[install nginx-1.0.11 di dalam chroot jail] by: ev1lut10n download nginx-1.0.11 install : =================== [root@godaddy_dedicated ~]# cd nginx-1.0.11 [root@godaddy_dedicated nginx-1.0.11]# cd nginx-1.0.11 [root@godaddy_dedicated nginx-1.0.11]# ./configure --with-http_ssl_module --without-mail_pop3_module --without-mail_imap_module --without-mail_smtp_module --with-http_stub_status_module [root@godaddy_dedicated nginx-1.0.11]# make && make install ================= siapkan susunan direktori untuk chroot ==== [root@godaddy_dedicated ~ conf]# D=/chroot/nginx [root@godaddy_dedicated ~ conf]# mkdir -p $D [root@godaddy_dedicated ~ conf]# mkdir -p $D/etc [root@godaddy_dedicated ~ conf]# mkdir -p $D/dev [root@godaddy_dedicated ~ conf]# mkdir -p $D/var [root@godaddy_dedicated ~ conf]# mkdir -p $D/usr [root@godaddy_dedicated ~ conf]# mkdir -p $D/usr/local/nginx [root@godaddy_dedicated ~ conf]# mkdir -p $D/tmp [root@godaddy_dedicated ~ conf]# chmod 1777 $D/tmp [root@godaddy_dedicated ~ conf]# mkdir -p $D/var/tmp [root@godaddy_dedicated ~ conf]# chmod 1777 $D/var/tmp [root@godaddy_dedicated ~ conf]# mkdir -p $D/lib64 === buat blok untuk special char & file ==== [root@godaddy_dedicated ~ chroot]# ls -l /dev/{null,random,urandom} crw-rw-rw- 1 root root 1, 3 Mar 1 16:42 /dev/null crw-rw-rw- 1 root root 1, 8 Mar 1 16:42 /dev/random cr--r--r-- 1 root root 1, 9 Mar 1 16:42 /dev/urandom ==== melihat tampilan di atas kita siapkan dg mknod: =========== [root@godaddy_dedicated ~ chroot]# mknod -m 0666 $D/dev/null c 1 3 [root@godaddy_dedicated ~ chroot]# mknod -m 0666 $D/dev/random c 1 8 [root@godaddy_dedicated ~ chroot]# mknod -m 0444 $D/dev/urandom c 1 9 ======== cek shared library: ===== [root@godaddy_dedicated ~ chroot]# updatedb [root@godaddy_dedicated ~ chroot]# locate nginx | grep bin /root/nginx-1.0.12/objs/src/http/ngx_http_upstream_round_robin.o /root/nginx-1.0.12/src/http/ngx_http_upstream_round_robin.c /root/nginx-1.0.12/src/http/ngx_http_upstream_round_robin.h /usr/local/nginx/sbin /usr/local/nginx/sbin/nginx [root@godaddy_dedicated ~ chroot]# ldd /usr/local/nginx/sbin/nginx linux-vdso.so.1 => (0x00007fff297fd000) libpthread.so.0 => /lib64/libpthread.so.0 (0x000000399f200000) libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00000039a0e00000) libpcre.so.0 => /lib64/libpcre.so.0 (0x00000039a2600000) libssl.so.6 => /lib64/libssl.so.6 (0x0000003750400000) libcrypto.so.6 => /lib64/libcrypto.so.6 (0x00000039a2200000) libdl.so.2 => /lib64/libdl.so.2 (0x000000399ee00000) libz.so.1 => /lib64/libz.so.1 (0x000000399fa00000) libc.so.6 => /lib64/libc.so.6 (0x000000399ea00000) /lib64/ld-linux-x86-64.so.2 (0x000000399e600000) libgssapi_krb5.so.2 => /usr/lib64/libgssapi_krb5.so.2 (0x00000039a3a00000) libkrb5.so.3 => /usr/lib64/libkrb5.so.3 (0x00000039a3600000) libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00000039a2a00000) libk5crypto.so.3 => /usr/lib64/libk5crypto.so.3 (0x00000039a3200000) libkrb5support.so.0 => /usr/lib64/libkrb5support.so.0 (0x00000039a2e00000) libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00000039a1a00000) libresolv.so.2 => /lib64/libresolv.so.2 (0x00000039a1600000) libselinux.so.1 => /lib64/libselinux.so.1 (0x000000399fe00000) libsepol.so.1 => /lib64/libsepol.so.1 (0x00000039a0200000) [root@godaddy_dedicated ~ chroot]# =========== ======== [root@godaddy_dedicated ~ chroot]# cp -fv /etc/{group,prelink.cache,services,adjtime,shells,gshadow,shadow,hosts.deny,localtime,nsswitch.conf,nscd.conf,prelink.conf,protocols,hosts,passwd,ld.so.cache,ld.so.conf,resolv.conf,host.conf} $D/etc ===== [root@godaddy_dedicated ~ chroot]# cp -avr /etc/{ld.so.conf.d,prelink.conf.d} $D/etc ========== siapkan skrip utk mengkopi shared library di atas: ==== #!/usr/bin/perl #fetch_nginx_so.pl #made by : ev1lut10n open(PROSES_MYSQL, "ldd /usr/local/nginx/sbin/nginx | grep lib |"); while () { $tampilan_proses .= $_; ($nama_lib,$sign,$path_lib,$mem_load) = split; if($path_lib=~/lib/) { system("cp $path_lib /chroot/nginx$path_lib"); } } close(PROSES_MYSQL); ===== ==== [root@godaddy_dedicated ~ chroot]# perl fetch_nginx_so.pl cp: cannot create regular file `/chroot/nginx/usr/lib64/libgssapi_krb5.so.2': No such file or directory cp: cannot create regular file `/chroot/nginx/usr/lib64/libkrb5.so.3': No such file or directory cp: cannot create regular file `/chroot/nginx/usr/lib64/libk5crypto.so.3': No such file or directory cp: cannot create regular file `/chroot/nginx/usr/lib64/libkrb5support.so.0': No such file or directory [root@godaddy_dedicated ~ chroot]# locate libgssapi_krb5.so.2 [root@godaddy_dedicated ~ chroot]# cd /chroot/nginx/usr/ [root@godaddy_dedicated ~ usr]# mkdir lib64 [root@godaddy_dedicated ~ chroot]# perl fetch_nginx_so.pl ====== kopikan ld-linux-x86-64.so.2 secara manual: ==== [root@godaddy_dedicated ~ chroot]# cp /lib64/ld-linux-x86-64.so.2 /chroot/nginx/lib64/ == test apakah nginx sedang berjalan: ===[root@godaddy_dedicated ~ chroot]# telnet localhost 80 Trying 127.0.0.1... Connected to localhost.secureserver.net (127.0.0.1). Escape character is '^]'. Connection closed by foreign host. [root@godaddy_dedicated ~ chroot]# =========== jika terkoneksi matikan: ==== [root@godaddy_dedicated ~ chroot]# killall -9 nginx ==== start nginx: ========= /usr/sbin/chroot /chroot/nginx /usr/local/nginx/sbin/nginx =========