Search code examples

Passenger/mod_rails fails to initialize in Fedora 12 when starting Apache

I am in the process of setting up a server to run a Ruby on Rails application on Fedora 12, using Passenger.

I am at the stage where I've installed Passenger, set it up as prescribed, but get the following errors when I restart Apache:

[Wed Jan 13 15:41:38 2010] [notice] caught SIGTERM, shutting down
[Wed Jan 13 15:41:40 2010] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0
[Wed Jan 13 15:41:40 2010] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Jan 13 15:41:40 2010] [error] *** Passenger could not be initialized because of this error: Cannot create FIFO file /tmp/passenger.25235/.guard: Permission denied (13)
[Wed Jan 13 15:41:40 2010] [notice] Digest: generating secret for digest authentication ...
[Wed Jan 13 15:41:40 2010] [notice] Digest: done
[Wed Jan 13 15:41:40 2010] [error] *** Passenger could not be initialized because of this error: Cannot create FIFO file /tmp/passenger.25235/.guard: Permission denied (13)
[Wed Jan 13 15:41:40 2010] [error] python_init: Python version mismatch, expected '2.6', found '2.6.2'.
[Wed Jan 13 15:41:40 2010] [error] python_init: Python executable found '/usr/bin/python'.
[Wed Jan 13 15:41:40 2010] [error] python_init: Python path being used '/usr/lib/'.
[Wed Jan 13 15:41:40 2010] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Wed Jan 13 15:41:40 2010] [notice] mod_python: using mutex_directory /tmp 
[Wed Jan 13 15:41:40 2010] [notice] Apache/2.2.14 (Unix) DAV/2 Phusion_Passenger/2.2.9 PHP/5.3.0 mod_python/3.3.1 Python/2.6.2 mod_ssl/2.2.14 OpenSSL/1.0.0-fips-beta3 mod_perl/2.0.4 Perl/v5.10.0 configured -- resuming normal operations

As you can see, there is a permissions problem when Passenger is trying to initialize:

[Wed Jan 13 15:41:40 2010] [error] *** Passenger could not be initialized because of this error: Cannot create FIFO file /tmp/passenger.25235/.guard: Permission denied (13)

When Apache is starts, it does create a file in /tmp:

d-ws--x--x. 2 root  root  4096 2010-01-13 16:04 passenger.26117

If instead I run the app by firing up mongrel directly with mongrel_rails start -e production, I see the following:

ActiveRecord::StatementInvalid (Mysql::Error: Can't create/write to file '/tmp/#sql_5d3_0.MYI' (Errcode: 13): SHOW FIELDS FROM `users`):

Again the error points to permission issues with the /tmp directory.

I am at a loss as to what the solution is. I'm not sure if it is related to simply directory permissions or Fedora's SELinux security.

Any help would be appreciated. Thanks.


  • I did the same as Fred, except that instead of doing it one error at a time:

    1. Go into permissive mode by running setenforce 0
    2. Restart apache, and hit your site and use it for a while as normal
    3. Run grep httpd /var/log/audit/audit.log | audit2allow -M passenger
    4. semodule -i passenger.pp
    5. Go back to enforcing mode by running setenforce 1
    6. Restart apache and test your site - hopefully it should all be working as before!

    Note that this is basically a specific example of the procedure on the Centos SELinux help - check it out.