MacOS X Server Security Update 2009-005 is not PHP neutral

|
Server Security Update 2009-005 breaks PHP custom installations.

Apple installs PHP v5.2.10 over your custom PHP installation.

Here's what I did to alleviate the pain associated with the upgrade:

Before I upgraded, I backed up my configuration information (which I can use to reconfigure PHP if necessary) and current PHP installation so I can downgrade in a hurry if I can't rebuild the new PHP quickly:

php -i > ~/php-config-2009.10.15
sudo cp /usr/libexec/apache2/libphp5.so /usr/libexec/apache2/libphp5.so.old
sudo cp /usr/bin/php /usr/bin/php.old

I then did the update.

If I were very concerned that PHP weren't working correctly and quickly, I'd have swapped the newly-installed Apple PHP with the old one and set it to running while I rebuilt PHP. I didn't need to do that, though, so I just proceeded with rebuilding and reinstalling 5.2.10.

Once the update was done, I looked at what Apple used to configure php...

php -i

...and noticed that it wasn't all that unusual. I then backed up the Apple stuff...

sudo cp /usr/libexec/apache2/libphp5.so /usr/libexec/apache2/libphp5.so.apple
sudo cp /usr/bin/php /usr/bin/php.old

...and grabbed the 5.2.10 PHP tarball from PHP.net, php-ized GD, configured it, made it, and installed it. (Your configure command might look different, of course.)

tar xjfp php-5.2.10.tar.bz2

cd php-5.2.10/ext/gd

phpize

cd ../..

MACOSX_DEPLOYMENT_TARGET=10.5 CFLAGS="-arch ppc -arch ppc64 -arch i386 -arch x86_64 -g -Os -pipe -no-cpp-precomp" CCFLAGS="-arch ppc -arch ppc64 -arch i386 -arch x86_64 -g -Os -pipe" CXXFLAGS="-arch ppc -arch ppc64 -arch i386 -arch x86_64 -g -Os -pipe" LDFLAGS="-arch ppc -arch ppc64 -arch i386 -arch x86_64 -bind_at_load" ./configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --disable-dependency-tracking --with-apxs2=/usr/sbin/apxs --with-ldap=/usr --with-kerberos=/usr --enable-cli --with-zlib-dir=/usr --enable-trans-sid --with-xml --enable-exif --enable-ftp --enable-mbstring --enable-mbregex --enable-dbx --enable-sockets --with-iodbc=/usr --with-curl=/usr --with-config-file-path=/etc --sysconfdir=/private/etc --with-mysql-sock=/var/mysql --with-mysqli=/usr/bin/mysql_config --with-mysql=/usr --with-openssl --with-xmlrpc --with-xsl=/usr --without-pear --with-freetype-dir=/usr/local/lib --with-jpeg-dir=/usr/local/lib --with-png-dir=/usr/X11R6 --with-xpm-dir=/usr/X11R6 --with-gd --with-ttf --with-iconv=/usr/local/lib --enable-gd-imgstrttf --enable-gd-native-ttf

(That's all on one line, and note that I'm compiling a universal binary here for four architectures--why, I don't remember, exactly, but you probably won't need anything before "./configure" unless you're compiling for multiple architectures.)

make

make test

sudo make install

I then restarted Apache2 with Server Manager and PHP5 was happy again.

Recent Comments