How to install Apache, MariaDB and PHP on CentOS 7 minimal

After install and configure network under CentOS 7 minimal I continue with LAMP section. Since the machine has 4GB memory I prefer to use old fashion LAMP. Only switch MySQL with MariaDB ūüôā

The steps for LAMP installation for my own reference and my vps need :

Install required Package

Install nano

# yum install nano

Install Apache, PHP and MariaDB

# yum install httpd mariadb-server mariadb php php-mysql php-mysqli php-gd php-pear php-mbstring

Configure Apache

Start httpd

# systemctl start httpd.service

Set httpd to auto start after reboot or boot process

# systemctl enable httpd.service
ln -s ‘/usr/lib/systemd/system/httpd.service’ ‘/etc/systemd/system/’

By default firewall will block access. To exclude http from firewall block :

# firewall-cmd --permanent --add-service http

# systemctl restart firewalld.service

Try visit ip address from browser


Configure MariaDB

Start mariadb

# systemctl start mariadb

Set mariadb to autostart

# systemctl enable mariadb.service
ln -s ‘/usr/lib/systemd/system/mariadb.service’ ‘/etc/systemd/system/’

Set password for mariadb, delete unnecessary database and users.

# mysql_secure_installation
/usr/bin/mysql_secure_installation: line 379: find_mysql_client: command not found


In order to log into MariaDB to secure it, we’ll need the current
password for the root user.¬† If you’ve just installed MariaDB, and
you haven’t set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on…

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
… Success!

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
… Success!

Normally, root should only be allowed to connect from ‘localhost’.¬† This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
… Success!

By default, MariaDB comes with a database named ‘test’ that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
– Dropping test database…
… Success!
– Removing privileges on test database…
… Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
… Success!

Cleaning up…

All done!¬† If you’ve completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

I also need to enable firewall to exclude future database remote backup. Port 3306 is required to open.

# firewall-cmd --permanent --add-port=3306/tcp
# systemctl restart firewalld.service


Next step is measure time needed from start server to get login display and make my report.

IBM X3250 M5 and Minimal CentOS 7

New server come. Its a IBM X3250 M5 with single HD 1TB Sata 7200 RPM. I can not see it from bios setting, my FreeBSD 9.2 CD also unable to detect it but I’ve not try it using FreeBSD 10. As I ever see various case that related with storage detection then I quickly switch to CentOS.

My preference will be CentOS 5.xx version due to application requirement (php 5.2) but now its no longer relevance. I can use newest php version and I think CentOS 7 will be fit. It will overcome storage detection and perhaps I can learn new things.

Installation work smooth since I choose DVD version but I work with minimal installation. A few notes around Minimal CentOS 7 :

# cat /etc/redhat-release
CentOS Linux release 7.0.1406 (Core)

No ifconfig command in minimal CentOS 7

# ifconfig
bash: ifconfig: command not found

Ip addr to see all network setting

# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s26u1u2u5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 6e:ae:8b:5a:68:67 brd ff:ff:ff:ff:ff:ff
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 6c:ae:8b:5a:68:60 brd ff:ff:ff:ff:ff:ff
inet brd scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::6eae:8bff:fe5a:6860/64 scope link
valid_lft forever preferred_lft forever
4: eno1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN qlen 1000
link/ether 6c:ae:8b:5a:68:61 brd ff:ff:ff:ff:ff:ff

nmcli is new friend

# nmcli -p con
NetworkManager connection profiles
NAME           UUID                                  TYPE            DEVICE
enp0s26u1u2u5¬† 4ca8bc8e-74c5-4578-ab34-895c1c6cb7a1¬† 802-3-ethernet¬† —
eno1¬†¬†¬†¬†¬†¬†¬†¬†¬†¬† 598b49c6-9adf-4fb7-96ee-22ebd2ee15bf¬† 802-3-ethernet¬† —
eth0           2c0edb26-c2ad-42f5-80f3-3bd69b1e27e5  802-3-ethernet  eth0

Edit connection using nmtui


you’ll see screen like this

network manager TUI


edit network setting under nmtui

edit anything you want

complete network change using nmtui

The interface is pretty clear and enough for me but if really need ifconfig command

# yum install net-tools
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base:
* extras:
* updates:
Resolving Dependencies
–> Running transaction check
—> Package net-tools.x86_64 0:2.0-0.17.20131004git.el7 will be installed
–> Finished Dependency Resolution

Dependencies Resolved

Package                               Arch                               Version                                                Repository                        Size
net-tools                             x86_64                             2.0-0.17.20131004git.el7                               base                             304 k

Transaction Summary
Install  1 Package

Total download size: 304 k
Installed size: 917 k
Is this ok [y/d/N]: y

Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/net-tools-2.0-0.17.20131004git.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY76 kB  00:00:00 ETA
Public key for net-tools-2.0-0.17.20131004git.el7.x86_64.rpm is not installed
net-tools-2.0-0.17.20131004git.el7.x86_64.rpm                                                                                                    | 304 kB  00:00:03
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid¬†¬†¬†¬† : “CentOS-7 Key (CentOS 7 Official Signing Key) <[email protected]>”
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package    : centos-release-7-0.1406.el7.centos.2.3.x86_64 (@anaconda)
From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Is this ok [y/N]: y
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : net-tools-2.0-0.17.20131004git.el7.x86_64                                                                                                            1/1
Verifying  : net-tools-2.0-0.17.20131004git.el7.x86_64                                                                                                            1/1

net-tools.x86_64 0:2.0-0.17.20131004git.el7


network scripts still there

# ls /etc/sysconfig/network-scripts/
ifcfg-eno1           ifdown       ifdown-ipv6  ifdown-routes    ifdown-tunnel  ifup-eth   ifup-plip   ifup-routes    ifup-tunnel        network-functions-ipv6
ifcfg-enp0s26u1u2u5  ifdown-bnep  ifdown-isdn  ifdown-sit       ifup           ifup-ippp  ifup-plusb  ifup-sit       ifup-wireless
ifcfg-eth0           ifdown-eth   ifdown-post  ifdown-Team      ifup-aliases   ifup-ipv6  ifup-post   ifup-Team      init.ipv6-global
ifcfg-lo             ifdown-ippp  ifdown-ppp   ifdown-TeamPort  ifup-bnep      ifup-isdn  ifup-ppp    ifup-TeamPort  network-functions

# cat ifcfg-eth0

Free memory before install LAMP

# free -m
total       used       free     shared    buffers     cached
Mem:          3629        534       3095          8          1        342
-/+ buffers/cache:        189       3439
Swap:         3855          0       3855

# df -H
Filesystem               Size  Used Avail Use% Mounted on
/dev/mapper/centos-root   54G  1,1G   53G   2% /
devtmpfs                 1,9G     0  1,9G   0% /dev
tmpfs                    2,0G     0  2,0G   0% /dev/shm
tmpfs                    2,0G  9,0M  1,9G   1% /run
tmpfs                    2,0G     0  2,0G   0% /sys/fs/cgroup
/dev/sda2                521M   93M  429M  18% /boot
/dev/mapper/centos-home  942G   34M  942G   1% /home
/dev/sda1                210M   10M  200M   5% /boot/efi

So far its great ūüôā

Install PHP 5.2.17 on CentOS 5.10

CentOSAnother server came with specific hardware that require me to install CentOS 5.10 64 bit with base only package. Since CentOS 5 use PHP 5.1 by default so I decide to find a way for PHP 5.2.17 (latest version of PHP 5.2 generation).


I use Jason package from

# nano /etc/yum.repos.d/utter-ramblings.repo
fill these lines :

name=Utter Ramblings


Make sure to change to for baseurl if you use 32 bit.

Install PHP and friends

PHP 5.2.17

# yum install php php-mysql


# yum install mysql-server

Run as service

# chkconfig httpd --add
# chkconfig  httpd  on --level 235
# chkconfig  mysqld --add
# chkconfig mysqld on --level 235

2  =  Multi-user mode console logins only (without networking)
3  =  Multi-User mode, console logins only
5  = Multi-User mode, with display manager as well as console logins (X11)

Checking if already set as service

# chkconfig --list mysqld
mysqld             0:off    1:off    2:on    3:on    4:off    5:on    6:off
# chkconfig --list httpd
httpd              0:off    1:off    2:on    3:on    4:off    5:on    6:off

Checking installed httpd and mysql :

# rpm -qa | grep httpd

# rpm -qa | grep mysql


P.S : in case you got error (refused connection) then iptables need to told about this service :

# iptables -I INPUT -p tcp -m tcp --dport 80 -j ACCEPT
# service iptables save

Saving firewall rules to /etc/sysconfig/iptables:          [  OK  ]
# service iptables restart
Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: filter                    [  OK  ]
Unloading iptables modules:                                [  OK  ]
Applying iptables firewall rules:                          [  OK  ]
Loading additional iptables modules: ip_conntrack_netbios_n[  OK  ]


Last check : date

# date
Rab Nov 12 18:20:19 WIT 2014

Checking BIOS time I see no error.

# rpm -qa | grep ntp

Since another process lock yum, I use quick way :

# date 111210212014
Rab Nov 12 10:21:00 WIT 2014

Yes, that command use following format

date MMDDhhmmYYYY

MM -> month (in two digit)

DD -> date (in two digit)

hh -> hour (in 24 hour format)

mm -> minutes (in 2 digit)

YYYY -> year (in 4 digit)

Check again after issue command.

# date

Rab Nov 12 10:25:21 WIT 2014

Yes, the result is match.

I’ll continue with ntp next time.

For quick dns setting I use maradns.

Update January 15 2015 :

I need fail2ban for this server :

Add server

#rpm -Uvh
warning: /var/tmp/rpm-xfer.UKJ53A: Header V3 DSA signature: NOKEY, key ID 217521f6
Preparing… ########################################### [100%]
1:epel-release ########################################### [100%]

Install fail2ban

# yum install fail2ban
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
* base:
* epel:
* extras:
* updates:
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package fail2ban.noarch 0:0.8.14-1.el5 set to be updated
–> Processing Dependency: python-inotify for package: fail2ban
–> Running transaction check
—> Package python-inotify.noarch 0:0.9.1-1.el5 set to be updated
–> Processing Dependency: python-ctypes for package: python-inotify
–> Running transaction check
—> Package python-ctypes.x86_64 0:1.0.2-3.el5 set to be updated
–> Finished Dependency Resolution

Dependencies Resolved

Package Arch Version Repository Size
fail2ban noarch 0.8.14-1.el5 epel 266 k
Installing for dependencies:
python-ctypes x86_64 1.0.2-3.el5 base 210 k
python-inotify noarch 0.9.1-1.el5 epel 86 k

Transaction Summary
Install 3 Package(s)
Upgrade 0 Package(s)

Total download size: 562 k
Is this ok [y/N]: y
Downloading Packages: [Errno 12] Timeout: <urlopen error timed out>
Trying other mirror.
(1/3): python-inotify-0.9.1-1.el5.noarch.rpm | 86 kB 00:00
(2/3): python-ctypes-1.0.2-3.el5.x86_64.rpm | 210 kB 00:03
(3/3): fail2ban-0.8.14-1.el5.noarch.rpm | 266 kB 00:02
Total 6.8 kB/s | 562 kB 01:22
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 217521f6
epel/gpgkey | 1.7 kB 00:00
Importing GPG key 0x217521F6 “Fedora EPEL <[email protected]>” from /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL
Is this ok [y/N]: y
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : python-ctypes 1/3
Installing : python-inotify 2/3
Installing : fail2ban 3/3

fail2ban.noarch 0:0.8.14-1.el5

Dependency Installed:
python-ctypes.x86_64 0:1.0.2-3.el5 python-inotify.noarch 0:0.9.1-1.el5


Configuration fail2ban

# nano /etc/fail2ban/jail.conf

Pay attention to ssh section

service fail2ban restart

# service fail2ban restart
Stopping fail2ban: ERROR Unable to contact server. Is it running?
Starting fail2ban: [ OK ]

Check fail2ban exist?

# ps ax | grep fail
4066 ? Sl 0:00 /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/ -x
4099 ? S 0:00 sh -c printf %b “Subject: [Fail2Ban] SSH: stopped on `uname -n`?Date: `LC_TIME=C date -u +”%a, %d %h %Y %T +0000″`?From: Fail2Ban <[email protected]>?To: [email protected]\n?Hi,\n?The jail SSH has been stopped.\n?Regards,\n?Fail2Ban” | /usr/sbin/sendmail -f [email protected] [email protected]
4103 ? S 0:00 /usr/sbin/sendmail -f [email protected] [email protected]
4173 ? Sl 0:00 /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/ -x
4184 ? S 0:00 sh -c printf %b “Subject: [Fail2Ban] SSH: started on `uname -n`?Date: `LC_TIME=C date -u +”%a, %d %h %Y %T +0000″`?From: Fail2Ban <[email protected]>?To: [email protected]\n?Hi,\n?The jail SSH has been started successfully.\n?Regards,\n?Fail2Ban” | /usr/sbin/sendmail -f [email protected] [email protected]
4188 ? S 0:00 /usr/sbin/sendmail -f [email protected] [email protected]

Update : June 24 2015

I just know ntsysv, an utility that useful to enable the service during boot. Neat one.

Well, I need to set sender address ūüôā

How to install MariaDB on CentOS 5.5

First thing I want to try on CentOS 5.5 is mariadb. Fortunately mariadb available in binary for CentOS and don’t force me to install from source like I do with FreeBSD since its not available yet on FreeBSD ports.

I’m going to install mariadb 5.23 and make it as learning media ūüôā

Here the steps :

Download mariadb rpm file

Get all rpm file (client and server) from osuosl mirror.

# ls

MariaDB-client-5.2.3-87.el5.i386.rpm√ā¬† MariaDB-server-5.2.3-87.el5.i386.rpm

Install the files

# rpm -i MariaDB-*

error: Failed dependencies: is needed by MariaDB-client-5.2.3-87.el5.i386 is needed by MariaDB-client-5.2.3-87.el5.i386 is needed by MariaDB-client-5.2.3-87.el5.i386 is needed by MariaDB-client-5.2.3-87.el5.i386 is needed by MariaDB-server-5.2.3-87.el5.i386 is needed by MariaDB-server-5.2.3-87.el5.i386 is needed by MariaDB-server-5.2.3-87.el5.i386 is needed by MariaDB-server-5.2.3-87.el5.i386

Continue reading

Step by step guide install CentOS 5.5 with network install

New class has started and I try to give my student new experince. During my search I found new thing that I think they like to try. Network installation would be good for next lesson. I ever try it few years ago with Linux Mandrake. Create diskette boot and perform installation from network server where all required files has already copied.

Nowadays, its rare to see computer with floppy disk as slowly replaced by usb flash disk. Ok, I decide to try install CentOS 5.5 with network install mode.

Here the steps :

Download CentOS 5.5√ā¬† iso file

Get from nearest mirror by visit this link.

Pick one mirror and you should see the list.

Continue reading