mysql配置文件读取路径查看：sudo mysqld --verbose --help |grep -A 1 'Default options'

centos7 上安装 php-7.4 ，因为php7.4需要的组件更新，centos7上面的一些lib太老，不能安装，需要源码编译

需要源码编译的lib库有：

一：pcre库，系统自带太老

下载：https://github.com/PCRE2Project/pcre2/releases

./configure  --prefix=/usr/local/pcre2 --enable-pcre2-16 --enable-pcre2-32 --enable-jit --enable-jit-sealloc

make;make install

export PKG_CONFIG_PATH=/usr/local/pcre2/lib/pkgconfig

二：GD lib库【使用2.3.3版本库会报错，不能高于2.3.3版本】

下载： https://github.com/libgd/libgd/releases 

./configure --prefix=/usr/local/libgd2.3.0

make;make install

#把前面安装的pcre2库也一并导入，要不然找不到导入libgd库后，会提示找不到 pcre2的库

 export  PKG_CONFIG_PATH=/usr/local/pcre2/lib/pkgconfig/:/usr/local/libgd2.3.0/lib/pkgconfig

三：libzip库

下载地址： https://libzip.org/download/libzip-1.3.2.tar.gz

 ./configure --prefix=/usr/local/libzip1.3.2

make;make install

export  PKG_CONFIG_PATH=/usr/local/pcre2/lib/pkgconfig/:/usr/local/libgd2.3.0/lib/pkgconfig/:/usr/local/libzip1.3.2/lib/pkgconfig

./configure  --prefix=/usr/local/php7.4.30  --with-config-file-path=/usr/local/php7.4.30/etc  --enable-fpm  --enable-gd  --with-external-gd  --with-fpm-user=www  --with-fpm-group=www  --enable-inline-optimization  --disable-debug  --disable-rpath  --enable-shared  --enable-soap  --with-libxml --with-xmlrpc  --with-openssl  --with-external-pcre --with-zlib  --enable-bcmath  --with-iconv  --with-bz2  --enable-calendar  --with-curl  --enable-dom  --enable-exif  --enable-fileinfo  --enable-filter  --enable-ftp --with-openssl-dir --with-jpeg --with-zlib-dir --with-freetype --enable-gd-jis-conv --with-gettext --with-gmp --with-mhash --enable-json --enable-mbstring --enable-mbregex --enable-pdo --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd  --with-readline --enable-session --enable-shmop --enable-simplexml --enable-sockets --enable-sysvmsg --enable-sysvsem --enable-sysvshm --with-xsl --with-zip --enable-mysqlnd-compression-support --enable-opcache --without-sqlite3

yum install -y bzip2-devel gdlib-devel libpng-devel libjpeg-turbo-devel.x86_64 libwebp-devel.x86_64 freetype-devel.x86_64 libXpm-devel gmp-devel oniguruma-devel.x86_64  libsqlite3x-devel.x86_64 readline-devel libxslt-devel libxml2 libxml2-devel openssl openssl-devel bzip2 libcurl libcurl-devel libjpeg libjpeg-devel libpng  freetype gmp libmcrypt libmcrypt-devel readline  libxslt libtool

编译opcache扩展时候报如下错误：

In file included from /root/php-7.4.30/ext/opcache/ZendAccelerator.c:46:0:

/usr/local/php7.4.30/include/php/ext/pcre/php_pcre.h:25:19: fatal error: pcre2.h: No such file or directory

 #include "pcre2.h"

                   ^

compilation terminated.

make: *** [ZendAccelerator.lo] Error 1

只需要把/usr/local/pcre2/include/pcre2.h copy到 /usr/local/php7.4.30/include/php/ext/pcre 即可

今天重新编译php-7.4.33时候报如下莫名其妙错误：

Fatal Error Unable to allocate shared memory segment of 134217728 bytes: unknown: Inappropriate ioct

这个是由于，opcache模块编译有问题导致，重新编译即可

报错

Sep 02 19:21:29 qix5-db polkitd[620]: Unregistered Authentication Agent for unix-process:3492:256033158 (system bus name :1.74715, object path /org/freedesktop/PolicyKit1/A

Sep 02 19:21:29 qix5-db php-fpm[3498]: [02-Sep-2022 19:21:29] ERROR: failed to open access log (/usr/local/php7.4.30/log/www.access.log): No such file or directory (2)

Sep 02 19:21:29 qix5-db php-fpm[3498]: [02-Sep-2022 19:21:29] ERROR: failed to post process the configuration

Sep 02 19:21:29 qix5-db php-fpm[3498]: [02-Sep-2022 19:21:29] ERROR: FPM initialization failed

Sep 02 19:21:29 qix5-db systemd[1]: php-fpm-7.4.30.service: main process exited, code=exited, status=78/n/a

Sep 02 19:21:29 qix5-db systemd[1]: Unit php-fpm-7.4.30.service entered failed state.

Sep 02 19:21:29 qix5-db systemd[1]: php-fpm-7.4.30.service failed.

通过如上编译的php-7.4.30 启动脚本在 ，可以copy 到默认目录中即可。  cp ./php7.4.30/sapi/fpm/php-fpm.service /usr/lib/systemd/system/php-fpm.service

php扩展下载地址：https://pecl.php.net/package/redis

这是因为脚本 /usr/lib/systemd/system/php-fpm-7.4.30.service 中如下指令把下列目录变成只读的了，/usr, /boot, and /etc directories read-only  因此，php-fpm.conf中的错误日期，slow_log ，access_log 不能放在下面目录中，需要改成其他目录，比如/var/log 目录   

ProtectSystem=full

php-fpm-7.4.30 systemd启动脚本：

# It's not recommended to modify this file in-place, because it

# will be overwritten during upgrades.  If you want to customize,

# the best way is to use the "systemctl edit" command.

[Unit]

Description=The PHP FastCGI Process Manager

After=network.target

[Service]

Type=simple

PIDFile=/usr/local/php7.4.30/var/run/php-fpm.pid

ExecStart=/usr/local/php7.4.30/sbin/php-fpm --nodaemonize --fpm-config /usr/local/php7.4.30/etc/php-fpm.conf

ExecReload=/bin/kill -USR2 $MAINPID

# Set up a new file system namespace and mounts private /tmp and /var/tmp directories

# so this service cannot access the global directories and other processes cannot

# access this service's directories.

PrivateTmp=true

# Mounts the /usr, /boot, and /etc directories read-only for processes invoked by this unit.

ProtectSystem=full

# Sets up a new /dev namespace for the executed processes and only adds API pseudo devices

# such as /dev/null, /dev/zero or /dev/random (as well as the pseudo TTY subsystem) to it,

# but no physical devices such as /dev/sda.

PrivateDevices=true

# Explicit module loading will be denied. This allows to turn off module load and unload

# operations on modular kernels. It is recommended to turn this on for most services that

# do not need special file systems or extra kernel modules to work.

ProtectKernelModules=true

# Kernel variables accessible through /proc/sys, /sys, /proc/sysrq-trigger, /proc/latency_stats,

# /proc/acpi, /proc/timer_stats, /proc/fs and /proc/irq will be made read-only to all processes

# of the unit. Usually, tunable kernel variables should only be written at boot-time, with the

# sysctl.d(5) mechanism. Almost no services need to write to these at runtime; it is hence

# recommended to turn this on for most services.

ProtectKernelTunables=true

# The Linux Control Groups (cgroups(7)) hierarchies accessible through /sys/fs/cgroup will be

# made read-only to all processes of the unit. Except for container managers no services should

# require write access to the control groups hierarchies; it is hence recommended to turn this on

# for most services

ProtectControlGroups=true

# Any attempts to enable realtime scheduling in a process of the unit are refused.

RestrictRealtime=true

# Restricts the set of socket address families accessible to the processes of this unit.

# Protects against vulnerabilities such as CVE-2016-8655

RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK AF_UNIX

# Takes away the ability to create or manage any kind of namespace

RestrictNamespaces=true

[Install]

WantedBy=multi-user.target

libzip-1.3.2下载