Installing Coolstack on Solaris 10

 

Reference: http://cooltools.sunsource.net/coolstack/

 

Install Coolstack

Download the x86 version of Coolstack

bunzip2 [package.pkg.bz2]

 

For example: bunzip2 CSKmysql_sparc.pkg.bz2

pkgadd -d [package.pkg]

 

This process will install the package in /opt/coolstack, along with all dependent libraries.

 

Document root is located at: /opt/coolstack/apache2/htdocs

 

Solaris zone has several instances of apache and apache2 preinstalled. These may be running and will prevent the coolstack apache from running. Disable all other apaches

Kill the currently running apache services.

# ps –ef | grep apache2

 

Kill <number> corresponding to apache process given above or do apache stop but since the httpd.conf file is not configured this gives an error so use kill instead.

 

Next ensure preinstalled apaches do not start up.

# cd /etc/rc3.d

 

Rename the following:

S50apache, S50cswapache and  S50cswapache2 to OFF-S50apache, OFF-S50cswapache and  OFF-S50cswapache2 .

 

This stops these apache services from restarting on boot up.

 

Configure CoolStack Apache

 

Edit /opt/coolstack/apache2/conf/httpd.conf

ServerName ims-arcs-zone:80

Add index.php directory index

<IfModule dir_module>

    DirectoryIndex index.html index.php

</IfModule>

Start apache

#/opt/coolstack/apache2/bin/apachectl start

 

 

Configure Mysql

 

Add /opt/coolstack/mysql_32bit/bin /bin to your path, and /opt/coolstack/mysql/man to your manpath.

#export PATH=/opt/coolstack/mysql_32bit/bin:$PATH

 

Install the db and mysql user:

# /opt/coolstack/mysql/bin/mysql_install_db

# groupadd mysql

# useradd -c "MySQL Server" -g mysql mysql

 

Change ownership

# chown -R mysql:mysql /opt/coolstack/mysql_32bit

 # cp /opt/coolstack/mysql_32bit/share/mysql/my-large.cnf /etc/my.cnf

 

Edit my.cnf if necessary. Consider uncomment skip-networking to prevent network access to the database.

 

Start up the server:

 

# su – mysql  (this line may not be necessary)

$ /opt/coolstack/mysql_32bit/bin/mysqld_safe &

$ ps -ef | grep mysql | grep –v grep  <– Make sure the mysqld process is running

$ /opt/coolstack/mysql_32bit/bin/mysqladmin -u root password ‘yourrootpassword’

$ /opt/coolstack/mysql/bin/mysqladmin -u root -h ‘yourhostname’ password ‘yourrootpassword’

 

Install Extra PHP Libraries.

 

Dowbload load from here: Packages CSKtds, CSKncurses, CSKphplibs, English

 

The above PHP libraries contain the useful GD graphics library for PHP. We’ll need that for the Drupal CMS which I will post next week.. Download the x86 version of Coolstack

 

#bunzip2 [package.pkg.bz2]

 

For example: bunzip2 CSKmysql_sparc.pkg.bz2

#tar -xvf ./CSKphplibsBundle_x86.tar

#pkgadd -d ./CSKphplibs_x86.pkg

 

Edit #/opt/coolstack/php5/lib/php.ini

 

Add the following line.

extension="gd.so"

 

Restart Apache

#/opt/coolstack/apache2/bin/apachectl start

 

 

Disable unnecessary Solaris Services

Services that you may want to disable once the Zone has booted are listed below. This procedure as the effect of locking the zone down and making it more secure.

svcadm disable ftp
svcadm disable telnet

svcadm disable ssh (left this on if you need ssh)

svcadm disable sendmail (left this on for Drupal  CMS sending emails)

svcadm disable finger
svcadm disable rlogin
svcadm disable nfs/client
svcadm disable nfs/status
svcadm disable nfs/nlockmgr
svcadm disable rpc/bind
svcadm disable rpc/gss
svcadm disable rpc/rstat
svcadm disable rpc/rusers
svcadm disable rpc/smserver
svcadm disable shell:default (left this on for us)
svcadm disable svc:/network/cde-spc:default
svcadm disable svc:/application/graphical-login/cde-login:default
svcadm disable inetdsvcadm disable rpc-100235_1/rpc_ticotsord:defaultsvcadm disable rpc-100068_2-5/rpc_udp:default
svcadm disable rpc-100083_1/rpc_tcp:default
svcadm disable x11/xfs
svcadm disable font/fc-cache

 

This entry was posted on Wednesday, May 30th, 2007 at 6:11 pm and is filed under Solaris. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.