• PHP
  • Ruby on Rails
  • MySQL
  • Linux
    • SELINUX
    • Fedora
    • debian
  • Apache
  • nginx
  • AJAX
Albertech.net

Tag Archives: Passenger

Installing Phusion Passenger 4.0 with SELINUX and Apache on RHEL 6.3

April 3, 2013 12:54 pm / Albertech.net

Installing Phusion Passenger 4 with SELINUX enabled is quite a challenge, especially with the lack of documentation out there with the latest version of Passenger.

Installation Notes:

Follow the following guide: http://www.seifeet.com/2012/09/ruby-apache-on-centos-63.html. This will get you 90% of the way there.

There are a few changes that I needed to make to get it working properly with my app.

Set the passenger temp folder to /var/run/rubygem-passenger instead of /tmp/ in the Apache config.  (/etc/httpd/conf.d/passenger.conf)

PassengerTempDir /var/run/rubygem-passenger

The reason behind this is due to the SELINUX permissions on the parent /tmp folder will not work properly. If you don’t have the PassengerTempDir set in Apache, you will get an error of a temp folder not being set when running “grep httpd /var/log/audit/audit.log | audit2allow -M passenger“

Here’s the permissions I have for the rubygem-passenger folder:

rvm rvm system_u:object_r:httpd_var_run_t:s0 rubygem-passenger

Set the permissions of the /myrailsapp/tmp folder

If you are using compiled CSS libraries such as Compass, you will need to set the proper SELINUX permissions for the compiled assets folder. Otherwise, any changes to the compiled css files will cause a fatal error in your application (read failure in the tmp folder).

chcon -R -t httpd_sys_rw_content_t tmp

Sample Passenger configuration file for Apache (/etc/httpd/conf.d/passenger.conf)

LoadModule passenger_module /usr/local/rvm/gems/ruby-2.0.0-p0/gems/passenger-4.0.0.rc4/libout/apache2/mod_passenger.so

PassengerRoot /usr/local/rvm/gems/ruby-2.0.0-p0/gems/passenger-4.0.0.rc4
PassengerRuby /usr/local/rvm/wrappers/ruby-2.0.0-p0/ruby

PassengerDefaultUser rvm
PassengerDefaultGroup rvm

PassengerLogLevel 2
PassengerDebugLogFile /var/log/httpd/passenger.log

PassengerPreStart [YOUR SITE URL]
PassengerMaxPoolSize 2
PassengerPoolIdleTime 300
PassengerTempDir /var/run/rubygem-passenger

Still having issues with the install? Here’s some fixes:

Error:  Cannot stat ‘/var/run/rubygem-passenger/passenger.1.0.19162’: Permission denied
Fix: This is due to SELINUX blocking access to the folder. Run the “grep httpd /var/log/audit/audit.log | audit2allow -M passenger” after changing setenforce to 0, restarting httpd, and adding the policy via semanage -i passenger.pp.

Error: Cannot change the directory ‘/tmp/passenger.1.0.—/generation-0/buffered_uploads’ its UID to 48 and GID to 48
Fix:
This is a regular user permission issue (User/Group needs to have write permissions) and is also related to not using /var/run/rubygem-passenger

Error: Errno::EACCES Permission Denied
Fix:
 Your /[myrailsapp]/tmp folder permissions is incorrect. Compiled CSS libraries use the /[myrailsapp]/tmp folder to save all the data  This could be either the user/group permissions or the SELINUX. The fastest way to check to see if its a SELINUX issue is setting setenforce to 0 and restarting httpd. If the app works, then you will need to set the /[myrailsapp]/tmp folder permissions. If not, check to see that the folder has global read/write permissions.

 

Share this:

  • Facebook
  • Google
  • Twitter
  • Print
  • Email
Posted in: Ruby on Rails / Tagged: passenger, rails, SELinux

Categories

  • AJAX
  • Android
  • Apache
  • Canon Cameras
  • Cloud
  • CMS
  • Computer Mods
  • Conferences
  • Deals
  • debian
  • Fedora
  • Flash
  • Frameworks
  • git
  • Hardware
  • HTML
  • IDE
  • iPhone
  • iPhone App Review
  • jQuery
  • Linux
  • Mac OS X
  • MySQL
  • nginx
  • PHP
  • portfolio
  • Puppet
  • Ruby on Rails
  • Script Reviews
  • SELINUX
  • Software
  • Software Review
  • SQL Server
  • statistics
  • Tech
  • Tomcat
  • Uncategorized
  • VMWARE
  • VPS
  • Windows
  • wordpress
  • Zend Framework

Blogroll

  • DragonAl Flickr
  • Dropbox – Free 2GB Account
  • James' Blog
  • Javascript Compressor
  • PHP Builder Community
  • PHP-Princess.net
  • Rubular – Regular Expression Validator
  • The Scale-Out Blog
  • Tiny MCE

Tags

activation AJAX android antec Apache AWS awstats canon coda codeigniter debian enclosure external free G1 install vmware tools Internet Explorer iphone 5 jquery Linux mx-1 MySQL office 2007 OSX photoshop PHP plugin plugins portfolio redesigned website review rewrite script security SELinux ssh tinymce tutorial upgrade VMWARE vmware server wordpress wordpress mu XSS zend framework
© Copyright 2013 Albertech.net
Infinity Theme by DesignCoral / WordPress
loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.