centos 7 搭建 LNMP ( Linux+Nginx+MySQL+PHP )

操作系统 | CentOS Linux release 7.6.1810 (Core) 

[root@localhost ~# cat /etc/redhat-release 
CentOS Linux release 7.6.1810 (Core) 

更新时间同步

[root@localhost ~]# sudo yum install ntp ntpupdate -y
[root@localhost ~]# sudo systemctl start ntpd
[root@localhost ~]# timedatectl set-timezone "Asia/Shanghai"
[root@localhost ~]# systemctl enable ntpd
[root@localhost ~]# ntpdate cn.pool.ntp.org
[root@localhost ~]# sudo systemctl restart ntpd
[root@localhost ~]# ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
[root@localhost ~]# clock --systohc
[root@localhost ~]# hwclock -w
[root@localhost ~]# date '+%Y/%m/%d %T %Z'
2019/09/27 00:21:06 CST

安装编译工具及库文件

yum install -y redhat-lsb lsof net-tools lrzsz wget perl gcc gcc-c++ make zlib zlib-devel readline-devel automake ncurses-devel epel-release bash-completion sysstat mlocate cmake kernel kernel-headers kernel-devel iptables-services apr* autoconf bison bzip2 bzip2* bzip2-devel cpp curl curl-devel fontconfig fontconfig-devel freetype freetype* freetype-devel gd gettext gettext-libs gettext-devel gettext-common-devel glibc glibc-devel glibc-headers keyutils keyutils-libs-devel krb5-devel libcom_err-devel libpng libpng-devel libjpeg* libsepol-devel libselinux-devel libstdc++-devel libtool* libgomp libxml2 libxml2-devel libXpm* libxml* libXaw-devel libXmu-devel libtiff libtiff* mpfr ncurses* ntp openssl openssl-devel patch pcre-devel php-common php-gd policycoreutils telnet t1lib t1lib* nasm nasm* libwebp libwebp-devel libjpeg-devel db4-devel libXpm-devel libc-client-devel openldap-devel mysql-devel libicu-devel libcurl libcurl-devel libzip cpan tcp_wrappers psmisc tree cyrus-sasl-md5 vim chrony rsync xinetd crontabs iptables-utils git dos2unix boost boost-devel boost-doc libxslt libxslt-devel libdb4* qpid* gnutls boost-system avahi-libs boost-thread dwz dyninst emacs-filesystem fipscheck fipscheck-lib gdb libdwarf libedit libgfortran unzip zip trousers pakchois nettle neon m4 mokutil libproxy libstdc++-devel libquadmath libquadmath-devel libmpc libmodman libgnome-keyring subversion-libs systemtap-devel systemtap-runtime openssh openssh-clients systemtap-client perl-Carp perl-Data-Dumper perl-Encode perl-Error perl-Exporter perl-File-Path perl-File-Temp perl-Filter perl-Getopt-Long perl-Git perl-HTTP-Tiny perl-PathTools perl-Pod-Escapes perl-Pod-Perldoc perl-Pod-Simple perl-Pod-Usage perl-Scalar-List-Utils perl-Socket perl-Storable perl-TermReadKey perl-Test-Harness perl-Text-ParseWords perl-Thread-Queue perl-Time-HiRes perl-Time-Local perl-XML-Parser perl-constant perl-libs perl-macros perl-parent perl-podlators perl-srpm-macros perl-threads perl-threads-shared screen tcpdump nc mtr nmap tcl

yum clean all //清除yum缓存

关闭防火墙命令

[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.

[root@localhost ~]# firewall-cmd --state
not running

禁用selinux启动|运行的脚本 | 通用不添加多余项的原selinux配置文件

#!/bin/bash
#<---selinux-disabled shell script--->
sed -i '7,12s/^/#&/g;7,12s/##/#/g;13cSELINUX=disabled' /etc/selinux/config
setenforce 0
selinux_config=`getenforce`
disabled=`echo Disabled`
if [ $disabled  == $selinux_config ]
then
    echo "your selinux is `getenforce`."
else
    echo "your selinux is `getenforce`,please running command'reboot' or 'init 6'and 'cat /etc/selinux/config' configuration bash file!"
fi
exit 0

[root@localhost ~]# sh dis.selinux.sh 
your selinux is Permissive,please running command'reboot' or 'init 6'and 'cat /etc/selinux/config' configuration bash file!

[root@localhost ~]# getenforce
Permissive

注：需要重启系统才能生效

selinux原配置文件

[root@localhost ~]# cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

 selinux禁用配置文件（运行多次selinux脚本都不会影响）

[root@localhost ~]# cat -n /etc/selinux/config 
     1
     2  # This file controls the state of SELinux on the system.
     3  # SELINUX= can take one of these three values:
     4  #     enforcing - SELinux security policy is enforced.
     5  #     permissive - SELinux prints warnings instead of enforcing.
     6  #     disabled - No SELinux policy is loaded.
     7  #SELINUX=enforcing
     8  # SELINUXTYPE= can take one of three two values:
     9  #     targeted - Targeted processes are protected,
    10  #     minimum - Modification of targeted policy. Only selected processes are protected. 
    11  #     mls - Multi Level Security protection.
    12  #SELINUXTYPE=targeted
    13  SELINUX=disabled
    14

reboot | init 6 重启后Disabled

[root@localhost ~]# getenforce
Disabled

再次dia.selinux.sh脚本测试和显示结果

[root@localhost ~]# sh dis.selinux.sh 
setenforce: SELinux is disabled
your selinux is Disabled.
[root@localhost ~]# cat /etc/selinux/config 

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
#SELINUX=enforcing
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
#SELINUXTYPE=targeted
SELINUX=disabled

[root@localhost ~]# 

安装Nginx

1.添加Nginx yum储存库，创建nginx.repo文件

touch /etc/yum.repos.d/nginx.repo

[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1

下面我们利用脚本创建nginx.repo

 注：$ 需要变成\$定义字符串

#!/bin/bash
tee << EOF /etc/yum.repos.d/nginx.repo >/dev/null 2>&1
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/\$releasever/\$basearch/
gpgcheck=0
enabled=1
EOF

测试运行

[root@localhost ~]# sh nginx-yum.repo.sh   
[root@localhost ~]# cat /etc/yum.repos.d/nginx.repo 
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1

2.使用源文件编译

下载URL_https

https://nginx.org/download/

nginx-1.16.1.tar.gz                                13-Aug-2019 17:01             1032630
https://nginx.org/download/nginx-1.16.1.tar.gz

使用wget工具下载nginx-1.16.1.tar.gz（没有安装wget请使用yum安装: yum -y install wget）指定下载文件路径/usr/local/src

wget -P /usr/local/src https://nginx.org/download/nginx-1.16.1.tar.gz 

 解压nginx-1.16.1.tar.gz进入nginx-1.16.1文件夹

tar zxvf nginx-1.16.1.tar.gz;cd /usr/local/nginx-1.16.1

检查编译安装（没有定义）

./configure

 检查配置环境| + OpenSSL library is not used | openssl 没有使用

Configuration summary
  + using system PCRE library
  + OpenSSL library is not used
  + using system zlib library

  nginx path prefix: "/usr/local/nginx"
  nginx binary file: "/usr/local/nginx/sbin/nginx"
  nginx modules path: "/usr/local/nginx/modules"
  nginx configuration prefix: "/usr/local/nginx/conf"
  nginx configuration file: "/usr/local/nginx/conf/nginx.conf"
  nginx pid file: "/usr/local/nginx/logs/nginx.pid"
  nginx error log file: "/usr/local/nginx/logs/error.log"
  nginx http access log file: "/usr/local/nginx/logs/access.log"
  nginx http client request body temporary files: "client_body_temp"
  nginx http proxy temporary files: "proxy_temp"
  nginx http fastcgi temporary files: "fastcgi_temp"
  nginx http uwsgi temporary files: "uwsgi_temp"
  nginx http scgi temporary files: "scgi_temp"

下载openssl安装

wget -P /usr/local/src  https://www.openssl.org/source/openssl-1.1.1c.tar.gz

解压openssl-1.1.1c.tar.gz进入文件夹

tar zxvf openssl-1.1.1c.tar.gz；cd /usr/local/src/openssl-1.1.1c/

检查和配置安装编译

./config --prefix=/usr/local/openssl
make && make install
echo "export PATH=\$PATH:/usr/local/openssl/bin" >> /etc/profile
source /etc/profile
./configure --with-openssl=/usr/local/src/openssl-1.1.1c

Configuration summary
  + using system PCRE library
  + using OpenSSL library: /usr/local/src/openssl-1.1.1c
  + using system zlib library

  nginx path prefix: "/usr/local/nginx"
  nginx binary file: "/usr/local/nginx/sbin/nginx"
  nginx modules path: "/usr/local/nginx/modules"
  nginx configuration prefix: "/usr/local/nginx/conf"
  nginx configuration file: "/usr/local/nginx/conf/nginx.conf"
  nginx pid file: "/usr/local/nginx/logs/nginx.pid"
  nginx error log file: "/usr/local/nginx/logs/error.log"
  nginx http access log file: "/usr/local/nginx/logs/access.log"
  nginx http client request body temporary files: "client_body_temp"
  nginx http proxy temporary files: "proxy_temp"
  nginx http fastcgi temporary files: "fastcgi_temp"
  nginx http uwsgi temporary files: "uwsgi_temp"
  nginx http scgi temporary files: "scgi_temp"

已经使用 |  + using OpenSSL library: /usr/local/src/openssl-1.1.1c

 nginx安装编译

[root@localhost nginx-1.16.1]# make && make install
... ... ...
make[1]: Leaving directory `/usr/local/src/nginx-1.16.1'
[root@localhost nginx-1.16.1]# 

启动nginx

[root@localhost ~]# /usr/local/nginx/sbin/nginx
[root@localhost ~]# ps -ef|grep nginx          
root      11578      1  0 09:57 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx
nobody    11579  11578  0 09:57 ?        00:00:00 nginx: worker process
root      11581   1026  0 09:57 pts/0    00:00:00 grep --color=auto nginx

为了方便加载nginx启动|停止|重启

参考脚本来源nginx官网：https://www.nginx.com/resources/wiki/start/topics/examples/redhatnginxinit/

使用https://www.osyunwei.com/archives/10046.html脚本

创建/etc/rc.d/init.d/nginx脚本 | 运行 sh nginx-init.d.sh

#!/bin/sh
#sh nginx-init.d.sh
echo '#!/bin/sh

#

# nginx - this script starts and stops the nginx daemon

#

# chkconfig: - 85 15

# description: Nginx is an HTTP(S) server, HTTP(S) reverse \

# proxy and IMAP/POP3 proxy server

# processname: nginx

# config: /etc/nginx/nginx.conf

# config: /usr/local/nginx/conf/nginx.conf

# pidfile: /usr/local/nginx/logs/nginx.pid

# Source function library.

. /etc/rc.d/init.d/functions

# Source networking configuration.

. /etc/sysconfig/network

# Check that networking is up.

[ "$NETWORKING" = "no" ] && exit 0

nginx="/usr/local/nginx/sbin/nginx"

prog=$(basename $nginx)

NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf"

[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx

lockfile=/var/lock/subsys/nginx

make_dirs() {

# make required directories

user=`$nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`

if [ -z "`grep $user /etc/passwd`" ]; then

useradd -M -s /bin/nologin $user

fi

options=`$nginx -V 2>&1 | grep 'configure arguments:'`

for opt in $options; do

if [ `echo $opt | grep '.*-temp-path'` ]; then

value=`echo $opt | cut -d "=" -f 2`

if [ ! -d "$value" ]; then

# echo "creating" $value

mkdir -p $value && chown -R $user $value

fi

fi

done

}

start() {

[ -x $nginx ] || exit 5

[ -f $NGINX_CONF_FILE ] || exit 6

make_dirs

echo -n $"Starting $prog: "

daemon $nginx -c $NGINX_CONF_FILE

retval=$?

echo

[ $retval -eq 0 ] && touch $lockfile

return $retval

}

stop() {

echo -n $"Stopping $prog: "

killproc $prog -QUIT

retval=$?

echo

[ $retval -eq 0 ] && rm -f $lockfile

return $retval

}

restart() {

#configtest || return $?

stop

sleep 1

start

}

reload() {

#configtest || return $?

echo -n $"Reloading $prog: "

killproc $nginx -HUP

RETVAL=$?

echo

}

force_reload() {

restart

}

configtest() {

$nginx -t -c $NGINX_CONF_FILE

}

rh_status() {

status $prog

}

rh_status_q() {

rh_status >/dev/null 2>&1

}

case "$1" in

start)

rh_status_q && exit 0

$1

;;

stop)

rh_status_q || exit 0

$1

;;

restart|configtest)

$1

;;

reload)

rh_status_q || exit 7

$1

;;

force-reload)

force_reload

;;

status)

rh_status

;;

condrestart|try-restart)

rh_status_q || exit 0

;;

*)

echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"

exit 2

esac' > /etc/rc.d/init.d/nginx
chmod 775 /etc/rc.d/init.d/nginx
chkconfig nginx on

测试正常：启动 | 停止 | 重启

[root@localhost ~]# /etc/rc.d/init.d/nginx start  
Starting nginx (via systemctl):                            [  OK  ]
[root@localhost ~]# ps -ef|grep nginx           
root      12955      1  0 12:46 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody    12957  12955  0 12:46 ?        00:00:00 nginx: worker process
root      12959   1026  0 12:46 pts/0    00:00:00 grep --color=auto nginx
[root@localhost ~]# /etc/rc.d/init.d/nginx stop 
Stopping nginx (via systemctl):                            [  OK  ]
[root@localhost ~]# ps -ef|grep nginx          
root      12986   1026  0 12:46 pts/0    00:00:00 grep --color=auto nginx
[root@localhost ~]# /etc/rc.d/init.d/nginx restart
Restarting nginx (via systemctl):                          [  OK  ]
[root@localhost ~]# ps -ef|grep nginx             
root      13018      1  0 12:46 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody    13020  13018  0 12:46 ?        00:00:00 nginx: worker process
root      13022   1026  0 12:46 pts/0    00:00:00 grep --color=auto nginx

[root@localhost ~]# service nginx start  
Starting nginx (via systemctl):                            [  OK  ]
[root@localhost ~]# ps -ef|grep nginx    
root      13246      1  0 12:48 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody    13248  13246  0 12:48 ?        00:00:00 nginx: worker process
root      13250   1026  0 12:48 pts/0    00:00:00 grep --color=auto nginx
[root@localhost ~]# service nginx stop 
Stopping nginx (via systemctl):                            [  OK  ]
[root@localhost ~]# ps -ef|grep nginx 
root      13284   1026  0 12:48 pts/0    00:00:00 grep --color=auto nginx
[root@localhost ~]# service nginx restart
Restarting nginx (via systemctl):                          [  OK  ]
[root@localhost ~]# ps -ef|grep nginx    
root      13323      1  0 12:48 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody    13325  13323  0 12:48 ?        00:00:00 nginx: worker process
root      13327   1026  0 12:48 pts/0    00:00:00 grep --color=auto nginx

[root@localhost ~]# systemctl start nginx         
[root@localhost ~]# ps -ef|grep nginx    
root      13436      1  0 12:50 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody    13438  13436  0 12:50 ?        00:00:00 nginx: worker process
root      13440   1026  0 12:50 pts/0    00:00:00 grep --color=auto nginx
[root@localhost ~]# systemctl stop nginx 
[root@localhost ~]# ps -ef|grep nginx   
root      13461   1026  0 12:50 pts/0    00:00:00 grep --color=auto nginx
[root@localhost ~]# systemctl restart nginx     
[root@localhost ~]# ps -ef|grep nginx      
root      13487      1  0 12:50 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody    13489  13487  0 12:50 ?        00:00:00 nginx: worker process
root      13491   1026  0 12:50 pts/0    00:00:00 grep --color=auto nginx

 使用 ip a 查看服务器  IP 在浏览器输入 ip 回车

 安装MySQL

参考链接（Mysql的安全配置向导命令mysql_secure_installation）：https://www.cnblogs.com/diantong/p/10966305.html

[root@localhost ~]# cd /usr/local/src
[root@localhost src]# 
boost_1_59_0.tar.gz  cmake-3.7.2            jpegsrc.v9b.tar.gz      libvpx-1.3.0.tar.gz   mysql-5.7.16.tar.gz  nginx-1.17.3.tar.gz    pcre-8.43.tar.gz   zabbix-4.0.11.tar.gz
chkrootkit           cmake-3.7.2.tar.gz     libgd-2.1.1.tar.gz      libxml2-2.9.9.tar.gz  nginx-1.16.0.tar.gz  openssl-1.1.0e.tar.gz  php-7.3.8.tar.gz   zlib-1.2.11.tar.gz
chkrootkit.tar.gz    freetype-2.7.1.tar.gz  libmcrypt-2.5.8.tar.gz  libzip-1.5.2.tar.gz   nginx-1.16.1         openssl-1.1.1c         tiff-4.0.7.tar.gz
cmake-3.15.2.tar.gz  httpd-2.4.41.tar.bz2   libpng-1.6.36.tar.xz    mysql-5.7.16          nginx-1.16.1.tar.gz  openssl-1.1.1c.tar.gz  yasm-1.3.0.tar.gz
[root@localhost src]# tar zxvf cmake-3.7.2.tar.gz;cd cmake-3.7.2/
[root@localhost cmake-3.7.2]# ./configure
[root@localhost cmake-3.7.2]# make && make install
[root@localhost cmake-3.7.2]# cd /usr/local/src
[root@localhost src]# mkdir -p /usr/local/boost
[root@localhost src]# cp boost_1_59_0.tar.gz /usr/local/boost
[root@localhost src]# groupadd mysql
[root@localhost src]# useradd -g mysql mysql -s /bin/false
[root@localhost src]# mkdir -p /data/mysql
[root@localhost src]# chown -R mysql:mysql /data/mysql
[root@localhost src]# mkdir -p /usr/local/mysql
[root@localhost src]# tar zxvf mysql-5.7.16.tar.gz;cd mysql-5.7.16/
[root@localhost mysql-5.7.16]# cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/data/mysql -DWITH_INNOBASE_STORAGE_ENGINE=1 -DDEFAULT_CHARSET=utf8 -DDEFAULT_COLLATION=utf8_general_ci -DWITH_EMBEDDED_SERVER=OFF -DWITH_BOOST=/usr/local/boost
[root@localhost mysql-5.7.16]# make && make install
[root@localhost mysql-5.7.16]# cat /etc/my.cnf
# For advice on how to change settings please see
# http://dev.mysql.com/doc/refman/5.7/en/server-configuration-defaults.html

[mysqld]
#
# Remove leading # and set to the amount of RAM for the most important data
# cache in MySQL. Start at 70% of total RAM for dedicated server, else 10%.
# innodb_buffer_pool_size = 128M
#
# Remove leading # to turn on a very important data integrity option: logging
# changes to the binary log between backups.
# log_bin
#
# Remove leading # to set options mainly useful for reporting servers.
# The server defaults are faster for transactions and fast SELECTs.
# Adjust sizes as needed, experiment to find the optimal values.
# join_buffer_size = 128M
# sort_buffer_size = 2M
# read_rnd_buffer_size = 2M
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock

# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0

log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

[root@localhost mysql-5.7.16]# rm -rf /etc/my.cnf
[root@localhost mysql-5.7.16]# cd /usr/local/mysql
[root@localhost mysql]# ./bin/mysqld --user=mysql --initialize --basedir=/usr/local/mysql --datadir=/data/mysql
2019-09-23T18:43:24.083528Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
2019-09-23T18:43:24.472600Z 0 [Warning] InnoDB: New log files created, LSN=45790
2019-09-23T18:43:24.514430Z 0 [Warning] InnoDB: Creating foreign key constraint system tables.
2019-09-23T18:43:24.569619Z 0 [Warning] No existing UUID has been found, so we assume that this is the first time that this server has been started. Generating a new UUID: 0639d87e-de32-11e9-bfc6-000c29f23dbf.
2019-09-23T18:43:24.570411Z 0 [Warning] Gtid table is not ready to be used. Table 'mysql.gtid_executed' cannot be opened.
2019-09-23T18:43:24.571049Z 1 [Note] A temporary password is generated for root@localhost: IwPabGfsM5*s

[root@localhost mysql]# cp /usr/local/mysql/support-files/my-default.cnf /usr/local/mysql/my.cnf
[root@localhost mysql]# ln -s /usr/local/mysql/my.cnf /etc/my.cnf
[root@localhost mysql]# cp /usr/local/mysql/support-files/mysql.server /etc/rc.d/init.d/mysqld
[root@localhost mysql]# chmod 755 /etc/init.d/mysqld
[root@localhost mysql]# chkconfig mysqld on
[root@localhost mysql]# systemctl enable mysqld.service
[root@localhost mysql]# sed -i "46s/basedir=/basedir=\/usr\/local\/mysql/g;47s/datadir=/datadir=\/data\/mysql/g;63s/mysqld_pid_file_path=/mysqld_pid_file_path=\/var\/run\/mysqld\/mysqld.pid/g" /etc/rc.d/init.d/mysqld
[root@localhost mysql]# service mysqld start
[root@localhost mysql]# echo 'export PATH=$PATH:/usr/local/mysql/bin' >> /etc/profile
[root@localhost mysql]# source /etc/profile
[root@localhost mysql]# ln -s /usr/local/mysql/lib/mysql /usr/lib/mysql
[root@localhost mysql]# ln -s /usr/local/mysql/include/mysql /usr/include/mysql
[root@localhost mysql]# mkdir -p /var/lib/mysql
[root@localhost mysql]# ln -s /tmp/mysql.sock /var/lib/mysql/mysql.sock
[root@localhost mysql]# mysql_secure_installation

Securing the MySQL server deployment.

Enter password for user root:   //输入root密码
The 'validate_password' plugin is installed on the server.
The subsequent steps will run with the existing configuration
of the plugin.
Using existing password for root.

Estimated strength of the password: 0 
Change the password for root ? ((Press y|Y for Yes, any other key for No) : No  //是否更改root密码，如果输入y会要求设置新的密码

 ... skipping.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : y   //是否删除匿名用户，建议y删除
Success.


Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y    //是否禁止root远程登录，建议y禁止
Success.

By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.


Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y    //是否删除test数据库，y删除
 - Dropping test database...
Success.

 - Removing privileges on test database...
Success.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y      //是否重新加载权限表，y重新加载
Success.

All done! 

mysql 进程处理

下面是正常启动mysql服务

[root@localhost ~]# service mysqld start
Starting MySQL.                                            [  OK  ]
[root@localhost ~]# pgrep -l mysql      
1206 mysqld_safe
1315 mysqld
[root@localhost ~]# ps -aux | grep -i mysql      
root       1206  0.0  0.1  11816  1624 pts/0    S    07:10   0:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/data/mysql --pid-file=/data/mysql/localhost.localdomain.pid
mysql      1315  0.7 17.1 1114292 171172 pts/0  Sl   07:10   0:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/data/mysql --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=/data/mysql/localhost.localdomain.err --pid-file=/data/mysql/localhost.localdomain.pid
root       1354  0.0  0.1 112712  1000 pts/0    R+   07:11   0:00 grep --color=auto -i mysql
[root@localhost ~]# service mysqld stop
Shutting down MySQL..                                      [  OK  ]
[root@localhost ~]# service mysqld start   
Starting MySQL.                                            [  OK  ]
[root@localhost ~]# ps -aux | grep -i mysql
root       1399  0.0  0.1  11816  1628 pts/0    S    07:12   0:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/data/mysql --pid-file=/data/mysql/localhost.localdomain.pid
mysql      1508  2.8 17.4 1114292 174064 pts/0  Sl   07:12   0:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/data/mysql --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=/data/mysql/localhost.localdomain.err --pid-file=/data/mysql/localhost.localdomain.pid
root       1543  0.0  0.1 112712  1000 pts/0    R+   07:12   0:00 grep --color=auto -i mysql
[root@localhost ~]# pgrep -l mysql         
1399 mysqld_safe
1508 mysqld
[root@localhost ~]# kill -9 1399
[root@localhost ~]# pgrep -l mysql
1508 mysqld
[root@localhost ~]# kill -9 1508
[root@localhost ~]# pgrep -l mysql
[root@localhost ~]# service mysqld restart          
MySQL server process #1508 is not running!                 [FAILED]
Starting MySQL.                                            [  OK  ]
[root@localhost ~]# pgrep -l mysql        
1581 mysqld_safe
1692 mysqld

MySQL 不能重启 | 停止 | kill -9  pid 杀不死 mysqld进程。

使用killall mysqld 或 pkill mysql 杀死全部mysqld进程

[root@localhost ~]# service mysqld start
Starting MySQL..The server quit without updating PID file ([FAILED]sql/localhost.localdomain.pid).   //关于mysqld.pid没有找到，原因：/etc/rc.d/init.d/mysqld配置文件没有配置mysqld_pid_file_path=的路径文件
[root@localhost ~]# find /|grep mysqld.pid
/run/mysqld/mysqld.pid
[root@localhost ~]# cat /var/run/mysqld/mysqld.pid
879
[root@localhost ~]# cat /run/mysqld/mysqld.pid    
879
[root@localhost ~]# ps -ef | grep -i mysql
mysql       879      1  0 07:47 ?        00:00:00 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid
root       1280   1054  0 07:51 pts/0    00:00:00 grep --color=auto -i mysql

[root@localhost ~]# pgrep -l mysql
880 mysqld
[root@localhost ~]# pkill mysql
[root@localhost ~]# pgrep -l mysql
[root@localhost ~]# ps -aux | grep -i mysql
root       1264  0.0  0.1 112712  1000 pts/0    R+   07:39   0:00 grep --color=auto -i mysql
[root@localhost ~]# ps -aux | grep -i mysql
mysql       878  0.6 17.3 1119788 173328 ?      Sl   07:40   0:00 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid
root       1071  0.0  0.1 112712  1000 pts/0    R+   07:40   0:00 grep --color=auto -i mysql
[root@localhost ~]# service mysqld start
Starting MySQL..The server quit without updating PID file ([FAILED]sql/localhost.localdomain.pid).
[root@localhost ~]# ps -ef | grep -i mysql   
mysql       878      1  0 07:40 ?        00:00:00 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid
root       1244   1047  0 07:41 pts/0    00:00:00 grep --color=auto -i mysql
[root@localhost ~]# ps -aux | grep -i mysql
mysql       878  0.2 17.5 1119788 175588 ?      Sl   07:40   0:00 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid
root       1246  0.0  0.1 112712  1000 pts/0    R+   07:41   0:00 grep --color=auto -i mysql
[root@localhost ~]# kill -9 878
[root@localhost ~]# pgrep mysql
1267
[root@localhost ~]# ps -aux | grep -i mysql
mysql      1267  1.2 17.0 1119788 170420 ?      Sl   07:41   0:00 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid
root       1298  0.0  0.1 112712  1000 pts/0    R+   07:42   0:00 grep --color=auto -i mysql
[root@localhost ~]# ps -ef | grep -i mysql 
mysql      1267      1  1 07:41 ?        00:00:00 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid
root       1300   1047  0 07:42 pts/0    00:00:00 grep --color=auto -i mysql
[root@localhost ~]# killall mysql
mysql: no process found
[root@localhost ~]# killall mysqld
[root@localhost ~]# pgrep mysql            
[root@localhost ~]# ps -aux | grep -i mysql
root       1305  0.0  0.1 112712  1000 pts/0    R+   07:43   0:00 grep --color=auto -i mysql
[root@localhost ~]# ps -ef | grep -i mysql
root       1307   1047  0 07:43 pts/0    00:00:00 grep --color=auto -i mysql

 msyql正常测试

[root@localhost ~]# service mysqld start
Starting MySQL.                                            [  OK  ]
[root@localhost ~]# pgrep -l mysql      
1496 mysqld_safe
1605 mysqld
[root@localhost ~]# pgrep -la mysql     
1496 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/data/mysql --pid-file=/var/run/mysqld/mysqld.pid
1605 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/data/mysql --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=/data/mysql/localhost.localdomain.err --pid-file=/var/run/mysqld/mysqld.pid
[root@localhost ~]# ps -aux | grep -i mysql
root       1496  0.0  0.1  11816  1624 pts/0    S    08:10   0:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/data/mysql --pid-file=/var/run/mysqld/mysqld.pid
mysql      1605  0.5 17.4 1114292 174888 pts/0  Sl   08:10   0:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/data/mysql --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=/data/mysql/localhost.localdomain.err --pid-file=/var/run/mysqld/mysqld.pid
root       1642  0.0  0.1 112712  1000 pts/0    R+   08:10   0:00 grep --color=auto -i mysql
[root@localhost ~]# ps -ef | grep -i mysql     
root       1496      1  0 08:10 pts/0    00:00:00 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/data/mysql --pid-file=/var/run/mysqld/mysqld.pid
mysql      1605   1496  0 08:10 pts/0    00:00:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/data/mysql --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=/data/mysql/localhost.localdomain.err --pid-file=/var/run/mysqld/mysqld.pid
root       1644   1055  0 08:11 pts/0    00:00:00 grep --color=auto -i mysql
[root@localhost ~]# service mysqld status
MySQL running (1605)                                       [  OK  ]
[root@localhost ~]# service mysqld stop
Shutting down MySQL.                                       [  OK  ]
[root@localhost ~]# service mysqld restart 
MySQL server PID file could not be found!                  [FAILED]
Starting MySQL.                                            [  OK  ]
[root@localhost ~]# service mysqld status 
MySQL running (1822)                                       [  OK  ]
[root@localhost ~]# pgrep -la mysql        
1713 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/data/mysql --pid-file=/var/run/mysqld/mysqld.pid
1822 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/data/mysql --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=/data/mysql/localhost.localdomain.err --pid-file=/var/run/mysqld/mysqld.pid

 

安装PHP

 

nginx access.log ip 数量统计

[root@localhost ~]# find /|grep access.log
/usr/local/nginx/logs/access.log
[root@localhost ~]# cd /usr/local/nginx/logs/
[root@localhost logs]# ls -lrt //时间升序
total 12
-rw-r--r-- 1 root root 1017 Sep 23 16:24 access.log
-rw-r--r-- 1 root root 2145 Sep 23 16:24 error.log
-rw-r--r-- 1 root root    4 Sep 24 05:50 nginx.pid
[root@localhost logs]# ls -lt //时间降序
total 12
-rw-r--r-- 1 root root    4 Sep 24 05:50 nginx.pid
-rw-r--r-- 1 root root 2145 Sep 23 16:24 error.log
-rw-r--r-- 1 root root 1017 Sep 23 16:24 access.log
[root@localhost logs]# sort access.log 
192.168.1.1 - - [23/Sep/2019:12:56:52 -0400] "GET /favicon.ico HTTP/1.1" 404 555 "http://192.168.1.3/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
192.168.1.1 - - [23/Sep/2019:12:56:52 -0400] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
192.168.1.1 - - [23/Sep/2019:13:02:03 -0400] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
192.168.1.1 - - [23/Sep/2019:13:11:12 -0400] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Colibri/1.14.0 Chrome/76.0.3809.110 Electron/6.0.2 Safari/537.36"
192.168.1.1 - - [23/Sep/2019:16:24:37 -0400] "GET / HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
[root@localhost logs]# awk '{print $1}' access.log | sort -n | uniq | wc -l //IP统计，$1对应第一列
1

 

 

测试

test php
echo -e '' > /usr/local/nginx/html/index.php
chown www.www /usr/local/nginx/html/ -R
chmod 700 /usr/local/nginx/html/ -R

转载于:https://www.cnblogs.com/huixst/p/11496899.html