Wordpress How-To Part Deux

Alright, where was I. Right, mysqld. Time to turn that on.

# service mysqld start

And when you do run this, the mysqld start up script will give an output that will only be displayed when you attempt to start mysqld for the first time. And that is to set a password to the mysql root account and run the /usr/bin/mysql_secure_installation. Now if you have a strict security requirement, you might want to take heed. Well I am going to stick with the /usr/bin/mysql_secure_installation script, since it will make your life so easy, when installing MySQL of course.

What the /usr/bin/mysql_secure_installation will do is pretty much the following:
1. Set a password for the root account
2. Remove all anonymous user account.
3. Disable remote root login, in other words removing any root@'*' entry from the mysql.user table.
4. Drop the database called test
5. Reload privileges, which is typically what you would do when changes are made to the mysql.user table.

I am not going to open up the port 3306 on iptables since the mysql database is going to be running on the same host as where the wordpress is going to be running from.

Right, download the latest wordpress from the link http://wordpress.org/latest.tar.gz

Right, I might have mention that I would be install wordpress from the EPEL yum repository, and as it turns out, the wordpress has all sorts of weird dependencies which I wasn't willing to force (which you can when using yum) and break the dependencies on any other packages that are already installed.

Since I've download the latest wordpress tar ball into the root home directory, extract the tarball into the directory /var/www

# cd /var/www/html
# tar xvfz ~/latest.tar.gz
# mv wordpress blog

Make a copy of the wp-config-sample.php and call it wp-config.php. This should be made from the directory /var/www/html/blog

# cd /var/www/html/blog
# cp -p wp-config-sample.php wp-config.php

Edit the file wp-config.php appropriately, especially the database-related connection parameters.

The next thing that should be done would to change the authentication unique keys and salts. Yep, it a mouthful, but it has to be done (I think, not sure if it's optional). Since this has been mentioned in the installation steps, I thought I should just do as stated in the docs.

Fire up the browser and point it to the URL https://api.wordpress.org/secret-key/1.1/salt/.

Copy and paste the contents into the wp-config.php appropriately.

Apparently I missed out on the php-mysql package. To install it simply run yum install -y php-mysql php-pdo

php-pdo is the dependency require by php-mysql.

Apparently httpd requires a restart after php-mysql has been installed.

Open up your browser again and point it to the URl http://hostname/blog/wp-admin/setup-config.php to start setting up Wordpress.

And voila you know have a running Wordpress copy, hopefully.

Wordpress How-To

Since I'm always not in the habit of jotting the stuffs I do at work, well I'm going to change that for this particular test install.

My bosses seems to be keen in selling SaaS, surprisingly, and they want to know if it's doable. I know for a fact it is doable, but thought I'd do it for well, for work sake.

I'm going to install CentOS 6.4. As a matter of fact, I had installed RHEL 6.3 earlier, but since I don't have a "valid" subscription, I'd skip RHEL and decided to work on CentOS instead.

So, first things first, always update your copy of CentOS or Linux or whichever distribution you pick to install.

The mirror list that is hard coded into the CentOS yum repo list /etc/yum.repos.d does not seem to be working as it should, I wonder why. And I don't know why they haven't gotten this fixed.

Edit /etc/yum.repos.d/CentOS-Base.repo
And remark all mirrorlist configuration parameter and add baseurl=http://mirror.nus.edu.sg/centos/6/centosplus/$basearch/

Replace the text /centosplus/ appropriately. e.g. For updates simply replace it with /updates/.

Yes, I'm going to use a mirror which in Singapore to do my yum updates. And I don't understand why none of the Malaysian mirrors are so unreliable.

First things first, assign an IP address to the first assignable network interface eth0. If you choose to use bonding, I'm not going to cover that for this test install.

Disable IPv6 since nobody out there is using it appropriately still by adding the following into /etc/modprobe.d/dist.conf

# Disable IPv6
alias ipv6 off

And add the following into /etc/sysconfig/network

NETWORKING_IPV6=no

Disable IPv6 ip6tables

# chkconfig ip6tables off

Next would be install all the appropriate patches. Run yum check-update for absolutely no reason except to list all the packages that will be replace when you actually run yum update.

Go gungho and run yum -y update and REBOOT !

Apparently I picked basic install, and as it turns out I don't have wget installed, run yum install -y wget. Once that's done download the EPEL yum repository rpm. You're going to be installing, well I'm going to be installed some packages from Fedora Project's EPEL repository.

# wget http://download.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm

Install the EPEL yum repository rpm package file
# rpm -ivh epel-release-5-4.noarch.rpm

Apparently wordpress is available for install from Fedora's EPEL yum repository, surprisingly enough.

Install php (version 5.3.3) by running yum install php. The dependencies that are required for the php installing are
apr
apr-util
apr-util-ldap
httpd (version 2.2.15)
httpd-tools
libedit
mailcap
php-cli
php-common

Next, install mysql-server (version 5.1.69), by running yum install -y mysql-server. And the dependencies are, in no particular order:
mysql
perl
perl-DBD-MySQL
per-DBI
perl-Module-Pluggable
perl-Pod-Escapes
perl-Pod-Simple
perl-libs
perl-version

Enable httpd to after the next reboot. And don't forget to start it up either

# chkconfig httpd on
# service httpd start

Since iptables is turned on by default allow port 80 on iptables by adding the following into the /etc/sysconfig/ipfilter

-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

Restart iptables

# service iptables restart

There's a possible chance that the HTTPS might be used, so you can always add the HTTPS port of 443 later if you need to.

Since this is going to be a lengthy post. I am going to end this right here. I'll be continuing the later part of the install under a different entry.

Solaris 11 - root as a role

This is a little bit something a colleague of mine had mentioned about the root account/role.

Upon completing an installation, if you choose not to create a normal user account when being prompted to, root will be configured as a normal account with its appropriate root privileges.

And if you happen to decide to install Solaris 11 with a normal user account when prompted, the root account will be revert to being a role instead of a normal account (with root privileges, of course).

To verify if root is a role instead of a normal account, running the following command would yield an empty output:
# grep root /etc/user_attr

Or rather if you display the content (using cat) of the file /etc/user_attr, it should only display the text below
# cat /etc/user_attr
#
# The system provided entries are stored in different files
# under "/etc/user_attr.d".  They should not be copied to this file.
#
# Only local changes should be stored in this file.
# This line should be kept in this file or it will be overwritten.
#

If root is indeed a role, you should be able to see the following
# grep root /etc/user_attr
root::::type=role

If root is indeed a role, to revert root to being a normal account, meaning you can login with it:
# rolemod -K type=normal root

To change the account root to being a role
# usermod -K type=role root

To assign any normal account shahmatd with the root role
# usermod -R root shahmatd