https://wiki.archlinux.org/api.php?action=feedcontributions&user=Jafa81&feedformat=atomArchWiki - User contributions [en]2024-03-28T10:14:30ZUser contributionsMediaWiki 1.41.0https://wiki.archlinux.org/index.php?title=PhpMyAdmin&diff=191855PhpMyAdmin2012-03-26T17:51:51Z<p>Jafa81: /* Review apache phpmyadmin configuration */</p>
<hr />
<div>[[Category:Web Server (English)]]<br />
{{lowercase title}}<br />
{{i18n|phpMyAdmin}}<br />
[[fr:phpmyadmin]]<br />
<br />
==Pre-Installation==<br />
See [[LAMP]] for a guide to setting up Apache, MySQL, and PHP.<br />
<br />
==Installation==<br />
To install [http://www.phpmyadmin.net/ phpMyAdmin], install the ''phpmyadmin'' and ''php-mcrypt'' packages with<br />
{{bc|<br />
pacman -S phpmyadmin php-mcrypt<br />
}}<br />
<br />
== Configuration ==<br />
Ensure you do not have an older copy of phpMyAdmin.<br />
{{bc|<br />
rm -r /srv/http/phpMyAdmin<br />
}}<br />
<br />
Copy the example configuration file to your httpd configuration directory.<br />
{{bc|<br />
cp /etc/webapps/phpmyadmin/apache.example.conf /etc/httpd/conf/extra/httpd-phpmyadmin.conf<br />
}}<br />
<br />
Add the following lines to {{ic|/etc/httpd/conf/httpd.conf}}:<br />
{{bc|<br />
# phpMyAdmin configuration<br />
Include conf/extra/httpd-phpmyadmin.conf<br />
}}<br />
<br />
You can type this into the terminal to produce the same effect:<br />
{{bc|<br />
echo -e "\nInclude conf/extra/httpd-phpmyadmin.conf" >> /etc/httpd/conf/httpd.conf<br />
}}<br />
<br />
=== Check php module configuration ===<br />
<br />
Add the following lines to {{ic|/etc/httpd/conf/httpd.conf}}:<br />
{{bc|<br />
# Use for PHP 5.x:<br />
LoadModule php5_module modules/libphp5.so<br />
AddHandler php5-script php<br />
}}<br />
<br />
Add index.php after "DirectoryIndex index.html"<br />
{{bc|<br />
# DirectoryIndex: sets the file that Apache will serve if a directory<br />
# is requested.<br />
#<br />
<IfModule dir_module><br />
DirectoryIndex index.html index.php<br />
</IfModule><br />
}}<br />
<br />
=== Adjust access rights ===<br />
<br />
In {{ic|/etc/webapps/phpmyadmin/.htaccess}}, comment out ''deny from all''. The line should look like this:<br />
#deny from all<br />
<br />
Alternatively, you can restrict access to localhost and your local network only. Replace ''192.168.1.0/24'' with your network's IP block.<br />
deny from all<br />
allow from localhost<br />
allow from 192.168.1.0/24<br />
<br />
The lines above are not enough if you use ipv6 in {{ic|/etc/hosts}}. If so, add one more line to {{ic|/etc/webapps/phpmyadmin/.htaccess}}:<br />
allow from ::1<br />
<br />
Otherwise you'll get an error similar to "Error 403 - Access forbidden!" when you attempt to access your phpMyAdmin installation.<br />
<br />
=== Review apache phpmyadmin configuration ===<br />
<br />
Your {{ic|/etc/httpd/conf/extra/httpd-phpmyadmin.conf}} should have the following information:<br />
{{bc|<br />
Alias /phpmyadmin "/usr/share/webapps/phpMyAdmin"<br />
<Directory "/usr/share/webapps/phpMyAdmin"><br />
AllowOverride All<br />
Options FollowSymlinks<br />
Order allow,deny<br />
Allow from all<br />
php_admin_value open_basedir "/srv/:/tmp/:/usr/share/webapps/:/etc/webapps:/usr/share/pear/"<br />
</Directory><br />
}}<br />
<br />
You need the mcrypt (if you want phpmyadmin internal authentication) and mysql modules, so uncomment the following in {{ic|/etc/php/php.ini}}:<br />
extension=mcrypt.so<br />
extension=mysql.so<br />
extension=mysqli.so (optional)<br />
<br />
=== Add blowfish_secret passphrase ===<br />
If you see the following error message at the bottom of the page when you first log in to /phpmyadmin (using a previously setup MySQL username and password) :<br />
<br />
ERROR: The configuration file now needs a secret passphrase (blowfish_secret)<br />
<br />
You need to add a blowfish password to the phpMyAdmin's config file. Edit {{ic|/etc/webapps/phpmyadmin/config.inc.php}} and insert a random blowfish "password" in the line <br />
<br />
$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */<br />
<br />
Go [http://www.question-defense.com/tools/phpmyadmin-blowfish-secret-generator here] to get a nicely generated blowfish_secret and paste it between the '' marks. It should now look something like this:<br />
<br />
$cfg['blowfish_secret'] = 'qtdRoGmbc9{8IZr323xYcSN]0s)r$9b_JUnb{~Xz'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */<br />
<br />
The error should go away if you refresh the phpmyadmin page.<br />
<br />
=== Enabling Configuration Storage (optional) ===<br />
Now that the basic database server has been setup, it ''is'' functional, however by default, extra options such as table linking, change tracking, PDF creation, and bookmarking queries are disabled. You will see a message at the bottom of the main phpMyAdmin page, "The phpMyAdmin configuration storage is not completely configured, some extended features have been deactivated. To find out why...", This section addresses how to to enable these extra features.<br />
<br />
{{note|This example assumes you want to use the username '''pma''' as the controluser, and '''pmapass''' as the controlpass. These should be changed (the ''very'' least, you should change the password!) to something more secure.}}<br />
<br />
In {{ic|/etc/webapps/phpmyadmin/config.inc.php}}, uncomment (remove the leading //s on) these two lines, and change them to your desired credentials:<br />
{{bc|1=<br />
// $cfg['Servers'][$i]['controluser'] = 'pma';<br />
// $cfg['Servers'][$i]['controlpass'] = 'pmapass';<br />
}}<br />
You will need this information later, so keep it in mind.<br />
<br />
Beneath the controluser setup section, uncomment these lines:<br />
{{bc|1=<br />
$cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';<br />
$cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';<br />
$cfg['Servers'][$i]['relation'] = 'pma_relation';<br />
$cfg['Servers'][$i]['table_info'] = 'pma_table_info';<br />
$cfg['Servers'][$i]['table_coords'] = 'pma_table_coords';<br />
$cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages';<br />
$cfg['Servers'][$i]['column_info'] = 'pma_column_info';<br />
$cfg['Servers'][$i]['history'] = 'pma_history';<br />
$cfg['Servers'][$i]['tracking'] = 'pma_tracking';<br />
$cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords';<br />
$cfg['Servers'][$i]['userconfig'] = 'pma_userconfig';<br />
}}<br />
<br />
Next, create the user with the above details. Don't set any permissions for it just yet.<br />
<br />
Import {{ic|/usr/share/webapps/phpMyAdmin/scripts/create_tables.sql}} from phpMyAdmin -> Import.<br />
<br />
Now to apply the permissions to your controluser, in the SQL tab, make sure to replace all instances of 'pma' and 'pmapass' to the values set in config.inc.php. If you are setting this up for a remote database, then you must also change 'localhost' to the proper host:<br />
{{bc|<br />
GRANT USAGE ON mysql.* TO 'pma'@'localhost' IDENTIFIED BY 'pmapass';<br />
GRANT SELECT (<br />
Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv,<br />
Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv,<br />
File_priv, Grant_priv, References_priv, Index_priv, Alter_priv,<br />
Show_db_priv, Super_priv, Create_tmp_table_priv, Lock_tables_priv,<br />
Execute_priv, Repl_slave_priv, Repl_client_priv<br />
) ON mysql.user TO 'pma'@'localhost';<br />
GRANT SELECT ON mysql.db TO 'pma'@'localhost';<br />
GRANT SELECT ON mysql.host TO 'pma'@'localhost';<br />
GRANT SELECT (Host, Db, User, Table_name, Table_priv, Column_priv)<br />
ON mysql.tables_priv TO 'pma'@'localhost';<br />
}}<br />
<br />
In order to take advantage of the bookmark and relation features, you will also need to give '''pma''' some additional permissions:<br />
{{Note|as long as you did not change the value of '''$cfg['Servers'][$i]['pmadb']''' in {{ic|/etc/webapps/phpmyadmin/config.inc.php}}, then '''<pma_db>''' should be '''phpmyadmin'''}}<br />
{{bc|GRANT SELECT, INSERT, UPDATE, DELETE ON <pma_db>.* TO 'pma'@'localhost';}}<br />
<br />
Log out, and back in to ensure the new features are activated. The message at the bottom of the main screen should now be gone.<br />
<br />
==Accessing your phpMyAdmin installation==<br />
Finally your phpmyadmin installation is complete. Before start using it you need to restart your apache server by following command:<br />
<br />
{{bc|<br />
# rc.d restart httpd<br />
}}<br />
<br />
You can access your phpmyadmin installation using the following url:<br />
<br />
{{bc|<br />
http://localhost/phpmyadmin/<br />
or<br />
http://localhost/phpmyadmin/index.php<br />
}}<br />
<br />
Note: 'localhost' is the hostname in your /etc/rc.conf file.<br />
<br />
If you want to access it using:<br />
<br />
{{bc|<br />
http://localhost/phpmyadmin<br />
}}<br />
<br />
in '/etc/httpd/conf/extra/httpd-phpmyadmin.conf' change:<br />
<br />
{{bc|<br />
Alias /phpmyadmin/ "/usr/share/webapps/phpMyAdmin/"<br />
}}<br />
<br />
to<br />
<br />
{{bc|<br />
Alias /phpmyadmin "/usr/share/webapps/phpMyAdmin"<br />
}}<br />
<br />
You should also read [http://bbs.archlinux.org/viewtopic.php?pid=632500 this thread].<br />
<br />
If you get the error "#2002 - The server is not responding (or the local MySQL server's socket is not correctly configured)" then you might want to change "localhost" in /etc/webapps/phpmyadmin/config.inc.php on this line:<br />
<br />
{{bc|1=<br />
$cfg['Servers'][$i]['host'] = 'localhost';<br />
}}<br />
<br />
to your hostname specified in /etc/hosts and /etc/rc.conf under HOSTNAME.<br />
<br />
If you would like to use phpmyadmin setup script by calling http://localhost/phpmyadmin/setup you will need to create a config directory that's writeable by the httpd in the /usr/share/webapps/phpmyadmin as follows:<br />
<br />
{{bc|<br />
cd /usr/share/webapps/phpMyAdmin<br />
sudo mkdir config<br />
sudo chgrp http config<br />
sudo chmod g+w config<br />
}}<br />
<br />
==Lighttpd Configuration==<br />
The php setup for lighttpd is exactly the same as for apache.<br />
Make an alias for phpmyadmin in your lighttpd config.<br />
alias.url = ( "/phpmyadmin" => "/usr/share/webapps/phpMyAdmin/")<br />
Then enable mod_alias, mod_fastcgi and mod_cgi in your config ( server.modules section )<br />
<br />
Update open_basedir in /etc/php/php.ini and add "/usr/share/webapps/".<br />
open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/:/etc/webapps/<br />
<br />
Make sure lighttpd is setup to serve php files, [[Lighttpd]]<br />
<br />
Restart lighttpd and browse to http://localhost/phpmyadmin/index.php<br />
<br />
==NGINX Configuration==<br />
Also similar to apache configuration (and Lighttpd, for that matter).<br />
<br />
Create a symbolic link to the /usr/share/webapps/phpmyadmin directory from whichever directory your vhost is serving files from, e.g. /srv/http/<domain>/public_html/<br />
<br />
sudo ln -s /usr/share/webapps/phpMyAdmin /srv/http/<domain>/public_html/phpmyadmin<br />
<br />
You can also setup a sub domain with a server block like so (if using php-fpm):<br />
<br />
server {<br />
server_name phpmyadmin.<domain.tld>;<br />
access_log /srv/http/<domain>/logs/phpmyadmin.access.log;<br />
error_log /srv/http/<domain.tld>/logs/phpmyadmin.error.log;<br />
<br />
location / {<br />
root /srv/http/<domain.tld>/public_html/phpmyadmin;<br />
index index.html index.htm index.php;<br />
}<br />
<br />
location ~ \.php$ {<br />
root /srv/http/<domain.tld>/public_html/phpmyadmin;<br />
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;<br />
fastcgi_index index.php;<br />
fastcgi_param SCRIPT_FILENAME /srv/http/<domain.tld>/public_html/phpmyadmin/$fastcgi_script_name;<br />
include fastcgi_params;<br />
}<br />
}<br />
<br />
Update open_basedir in /etc/php/php.ini and add "/usr/share/webapps/".<br />
open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/:/etc/webapps/<br />
<br />
You may run into some issues with phpmyadmin telling you "The Configuration File Now Needs A Secret Passphrase" and no matter what you enter, the error is still displayed. Try changing the ownership of the files to the NGINX specified user/group, e.g. nginx...<br />
<br />
sudo chown -R http:http /usr/share/webapps/phpMyAdmin<br />
<br />
If the above doesn't fix it try adding the following to your NGINX Configuration below the other fastcgi_param (I think its something to do with the Suhosin-Patch)<br />
<br />
fastcgi_param PHP_ADMIN_VALUE open_basedir="/srv/:/tmp/:/usr/share/webapps/:/etc/webapps:/usr/share/pear/";<br />
<br />
While you can enter anything for the blowfish password, you may want to choose a randomly generated string of characters (most likely for security reasons). Here's a handy tool that will do that for you on the web[http://www.question-defense.com/tools/phpmyadmin-blowfish-secret-generator].<br />
<br />
When using SSL, you might run into the problem that the links on the pages generated by phpMyAdmin incorrectly start with "http" instead of "https" which may cause errors. To fix this, you can add the following fcgi_param to your SSL-enabled server section (in addition to your usual fastcgi params):<br />
<br />
fastcgi_param HTTPS on;<br />
<br />
==Other (Older) information==<br />
<br />
This page holds a sample 'config.inc.php' file that you can place in the main phpMyAdmin directory so that it immediately starts working<br />
<br />
'''Things you should do first'''<br />
<br />
Create a 'controluser', so that phpmyadmin can read from the main mysql database.<br />
<br />
{{bc|mysql -u root -pYOURROOTPASSWORD<br />
mysql> grant usage on mysql.* to controluser@localhost identified by 'CONTROLPASS';<br />
}}<br />
<br />
'''Where is phpmyadmin'''<br />
<br />
in phpmyadmin 3.2.2-3 the file is missing /srv/http/ create this symlik<br />
<br />
{{bc|ln -s /usr/share/webapps/phpMyAdmin/ /srv/http/phpmyadmin<br />
}}<br />
<br />
'''Things you should change'''<br />
<br />
controluser is set to controluser <br><br />
controlpass is set to password <br><br />
verbose is set to name_of_server<br />
<br />
'''Sample 'config.inc.php' file'''<br />
{{bc|1=<br />
<?php<br />
/*<br />
* Generated configuration file<br />
* Generated by: phpMyAdmin 2.11.8.1 setup script by Michal Čihař <michal@cihar.com><br />
* Version: $Id: setup.php 11423 2008-07-24 17:26:05Z lem9 $<br />
* Date: Mon, 01 Sep 2008 20:34:02 GMT<br />
*/<br />
<br />
/* Servers configuration */<br />
$i = 0;<br />
<br />
/* Server ravi-test-mysql (http) [1] */<br />
$i++;<br />
$cfg['Servers'][$i]['host'] = 'localhost';<br />
$cfg['Servers'][$i]['extension'] = 'mysql';<br />
$cfg['Servers'][$i]['port'] = '3306';<br />
$cfg['Servers'][$i]['connect_type'] = 'tcp';<br />
$cfg['Servers'][$i]['compress'] = false;<br />
$cfg['Servers'][$i]['controluser'] = 'controluser';<br />
$cfg['Servers'][$i]['controlpass'] = 'password';<br />
$cfg['Servers'][$i]['auth_type'] = 'http';<br />
$cfg['Servers'][$i]['verbose'] = 'name_of_server';<br />
<br />
/* End of servers configuration */<br />
<br />
$cfg['LeftFrameLight'] = true;<br />
$cfg['LeftFrameDBTree'] = true;<br />
$cfg['LeftFrameDBSeparator'] = '_';<br />
$cfg['LeftFrameTableSeparator'] = '__';<br />
$cfg['LeftFrameTableLevel'] = 1;<br />
$cfg['LeftDisplayLogo'] = true;<br />
$cfg['LeftDisplayServers'] = false;<br />
$cfg['DisplayServersList'] = false;<br />
$cfg['DisplayDatabasesList'] = 'auto';<br />
$cfg['LeftPointerEnable'] = true;<br />
$cfg['DefaultTabServer'] = 'main.php';<br />
$cfg['DefaultTabDatabase'] = 'db_structure.php';<br />
$cfg['DefaultTabTable'] = 'tbl_structure.php';<br />
$cfg['LightTabs'] = false;<br />
$cfg['ErrorIconic'] = true;<br />
$cfg['MainPageIconic'] = true;<br />
$cfg['ReplaceHelpImg'] = true;<br />
$cfg['NavigationBarIconic'] = 'both';<br />
$cfg['PropertiesIconic'] = 'both';<br />
$cfg['BrowsePointerEnable'] = true;<br />
$cfg['BrowseMarkerEnable'] = true;<br />
$cfg['ModifyDeleteAtRight'] = false;<br />
$cfg['ModifyDeleteAtLeft'] = true;<br />
$cfg['RepeatCells'] = 100;<br />
$cfg['DefaultDisplay'] = 'horizontal';<br />
$cfg['TextareaCols'] = 40;<br />
$cfg['TextareaRows'] = 7;<br />
$cfg['LongtextDoubleTextarea'] = true;<br />
$cfg['TextareaAutoSelect'] = false;<br />
$cfg['CharEditing'] = 'input';<br />
$cfg['CharTextareaCols'] = 40;<br />
$cfg['CharTextareaRows'] = 2;<br />
$cfg['CtrlArrowsMoving'] = true;<br />
$cfg['DefaultPropDisplay'] = 'horizontal';<br />
$cfg['InsertRows'] = 2;<br />
$cfg['EditInWindow'] = true;<br />
$cfg['QueryWindowHeight'] = 310;<br />
$cfg['QueryWindowWidth'] = 550;<br />
$cfg['QueryWindowDefTab'] = 'sql';<br />
$cfg['ForceSSL'] = false;<br />
$cfg['ShowPhpInfo'] = false;<br />
$cfg['ShowChgPassword'] = false;<br />
$cfg['AllowArbitraryServer'] = false;<br />
$cfg['LoginCookieRecall'] = 'something';<br />
$cfg['LoginCookieValidity'] = 1800;<br />
?><br />
}}</div>Jafa81