In <[🔎] AANLkTin+A446cEdM_cwRqavp4LadgFYdj0kYSHo-kHWU@mail.gmail.com>, Ed Curtis wrote: >Is there a way I can install php4 on my fresh install of Debian 6.0? I will >also need many php4 mods such as gd, mysql, etc. Okay, I hope the other three replies you got made this clear: Using PHP4 is dangerous, do not do it if you do not have to. Even if you have to run PHP4 for now, prioritize moving to PHP5 in the near future. PHP4 was dropped from Debian (see bug 428266) on or around 2007-07-04, before Lenny was released. This means that the master repository should no longer contain PHP4 packages. However, Debian provides two different archival services that may allow you get .debs or even use an APT repository in order to install PHP4. (Method 1.) The most complete is snapshot.d.o. It currently holds dozens of PHP4 versions <http://snapshot.debian.org/package/php4/>. For the most recent version, a large number of binary packages were generated and are available <http://snapshot.debian.org/package/php4/6:4.4.6-2/>. When installing PHP4 using this method, you will download .deb packages and install them using dpkg. You will have to resolve dependencies manually, but dpkg will issue a warning that includes enough information for you to look up those packages on snapshot.d.o as well. (Method 2.) Less complete, but more familiar to some is archive.d.o. Here, the last version of each Debian release is archived. You can point apt to the Etch archive using a line like: deb http://archive.debian.org/debian etch main This service also holds a number of other Etch-related APT repositories that you might want to use when trying to run an Etch system. When installing via APT, dependencies will be resolved automatically and pulled from any configured repository. This allows you to try and mix Etch's PHP4 packages with Lenny's base system (which will still get security updates) or even Squeeze's kernel (which is fully supported by Debian Developers right now). While just using Etch packages puts you beyond support, mixing releases can certainly cause its own trouble. (Method 3.) If you need a version that was in Debian testing or unstable, but was never in a released version of Debian and you still want to use APT to install packages, you'll go back to snapshot.d.o. You might also do this if the version on archive.d.o has a regression in it. archive.d.o just has the final state of the repository; snapshot.d.o saves old state as well and makes them easily accessible by date. For example, you can use the following line to tell APT to get packages from Lenny the last time PHP4 was in it (when it was testing) -- 2007-05-29: deb http://snapshot.debian.org/archive/debian/20070529 lenny main A second example, you can use the following line to tell APT to get packages from Sid the last time PHP4 was in it -- 2007-05-01: deb http://snapshot.debian.org/archive/debian/20070501 sid main (Conclusion and Recommendation.) Unless you have some specific need that you didn't mention in your original post, I recommend taking a working Lenny install and adding Etch from archive.d.o to the available sources. Mixing Etch and Lenny shouldn't cause too many issues, and I think having security support for as many packages as possible (the ones you pull from Lenny) is important enough to balance those issues. Even with that support, you'll want to step up the level of paranoia in your security practices around that installation. You will need to migrate away from PHP4 in less than a year under this plan. Security support for Lenny will have run out by then. Also, the Etch/Lenny mixture might continue to give you issues, but you'd lose the benefit of security support. At that point, mixing Etch with anything with security support will be untenable. If you want to have PHP4 available indefinitely, don't mix Lenny and Etch. Just install Etch and be super-isolationist- paranoid about that install; I'm pretty sure there are known attacks against some of the software that was in Etch. -- Boyd Stephen Smith Jr. ,= ,-_-. =. bss@iguanasuicide.net ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' http://iguanasuicide.net/ \_/
Attachment:
signature.asc
Description: This is a digitally signed message part.