Rolling Resource

If you have installed phpMyAdmin, you may get the errors

Invalid hostname for server 2. Please review your configuration.
Invalid hostname for server 3. Please review your configuration.

when you log in. If so, the solution is to comment out this block of code in config.inc.php (it appears twice) - just wrap it in '/*' and '*/' as I have below

These are the commands you will have to issue from the command prompt on your server in order to download the necessary libraries and applications needed to build Python. I have piped all output from each stage into log.xxxx and err.xxxx files. Make sure that you read the err.xxxx files if they are not zero length and action any errors before proceeding to the next step. The information in log.xxxx will help you troubleshoot any errors.

As I do not have root access on Westhost, I have decided to create my own tree under /usr/mylocal for libraries and executables.

Download gdbm

• ftp ftp.gnupg.org
• login: anonymous password:anon@
• cd gnu/gdbm
• passive
• dir gdbm-*
• get gdbm-1.8.3.tar.gz
• quit
• gunzip -c gdbm-1.8.3.tar.gz |tar x
• cd gdbm-1.8.3
• ./configure --prefix=/usr/mylocal >log.config 2>err.config
• make >log.make 2>err.make
• make install >log.install 2>err.install
• ls -l err.*
• edit /etc/ld.so.conf to include /usr/mylocal/lib as first line
• ldconfig
• cd ..

Download ncurses

• ftp ftp.gnupg.org
• login: anonymous
• cd /pub/gnu/ncurses
• passive
• dir ncurses*
• get ncurses-5.5.tar.gz
• get ncurses-5.5.tar.gz.sig
• quit
• gunzip -c ncurses-5.5.tar.gz |tar x
• cd ncurses-5.5
• ./configure --prefix=/usr/mylocal >log.config 2>err.config
• make >log.make 2>err.make
• make install >log.install 2>err.install
• ls -l err.*
• ldconfig
• Run test/newdemo to check your installation. Press Q to stop.
• cd ..

I was unable to link to ncurses/xxxxx.h files when building Python. As a workaround, you need to define these three symbolic links

• ln -s /usr/mylocal/include/ncurses/ncurses.h /usr/mylocal/include/ncurses.h
• ln -s /usr/mylocal/include/ncurses/curses.h /usr/mylocal/include/curses.h
• ln -s /usr/mylocal/include/ncurses/panel.h /usr/mylocal/include/panel.h

Download Python

• wget http://www.python.org/ftp/python/2.5/Python-2.5.tar.bz2
• wget http://www.python.org/download/releases/2.5/Python-2.5.tar.bz2.asc
• gpg --verify Python-2.5.tar.bz2.asc
• bunzip2 -c Python-2.5.tar.bz2 |tar x
• cd Python-2.5
• ./configure --prefix=/usr/mylocal 1>log.config 2>err.config
• make >log.make 2>err.make
• make install >log.install 2>err.install
• ls -l err.*

If /usr/mylocal/bin is not in your path, then you will need to create a symbolic link for it

• ln -s /user/mylocal/bin/python /user/local/bin/python

I have downloaded and installed GnuPG, but whenever I try to retrieve a public key from a keyserver, it logs the error
gpgkeys_hkp: error while loading shared libraries: libcurl.so.3: cannot open shared object file: No such file or directory

This is despite the fact that libcurl.so.3 is on my system
$ find / -name libcurl.so* 2>/dev/null
/usr/local/lib/libcurl.so
/usr/local/lib/libcurl.so.3
/usr/local/lib/libcurl.so.3.0.0
/usr/local/phplibs/lib/libcurl.so
/usr/local/phplibs/lib/libcurl.so.3
/usr/local/phplibs/lib/libcurl.so.3.0.0
/usr/home/mylogin/apps/bld/curl-7.16.0/lib/.libs/libcurl.so.4.0.0
/usr/home/mylogin/apps/bld/curl-7.16.0/lib/.libs/libcurl.so.4
/usr/home/mylogin/apps/bld/curl-7.16.0/lib/.libs/libcurl.so
/usr/mylocal/lib/libcurl.so.4.0.0
/usr/mylocal/lib/libcurl.so.4
/usr/mylocal/lib/libcurl.so
/ftp/usr/lib/libcurl.so
/ftp/usr/lib/libcurl.so.1
/ftp/usr/lib/libcurl.so.1.1.0
/ftp/usr/lib/libcurl.so.2
In fact it appears twice, once in /usr/local/lib and again in /usr/local/phplibs/lib.  So what is going on?  It would appear that while my system can locate the file in order to build it into the executable, it cannot locate the library at run time (when I run gpg); no errors were logged when I configured and made GnuPG. There is a useful article (here) by David Wheeler which explains how libraries work. It explains the difference between soname, realname and linker name and how the various links are created as part of the build process. It goes on to explain that when you install a new version of a library, you install it in one of a few special directories and then run the program ldconfig(8) in order to update the file /etc/ld.so.cache. These special directories are defined in /etc/ld.so.conf
When we look at ld.so.conf, it has two lines

[mylogin][~]$ cat /etc/ld.so.conf
/usr/local/lib
/lib

so the system should find the link in /usr/local/lib. (/lib is actually a symbolic link to /ftp/usr/lib) However, when I checked the cache, the file is missing

[mylogin][~]$ ldconfig -p | grep libcurl
libcurl.so.2 (libc6) => /lib/libcurl.so.2
libcurl.so.1 (libc6) => /lib/libcurl.so.1
libcurl.so (libc6) => /lib/libcurl.so

It appears that the script which installed php did not run the ldconfig utility to update the cache. This was resolved by running ldconfig manually.

[mylogin][~]$ ldconfig -v

My system has library files for libcurl in
/usr/local/lib
/usr/local/phplibs/lib
/ftp/usr/lib
and the version I built myself in /usr/home/mylogin/apps/bld/curl-7.16.0/lib/.libs and /usr/mylocal/lib

so the cache now has the following entries
[mylogin][~/apps/dl]$ ldconfig -p | grep libcurl
libcurl.so.4 (libc6) => /usr/mylocal/lib/libcurl.so.4
libcurl.so.3.0.0 (libc6) => /usr/local/lib/libcurl.so.3.0.0
libcurl.so.3 (libc6) => /usr/local/lib/libcurl.so.3
libcurl.so.2 (libc6) => /lib/libcurl.so.2
libcurl.so.1 (libc6) => /lib/libcurl.so.1
libcurl.so (libc6) => /lib/libcurl.so
libcurl.so (libc6) => /usr/mylocal/lib/libcurl.so
libcurl.so (libc6) => /usr/local/lib/libcurl.so

Note that the files from phplibs are not included directly (the libraries in /usr/local/bin are actually symlinks to phplibs) and that there are entries for /lib (which is itself a symlink to /ftp/usr/lib). I also edited /etc/ld.so.conf to include the directroy /usr/mylocal/lib.

Step 1 - Download source

The first thing we need to do is download the source file from GnuPG.  I like to download the files directly to my server rather than downloading them to my PC and then uploading them to my server, so lets use a SSH session.  There are plenty of SSH Clients available, but PuTTY is available for free and does the job.  Instructions for configuring PuTTY for Westhost are available here.  Once you have logged in, create a directory to download your files to (for example, apps/dl) using the mkdir
[mylogin][~]$mkdir apps
[mylogin][~]$mkdir apps/dl

The files we need are only available via FTP from GnuPG.  If you clicked on the link to their site above, you will have found the latest version - at the time of writing this is 1.4.5.  Hover your mouse over the FTP link and you will find that the file we want to download is located at ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.5.tar.bz2, that is to say the file gnupg-1.4.5.tar.bz2 is located on the server called ftp.gnupg.org in the directory gcrypt/gnupg Follow the example below to download your own copy (user input is in bold).  It is good practice to download the signature file gnupg-1.4.5.tar.bz2.sig as well. 

If you prefer, you can download the gzipped file gnupg-1.4.5.tar.gz instead of gnupg-1.4.5.tar.bz.  You do not need both sets, although I download them in the example below.  GZip is just an older piece of software.  The command to extract the files would be gunzip instead of bunzip2

Step 2 - Checking the download

Now that we have the source files on our server, we need to check that they have not been tampered with.  The simplest way is to issue the command bunzip2 -t gnupg-1.4.5.tar.bz2

[mylogin][~/apps/dl]$ bunzip2 -tv gnupg-1.4.5.tar.bz2
gnupg-1.4.5.tar.bz2: ok

However, this only checks that the archive is not corrupt.  You really need to check the file's digital signature, but we don't have any means to do that yet.  We can verify the checksum but GnuPG only publish the SHA1 checksum for the code and we do not have sha1sum installed on our server.  However, I can reveal that the MD5sum is

811525965b4c0987e6418a7729a6444d gnupg-1.4.5.tar.bz2

If you save this text to the file gnupg-1.4.5.tar.bz2.md5, then enter md5sum -c gnupg-1.4.5.tar.bz2.md5 on the command line, you should get this response

[mylogin][~/apps/dl]$ md5sum -c gnupg-1.4.5.tar.bz2.md5
gnupg-1.4.5.tar.bz2: OK

If there was a problem with your download, you will get the following error message when testing the archive

bunzip2: gnupg-1.4.5.md5: data integrity (CRC) error in data

You can use the `bzip2recover' program to attempt to recover
data from undamaged sections of corrupted files.

Step 3 - Other libraries

We need to download and install the libcurl, libiconv and gettext libraries before we can build GnuPG.  Also, since we do not have root access at Westhost, we need to tell all Linux packages to install to a different directory other than /usr/local.  We do this by specifying

./configure --prefix=/usr/mylocal
NOTE: Create the directory /usr/mylocal if it does not already exist

libiconv and gettext depend on each other, so we need to build libiconv then gettext and the rebuild libiconv.

Build libcurl

wget http://curl.haxx.se/download/curl-7.16.0.tar.bz2
wget http://curl.haxx.se/download/curl-7.16.0.tar.bz2.asc
bunzip2 -c curl-7.16.0.tar.bz2 | tar x
cd curl-7.16.0
./configure --prefix=/usr/mylocal
make
make install
cd ..


Build libiconv

wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.11.tar.gz
wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-1.11.tar.gz.sig
gunzip -c libiconv-1.11.tar.gz | tar x
cd libiconv-1.11
./configure --prefix=/usr/mylocal
make
make install
cd ..


Build gettext

ftp mirrors.usc.edu
 anonymous
 anon@
 cd pub/gnu/gettext
 mode image
 passive
 get gettext-0.16.tar.gz
 get gettext-0.16.tar.gz.sig
 quit
gunzip -c gettext-0.16.tar.gz |tar x
cd gettext-0.16
./configure --prefix=/usr/mylocal
make
make install


Rebuild libiconv

cd ../libiconv-1.11
make distclean
./configure --prefix=/usr/mylocal
make
make install
libtool --dry-run --finish /usr/mylocal/lib
libtool --finish /usr/mylocal/lib
cd ..


Step 4 - Creating the Executable

bunzip2 -c gnupg-1.4.5.tar.bz2 |tar x
cd gnupg-1.4.5
./configure --prefix=/usr/mylocal
make
make install


Once you have built GnuPG, you will need to create a few links as our directory is not in the PATH.

ln -s /usr/mylocal/bin/gpg /usr/local/bin/gpg

Alternatively, edit the PATH definition in /.bashrc to include /usr/mylocal/bin

You will also need to copy the configuration file
mkdir ~/.gnupg
cp -p /usr/mylocal/share/gnupg/options.skel ~/.gnupg/options

• Download source from xinetd The current version is 2.3.14, so the command to download it is wget http://xinetd.org/xinetd-2.3.14.tar.gz.
• Unzip the file using the command gunzip -c xinetd-2.3.14.tar.gz|tar x and change into the directory this creates (cd xinetd-2.3.14)
• Configure it using the command ./configure --prefix=/usr/mylocal >log.config 2>err.config
• Check err.config for any errors
• Build the source code using the command make >log.make 2>err.make
• Check err.make for errors
• Install the package using the command make install >log.install 2>err.install
• Check err.install for any errors
• Now create the configuration file for the services you want to run using the command pico /etc/xinetd.conf. It should look something like this example:
  PLAIN TEXT
  C:

  1. # Configuration file for xinetd
  2. #
  3.  
  4. defaults
  5. {
  6.         instances               = 25
  7.         log_type                = FILE /var/log/xinetd
  8.         log_on_success  = HOST PID
  9.         log_on_failure = HOST
  10. }
  11.  
  12. #service imapd
  13. #{
  14. #       socket_type             = stream
  15. #       wait                    = no
  16. #       user                    = vuser
  17. #       server                  = /usr/local/sbin/imapd
  18. #       log_on_failure += USERID
  19. #}
  20.  
  21. #service imaps
  22. #{
  23. #       socket_type             = stream
  24. #       wait                    = no
  25. #       user                    = vuser
  26. #       server                  = /usr/local/sbin/imapd
  27. #       log_on_failure += USERID
  28. #}
  29.  
  30. ## rsyncd can't run on 873/tcp because WestHost's own backup
  31. ## tools are running there.
  32. #service rsync-alt
  33. #{
  34. #       disable                 = no
  35. #       type                    = UNLISTED
  36. #       port                    = 8730
  37. #       socket_type             = stream
  38. #       wait                    = no
  39. #       user                    = vuser
  40. #       server                  = /usr/local/bin/rsync
  41. #       server_args             = --daemon
  42. #       log_on_failure += USERID
  43. #}

  Replace vuser with your user name

• Test your installation of xinetd by typing /usr/mylocal/sbin/xinetd -d. Fix any errors. If there are none, then terminate the daemon using Control-X
• Create the file /etc/rc.d/init.d/xinetd which will be used to start and stop the xinetd task using the command pico /etc/rc.d/init.d/xinetd
  PLAIN TEXT
  C:

  1. #!/bin/bash
  2. #
  3. # Startup script for the xinetd server
  4. #
  5. # chkconfig: - 86 14
  6. # description: xinetd
  7. # processname: xinetd
  8. # pidfile: /var/run/xinetd.pid
  9. # config: /etc/xinetd.conf
  10.  
  11. # Source function library.
  12. . /etc/rc.d/init.d/functions
  13.  
  14. xinetd=/usr/mylocal/sbin/xinetd
  15. prog=xinetd
  16. RETVAL=0
  17.  
  18. start() {
  19.         echo -n $"Starting $prog: "
  20.         pidfile=/var/run/xinetd.pid
  21.         pid=`cat $pidfile 2>/dev/null`
  22.         [ "$pid" ] && \
  23.                 [ "`find  /proc/${pid}/exe -printf '%l%U\n' 2>/dev/null |
  24. awk -F'/' '{print $NF}'`" != "xinetd`id -u`" ] && \
  25.                                 /bin/rm -f $pidfile
  26.         daemon $xinetd
  27.         RETVAL=$?
  28.         echo
  29.         [ $RETVAL = 0 ] && touch /var/lock/subsys/xinetd
  30.         return $RETVAL
  31. }
  32. stop() {
  33.         echo -n $"Stopping $prog: "
  34.         killproc $xinetd
  35.         RETVAL=$?
  36.         echo
  37.         if [ $RETVAL = 0 ] ; then
  38.                 rm -f /var/lock/subsys/xinetd /var/run/xinetd.pid
  39.                 pid=`pidof -o $$ -o $PPID -o %PPID -x ${xinetd} || pidof -o $$ -o $PPID -o %PPID -x ${prog}`
  40.                 if [ "$pid" ] ; then
  41.                         killproc $xinetd
  42.                         RETVAL=$?
  43.                 fi
  44.         fi
  45. }
  46. reload() {
  47.         echo -n $"Reloading $prog: "
  48.         killproc $xinetd -HUP
  49.         RETVAL=$?
  50.         echo
  51. }
  52.  
  53. # See how we were called.
  54. case "$1" in
  55.   start)
  56.         start
  57.         ;;
  58.   stop)
  59.         stop
  60.         ;;
  61.   status)
  62.         status $xinetd
  63.         RETVAL=$?
  64.         ;;
  65.   restart)
  66.         stop
  67.         start
  68.         ;;
  69.   condrestart)
  70.         if [ -f /var/run/xinetd.pid ] ; then
  71.                 stop
  72.                 start
  73.         fi
  74.         ;;
  75.   reload)
  76.         reload
  77.         ;;
  78.   *)
  79.         echo $"Usage: $prog
  80. {start|stop|restart|condrestart|reload|status}"
  81.         exit 1
  82. esac
  83.  
  84. exit $RETVAL

• Make this file executable by using chmod u+x /etc/rc.d/init.d/xinetd
• Create the links Snnxinetd and Knnxinetd in /etc/rc.d/rc2.d so that xinetd will start and stop whenever you restart and shutdown your VPS. Choose suitable unique numbers for nn. Packages are started and stopped in ascending order. I chose nn=100.
  • ln -s /etc/rc.d/init.d/xinetd /etc/rc.d/rc2.d/S100xinetd
  • ln -s /etc/rc.d/init.d/xinetd /etc/rc.d/rc2.d/K100xinetd