jblaine at kickflop
Feb 21, 2012, 5:49 PM
Post #1 of 5
Well now. What a total waste of 4 hours so far :( It's
a shame this is what web app deployment is in 2012 still.
I remember this same old sort of crap from a decade ago.
If anyone has any ideas, please share.
I'm choosing FastCGI so that I can use my own Perl build,
and not Red Hat's built into mod_perl.
I've read docs/web_deployment.pod. It includes an Apache
snippet, doesn't mention suexec configuration like the wiki
does, doesn't mention the suexec DocumentRoot restriction,
etc... Not a very useful document here so far.
Here's rt-server.fcgi below, copied into the spot where Red Hat's
"suexec" *must* find it located (under the compiled-in
DocumentRoot). As you can see, it is owned by the
suexec-destination user and group so suexec is happy:
[root [at] rtdev httpd]#
[root [at] rtdev ~]# cd /var/www
[root [at] rtdev www]# ls -ld .
drwxr-xr-x 7 root root 4096 Feb 21 20:05 ./
[root [at] rtdev www]# ls -ld fcgi/
dr-xr-xr-x 2 rt rt 4096 Feb 21 20:12 fcgi//
[root [at] rtdev www]# ls -ld fcgi/rt-server.fcgi
-r-xr-xr-x 1 rt rt 8043 Feb 21 20:12 fcgi/rt-server.fcgi*
[root [at] rtdev www]#
LoadModule fastcgi_module modules/mod_fastcgi.so
FastCgiServer /var/www/fcgi/rt-server.fcgi -processes 5 -idle-timeout
300 -user rt -group rt
Alias /NoAuth/images/ /apps/rt4/share/html/NoAuth/images/
ScriptAlias / /var/www/fcgi/rt-server.fcgi/
SuexecUserGroup rt rt
AddHandler fastcgi-script fcgi
Allow from all
suexec.log states everything is fine:
[2012-02-21 20:29:03]: uid: (rt/rt) gid: (rt/rt) cmd: rt-server.fcgi
Apache reports this:
[Tue Feb 21 20:33:40 2012] [warn] FastCGI: server
"/var/www/fcgi/rt-server.fcgi" has failed to remain running for 30
seconds given 3 attempts, its restart interval has been backed off to
And the browser just spins for a LONG time, then finally
throws a 500 Internal Server Error.
Testing shows this:
[root [at] rtdev httpd]# sudo -u apache /var/www/fcgi/rt-server.fcgi --port 9999
WARNING: RT couldn't start up a web server on port 9999.
This is often the case if the port is already in use or you're running
as someone other than your system's "root" user. You may also specify a
temporary port with: /var/www/fcgi/rt-server.fcgi --port <port>
Please check your system configuration or choose another port
I get the same exact error if I run rt-server.fcgi as root,
so it's not a permissions problem.
RT Training Sessions (http://bestpractical.com/services/training.html)
* Boston March 5 & 6, 2012