Our siteadd tool supports the installation of multiple parallel versions of Seiden PHP+ without affecting your main environment. This way, you can install and test a leading-edge version of PHP without affecting your main PHP installation.
This is done using a chroot, an IFS-level container. Chroot directories act like root directories (/), letting you install multiple instances of software that must own absolute paths.
It’s easy to manage. Siteadd sets up an ordinary Apache instance outside the chroot, pointing to the “chroot-ed” PHP.
Major points covered in this article:
Setting up the chroot
You must have *ALLOBJ
and *IOSYSCFG
authorities to create chroots.
The chroot setup package must be installed. Install ibmichroot
using ACS’s package management window or run the following command:
$ yum install ibmichroot
Next, create the chroot under QOpenSys.
Begin by creating the main chroot directory if it doesn’t exist (e.g. mkdir /QOpenSys/chroots
).
Then run the following command with the full chroot directory name, in the format /QOpenSys/chroots/CHROOT_NAME_HERE, using a name of your choice for the chroot:
$ chroot_setup -y /QOpenSys/chroots/CHROOT_NAME_HERE
Verify the chroot works
You can enter the chroot by entering the following command, where the first argument is the directory of the chroot, and the second argument is the program to run inside of the chroot (in this case, a shell):
$ chroot /QOpenSys/chroots/CHROOT_NAME_HERE /QOpenSys/usr/bin/sh $ # We're in the chroot now. We can just exit to pop back out of it. $ exit
Adding the signing key into the chroot
The Seiden PHP+ signing keys must be added into the chroot. Otherwise, you’ll get errors when trying to install the packages into the chroot.
This must be done outside the chroot. Run the following command to add the keys, substituting the directory given for the directory you use with the chroot:
$ rpm --root /QOpenSys/chroots/CHROOT_NAME_HERE --import https://repo.seidengroup.com/repos/seiden-group-signing-public.key
Adding repositories (and disabling/enabling as needed)
Packages are still managed using the global Yum command, outside the chroots. If you don’t want to update your global packages with the new repository, you can add the new repository, but then disable it immediately. This way, you use the new repository only when needed, as when installing into the chroot.
For example, to add a repository and then disable it, run the following commands outside the chroot, substituting the repo URL and repo ID (see below):
$ yum-config-manager --add-repo REPO_URL_HERE $ yum-config-manager --disable REPO_ID_HERE
To get the repo ID for the command above: use yum’s repolist command, which will list IDs and descriptions of all enabled repositories. To see disabled repositories as well, add the all
option.
$ yum repolist all repo id repo name status ibm ibm enabled: 1,002 ibmi-base IBM i base enabled: 1,098 ibmi-release IBM i 7.4 enabled: 67 seiden_stable Seiden Group repo (stable) enabled: 163 seiden_stable_74 Seiden Group repo (stable, PHP 7.4) enabled: 74 seiden_stable_82 Seiden Group repo (stable, PHP 8.2) disabled
If you need to re-enable a repository globally, do it like this, substituting the repo ID:
$ yum-config-manager --enable REPO_ID_HERE
Installing packages into the chroot
You can pass the “--installroot
” flag to Yum to tell it what chroot to install into.
This must be done outside the chroot. For example, to install a package into a chroot (in this example, bash), substituting the directory given for the directory you use with the chroot:
$ yum --installroot=/QOpenSys/chroots/CHROOT_NAME_HERE install bash
Another example, installing PHP into a chroot, enabling a specific repository:
$ yum --installroot=/QOpenSys/chroots/CHROOT_NAME_HERE --enablerepo=REPO_ID_HERE install "php-*"
Now, updating PHP in a chroot, enabling a specific repository:
$ yum --installroot=/QOpenSys/chroots/CHROOT_NAME_HERE --enablerepo=REPO_ID_HERE update "php-*"
If you need to use the rpm command directly for whatever reason, you can also make it use a chroot with the “--root
” option.
$ rpm --root /QOpenSys/chroots/CHROOT_NAME_HERE -ivh test.rpm
In addition to using the command-line tools, ACS can be used to install packages inside of a chroot. Set the IFS container when launching Open Source Package Management as needed.
Entering the chroot to use it/verify function
This is just like when you verified the chroot works, except now we want to use it and run programs inside it. For example, if you installed PHP, and want to verify what version is inside of the chroot:
$ chroot /QOpenSys/chroots/CHROOT_NAME_HERE /QOpenSys/usr/bin/sh $ # We're inside the chroot now. $ /QOpenSys/pkgs/bin/php -v
However, you don’t necessarily need to be inside the chroot to use it; see below for how siteadd can use chroots.
Further steps
You will probably want to remake things like home directories inside of the chroot, or you may find some programs may not work properly. For example, the following command will remake your home directory:
$ mkdir -p $HOME $ chmod 700 $HOME
Configuring the web server
Automatic web setup for chroot using siteadd
siteadd can create an ordinary Apache instance that points to PHP installed in a chroot. Sites created this way are normal siteadd instances, except the path to PHP is prefixed with the chroot path. This lets you test multiple versions of PHP in parallel using a familiar Apache web server and FastCGI setup.
First, install PHP in the chroot, as shown earlier in this article.
Then, from outside the chroot, call the addsite command with the -c
flag and the full chroot path. For example, if your chroot is in /QOpenSys/chroots/php80
, call addsite like so:
$ addsite -c /QOpenSys/chroots/php80 -n chrphp80 -p 1999 -I
How it works: When siteadd creates settings in .ini files, it uses the full path to the PHP executable (i.e. /QOpenSys/chroots/php80/QOpenSys/pkgs/bin/php
) and rewrites references as required to point to the chroot. PHP scripts will be executed as normal outside of the chroot, so that they can access /www
.
Note: Running the addsite command requires a user profile with *IOSYSCFG
authority. It’s not enough to have membership in a group with this authority.