Run Rails with Passenger on Apache with Plesk - ruby-on-rails

I have everything installed as per this tutorial:
https://www.digitalocean.com/community/tutorials/how-to-setup-a-rails-4-app-with-apache-and-passenger-on-centos-6
But when I go to the website, I get an error, and in the error log it shows this:
[ 2015-02-26 16:17:47.3041 28207/7f7326058780 agents/Watchdog/Main.cpp:728 ]: All Phusion Passenger agents started!
[Thu Feb 26 16:17:47.305819 2015] [mpm_prefork:notice] [pid 28184] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 Phusion_Passenger/4.0.59 mod_perl/2.0.9-dev Perl/v5.16.3 configured -- resuming normal operations
[Thu Feb 26 16:17:47.305844 2015] [core:notice] [pid 28184] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[ 2015-02-26 16:22:04.7157 28225/7f2c65840840 apache2/Hooks.cpp:151 ]: A filesystem exception occured.
Message: Cannot stat '/var/www/vhosts/blah.blah/httpdocs/config.ru
Backtrace:
in 'void Passenger::DirectoryMapper::autoDetect()' (DirectoryMapper.h:144)
in 'bool Hooks::prepareRequest(request_rec*, Passenger::DirConfig*, const char*, bool)' (Hooks.cpp:374)
Can anyone help?
The config.ru file was auto generated by rails, and it has these lines:
# This file is used by Rack-based servers to start the application.
require ::File.expand_path('../config/environment', __FILE__)
run BlahBlah::Application

Your problem can be related to the following things:
config.ru file is not exists by the specified path
Try to execute command for check this:
ls -la /var/www/vhosts/blah.blah/httpdocs/config.ru
Passenger doesn't have permissions to read this file
Try to execute command for check this:
namei -lm /var/www/vhosts/blah.blah/httpdocs/config.ru
P.S.
I noticed you are using shared hosting. Don't use them if you want to avoid a lot of different problems. Use VPS servers instead. Like Digital Ocean or Linode for Rails applications.

Related

Ubuntu - Apache: Passenger not launching Rails app at all

I'm working on Ubuntu 16.04 with Apache. I try to start my rails application with Phusion Passeger. But the application is not started at all, I get HTML 403 "You don't have permission to access /kainji/ on this server" if I enter the URL: http://poyry.wo.local/kainji and the only log in other_vhosts_access.log:
poyry.wo.local:80 127.0.0.1 - - [13/Dec/2018:15:19:28 +0100] "GET /kainji/ HTTP/1.1" 403 513 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.84 Safari/537.36" 2265
I have the following file in sites-available directory linked into sites-enabled directory:
<VirtualHost *:80>
ServerName poyry.wo.local
DocumentRoot /var/www/html/dev/rails
<Directory /var/www/html/dev/rails>
Options -Indexes
Allow from all
</Directory>
PassengerBaseURI /kainji
<Directory /var/www/html/dev/rails/v2p0-kanji/public>
RailsEnv development
Options -MultiViews
</Directory>
</VirtualHost>
If I remove the link I get HTML 404: "The requested URL /kainji was not found on this server." what is correct.
In Apache error log I see, that Passenger was started:
[ 2018-12-12 14:17:41.8778 4321/7efdbb745780 age/Wat/WatchdogMain.cpp:1291 ]: Starting Passenger watchdog...
[ 2018-12-12 14:17:41.8885 4324/7f0b49b28780 age/Cor/CoreMain.cpp:982 ]: Starting Passenger core...
[ 2018-12-12 14:17:41.8886 4324/7f0b49b28780 age/Cor/CoreMain.cpp:235 ]: Passenger core running in multi-application mode.
[ 2018-12-12 14:17:41.8908 4324/7f0b49b28780 age/Cor/CoreMain.cpp:732 ]: Passenger core online, PID 4324
[ 2018-12-12 14:17:41.9045 4356/7fd543c3b780 age/Ust/UstRouterMain.cpp:529 ]: Starting Passenger UstRouter...
[ 2018-12-12 14:17:41.9051 4356/7fd543c3b780 age/Ust/UstRouterMain.cpp:342 ]: Passenger UstRouter online, PID 4356
[Wed Dec 12 14:17:42.201857 2018] [ssl:warn] [pid 4318] AH01909: centos1.tibi1959.hu:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 12 14:17:42.209447 2018] [mpm_prefork:notice] [pid 4318] AH00163: Apache/2.4.18 (Ubuntu) Phusion_Passenger/5.0.29 OpenSSL/1.0.2g configured -- resuming normal operations
[Wed Dec 12 14:17:42.209484 2018] [core:notice] [pid 4318] AH00094: Command line: '/usr/sbin/apache2'
Also the validating of the passenger installation is OK:
$ /usr/bin/passenger-config validate-install
What would you like to validate?
Use <space> to select.
If the menu doesn't display correctly, press '!'
⬢ Passenger itself
‣ ⬢ Apache
-------------------------------------------------------------------------
Checking whether there are multiple Apache installations...
Only a single installation detected. This is good.
-------------------------------------------------------------------------
* Checking whether this Passenger install is in PATH... ✓
* Checking whether there are no other Passenger installations... ✓
* Checking whether Apache is installed... ✓
* Checking whether the Passenger module is correctly configured in Apache... ✓
Everything looks good. :-)
What is wrong?
From a first look, I would guess that the issue is caused by the static file service overriding the application.
The 403 error is due to the fact that directory listings are disabled and there's no index.html file to display.
You might want to change the way you set up the static file service, so the url requires the "public" folder name. This way, you could set the application server to route to the /kainji path.
Maybe something like:
```
ServerName poyry.wo.local
DocumentRoot /var/www/html/dev/rails/kainji/public
PassengerBaseURI /kainji
RailsEnv development
Options -MultiViews
```

Webistrano stuck on deploy:update_code

I've been trying to set up webistrano on one of our servers. Everything went well, until I tried deploying my set up. Webistrano is currenlty set up to live on the test server, so I want it to deploy to 127.0.0.1
The configuration contains valid user, webistrano, that should have access to
/home/webistrano/.subversion/servers
the password for that user is correct. Could someone shed some light as to what might be going wrong with it?
*** SSH options: setting ssh_port to: 22
*** LOCAL SCM ERROR: svn: warning: Can't open file '/home/webistrano/.subversion/servers': Permission denied
* executing `deploy'
* executing `deploy:update'
** transaction: start
* executing `deploy:update_code'
* executing "svn checkout -q --username webistrano --password XXXXXXXX --no-auth-cache -r27687 http://server.com/repos/server/clients/site/trunk /var/www/vhosts/server.com/releases/20121001183038 && (echo 27687 > /var/www/vhosts/server.com/releases/20121001183038/REVISION)"
servers: ["127.0.0.1"]
*** [deploy:update_code] rolling back
* executing "rm -rf /var/www/vhosts/server.com/releases/20121001183038; true"
servers: ["127.0.0.1"]
** [deploy:update_code] exception while rolling back: Capistrano::ConnectionError, connection failed for: 127.0.0.1 (Errno::EACCES: Permission denied - connect(2))
*** connection failed for: 127.0.0.1 (Errno::EACCES: Permission denied - connect(2))
debugging with
puts system('id') in deployer.rb returns
uid=500(webistrano) gid=500(webistrano) groups=500(webistrano) context=unconfined_u:system_r:httpd_t:s0
and ls -all /home/webistrano returns:
drwxrwxr-x. 3 webistrano webistrano 4096 Sep 27 16:59 .subversion
ls -all /home/webistrano/.subversion returns:
drwxrwxr-x. 3 webistrano webistrano 4096 Oct 1 20:02 .
drwx------. 4 webistrano webistrano 4096 Oct 1 22:14 ..
drwx------. 6 webistrano webistrano 4096 Sep 27 16:59 auth
-rw-rw-r--. 1 webistrano webistrano 6866 Sep 27 16:59 config
-rw-rw-r--. 1 webistrano webistrano 4276 Sep 27 16:59 README.txt
-rw-rw-r--. 1 webistrano webistrano 7674 Oct 1 20:02 servers
Which shows that servers should be fully readable by everyone?
What's going on?
It turns out this was an issue with Passenger.
Phusion Passenger is supposed to run as the user who owns conf/environment.conf (which in my case was webistrano). Displaying the user id also showed webistrano, but if I changed it to run as nobody, the svn error stopped appearing. I was unable to svn export the code though, probably because nobody does not have a home directory.
I ended up running webistrano through mongrel, and starting it by doing:
$ su - webistrano
to make sure that the correct home environment is loaded and all the permissions are correct.
It works perfect now . Hope this helps somebody

Rails errors causing Apache / Passanger internal server errors

Ok I thought I was close to getting passenger and Apache working. I notice that some gem files were not installed after navigating to the url to see if my rails app was working. Passanger error page let me know what gems were missing so I got them installed.
Now going to the URL I get a 500 Apache internal error page with no helpful info so I checked out the log file on the server and here is what I see.
Rails Error: Unable to access log file. Please ensure that /home/mydirectory/dev/vb/log/production.log exists and is chmod 0666. $
Rack: /home/mydirectory/dev/vb: symbol lookup error: /usr/local/rvm/gems/ruby-1.9.2-p0#prodset/gems/sqlite3-ruby-1.2.4/lib/sqlite$
[Tue Dec 07 20:12:17 2010] [error] [client 64.58.208.22] Premature end of script headers:
[ pid=20653 thr=140618873321280 file=ext/apache2/Hooks.cpp:816 time=2010-12-07 20:12:17.617 ]: The backend application (proce$
Rack: /home/mydirectory/dev/vb: symbol lookup error: /usr/local/rvm/gems/ruby-1.9.2-p0#prodset/gems/sqlite3-ruby-1.2.4/lib/sqlite$
[Tue Dec 07 20:12:43 2010] [error] [client 64.58.208.22] Premature end of script headers:
Rack: /home/mydirectory/dev/vb: symbol lookup error: /usr/local/rvm/gems/ruby-1.9.2-p0#prodset/gems/sqlite3-ruby-1.2.4/lib/sqlite$
[Tue Dec 07 20:13:25 2010] [error] [client 64.58.208.22] Premature end of script headers:
[ pid=21932 thr=140618873321280 file=ext/apache2/Hooks.cpp:816 time=2010-12-07 20:13:25.168 ]: The backend application (proce$
Rack: /home/mydirectory/dev/vb: symbol lookup error: /usr/local/rvm/gems/ruby-1.9.2-p0#prodset/gems/sqlite3-ruby-1.2.4/lib/sqlite$
[Tue Dec 07 20:13:31 2010] [error] [client 64.58.208.22] Premature end of script headers:
[ pid=20623 thr=140618873321280 file=ext/apache2/Hooks.cpp:816 time=2010-12-07 20:13:31.266 ]: The backend application (proce$
Rails Error: Unable to access log file. Please ensure that /home/mydirectory/dev/vb/log/production.log exists and is chmod 0666. $
Rack: /home/mydirectory/dev/vb: symbol lookup error: /usr/local/rvm/gems/ruby-1.9.2-p0#prodset/gems/sqlite3-ruby-1.2.4/lib/sqlite$
[Tue Dec 07 20:24:56 2010] [error] [client 64.58.208.22] Premature end of script headers:
[ pid=20622 thr=140618873321280 file=ext/apache2/Hooks.cpp:816 time=2010-12-07 20:24:56.442 ]: The backend application (proce$
Rack: /home/mydirectory/dev/vb: symbol lookup error: /usr/local/rvm/gems/ruby-1.9.2-p0#prodset/gems/sqlite3-ruby-1.2.4/lib/sqlite$
anyone have any suggestions on what I should look at next. I have tried running bundler and also using rvm to install sqlite3 and I still have the same issue.
thanks again for any help
Did you checked the suggestion on the first line of the error log?
Rails Error: Unable to access log file. Please ensure that /home/mydirectory/dev/vb/log/production.log exists and is chmod 0666.

Passenger/mod_rails fails to initialize in Fedora 12 when starting Apache

I am in the process of setting up a server to run a Ruby on Rails application on Fedora 12, using Passenger.
I am at the stage where I've installed Passenger, set it up as prescribed, but get the following errors when I restart Apache:
[Wed Jan 13 15:41:38 2010] [notice] caught SIGTERM, shutting down
[Wed Jan 13 15:41:40 2010] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0
[Wed Jan 13 15:41:40 2010] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Jan 13 15:41:40 2010] [error] *** Passenger could not be initialized because of this error: Cannot create FIFO file /tmp/passenger.25235/.guard: Permission denied (13)
[Wed Jan 13 15:41:40 2010] [notice] Digest: generating secret for digest authentication ...
[Wed Jan 13 15:41:40 2010] [notice] Digest: done
[Wed Jan 13 15:41:40 2010] [error] *** Passenger could not be initialized because of this error: Cannot create FIFO file /tmp/passenger.25235/.guard: Permission denied (13)
[Wed Jan 13 15:41:40 2010] [error] python_init: Python version mismatch, expected '2.6', found '2.6.2'.
[Wed Jan 13 15:41:40 2010] [error] python_init: Python executable found '/usr/bin/python'.
[Wed Jan 13 15:41:40 2010] [error] python_init: Python path being used '/usr/lib/python26.zip:/usr/lib/python2.6/:/usr/lib/python2.6/plat-linux2:/usr/lib/python2.6/lib-tk:/usr/lib/python2.6/lib-old:/usr/lib/python2.6/lib-dynload'.
[Wed Jan 13 15:41:40 2010] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Wed Jan 13 15:41:40 2010] [notice] mod_python: using mutex_directory /tmp
[Wed Jan 13 15:41:40 2010] [notice] Apache/2.2.14 (Unix) DAV/2 Phusion_Passenger/2.2.9 PHP/5.3.0 mod_python/3.3.1 Python/2.6.2 mod_ssl/2.2.14 OpenSSL/1.0.0-fips-beta3 mod_perl/2.0.4 Perl/v5.10.0 configured -- resuming normal operations
As you can see, there is a permissions problem when Passenger is trying to initialize:
[Wed Jan 13 15:41:40 2010] [error] *** Passenger could not be initialized because of this error: Cannot create FIFO file /tmp/passenger.25235/.guard: Permission denied (13)
When Apache is starts, it does create a file in /tmp:
d-ws--x--x. 2 root root 4096 2010-01-13 16:04 passenger.26117
If instead I run the app by firing up mongrel directly with mongrel_rails start -e production, I see the following:
ActiveRecord::StatementInvalid (Mysql::Error: Can't create/write to file '/tmp/#sql_5d3_0.MYI' (Errcode: 13): SHOW FIELDS FROM `users`):
Again the error points to permission issues with the /tmp directory.
I am at a loss as to what the solution is. I'm not sure if it is related to simply directory permissions or Fedora's SELinux security.
Any help would be appreciated. Thanks.
I did the same as Fred, except that instead of doing it one error at a time:
Go into permissive mode by running setenforce 0
Restart apache, and hit your site and use it for a while as normal
Run grep httpd /var/log/audit/audit.log | audit2allow -M passenger
semodule -i passenger.pp
Go back to enforcing mode by running setenforce 1
Restart apache and test your site - hopefully it should all be working as before!
Note that this is basically a specific example of the procedure on the Centos SELinux help - check it out.
I'm having the same issue in CentOS 5.4, SELinux getting in the way of Passenger.
Setting PassengerTempDir to /var/run/passenger simply gives you the same permission errors in the new directory instead of /tmp :
[Mon Feb 22 11:42:40 2010] [error] *** Passenger could not be initialized because of this error: Cannot create directory '/var/run/passenger/passenger.3686'
I can then change the security context of /var/run/passenger to get past this error:
chcon -R -h -t httpd_sys_content_t /var/run/passenger/
...and that lets Passenger create the temp directory, but not files within that directory:
[Mon Feb 22 12:07:06 2010] [error] *** Passenger could not be initialized because of this error: Cannot create FIFO file /var/run/passenger/passenger.3686/.guard: Permission denied (13)
Oddly, re-running the recursive chcon again doesn't get past this error, it keeps dying at this point, and this is where my SELinux knowledge gets murky.
The Phusion Passenger guide sections 6.3.5 and 6.3.7 have some useful thoughts, but they don't seem to completely resolve the problem.
You need more than just the httpd_sys_content_t permission. I use the following technique to get things started:
start a tail on the audit log: tail -f /var/log/audit/audit.log
reload apache: apachectl restart
Go to the /tmp/directory: cd /tmp
If just 1 line is added use the command: tail -1 /var/log/audit/audit.log | audit2allow -M httpdfifo
Note that the name 'httpdfifo' is just a name chosen to reflect the kind of error that has been observed.
This will create a file named 'httpdfifo.pp'. To allow apache to create a FIFO from here on after you have to issue the command: semodule -i httpdfifo.pp
Continue to do this until all audit errors have been resolved (It took 4 different kind of permissions on my system running Centos 5.4)
Running setenforce 0 before starting will let you test if it's SELinux. Don't forget to run setenforce 1 afterwards.
I tried what Dan Sketcher and Fred Appleman suggested, i.e. repeat the following:
yum install setroubleshoot
echo > /var/log/audit/audit.log # clear irrelevant errors
cd ~
service httpd restart # try booting passenger -- audit.log now shows the relevant permission errors
tail -f /var/log/httpd/error_log # check that passenger is still failing due to permission errors
sealert -a /var/log/audit/audit.log > selinux-diag.txt # translate the permission errors
# read and check that you are happy with selinux-diag.txt
# and either follow its specific advice, or if it just wants you to grep into audit2allow, then:
cat /var/log/audit/audit.log | audit2allow -M mypol # grant everything just denied
semodule -i mypol.p # commit new permissions
But after doing this 5 or 6 times, I kept coming up against new errors, and some of the same errors came up even after I had tried to permit them with "audit2allow".
In the end I just turned off SELinux, with:
echo 0 >/selinux/enforce

Apache shutting down unexpectedly

I have a mongrel server running behind Apache. It works fine; however, every now and then the Apache server shuts downs seemingly by itself. I'm not sure if there is configuration issue or if it's an attack. Here is Apache error log:
[Thu Apr 30 02:15:07 2009] [notice] SIGHUP received. Attempting to restart
[Thu Apr 30 02:15:07 2009] [warn] NameVirtualHost *:0 has no VirtualHosts
[Thu Apr 30 02:15:07 2009] [notice] Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 configured -- resuming normal operations
[Thu Apr 30 02:17:13 2009] [error] [client 61.139.105.163] File does not exist: /var/www/fastenv
[Thu Apr 30 02:24:06 2009] [error] [client 61.139.105.163] File does not exist: /var/www/fastenv
[Thu Apr 30 10:49:18 2009] [warn] pid file /var/run/apache2.pid overwritten -- Unclean shutdown of previous Apache run?
[Thu Apr 30 10:49:18 2009] [notice] Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 configured -- resuming normal operations
[Thu Apr 30 12:53:08 2009] [notice] SIGHUP received. Attempting to restart
[Thu Apr 30 12:53:08 2009] [warn] NameVirtualHost *:0 has no VirtualHosts
[Thu Apr 30 12:53:08 2009] [notice] Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 configured -- resuming normal operations
[Thu Apr 30 12:59:15 2009] [notice] SIGHUP received. Attempting to restart
[Thu Apr 30 12:59:15 2009] [warn] NameVirtualHost *:0 has no VirtualHosts
[Thu Apr 30 12:59:15 2009] [notice] Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 configured -- resuming normal operations
[Thu Apr 30 13:58:49 2009] [notice] SIGHUP received. Attempting to restart
[Thu Apr 30 13:58:49 2009] [warn] NameVirtualHost *:0 has no VirtualHosts
[Thu Apr 30 13:58:49 2009] [notice] Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 configured -- resuming normal operations
[Fri May 01 10:59:07 2009] [warn] pid file /var/run/apache2.pid overwritten -- Unclean shutdown of previous Apache run?
[Fri May 01 10:59:07 2009] [notice] Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 configured -- resuming normal operations
[Fri May 01 17:51:15 2009] [warn] pid file /var/run/apache2.pid overwritten -- Unclean shutdown of previous Apache run?
[Fri May 01 17:51:15 2009] [notice] Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 configured -- resuming normal operations
Not quite sure what is /var/www/fastenv but I don't think there is anything in my application that calls that. Also, website is still in Beta mode with few users and I don't think any have 61.139.105.163 IP address but it's possible that they might have it.
Any ideas? It would be good if you can give me hints where to look or how to go about anaysing this problem
I have the exact same log from the same IP. Looking it up shows it to belong to the Chinese government. It appears to be a scan using server side includes to find out as much as they can about your server. I banned the IP.
Not sure this is entirely programming-related, but anyway... none of those look like serious errors to me. The accesses to /var/www/fastenv just mean that the computer at IP address 61.139.105.163 sent a request for http://www.example.com/fastenv or something like that (it depends on exactly how you've configured your virtual hosts); I'd look at the access log for more information, to see what other requests have been coming from that IP address. It's probably not anything to worry about.
The line about NameVirtualHost *:0 means that somewhere in your configuration file you have an incorrect NameVirtualHost directive, maybe with no arguments. You should probably look for that and remove it, but if the server is running fine anyway, it's not a big deal.
The reason your server is terminating (restarting, actually) appears to be a SIGHUP - that is, something on the system is sending Apache a signal telling it to restart. It's basically the same thing that happens if you run apache2 restart, I think. Without knowing what's sending that signal, there's not more I can say.
61.139.105.163 is known for doing all kinds of hacking type things, just google the IP address. You should definitly ban this IP address.
Click on Apache Config --> Apache(httpd.conf)
Search for #Listen 12.34.56.78:80 and replace it with #Listen 12.34.56.78:8081.
Search for Listen 80 and replace it with Listen 8081.
Now you can start Apache now, and can run it with this URL: localhost:8081/xampp/

Resources