctionner si le BIOS n'était pas à l'heure le jour de l'installation.
 +
 +
==Astuces scripting==
 +
<code>${var%/*}</code> supprime tout de la variable <code>var</code> '''après''' la dernère occurrence de <code>/</code>.
 +
 +
<code>${var##*/}</code> supprime tout de la variable <code>var</code> '''avant''' la dernère occurrence de <code>/</code>.
 +
 +
== Commandes post-installation CentOS 7==
 +
===Ajout du dépôt EPEL===
 +
<pre>
 +
yum -y install epel-release
 +
yum makecache
 +
yum update
 +
yum install yum-utils bind-utils yum-cron wget bash-completion lsof nmon net-tools dos2unix deltarpm vim sg3_utils open-vm-tools sysstat
 +
init 6
 +
</pre>
 +
 +
===Sécurisation du umask===
 +
<pre>
 +
sed -i -e 's/umask 022/umask 027/g' -e 's/umask 002/umask 027/g' /etc/bashrc
 +
sed -i -e 's/umask 022/umask 027/g' -e 's/umask 002/umask 027/g' /etc/csh.cshrc
 +
sed -i -e 's/umask 022/umask 027/g' -e 's/umask 002/umask 027/g' /etc/profile
 +
sed -i -e 's/umask 022/umask 027/g' -e 's/umask 002/umask 027/g' /etc/init.d/functions
 +
</pre>
 +
 +
===Suppression des pilotes inutiles===
 +
yum remove alsa-* ivtv-* iwl*firmware aic94xx-firmware
 +
 +
===Désactivation de la wifi===
 +
nmcli radio all off
 +
 +
===Désactivation de l'IPv6===
 +
<pre>
 +
echo "NETWORKING_IPV6=no" >> /etc/sysconfig/network
 +
echo "IPV6INIT=no" >> /etc/sysconfig/network
 +
echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf
 +
echo "net.ipv6.conf.default.disable_ipv6 = 1" >> /etc/sysctl.conf
 +
sysctl -p
 +
sed -i 's/#AddressFamily any/AddressFamily inet/g' /etc/ssh/sshd_config
 +
systemctl restart sshd
 +
sed -i 's/OPTIONS=""/OPTIONS="-4"/g' /etc/sysconfig/chronyd
 +
systemctl restart chronyd
 +
</pre>
 +
 +
===Désactivation du selinux===
 +
setenforce 0
 +
sed -i -e 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
 +
 +
===Suppression des utilisateurs inutiles===
 +
<pre>
 +
userdel -r adm
 +
userdel -r ftp
 +
userdel -r games
 +
userdel -r lp
 +
groupdel games
 +
</pre>
 +
 +
===Augmenter l'historique des commandes de 1000 à 5000 lignes===
 +
sed -i 's/HISTSIZE=.*/HISTSIZE=5000/g' /etc/profile
 +
 +
===Ajout de l'option "clean_requirements_on_remove=1" pour supprimer automatiquement les dépendances non-utilisées lors de la désinstallation d'un paquet===
 +
sed -i -e 's/distroverpkg=centos-release/distroverpkg=centos-release\nclean_requirements_on_remove=1/g' /etc/yum.conf
 +
 +
===Installation de msmtp===
 +
<pre>
 +
yum install msmtp mailx
 +
echo "# If it exists, it usually defines a default account." >> /etc/msmtprc
 +
echo "# This allows msmtp to be used like /usr/sbin/sendmail." >> /etc/msmtprc
 +
echo "account default" >> /etc/msmtprc
 +
echo "" >> /etc/msmtprc
 +
echo "# The SMTP smarthost" >> /etc/msmtprc
 +
echo "host smtp.mydomain.com" >> /etc/msmtprc
 +
echo "" >> /etc/msmtprc
 +
echo "# Use TLS on port 465" >> /etc/msmtprc
 +
echo "port 25" >> /etc/msmtprc
 +
echo "tls off" >> /etc/msmtprc
 +
echo "tls_starttls off" >> /etc/msmtprc
 +
echo "" >> /etc/msmtprc
 +
echo "# Construct envelope-from addresses of the form \"user@oursite.example\"" >> /etc/msmtprc
 +
echo "from %U@%H" >> /etc/msmtprc
 +
echo "" >> /etc/msmtprc
 +
echo "# Syslog logging with facility LOG_MAIL instead of the default LOG_USER" >> /etc/msmtprc
 +
echo "syslog LOG_MAIL" >> /etc/msmtprc
 +
</pre>
 +
 +
===Ajout des alias nécessaires à l'exploitation===
 +
<pre>
 +
echo "alias eye='ps -eaf | grep -v grep|grep UID;ps -eaf | grep -v grep | grep -i '" >> /etc/profile.d/sh.local
 +
echo "alias errors='journalctl -b -p err|less'" >> /etc/profile.d/sh.local
 +
echo "alias df='df -m'" >> /etc/profile.d/sh.local
 +
echo "alias vi='vim'" >> /etc/profile.d/sh.local
 +
echo "alias set_php_version='. /local/php/set_php_version'" >> /etc/profile.d/sh.local
 +
</pre>
 +
 +
===Préparation à la compilation===
 +
mkdir /local/builds
 +
yum install gcc glibc-devel glibc-headers kernel-headers libmpc mpfr autoconf
 +
yum install pcre-devel
 +
yum install expat-devel
 +
yum install systemd-devel
 +
 +
===Ajout du groupe www et du dossier /data/www===
 +
groupadd www
 +
mkdir -p /data/www
 +
chown :www /data/www
 +
 +
===Compilation et installation d'Apache===
 +
<pre>
 +
useradd -r apache
 +
usermod -aG www apache
 +
mkdir -p /local/httpd/httpd-2.4.43
 +
ln -s httpd-2.4.43 /local/httpd/current
 +
wget https://mirror.ibcp.fr/pub/apache//httpd/httpd-2.4.43.tar.gz
 +
tar -zxf httpd-2.4.43.tar.gz -C /local/builds
 +
wget http://mirrors.standaloneinstaller.com/apache//apr/apr-1.7.0.tar.gz
 +
tar -zxf apr-1.7.0.tar.gz
 +
mv apr-1.7.0 /local/builds/httpd-2.4.43/srclib/apr
 +
wget http://mirrors.standaloneinstaller.com/apache//apr/apr-util-1.6.1.tar.gz
 +
tar -zxf apr-util-1.6.1.tar.gz
 +
mv apr-util-1.6.1 /local/builds/httpd-2.4.43/srclib/apr-util
 +
cd /local/builds/httpd-2.4.43
 +
./configure \
 +
--prefix=/local/httpd/current \
 +
--sysconfdir=/local/httpd/conf \
 +
--enable-proxy \
 +
--enable-proxy-http \
 +
--enable-proxy-wstunnel \
 +
--enable-proxy-fcgi \
 +
--enable-rewrite \
 +
--enable-authz-host \
 +
--enable-mime \
 +
--enable-static-support \
 +
--enable-remoteip \
 +
--enable-status \
 +
--enable-systemd \
 +
--enable-mods-static="proxy rewrite authz-core authz-host log-config alias dir unixd mime remoteip status systemd" \
 +
--disable-so \
 +
--disable-proxy-connect \
 +
--disable-proxy-ftp \
 +
--disable-proxy-scgi \
 +
--disable-proxy-uwsgi \
 +
--disable-proxy-fdpass \
 +
--disable-proxy-ajp \
 +
--disable-proxy-balancer \
 +
--disable-proxy-express \
 +
--disable-proxy-hcheck \
 +
--disable-access-compat \
 +
--disable-auth \
 +
--disable-auth-basic \
 +
--disable-authn-core \
 +
--disable-authn-file \
 +
--disable-authz-groupfile \
 +
--disable-authz-user \
 +
--disable-autoindex \
 +
--disable-env \
 +
--disable-filter \
 +
--disable-reqtimeout \
 +
--disable-setenvif \
 +
--disable-version \
 +
--disable-authn-dbm \
 +
--disable-authn-anon \
 +
--disable-authn-dbd \
 +
--disable-authn-socache \
 +
--disable-authz-dbm \
 +
--disable-authz-owner \
 +
--disable-authz-dbd \
 +
--disable-auth-form \
 +
--disable-auth-digest \
 +
--disable-allowmethods \
 +
--disable-cache \
 +
--disable-file-cache \
 +
--disable-headers \
 +
--disable-cache-disk \
 +
--disable-cache-socache \
 +
--disable-socache-dbm \
 +
--disable-socache-memcache \
 +
--disable-socache-redis \
 +
--disable-socache-shmcb
 +
make -j
 +
make install
 +
chown -R root:apache /local/httpd
 +
echo "export PATH=\$PATH:/local/httpd/current/bin" >> /etc/profile.d/sh.local
 +
echo "[Unit]" >> /usr/lib/systemd/system/http.service
 +
echo "Description=The Apache HTTP Server" >> /usr/lib/systemd/system/http.service
 +
echo "After=network.target" >> /usr/lib/systemd/system/http.service
 +
echo "" >> /usr/lib/systemd/system/http.service
 +
echo "[Service]" >> /usr/lib/systemd/system/http.service
 +
echo "Type=notify" >> /usr/lib/systemd/system/http.service
 +
echo "ExecStart=/local/httpd/current/bin/httpd -D FOREGROUND -k start" >> /usr/lib/systemd/system/http.service
 +
echo "ExecReload=/local/httpd/current/bin/httpd -k graceful" >> /usr/lib/systemd/system/http.service
 +
echo "ExecStop=/local/httpd/current/bin/httpd -k stop" >> /usr/lib/systemd/system/http.service
 +
echo "KillMode=mixed" >> /usr/lib/systemd/system/http.service
 +
echo "TimeoutStopSec=60" >> /usr/lib/systemd/system/http.service
 +
echo "" >> /usr/lib/systemd/system/http.service
 +
echo "[Install]" >> /usr/lib/systemd/system/http.service
 +
echo "WantedBy=multi-user.target" >> /usr/lib/systemd/system/http.service
 +
systemctl daemon-reload
 +
systemctl start http.service
 +
systemctl enable http.service
 +
firewall-cmd --add-service=http
 +
firewall-cmd --add-service=http --permanent
 +
mkdir -p /data/logs/{localhost,myserver}
 +
chmod o+rx /data
 +
touch /data/logs/localhost/localhost_http_{error,access}.log
 +
touch /data/logs/myserver/myserver_http_{error,access}.log
 +
mkdir /local/httpd/conf/vhosts
 +
</pre>
 +
 +
===Compilation et installation de CMake===
 +
<pre>
 +
cd
 +
yum install openssl-devel keyutils-libs-devel krb5-devel libcom_err-devel libkadm5 libselinux-devel libsepol-devel libverto-devel   
 +
mkdir /local/cmake
 +
wget https://github.com/Kitware/CMake/releases/download/v3.18.0-rc3/cmake-3.18.0-rc3.tar.gz
 +
tar -zxf cmake-3.18.0-rc3.tar.gz -C /local/builds
 +
cd /local/builds/cmake-3.18.0-rc3
 +
./bootstrap --prefix=/local/cmake/cmake-3.18.0-rc3
 +
make
 +
make install
 +
ln -s cmake-3.18.0-rc3 /local/cmake/current
 +
echo "export PATH=\$PATH:/local/cmake/current/bin" >> /etc/profile.d/sh.local
 +
</pre>
 +
 +
===Compilation et installation de libzip===
 +
<pre>
 +
cd
 +
wget https://libzip.org/download/libzip-1.7.1.tar.gz
 +
tar -zxf libzip-1.7.1.tar.gz -C /local/builds
 +
mkdir /local/builds/libzip-1.7.1/build
 +
cd /local/builds/libzip-1.7.1/build
 +
cmake -DCMAKE_INSTALL_PREFIX=/usr ..
 +
make
 +
make install
 +
</pre>
 +
 +
===Installation des paquets nécessaires à la compilation de PHP===
 +
<pre>
 +
yum install zlib-devel
 +
yum install bzip2-devel
 +
yum install libcurl-devel
 +
yum install libpng-devel
 +
yum install libicu-devel libicu
 +
yum install gcc-c++ libstdc++-devel
 +
yum install openldap-devel cyrus-sasl cyrus-sasl-devel
 +
yum install oniguruma-devel oniguruma
 +
yum install libxml2-devel xz-devel
 +
yum install unixODBC unixODBC-devel
 +
</pre>
 +
 +
===Création du user/groupe pour PHP-FPM===
 +
useradd -r php-fpm
 +
usermod -aG www php-fpm
 +
 +
===Compilation et installation de PHP 7.4.7 avec FPM===
 +
<pre>
 +
cd
 +
mkdir -p /local/php/php-7.4.7
 +
wget https://www.php.net/distributions/php-7.4.7.tar.gz
 +
tar -zxf php-7.4.7.tar.gz -C /local/builds
 +
cd /local/builds/php-7.4.7
 +
./configure \
 +
--prefix=/local/php/php-7.4.7 \
 +
--with-config-file-path=/local/php/php-7.4.7 \
 +
--disable-all \
 +
--enable-static \
 +
--enable-fpm \
 +
--with-fpm-user=php-fpm \
 +
--with-fpm-group=php-fpm \
 +
--with-fpm-systemd \
 +
--disable-ipv6 \
 +
--enable-cli \
 +
--with-zlib \
 +
--with-bz2 \
 +
--enable-calendar \
 +
--enable-ctype \
 +
--with-curl \
 +
--enable-gd \
 +
--enable-intl \
 +
--disable-json \
 +
--with-ldap \
 +
--enable-mbstring \
 +
--enable-pdo \
 +
--with-pdo-mysql \
 +
--enable-shared=pdo-mysql \
 +
--enable-phar \
 +
--with-libxml \
 +
--enable-xml \
 +
--enable-xmlreader \
 +
--enable-xmlwriter \
 +
--enable-opcache \
 +
--with-zip \
 +
--with-pear \
 +
--with-openssl \
 +
--with-libdir=lib64
 +
make -j
 +
make install
 +
cp /local/php/php-7.4.7/etc/php-fpm.conf.default /local/php/php-7.4.7/etc/php-fpm.conf
 +
cp /local/builds/php-7.4.7/php.ini-production /local/php/php-7.4.7/php.ini
 +
/local/php/php-7.4.7/bin/pear config-set php_ini /local/php/php-7.4.7/php.ini system
 +
/local/php/php-7.4.7/bin/pecl config-set php_ini /local/php/php-7.4.7/php.ini system
 +
echo "[localhost]" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "user = php-fpm" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "group = php-fpm" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "listen = /local/php/sockets/php-7.4.7_\$pool.sock" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "listen.owner = php-fpm" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "listen.group = www" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "listen.mode = 0660" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "pm = dynamic" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "pm.max_children = 5" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "pm.start_servers = 2" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "pm.min_spare_servers = 1" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "pm.max_spare_servers = 3" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "pm.status_path = /\$pool_status" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "ping.path = /\$pool_ping" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "access.log = /data/logs/php/\$pool/\$pool_php-7.4.7.access.log" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "slowlog = /data/logs/php/\$pool/\$pool_php-7.4.7.log.slow" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "php_admin_value[error_log] = /data/logs/php/\$pool/\$pool_php-7.4.7.log" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "php_admin_flag[log_errors] = on" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "php_admin_value[error_reporting] = E_ALL" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "php_admin_value[session.save_path] = \"/local/php/sessions/\$pool/\"" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
echo "php_value[session.save_path] = \"/local/php/\$pool/\"" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
 +
mkdir -p /local/php/sockets
 +
mkdir -p /local/php/sessions
 +
mkdir -p /data/logs/php
 +
chown -R php-fpm:php-fpm /local/php
 +
cp /local/builds/php-7.4.7/sapi/fpm/php-fpm.service /usr/lib/systemd/system/php-fpm-7.4.7.service
 +
systemctl daemon-reload
 +
systemctl start php-fpm-7.4.7.service
 +
systemctl enable php-fpm-7.4.7.service
 +
echo "alias php-7.4.7='export PATH=/local/php/php-7.4.7/bin:\$PATH'" >> /etc/profile.d/sh.local
 +
</pre>
 +
 +
===Compilation et installation de PHP 5.6.40 avec FPM===
 +
<pre>
 +
cd
 +
mkdir -p /local/php/php-5.6.40
 +
wget https://www.php.net/distributions/php-5.6.40.tar.gz
 +
tar -zxf php-5.6.40.tar.gz -C /local/builds
 +
cd /local/builds/php-5.6.40
 +
./configure \
 +
--prefix=/local/php/php-5.6.40 \
 +
--with-config-file-path=/local/php/php-5.6.40 \
 +
--disable-all \
 +
--enable-static \
 +
--enable-fpm \
 +
--with-fpm-user=php-fpm \
 +
--with-fpm-group=php-fpm \
 +
--with-fpm-systemd \
 +
--disable-ipv6 \
 +
--enable-cli \
 +
--with-zlib \
 +
--with-bz2 \
 +
--enable-calendar \
 +
--enable-ctype \
 +
--with-curl \
 +
--with-gd \
 +
--enable-intl \
 +
--disable-json \
 +
--with-ldap \
 +
--enable-mbstring \
 +
--enable-pdo \
 +
--with-pdo-mysql \
 +
--with-pdo-odbc=unixODBC,/usr \
 +
--enable-shared=pdo-mysql \
 +
--enable-phar \
 +
--enable-libxml \
 +
--enable-xml \
 +
--enable-xmlreader \
 +
--enable-xmlwriter \
 +
--enable-opcache \
 +
--enable-zip \
 +
--with-pear \
 +
--with-openssl \
 +
--with-libdir=lib64
 +
make -j
 +
make install
 +
cp /local/php/php-5.6.40/etc/php-fpm.conf.default /local/php/php-5.6.40/etc/php-fpm.conf
 +
cp /local/builds/php-5.6.40/php.ini-production /local/php/php-5.6.40/php.ini
 +
/local/php/php-5.6.40/bin/pear config-set php_ini /local/php/php-5.6.40/php.ini system
 +
/local/php/php-5.6.40/bin/pecl config-set php_ini /local/php/php-5.6.40/php.ini system
 +
mkdir /local/php/php-5.6.40/etc/php-fpm.d
 +
echo "[localhost]" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "user = php-fpm" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "group = php-fpm" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "listen = /local/php/sockets/php-5.6.40_\$pool.sock" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "listen.owner = php-fpm" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "listen.group = www" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "listen.mode = 0660" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "pm = dynamic" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "pm.max_children = 5" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "pm.start_servers = 2" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "pm.min_spare_servers = 1" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "pm.max_spare_servers = 3" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "pm.status_path = /\$pool_status" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "ping.path = /\$pool_ping" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "access.log = /data/logs/php/\$pool/\$pool_php-5.6.40.access.log" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "slowlog = /data/logs/php/\$pool/\$pool_php-5.6.40.log.slow" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "php_admin_value[error_log] = /data/logs/php/\$pool/\$pool_php-5.6.40.log" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "php_admin_flag[log_errors] = on" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "php_admin_value[error_reporting] = E_ALL" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "php_admin_value[session.save_path] = \"/local/php/sessions/\$pool/\"" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
echo "php_value[session.save_path] = \"/local/php/\$pool/\"" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
 +
mkdir -p /local/php/sockets
 +
chown -R php-fpm:php-fpm /local/php
 +
cp /usr/lib/systemd/system/php-fpm-7.4.7.service /usr/lib/systemd/system/php-fpm-5.6.40.service
 +
sed -i -e 's/7.4.7/5.6.40/g' /usr/lib/systemd/system/php-fpm-5.6.40.service
 +
systemctl daemon-reload
 +
systemctl start php-fpm-5.6.40.service
 +
systemctl enable php-fpm-5.6.40.service
 +
echo "alias php-5.6.40='export PATH=/local/php/php-5.6.40/bin:\$PATH'" >> /etc/profile.d/sh.local
 +
</pre>
 +
 +
===Installation de Webmin===
 +
<pre>
 +
cd
 +
echo "[Webmin]" >> /etc/yum.repos.d/webmin.repo
 +
echo "name=Webmin Distribution Neutral" >> /etc/yum.repos.d/webmin.repo
 +
echo "#baseurl=https://download.webmin.com/download/yum" >> /etc/yum.repos.d/webmin.repo
 +
echo "mirrorlist=https://download.webmin.com/download/yum/mirrorlist" >> /etc/yum.repos.d/webmin.repo
 +
echo "enabled=1" >> /etc/yum.repos.d/webmin.repo
 +
wget https://download.webmin.com/jcameron-key.asc
 +
rpm --import jcameron-key.asc
 +
yum install webmin perl-Authen-PAM
 +
/etc/rc.d/init.d/webmin stop
 +
find /etc -type l -name *webmin -exec unlink {} \;
 +
echo "[Unit]" >> /usr/lib/systemd/system/webmin.service
 +
echo "Description=Webmin" >> /usr/lib/systemd/system/webmin.service
 +
echo "Requires=local-fs.target" >> /usr/lib/systemd/system/webmin.service
 +
echo "After=basic.target" >> /usr/lib/systemd/system/webmin.service
 +
echo "Conflicts=shutdown.target" >> /usr/lib/systemd/system/webmin.service
 +
echo "" >> /usr/lib/systemd/system/webmin.service
 +
echo "[Service]" >> /usr/lib/systemd/system/webmin.service
 +
echo "Type=oneshot" >> /usr/lib/systemd/system/webmin.service
 +
echo "RemainAfterExit=yes" >> /usr/lib/systemd/system/webmin.service
 +
echo "ExecStart=/etc/webmin/start" >> /usr/lib/systemd/system/webmin.service
 +
echo "ExecStop=/etc/webmin/stop" >> /usr/lib/systemd/system/webmin.service
 +
echo "ExecReload=/etc/webmin/reload" >> /usr/lib/systemd/system/webmin.service
 +
echo "" >> /usr/lib/systemd/system/webmin.service
 +
echo "[Install]" >> /usr/lib/systemd/system/webmin.service
 +
echo "WantedBy=multi-user.target" >> /usr/lib/systemd/system/webmin.service
 +
systemctl daemon-reload
 +
sed -i -e 's/ssl=1/ssl=0/g' /etc/webmin/miniserv.conf
 +
sed -i -e 's/ipv6=1/ipv6=0/g' /etc/webmin/miniserv.conf
 +
echo "cookiepath=/webmin" >> /etc/webmin/miniserv.conf
 +
echo "webprefix=/webmin" >> /etc/webmin/config
 +
echo "webprefixnoredir=1" >> /etc/webmin/config
 +
echo "referer=1" >> /etc/webmin/config
 +
systemctl start webmin.service
 +
systemctl enable webmin.service
 +
# Ajout des lignes ci-dessous dans la configuration du vhost local /local/httpd/conf/vhosts/myserver.conf
 +
# Configuration Webmin
 +
ProxyPass /webmin http://localhost:10000
 +
ProxyPassReverse /webmin http://localhost:10000
 +
# Fin de configuration Webmin
 +
httpd -k graceful
 +
</pre>
 +
 +
===Installation de Oracle Instant Client===
 +
<pre>
 +
wget https://yum.oracle.com/RPM-GPG-KEY-oracle-ol7 -O /etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
 +
gpg --quiet --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
 +
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
 +
echo "[ol7_latest]" >> /etc/yum.repos.d/ol7-temp.repo
 +
echo "name=Oracle Linux \$releasever Latest ($basearch)" >> /etc/yum.repos.d/ol7-temp.repo
 +
echo "baseurl=https://yum.oracle.com/repo/OracleLinux/OL7/latest/\$basearch/" >> /etc/yum.repos.d/ol7-temp.repo
 +
echo "gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle" >> /etc/yum.repos.d/ol7-temp.repo
 +
echo "gpgcheck=1" >> /etc/yum.repos.d/ol7-temp.repo
 +
echo "enabled=1" >> /etc/yum.repos.d/ol7-temp.repo
 +
yum install oraclelinux-release-el7
 +
mv /etc/yum.repos.d/ol7-temp.repo /etc/yum.repos.d/ol7-temp.repo.disabled
 +
yum install oracle-release-el7
 +
yum install oracle-instantclient19.6
 +
mv /etc/yum.repos.d/oracle-linux-ol7.repo{,.disabled}
 +
mv /etc/yum.repos.d/oracle-ol7.repo{,.disabled}
 +
mv /etc/yum.repos.d/uek-ol7.repo{,.disabled}
 +
rm -rf /var/cache/yum/x86_64/7/ol7_*
 +
yum clean all
 +
yum makecache
 +
</pre>
 +
 +
===Installation de l'extension oci8 pour PHP 7.4.7===
 +
/local/php/php-7.4.7/bin/pecl channel-update pecl.php.net
 +
/local/php/php-7.4.7/bin/pecl install oci8
 +
 +
===Installation de l'extension oci8 pour PHP 5.6.40===
 +
/local/php/php-5.6.40/bin/pecl channel-update pecl.php.net
 +
/local/php/php-5.6.40/bin/pecl install oci8-2.0.12
 +
 +
===Installation du pilote ODBC pour MSSQL===
 +
curl https://packages.microsoft.com/config/rhel/7/prod.repo > /etc/yum.repos.d/mssql-release.repo
 +
ACCEPT_EULA=Y yum install msodbcsql17
 +
 +
===Installation de l'extension pdo_sqlsrv pour PHP 7.4.7===
 +
/local/php/php-7.4.7/bin/pecl install pdo_sqlsrv
 +
 +
===Programme set_php_version===
 +
Contenu du programme <code>/local/php/set_php_version</code> pour changer de version de PHP :
 +
<syntaxhighlight lang="bash">
 +
#!/bin/bash
 +
# Ce programme doit être sourcé pour modifier le PATH
 +
# . set_php_version
 +
declare -A versions
 +
declare -A bin_dirs
 +
 +
get_bin_dirs() {
 +
i=1
 +
for bin_dir in $(find /local/php -type d -name bin);
 +
do
 +
version="$($bin_dir/php -v|head -1|awk '{print $2}')"
 +
versions[$i]=$version
 +
bin_dirs[$version]=$bin_dir
 +
((i++))
 +
done
 +
}
 +
 +
pathremove () {
 +
        local IFS=':'
 +
        local NEWPATH
 +
        local DIR
 +
        local PATHVARIABLE=${2:-PATH}
 +
        for DIR in ${!PATHVARIABLE} ; do
 +
                if [ "$DIR" != "$1" ] ; then
 +
                  NEWPATH=${NEWPATH:+$NEWPATH:}$DIR
 +
                fi
 +
        done
 +
        export ${PATHVARIABLE}="$NEWPATH"
 +
}
 +
 +
pathprepend () {
 +
        pathremove $1 $2
 +
        local PATHVARIABLE=${2:-PATH}
 +
        export $PATHVARIABLE="$1${!PATHVARIABLE:+:${!PATHVARIABLE}}"
 +
}
 +
 +
pathappend () {
 +
        pathremove $1 $2
 +
        local PATHVARIABLE=${2:-PATH}
 +
        export $PATHVARIABLE="${!PATHVARIABLE:+${!PATHVARIABLE}:}$1"
 +
}
 +
 +
 +
if [ "$#" -eq 0 ];
 +
then
 +
## Récupération des différents dossiers hébergeant les binaires PHP
 +
#########################
 +
get_bin_dirs
 +
 +
## Choix de version PHP
 +
#########################
 +
echo -e "Veuillez choisir une version de PHP à utiliser :\n"
 +
i=1
 +
 +
# On parcourt le tableau des applications
 +
for version in "${versions[@]}"
 +
do
 +
# On affiche une liste numérotéé des versions
 +
echo "$i) $version"
 +
((i++))
 +
done
 +
echo ""
 +
read -p "Choix : " version_choice
 +
echo ""
 +
 +
# On peut choisir la version par son numéro
 +
if [[ $version_choice =~ ^[[:digit:]]+$ ]]
 +
then
 +
if [[ ! -z ${versions[$version_choice]} ]]
 +
then
 +
str_bindir=${bin_dirs[${versions[$version_choice]}]}
 +
str_version=${versions[$version_choice]}
 +
fi
 +
elif [[ ! -z ${bin_dirs[$version_choice]} ]]
 +
then
 +
str_bindir=${bin_dirs[$version_choice]}
 +
str_version=${version_choice}
 +
fi
 +
elif [ "$#" -eq 1 ];
 +
then
 +
## Récupération des dossifférents dossiers hébergeant les binaires PHP
 +
#########################
 +
get_bin_dirs
 +
 +
if [[ ! -z ${bin_dirs[$1]} ]]
 +
then
 +
str_bindir=${bin_dirs[$1]}
 +
str_version=$1
 +
elif [[ $1 == "reset" ]]
 +
then
 +
echo "Reset du PATH sans les binaires PHP"
 +
for dir in ${bin_dirs[*]}
 +
do
 +
pathremove "${dir}"
 +
done
 +
if [[ ! -z $oldPS1 ]]
 +
then
 +
PS1=$oldPS1
 +
unset oldPS1
 +
else
 +
PS1="[\u@\h \W]\\$ "
 +
fi
 +
fi
 +
else
 +
echo "Nombre de paramètres attendus : 1"
 +
fi
 +
 +
if [[ -z $str_bindir ]]
 +
then
 +
if [[ $1 != "reset" ]]
 +
then
 +
echo "Choix de version invalide !"
 +
get_bin_dirs
 +
echo "Versions disponibles : "${!bin_dirs[*]}
 +
fi
 +
else
 +
echo -e "Version de PHP : $str_version. Path : $str_bindir"
 +
echo -e "Pour retirer les binaires PHP du PATH, utiliser la commande « set_php_version reset »"
 +
for dir in ${bin_dirs[*]}
 +
do
 +
pathremove "${dir}"
 +
done
 +
 +
pathprepend ${str_bindir}
 +
 +
if [[ -z $oldPS1 ]]
 +
then
 +
oldPS1=$PS1
 +
fi
 +
export PS1="[\u@\h \W|\[\033[0;31m\]PHP ${str_version}\[\033[0m\]]\\$ "
 +
fi
 +
 +
unset version versions str_bindir bin_dir bin_dirs pathremove pathprepend pathappend get_bin_dirs version_choice str_version
 +
</syntaxhighlight>
 +
 +
===Installation Zabbix===
 +
<pre>
 +
rpm -Uvh https://repo.zabbix.com/zabbix/4.4/rhel/7/x86_64/zabbix-release-4.4-1.el7.noarch.rpm
 +
rpm -import http://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-A14FE591
 +
yum install zabbix-agent
 +
sed -i -e 's/Server=127.0.0.1/Server=myzabbixserver/g' -e 's/ServerActive=127.0.0.1/ServerActive=myzabbixserver/g' -e 's/Hostname=Zabbix server/Hostname=myserver/g' /etc/zabbix/zabbix_agentd.conf
 +
</pre>

Version actuelle datée du 14 mars 2022 à 07:52

Présentation

Cette page a pour objet de lister diverses commandes pouvant être utiles dans l'utilisation d'un serveur Linux.

Date d'installation système

Informations récupérées depuis la page http://www.tux-planet.fr/connaitre-la-date-dinstallation-dun-systeme-linux/.

Il existe une astuce, qui consiste à lister tous les fichiers de configuration du répertoire /etc et à prendre la date la plus ancienne. Après l'avoir testée sur plusieurs machines, cette méthode semble plutôt fiable.

Voici la commande à utiliser :

Putty icon.png Console SSH
ls -lct /etc | tail -1 | awk '{print $6, $7, $8}'

Exemple de retour de commande :

Putty icon.png Console SSH
Jul 15 2016

Une autre astuce assez fiable donnée par zapple en commentaire, consiste à afficher la date de création du système de fichiers à l'aide de la commande tune2fs. A lancer avec le compte root de la machine :

Putty icon.png Console SSH
df / | awk '{print $1}' | grep dev | xargs tune2fs -l | grep create

Exemple de retour de commande :

Putty icon.png Console SSH
Filesystem created:       Fri Jul 15 16:23:48 2016

Pour les utilisateurs d'Ubuntu, il y a aussi cette commande :

Putty icon.png Console SSH
sudo dumpe2fs -h $(df | awk '/\/$/ {print $1}') | grep created

Attention : ces astuces peuvent ne pas fonctionner si le BIOS n'était pas à l'heure le jour de l'installation.

Astuces scripting

${var%/*} supprime tout de la variable var après la dernère occurrence de /.

${var##*/} supprime tout de la variable var avant la dernère occurrence de /.

Commandes post-installation CentOS 7

Ajout du dépôt EPEL

yum -y install epel-release
yum makecache
yum update
yum install yum-utils bind-utils yum-cron wget bash-completion lsof nmon net-tools dos2unix deltarpm vim sg3_utils open-vm-tools sysstat
init 6

Sécurisation du umask

sed -i -e 's/umask 022/umask 027/g' -e 's/umask 002/umask 027/g' /etc/bashrc
sed -i -e 's/umask 022/umask 027/g' -e 's/umask 002/umask 027/g' /etc/csh.cshrc
sed -i -e 's/umask 022/umask 027/g' -e 's/umask 002/umask 027/g' /etc/profile
sed -i -e 's/umask 022/umask 027/g' -e 's/umask 002/umask 027/g' /etc/init.d/functions

Suppression des pilotes inutiles

yum remove alsa-* ivtv-* iwl*firmware aic94xx-firmware

Désactivation de la wifi

nmcli radio all off

Désactivation de l'IPv6

echo "NETWORKING_IPV6=no" >> /etc/sysconfig/network
echo "IPV6INIT=no" >> /etc/sysconfig/network
echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.default.disable_ipv6 = 1" >> /etc/sysctl.conf
sysctl -p
sed -i 's/#AddressFamily any/AddressFamily inet/g' /etc/ssh/sshd_config
systemctl restart sshd
sed -i 's/OPTIONS=""/OPTIONS="-4"/g' /etc/sysconfig/chronyd
systemctl restart chronyd

Désactivation du selinux

setenforce 0
sed -i -e 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

Suppression des utilisateurs inutiles

userdel -r adm
userdel -r ftp
userdel -r games
userdel -r lp
groupdel games

Augmenter l'historique des commandes de 1000 à 5000 lignes

sed -i 's/HISTSIZE=.*/HISTSIZE=5000/g' /etc/profile

Ajout de l'option "clean_requirements_on_remove=1" pour supprimer automatiquement les dépendances non-utilisées lors de la désinstallation d'un paquet

sed -i -e 's/distroverpkg=centos-release/distroverpkg=centos-release\nclean_requirements_on_remove=1/g' /etc/yum.conf

Installation de msmtp

yum install msmtp mailx
echo "# If it exists, it usually defines a default account." >> /etc/msmtprc
echo "# This allows msmtp to be used like /usr/sbin/sendmail." >> /etc/msmtprc
echo "account default" >> /etc/msmtprc
echo "" >> /etc/msmtprc
echo "# The SMTP smarthost" >> /etc/msmtprc
echo "host smtp.mydomain.com" >> /etc/msmtprc
echo "" >> /etc/msmtprc
echo "# Use TLS on port 465" >> /etc/msmtprc
echo "port 25" >> /etc/msmtprc
echo "tls off" >> /etc/msmtprc
echo "tls_starttls off" >> /etc/msmtprc
echo "" >> /etc/msmtprc
echo "# Construct envelope-from addresses of the form \"user@oursite.example\"" >> /etc/msmtprc
echo "from %U@%H" >> /etc/msmtprc
echo "" >> /etc/msmtprc
echo "# Syslog logging with facility LOG_MAIL instead of the default LOG_USER" >> /etc/msmtprc
echo "syslog LOG_MAIL" >> /etc/msmtprc

Ajout des alias nécessaires à l'exploitation

echo "alias eye='ps -eaf | grep -v grep|grep UID;ps -eaf | grep -v grep | grep -i '" >> /etc/profile.d/sh.local
echo "alias errors='journalctl -b -p err|less'" >> /etc/profile.d/sh.local
echo "alias df='df -m'" >> /etc/profile.d/sh.local
echo "alias vi='vim'" >> /etc/profile.d/sh.local
echo "alias set_php_version='. /local/php/set_php_version'" >> /etc/profile.d/sh.local

Préparation à la compilation

mkdir /local/builds
yum install gcc glibc-devel glibc-headers kernel-headers libmpc mpfr autoconf
yum install pcre-devel
yum install expat-devel
yum install systemd-devel

Ajout du groupe www et du dossier /data/www

groupadd www
mkdir -p /data/www
chown :www /data/www

Compilation et installation d'Apache

useradd -r apache
usermod -aG www apache
mkdir -p /local/httpd/httpd-2.4.43
ln -s httpd-2.4.43 /local/httpd/current
wget https://mirror.ibcp.fr/pub/apache//httpd/httpd-2.4.43.tar.gz
tar -zxf httpd-2.4.43.tar.gz -C /local/builds
wget http://mirrors.standaloneinstaller.com/apache//apr/apr-1.7.0.tar.gz
tar -zxf apr-1.7.0.tar.gz
mv apr-1.7.0 /local/builds/httpd-2.4.43/srclib/apr
wget http://mirrors.standaloneinstaller.com/apache//apr/apr-util-1.6.1.tar.gz
tar -zxf apr-util-1.6.1.tar.gz
mv apr-util-1.6.1 /local/builds/httpd-2.4.43/srclib/apr-util
cd /local/builds/httpd-2.4.43
./configure \
--prefix=/local/httpd/current \
--sysconfdir=/local/httpd/conf \
--enable-proxy \
--enable-proxy-http \
--enable-proxy-wstunnel \
--enable-proxy-fcgi \
--enable-rewrite \
--enable-authz-host \
--enable-mime \
--enable-static-support \
--enable-remoteip \
--enable-status \
--enable-systemd \
--enable-mods-static="proxy rewrite authz-core authz-host log-config alias dir unixd mime remoteip status systemd" \
--disable-so \
--disable-proxy-connect \
--disable-proxy-ftp \
--disable-proxy-scgi \
--disable-proxy-uwsgi \
--disable-proxy-fdpass \
--disable-proxy-ajp \
--disable-proxy-balancer \
--disable-proxy-express \
--disable-proxy-hcheck \
--disable-access-compat \
--disable-auth \
--disable-auth-basic \
--disable-authn-core \
--disable-authn-file \
--disable-authz-groupfile \
--disable-authz-user \
--disable-autoindex \
--disable-env \
--disable-filter \
--disable-reqtimeout \
--disable-setenvif \
--disable-version \
--disable-authn-dbm \
--disable-authn-anon \
--disable-authn-dbd \
--disable-authn-socache \
--disable-authz-dbm \
--disable-authz-owner \
--disable-authz-dbd \
--disable-auth-form \
--disable-auth-digest \
--disable-allowmethods \
--disable-cache \
--disable-file-cache \
--disable-headers \
--disable-cache-disk \
--disable-cache-socache \
--disable-socache-dbm \
--disable-socache-memcache \
--disable-socache-redis \
--disable-socache-shmcb
make -j
make install
chown -R root:apache /local/httpd
echo "export PATH=\$PATH:/local/httpd/current/bin" >> /etc/profile.d/sh.local
echo "[Unit]" >> /usr/lib/systemd/system/http.service
echo "Description=The Apache HTTP Server" >> /usr/lib/systemd/system/http.service
echo "After=network.target" >> /usr/lib/systemd/system/http.service
echo "" >> /usr/lib/systemd/system/http.service
echo "[Service]" >> /usr/lib/systemd/system/http.service
echo "Type=notify" >> /usr/lib/systemd/system/http.service
echo "ExecStart=/local/httpd/current/bin/httpd -D FOREGROUND -k start" >> /usr/lib/systemd/system/http.service
echo "ExecReload=/local/httpd/current/bin/httpd -k graceful" >> /usr/lib/systemd/system/http.service
echo "ExecStop=/local/httpd/current/bin/httpd -k stop" >> /usr/lib/systemd/system/http.service
echo "KillMode=mixed" >> /usr/lib/systemd/system/http.service
echo "TimeoutStopSec=60" >> /usr/lib/systemd/system/http.service
echo "" >> /usr/lib/systemd/system/http.service
echo "[Install]" >> /usr/lib/systemd/system/http.service
echo "WantedBy=multi-user.target" >> /usr/lib/systemd/system/http.service
systemctl daemon-reload
systemctl start http.service
systemctl enable http.service
firewall-cmd --add-service=http
firewall-cmd --add-service=http --permanent
mkdir -p /data/logs/{localhost,myserver}
chmod o+rx /data
touch /data/logs/localhost/localhost_http_{error,access}.log
touch /data/logs/myserver/myserver_http_{error,access}.log
mkdir /local/httpd/conf/vhosts

Compilation et installation de CMake

cd
yum install openssl-devel keyutils-libs-devel krb5-devel libcom_err-devel libkadm5 libselinux-devel libsepol-devel libverto-devel     
mkdir /local/cmake
wget https://github.com/Kitware/CMake/releases/download/v3.18.0-rc3/cmake-3.18.0-rc3.tar.gz
tar -zxf cmake-3.18.0-rc3.tar.gz -C /local/builds
cd /local/builds/cmake-3.18.0-rc3
./bootstrap --prefix=/local/cmake/cmake-3.18.0-rc3
make
make install
ln -s cmake-3.18.0-rc3 /local/cmake/current
echo "export PATH=\$PATH:/local/cmake/current/bin" >> /etc/profile.d/sh.local

Compilation et installation de libzip

cd
wget https://libzip.org/download/libzip-1.7.1.tar.gz
tar -zxf libzip-1.7.1.tar.gz -C /local/builds
mkdir /local/builds/libzip-1.7.1/build
cd /local/builds/libzip-1.7.1/build
cmake -DCMAKE_INSTALL_PREFIX=/usr ..
make
make install

Installation des paquets nécessaires à la compilation de PHP

yum install zlib-devel
yum install bzip2-devel
yum install libcurl-devel
yum install libpng-devel
yum install libicu-devel libicu
yum install gcc-c++ libstdc++-devel
yum install openldap-devel cyrus-sasl cyrus-sasl-devel
yum install oniguruma-devel oniguruma
yum install libxml2-devel xz-devel
yum install unixODBC unixODBC-devel

Création du user/groupe pour PHP-FPM

useradd -r php-fpm
usermod -aG www php-fpm

Compilation et installation de PHP 7.4.7 avec FPM

cd
mkdir -p /local/php/php-7.4.7
wget https://www.php.net/distributions/php-7.4.7.tar.gz
tar -zxf php-7.4.7.tar.gz -C /local/builds
cd /local/builds/php-7.4.7
./configure \
--prefix=/local/php/php-7.4.7 \
--with-config-file-path=/local/php/php-7.4.7 \
--disable-all \
--enable-static \
--enable-fpm \
--with-fpm-user=php-fpm \
--with-fpm-group=php-fpm \
--with-fpm-systemd \
--disable-ipv6 \
--enable-cli \
--with-zlib \
--with-bz2 \
--enable-calendar \
--enable-ctype \
--with-curl \
--enable-gd \
--enable-intl \
--disable-json \
--with-ldap \
--enable-mbstring \
--enable-pdo \
--with-pdo-mysql \
--enable-shared=pdo-mysql \
--enable-phar \
--with-libxml \
--enable-xml \
--enable-xmlreader \
--enable-xmlwriter \
--enable-opcache \
--with-zip \
--with-pear \
--with-openssl \
--with-libdir=lib64
make -j
make install
cp /local/php/php-7.4.7/etc/php-fpm.conf.default /local/php/php-7.4.7/etc/php-fpm.conf
cp /local/builds/php-7.4.7/php.ini-production /local/php/php-7.4.7/php.ini
/local/php/php-7.4.7/bin/pear config-set php_ini /local/php/php-7.4.7/php.ini system
/local/php/php-7.4.7/bin/pecl config-set php_ini /local/php/php-7.4.7/php.ini system
echo "[localhost]" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "user = php-fpm" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "group = php-fpm" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "listen = /local/php/sockets/php-7.4.7_\$pool.sock" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "listen.owner = php-fpm" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "listen.group = www" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "listen.mode = 0660" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "pm = dynamic" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "pm.max_children = 5" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "pm.start_servers = 2" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "pm.min_spare_servers = 1" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "pm.max_spare_servers = 3" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "pm.status_path = /\$pool_status" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "ping.path = /\$pool_ping" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "access.log = /data/logs/php/\$pool/\$pool_php-7.4.7.access.log" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "slowlog = /data/logs/php/\$pool/\$pool_php-7.4.7.log.slow" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "php_admin_value[error_log] = /data/logs/php/\$pool/\$pool_php-7.4.7.log" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "php_admin_flag[log_errors] = on" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "php_admin_value[error_reporting] = E_ALL" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "php_admin_value[session.save_path] = \"/local/php/sessions/\$pool/\"" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
echo "php_value[session.save_path] = \"/local/php/\$pool/\"" >> /local/php/php-7.4.7/etc/php-fpm.d/localhost.conf
mkdir -p /local/php/sockets
mkdir -p /local/php/sessions
mkdir -p /data/logs/php
chown -R php-fpm:php-fpm /local/php
cp /local/builds/php-7.4.7/sapi/fpm/php-fpm.service /usr/lib/systemd/system/php-fpm-7.4.7.service
systemctl daemon-reload
systemctl start php-fpm-7.4.7.service
systemctl enable php-fpm-7.4.7.service
echo "alias php-7.4.7='export PATH=/local/php/php-7.4.7/bin:\$PATH'" >> /etc/profile.d/sh.local

Compilation et installation de PHP 5.6.40 avec FPM

cd
mkdir -p /local/php/php-5.6.40
wget https://www.php.net/distributions/php-5.6.40.tar.gz
tar -zxf php-5.6.40.tar.gz -C /local/builds
cd /local/builds/php-5.6.40
./configure \
--prefix=/local/php/php-5.6.40 \
--with-config-file-path=/local/php/php-5.6.40 \
--disable-all \
--enable-static \
--enable-fpm \
--with-fpm-user=php-fpm \
--with-fpm-group=php-fpm \
--with-fpm-systemd \
--disable-ipv6 \
--enable-cli \
--with-zlib \
--with-bz2 \
--enable-calendar \
--enable-ctype \
--with-curl \
--with-gd \
--enable-intl \
--disable-json \
--with-ldap \
--enable-mbstring \
--enable-pdo \
--with-pdo-mysql \
--with-pdo-odbc=unixODBC,/usr \
--enable-shared=pdo-mysql \
--enable-phar \
--enable-libxml \
--enable-xml \
--enable-xmlreader \
--enable-xmlwriter \
--enable-opcache \
--enable-zip \
--with-pear \
--with-openssl \
--with-libdir=lib64
make -j
make install
cp /local/php/php-5.6.40/etc/php-fpm.conf.default /local/php/php-5.6.40/etc/php-fpm.conf
cp /local/builds/php-5.6.40/php.ini-production /local/php/php-5.6.40/php.ini
/local/php/php-5.6.40/bin/pear config-set php_ini /local/php/php-5.6.40/php.ini system
/local/php/php-5.6.40/bin/pecl config-set php_ini /local/php/php-5.6.40/php.ini system
mkdir /local/php/php-5.6.40/etc/php-fpm.d
echo "[localhost]" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "user = php-fpm" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "group = php-fpm" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "listen = /local/php/sockets/php-5.6.40_\$pool.sock" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "listen.owner = php-fpm" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "listen.group = www" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "listen.mode = 0660" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "pm = dynamic" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "pm.max_children = 5" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "pm.start_servers = 2" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "pm.min_spare_servers = 1" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "pm.max_spare_servers = 3" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "pm.status_path = /\$pool_status" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "ping.path = /\$pool_ping" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "access.log = /data/logs/php/\$pool/\$pool_php-5.6.40.access.log" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "slowlog = /data/logs/php/\$pool/\$pool_php-5.6.40.log.slow" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "php_admin_value[error_log] = /data/logs/php/\$pool/\$pool_php-5.6.40.log" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "php_admin_flag[log_errors] = on" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "php_admin_value[error_reporting] = E_ALL" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "php_admin_value[session.save_path] = \"/local/php/sessions/\$pool/\"" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
echo "php_value[session.save_path] = \"/local/php/\$pool/\"" >> /local/php/php-5.6.40/etc/php-fpm.d/localhost.conf
mkdir -p /local/php/sockets
chown -R php-fpm:php-fpm /local/php
cp /usr/lib/systemd/system/php-fpm-7.4.7.service /usr/lib/systemd/system/php-fpm-5.6.40.service
sed -i -e 's/7.4.7/5.6.40/g' /usr/lib/systemd/system/php-fpm-5.6.40.service
systemctl daemon-reload
systemctl start php-fpm-5.6.40.service
systemctl enable php-fpm-5.6.40.service
echo "alias php-5.6.40='export PATH=/local/php/php-5.6.40/bin:\$PATH'" >> /etc/profile.d/sh.local

Installation de Webmin

cd
echo "[Webmin]" >> /etc/yum.repos.d/webmin.repo
echo "name=Webmin Distribution Neutral" >> /etc/yum.repos.d/webmin.repo
echo "#baseurl=https://download.webmin.com/download/yum" >> /etc/yum.repos.d/webmin.repo
echo "mirrorlist=https://download.webmin.com/download/yum/mirrorlist" >> /etc/yum.repos.d/webmin.repo
echo "enabled=1" >> /etc/yum.repos.d/webmin.repo
wget https://download.webmin.com/jcameron-key.asc
rpm --import jcameron-key.asc
yum install webmin perl-Authen-PAM
/etc/rc.d/init.d/webmin stop
find /etc -type l -name *webmin -exec unlink {} \;
echo "[Unit]" >> /usr/lib/systemd/system/webmin.service
echo "Description=Webmin" >> /usr/lib/systemd/system/webmin.service
echo "Requires=local-fs.target" >> /usr/lib/systemd/system/webmin.service
echo "After=basic.target" >> /usr/lib/systemd/system/webmin.service
echo "Conflicts=shutdown.target" >> /usr/lib/systemd/system/webmin.service
echo "" >> /usr/lib/systemd/system/webmin.service
echo "[Service]" >> /usr/lib/systemd/system/webmin.service
echo "Type=oneshot" >> /usr/lib/systemd/system/webmin.service
echo "RemainAfterExit=yes" >> /usr/lib/systemd/system/webmin.service
echo "ExecStart=/etc/webmin/start" >> /usr/lib/systemd/system/webmin.service
echo "ExecStop=/etc/webmin/stop" >> /usr/lib/systemd/system/webmin.service
echo "ExecReload=/etc/webmin/reload" >> /usr/lib/systemd/system/webmin.service
echo "" >> /usr/lib/systemd/system/webmin.service
echo "[Install]" >> /usr/lib/systemd/system/webmin.service
echo "WantedBy=multi-user.target" >> /usr/lib/systemd/system/webmin.service
systemctl daemon-reload
sed -i -e 's/ssl=1/ssl=0/g' /etc/webmin/miniserv.conf
sed -i -e 's/ipv6=1/ipv6=0/g' /etc/webmin/miniserv.conf
echo "cookiepath=/webmin" >> /etc/webmin/miniserv.conf
echo "webprefix=/webmin" >> /etc/webmin/config
echo "webprefixnoredir=1" >> /etc/webmin/config
echo "referer=1" >> /etc/webmin/config
systemctl start webmin.service
systemctl enable webmin.service
# Ajout des lignes ci-dessous dans la configuration du vhost local /local/httpd/conf/vhosts/myserver.conf
	# Configuration Webmin
	ProxyPass /webmin http://localhost:10000
	ProxyPassReverse /webmin http://localhost:10000
	# Fin de configuration Webmin
httpd -k graceful

Installation de Oracle Instant Client

wget https://yum.oracle.com/RPM-GPG-KEY-oracle-ol7 -O /etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
gpg --quiet --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
echo "[ol7_latest]" >> /etc/yum.repos.d/ol7-temp.repo
echo "name=Oracle Linux \$releasever Latest ($basearch)" >> /etc/yum.repos.d/ol7-temp.repo
echo "baseurl=https://yum.oracle.com/repo/OracleLinux/OL7/latest/\$basearch/" >> /etc/yum.repos.d/ol7-temp.repo
echo "gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle" >> /etc/yum.repos.d/ol7-temp.repo
echo "gpgcheck=1" >> /etc/yum.repos.d/ol7-temp.repo
echo "enabled=1" >> /etc/yum.repos.d/ol7-temp.repo
yum install oraclelinux-release-el7
mv /etc/yum.repos.d/ol7-temp.repo /etc/yum.repos.d/ol7-temp.repo.disabled
yum install oracle-release-el7
yum install oracle-instantclient19.6
mv /etc/yum.repos.d/oracle-linux-ol7.repo{,.disabled}
mv /etc/yum.repos.d/oracle-ol7.repo{,.disabled}
mv /etc/yum.repos.d/uek-ol7.repo{,.disabled}
rm -rf /var/cache/yum/x86_64/7/ol7_*
yum clean all
yum makecache

Installation de l'extension oci8 pour PHP 7.4.7

/local/php/php-7.4.7/bin/pecl channel-update pecl.php.net
/local/php/php-7.4.7/bin/pecl install oci8

Installation de l'extension oci8 pour PHP 5.6.40

/local/php/php-5.6.40/bin/pecl channel-update pecl.php.net
/local/php/php-5.6.40/bin/pecl install oci8-2.0.12

Installation du pilote ODBC pour MSSQL

curl https://packages.microsoft.com/config/rhel/7/prod.repo > /etc/yum.repos.d/mssql-release.repo
ACCEPT_EULA=Y yum install msodbcsql17

Installation de l'extension pdo_sqlsrv pour PHP 7.4.7

/local/php/php-7.4.7/bin/pecl install pdo_sqlsrv

Programme set_php_version

Contenu du programme /local/php/set_php_version pour changer de version de PHP : 

#!/bin/bash
# Ce programme doit être sourcé pour modifier le PATH
# . set_php_version
declare -A versions
declare -A bin_dirs

get_bin_dirs() {
	i=1
	for bin_dir in $(find /local/php -type d -name bin);
	do
		version="$($bin_dir/php -v|head -1|awk '{print $2}')"
		versions[$i]=$version
		bin_dirs[$version]=$bin_dir
		((i++))
	done
}

pathremove () {
        local IFS=':'
        local NEWPATH
        local DIR
        local PATHVARIABLE=${2:-PATH}
        for DIR in ${!PATHVARIABLE} ; do
                if [ "$DIR" != "$1" ] ; then
                  NEWPATH=${NEWPATH:+$NEWPATH:}$DIR
                fi
        done
        export ${PATHVARIABLE}="$NEWPATH"
}

pathprepend () {
        pathremove $1 $2
        local PATHVARIABLE=${2:-PATH}
        export $PATHVARIABLE="$1${!PATHVARIABLE:+:${!PATHVARIABLE}}"
}

pathappend () {
        pathremove $1 $2
        local PATHVARIABLE=${2:-PATH}
        export $PATHVARIABLE="${!PATHVARIABLE:+${!PATHVARIABLE}:}$1"
}


if [ "$#" -eq 0 ];
then
	## Récupération des différents dossiers hébergeant les binaires PHP
	#########################
	get_bin_dirs

	## Choix de version PHP
	#########################
	echo -e "Veuillez choisir une version de PHP à utiliser :\n"
	i=1

	# On parcourt le tableau des applications
	for version in "${versions[@]}"
	do
		# On affiche une liste numérotéé des versions
		echo "$i) $version"
		((i++))
	done
	echo ""
	read -p "Choix : " version_choice
	echo ""

	# On peut choisir la version par son numéro
	if [[ $version_choice =~ ^[[:digit:]]+$ ]]
	then
		if [[ ! -z ${versions[$version_choice]} ]]
		then
			str_bindir=${bin_dirs[${versions[$version_choice]}]}
			str_version=${versions[$version_choice]}
		fi
	elif [[ ! -z ${bin_dirs[$version_choice]} ]]
	then
		str_bindir=${bin_dirs[$version_choice]}
		str_version=${version_choice}
	fi
elif [ "$#" -eq 1 ];
then
	## Récupération des dossifférents dossiers hébergeant les binaires PHP
	#########################
	get_bin_dirs

	if [[ ! -z ${bin_dirs[$1]} ]]
	then
		str_bindir=${bin_dirs[$1]}
		str_version=$1
	elif [[ $1 == "reset" ]]
	then
		echo "Reset du PATH sans les binaires PHP"
		for dir in ${bin_dirs[*]}
		do
			pathremove "${dir}"
		done
		if [[ ! -z $oldPS1 ]]
		then
			PS1=$oldPS1
			unset oldPS1
		else
			PS1="[\u@\h \W]\\$ "
		fi
	fi
else
	echo "Nombre de paramètres attendus : 1"
fi

if [[ -z $str_bindir ]]
then
	if [[ $1 != "reset" ]]
	then
		echo "Choix de version invalide !"
		get_bin_dirs
		echo "Versions disponibles : "${!bin_dirs[*]}
	fi
else
	echo -e "Version de PHP : $str_version. Path : $str_bindir"
	echo -e "Pour retirer les binaires PHP du PATH, utiliser la commande « set_php_version reset »"
	for dir in ${bin_dirs[*]}
	do
		pathremove "${dir}"
	done

	pathprepend ${str_bindir}

	if [[ -z $oldPS1 ]]
	then
		oldPS1=$PS1
	fi
	export PS1="[\u@\h \W|\[\033[0;31m\]PHP ${str_version}\[\033[0m\]]\\$ "
fi

unset version versions str_bindir bin_dir bin_dirs pathremove pathprepend pathappend get_bin_dirs version_choice str_version

Installation Zabbix

rpm -Uvh https://repo.zabbix.com/zabbix/4.4/rhel/7/x86_64/zabbix-release-4.4-1.el7.noarch.rpm
rpm -import http://repo.zabbix.com/RPM-GPG-KEY-ZABBIX-A14FE591
yum install zabbix-agent
sed -i -e 's/Server=127.0.0.1/Server=myzabbixserver/g' -e 's/ServerActive=127.0.0.1/ServerActive=myzabbixserver/g' -e 's/Hostname=Zabbix server/Hostname=myserver/g' /etc/zabbix/zabbix_agentd.conf
Récupérée de « https://wiki.jordan-lenuff.com/index.php?title=Technique/Linux/Commandes_utiles&oldid=1559 »