Passenger 5.0.21 error: Cannot connect to the Passenger core
907 views
Skip to first unread message
Денис Мазилов
Apr 25, 2016, 7:03:12 AM4/25/16
to Phusion Passenger Discussions
I have problem with deploying RoR-app with apache2+passenger. OS is debian-like (based on Debian Wheezy) Astra Linux. Kerberos auth with GSSAPI is enabled.
passenger-status shows:
Version : 5.0.21
Date : 2016-04-22 12:29:13 +0300
Instance: Dt5dmAVr (Apache/2.2.22 (Debian) mod_auth_kerb/5.4 Phusion_Passenger/5.0.21)
Phusion Passenger is currently not serving any applications.With attempt to access app page from browser I get error message in /var/log/apache2/error.log :
[ 2016-04-22 12:23:58.4672 21392/7f741705c780 age/Cor/CoreMain.cpp:234 ]: Passenger core running in multi-application mode.
[ 2016-04-22 12:23:58.4685 21392/7f741705c780 age/Cor/CoreMain.cpp:707 ]: Passenger core online, PID 21392
[ 2016-04-22 12:23:58.4897 21407/7f4819471780 age/Ust/UstRouterMain.cpp:504 ]: Starting Passenger UstRouter...
[ 2016-04-22 12:23:58.4912 21407/7f4819471780 age/Ust/UstRouterMain.cpp:317 ]: Passenger UstRouter online, PID 21407
[Fri Apr 22 12:23:58 2016] [notice] Apache/2.2.22 (Debian) mod_auth_kerb/5.4 Phusion_Passenger/5.0.21 configured -- resuming normal operations
[ 2016-04-22 12:24:18.0666 21428/7f3a64646780 apa/Hooks.cpp:703 ]: Unexpected error in mod_passenger: Cannot connect to the Passenger core at unix:/tmp/passenger.N6n3OMb/agents.s/core
Backtrace:
in 'Passenger::FileDescriptor Hooks::connectToCore()' (Hooks.cpp:305)
in 'int Hooks::handleRequest(request_rec*)' (Hooks.cpp:573)With passenger-5.0.27 everything looks same.
Passenger was installed as gem.
/etc/apache2/mods-enabled/passenger.load:
LoadModule passenger_module /usr/local/lib/ruby/gems/2.2.0/gems/passenger-5.0.21/buildout/apache2/mod_passenger.so/etc/apache2/mods-enabled/passenger.conf:
<IfModule mod_passenger.c>
PassengerRoot /usr/local/lib/ruby/gems/2.2.0/gems/passenger-5.0.21
PassengerDefaultRuby /usr/local/bin/ruby
</IfModule>/etc/apache2/sites-enabled/myapp:
<VirtualHost *:80>
ServerName myapp.ru
ServerAlias www.myapp.ru
ServerAdmin webmaster@localhost
DocumentRoot /var/www/myapp/public
RailsEnv production
<Directory /var/www/myapp/public>
AuthType Kerberos
KrbAuthRealms EXAMPLE.RU
KrbServiceName HTTP/astra-server.example.ru
Krb5Keytab /etc/apache2/keytab
KrbMethodNegotiate on
KrbMethodK5Passwd off
require valid-user
Options Indexes FollowSymLinks MultiViews
AllowOverride None
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
LogLevel warn
</VirtualHost>Any help?
Daniel Knoppel
Apr 25, 2016, 10:03:33 AM4/25/16
to Phusion Passenger Discussions
It could be that your /tmp dir is being cleaned by something. Check if the /tmp dir from the log actually exists or not if you see the error. You can fix that by stopping the cleaning or changing the PassengerInstanceRegistryDir to another place than /tmp.
Another possibility is that your shell is exiting somehow (Passenger uses the shell to execute commands, which will fail if the shell exits prematurely).
Either way setting the PassengerLogLevel to 7 should provide more information.
- Daniel
Денис Мазилов
Apr 25, 2016, 11:58:04 AM4/25/16
to Phusion Passenger Discussions
All looks like there is some problem with apache-passenger interaction.
Can it depend on apache mpm mode?
/tmp dir from the log exists.
Passenger log with PassengerLogLevel set to 7
[ 2016-04-25 13:52:20.0022 23836/7f9ea2a02700 age/Cor/Con/TurboCaching.h:245 ]: Clearing turbocache
[ 2016-04-25 13:52:20.0023 23836/7f9ea2a02700 Ser/Server.h:597 ]: [ServerThr.1] Updating statistics
[ 2016-04-25 13:52:20.0023 23836/7f9ea2201700 Ser/Server.h:597 ]: [ApiServer] Updating statistics
[ 2016-04-25 13:52:20.0024 23832/7f68e9a7e700 Ser/Server.h:597 ]: [WatchdogApiServer] Updating statistics
[ 2016-04-25 13:52:20.0024 23857/7fdc175ee700 Ser/Server.h:597 ]: [UstRouter] Updating statistics
[ 2016-04-25 13:52:20.0025 23857/7fdc16ded700 Ser/Server.h:597 ]: [UstRouterApiServer] Updating statistics
[ 2016-04-25 13:52:20.0642 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.0645 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.1602 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.1604 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.2433 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.2436 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.3404 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.3406 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.4267 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.4268 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.5085 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.5087 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.5317 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.5318 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.6173 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.6179 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.6923 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.6926 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.7760 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.7762 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.8709 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.8709 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.9509 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.9511 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.0054 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.0057 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.0691 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.0694 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.1033 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.1035 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.1819 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.1822 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.2438 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.2439 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.3225 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.3228 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.3581 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.3583 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.4566 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.4568 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.5333 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.5335 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.5711 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.5713 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.6358 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.6360 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.7222 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.7227 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.7569 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.7571 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.7959 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.7960 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.8315 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.8317 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.9263 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.9266 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.9852 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.9855 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.0302 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.0304 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.0971 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.0973 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.1210 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.1213 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.1977 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.1980 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.2473 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.2476 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.3479 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.3481 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.4103 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.4105 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.4777 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.4780 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.5387 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.5391 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.5880 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.5882 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.6658 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.6662 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.7097 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.7104 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.7517 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.7518 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.8092 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.8095 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.8879 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.8882 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.9291 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.9294 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.9563 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.9565 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:23.0477 23874/7f48848ac780 apa/Hooks.cpp:703 ]: Unexpected error in mod_passenger: Cannot connect to the Passenger core at unix:/tmp/passenger.KAUXWik/agents.s/core
Backtrace:
in 'Passenger::FileDescriptor Hooks::connectToCore()' (Hooks.cpp:306)
in 'int Hooks::handleRequest(request_rec*)' (Hooks.cpp:574)
понедельник, 25 апреля 2016 г., 17:03:33 UTC+3 пользователь Daniel Knoppel написал:
Can it depend on apache mpm mode?
/tmp dir from the log exists.
Passenger log with PassengerLogLevel set to 7
[ 2016-04-25 13:52:20.0022 23836/7f9ea2a02700 age/Cor/Con/TurboCaching.h:245 ]: Clearing turbocache
[ 2016-04-25 13:52:20.0023 23836/7f9ea2a02700 Ser/Server.h:597 ]: [ServerThr.1] Updating statistics
[ 2016-04-25 13:52:20.0023 23836/7f9ea2201700 Ser/Server.h:597 ]: [ApiServer] Updating statistics
[ 2016-04-25 13:52:20.0024 23832/7f68e9a7e700 Ser/Server.h:597 ]: [WatchdogApiServer] Updating statistics
[ 2016-04-25 13:52:20.0024 23857/7fdc175ee700 Ser/Server.h:597 ]: [UstRouter] Updating statistics
[ 2016-04-25 13:52:20.0025 23857/7fdc16ded700 Ser/Server.h:597 ]: [UstRouterApiServer] Updating statistics
[ 2016-04-25 13:52:20.0642 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.0645 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.1602 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.1604 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.2433 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.2436 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.3404 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.3406 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.4267 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.4268 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.5085 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.5087 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.5317 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.5318 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.6173 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.6179 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.6923 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.6926 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.7760 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.7762 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.8709 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.8709 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:20.9509 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:20.9511 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.0054 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.0057 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.0691 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.0694 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.1033 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.1035 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.1819 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.1822 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.2438 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.2439 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.3225 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.3228 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.3581 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.3583 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.4566 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.4568 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.5333 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.5335 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.5711 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.5713 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.6358 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.6360 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.7222 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.7227 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.7569 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.7571 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.7959 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.7960 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.8315 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.8317 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.9263 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.9266 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:21.9852 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:21.9855 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.0302 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.0304 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.0971 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.0973 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.1210 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.1213 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.1977 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.1980 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.2473 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.2476 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.3479 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.3481 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.4103 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.4105 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.4777 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.4780 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.5387 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.5391 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.5880 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.5882 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.6658 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.6662 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.7097 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.7104 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.7517 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.7518 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.8092 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.8095 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.8879 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.8882 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.9291 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.9294 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:22.9563 23874/7f48848ac780 apa/Hooks.cpp:291 ]: File descriptor opened: 11
[ 2016-04-25 13:52:22.9565 23874/7f48848ac780 Uti/ScopeGuard.h:138 ]: File descriptor closed: 11
[ 2016-04-25 13:52:23.0477 23874/7f48848ac780 apa/Hooks.cpp:703 ]: Unexpected error in mod_passenger: Cannot connect to the Passenger core at unix:/tmp/passenger.KAUXWik/agents.s/core
Backtrace:
in 'Passenger::FileDescriptor Hooks::connectToCore()' (Hooks.cpp:306)
in 'int Hooks::handleRequest(request_rec*)' (Hooks.cpp:574)
понедельник, 25 апреля 2016 г., 17:03:33 UTC+3 пользователь Daniel Knoppel написал:
Daniel Knoppel
Apr 26, 2016, 5:33:44 AM4/26/16
to Phusion Passenger Discussions
The log file is cut off, it has too little information.
Did you try setting a different instance dir?
Maybe there is a permission problem somehow? (user running Passenger not allowed to connect or something?).
- Daniel
Денис Мазилов
May 23, 2016, 8:18:46 AM5/23/16
to Phusion Passenger Discussions
Thanks, PassengerInstanceRegistryDir helped me with this issue.
But there is other thing now:
[ 2016-05-23 15:03:26.1318 8683/7f5e0c016780 apa/Hooks.cpp:703 ]: Unexpected error in mod_passenger: Cannot connect to Unix socket '/var/passenger/passenger.nbTSLay/agents.s/core': Operation not permitted (errno=1)
Backtrace:
in 'int Passenger::connectToServer(const Passenger::StaticString&, const char*, unsigned int)' (IOUtils.cpp:459)
in 'Passenger::FileDescriptor Hooks::connectToCore()' (Hooks.cpp:273)
But there is other thing now:
[ 2016-05-23 15:03:26.1318 8683/7f5e0c016780 apa/Hooks.cpp:703 ]: Unexpected error in mod_passenger: Cannot connect to Unix socket '/var/passenger/passenger.nbTSLay/agents.s/core': Operation not permitted (errno=1)
Backtrace:
in 'int Passenger::connectToServer(const Passenger::StaticString&, const char*, unsigned int)' (IOUtils.cpp:459)
in 'Passenger::FileDescriptor Hooks::connectToCore()' (Hooks.cpp:273)
in 'int Hooks::handleRequest(request_rec*)' (Hooks.cpp:574)
It seems like unix sockets in agents.s directory have wrong permissions.
I tried to change owner of this sockets, but PassengerUser and PassengerDefaultUser did not help me.
Passenger processes owned by root:
user@server:~$ ps aux | grep Passenger
root 8642 0.0 0.3 419484 8696 ? Ssl 15:02 0:00 Passenger watchdog
root 8647 0.0 0.3 567208 8956 ? Sl 15:02 0:00 Passenger core
nobody 8663 0.0 0.3 428064 8492 ? Sl 15:02 0:00 Passenger ust-router
Apache processes:
user@server:~$ ps aux | grep apache2
root 8640 5.6 0.2 114856 6556 ? Ss 15:02 0:37 /usr/sbin/apache2 -k start
webapp 8680 0.0 0.1 114904 4368 ? S 15:02 0:00 /usr/sbin/apache2 -k start
webapp 8681 0.0 0.1 114904 4368 ? S 15:02 0:00 /usr/sbin/apache2 -k start
webapp 8682 0.0 0.1 114904 4368 ? S 15:02 0:00 /usr/sbin/apache2 -k start
webapp 8684 0.0 0.1 114904 4368 ? S 15:02 0:00 /usr/sbin/apache2 -k start
webapp 8750 0.0 0.1 114904 4372 ? S 15:03 0:00 /usr/sbin/apache2 -k start
Passenger files owned by root:
user@server:~$ ls -la /var/passenger/passenger.nbTSLay/agents.s/
итого 8
drwxr-xr-x 2 root root 4096 мая 23 15:02 .
drwxr-xr-x 4 root root 4096 мая 23 15:02 ..
srw-rw-rw- 1 root root 0 мая 23 15:02 core
srw-rw-rw- 1 root root 0 мая 23 15:02 core_api
srw-rw-rw- 1 root root 0 мая 23 15:02 ust_router
srw-rw-rw- 1 root root 0 мая 23 15:02 ust_router_api
srw-rw-rw- 1 root root 0 мая 23 15:02 watchdog_api
There are special mandatory labels in Astra Linux, but i can not apply it to socket because of inability to use dedicated user with correct security labels, categories and flags for socket creating.
Thanks for any help.
вторник, 26 апреля 2016 г., 12:33:44 UTC+3 пользователь Daniel Knoppel написал:
I tried to change owner of this sockets, but PassengerUser and PassengerDefaultUser did not help me.
Passenger processes owned by root:
user@server:~$ ps aux | grep Passenger
root 8642 0.0 0.3 419484 8696 ? Ssl 15:02 0:00 Passenger watchdog
root 8647 0.0 0.3 567208 8956 ? Sl 15:02 0:00 Passenger core
nobody 8663 0.0 0.3 428064 8492 ? Sl 15:02 0:00 Passenger ust-router
Apache processes:
user@server:~$ ps aux | grep apache2
root 8640 5.6 0.2 114856 6556 ? Ss 15:02 0:37 /usr/sbin/apache2 -k start
webapp 8680 0.0 0.1 114904 4368 ? S 15:02 0:00 /usr/sbin/apache2 -k start
webapp 8681 0.0 0.1 114904 4368 ? S 15:02 0:00 /usr/sbin/apache2 -k start
webapp 8682 0.0 0.1 114904 4368 ? S 15:02 0:00 /usr/sbin/apache2 -k start
webapp 8684 0.0 0.1 114904 4368 ? S 15:02 0:00 /usr/sbin/apache2 -k start
webapp 8750 0.0 0.1 114904 4372 ? S 15:03 0:00 /usr/sbin/apache2 -k start
Passenger files owned by root:
user@server:~$ ls -la /var/passenger/passenger.nbTSLay/agents.s/
итого 8
drwxr-xr-x 2 root root 4096 мая 23 15:02 .
drwxr-xr-x 4 root root 4096 мая 23 15:02 ..
srw-rw-rw- 1 root root 0 мая 23 15:02 core
srw-rw-rw- 1 root root 0 мая 23 15:02 core_api
srw-rw-rw- 1 root root 0 мая 23 15:02 ust_router
srw-rw-rw- 1 root root 0 мая 23 15:02 ust_router_api
srw-rw-rw- 1 root root 0 мая 23 15:02 watchdog_api
There are special mandatory labels in Astra Linux, but i can not apply it to socket because of inability to use dedicated user with correct security labels, categories and flags for socket creating.
Thanks for any help.
вторник, 26 апреля 2016 г., 12:33:44 UTC+3 пользователь Daniel Knoppel написал:
Daniel Knoppel
May 23, 2016, 10:30:09 AM5/23/16
to Phusion Passenger Discussions
According to the log, the Apache module is trying to connect to the Passenger socket (this is what is supposed to be happening).
According to your ps, you are running Apache as user webapp, and Passenger a root, so the webapp user is trying to connect to a socket created by the root user. Apparently this is not allowed on your system, so you that is what you need to solve.
On my (Ubuntu) system it works well with the execute rights set on the parent dirs:
> ls -l
drwxr-xr-x 4 root root 4096 mei 23 16:19 passenger.R0xxx20 <--- all users can go ("x" set) into this dir
> ls -l passenger.R0xxx20/
total 28
drwxr-xr-x 2 root root 4096 mei 23 16:19 agents.s <--- all users can go ("x" set) into this dir
drwx-wx-wt 2 root root 4096 mei 23 16:19 apps.s
-rw-r--r-- 1 root root 4 mei 23 16:19 core.pid
-rw-r--r-- 1 root root 0 mei 23 16:19 creation_finalized
-rw------- 1 root root 24 mei 23 16:19 full_admin_password.txt
-rw-r--r-- 1 root root 0 mei 23 16:19 lock
-rw-r--r-- 1 root root 390 mei 23 16:19 properties.json
-rw------- 1 root root 24 mei 23 16:19 read_only_admin_password.txt
-rw-r--r-- 1 root root 4 mei 23 16:19 watchdog.pid
> ls -l passenger.R0xxx20/agents.s/
total 0
srw-rw-rw- 1 root root 0 mei 23 16:19 core <--- all users can open ("rw" set) this socket
srw-rw-rw- 1 root root 0 mei 23 16:19 core_api
srw-rw-rw- 1 root root 0 mei 23 16:19 ust_router
srw-rw-rw- 1 root root 0 mei 23 16:19 ust_router_api
srw-rw-rw- 1 root root 0 mei 23 16:19 watchdog_api
I don't know Astra Linux, so I don't know if your system has other things that limit access besides file mode.
P.S. PassengerUser and PassengerDefaultUser are not related to this problem, they are for setting which user Passenger will run the Webapp as, not which user Passenger should run as.
- Daniel
Денис Мазилов
May 23, 2016, 11:29:17 AM5/23/16
to Phusion Passenger Discussions
And what about PassengerUserSwitching (set to off) option?
With this option all files in passenger instance directory and passenger processes have same owner as apache process.
Is this approach wrong?
понедельник, 23 мая 2016 г., 17:30:09 UTC+3 пользователь Daniel Knoppel написал:
With this option all files in passenger instance directory and passenger processes have same owner as apache process.
Is this approach wrong?
понедельник, 23 мая 2016 г., 17:30:09 UTC+3 пользователь Daniel Knoppel написал:
Daniel Knoppel
May 23, 2016, 12:05:41 PM5/23/16
to Phusion Passenger Discussions
It's not wrong per se, it just means that your webapp will also run as that user (meaning you lose the ability to run the webapp under a different user).
However, if that's OK then go ahead and use it like that :)
- Daniel
Денис Мазилов
May 23, 2016, 12:23:18 PM5/23/16
to Phusion Passenger Discussions
>you lose the ability to run the webapp under a different user
Does it mean, that each request will be processed in this user context?
Or it only disables detection owner by config.ru file permission in rails-project directory?
понедельник, 23 мая 2016 г., 19:05:41 UTC+3 пользователь Daniel Knoppel написал:
Or it only disables detection owner by config.ru file permission in rails-project directory?
понедельник, 23 мая 2016 г., 19:05:41 UTC+3 пользователь Daniel Knoppel написал:
Daniel Knoppel
May 23, 2016, 5:27:05 PM5/23/16
to Phusion Passenger Discussions
Turn it off and look with `ps` what user your app instances are running as.
- Daniel
Денис Мазилов
May 24, 2016, 5:48:34 AM5/24/16
to Phusion Passenger Discussions
`ps` shows, that Passenger instance is running under webapp user.
But my question is about user context changing while request handling.
How can I check user, that tried to access /var/passenger/passenger.nbTSLay/agents.s/core ?
Is that in request user context or in webapp user context?
This information can help understand error:
[ 2016-05-23 09:00:01.0215 5204/7faf5a130780 apa/Hooks.cpp:703 ]: Unexpected error in mod_passenger: Cannot connect to the Passenger core at unix:/tmp/passenger.dDecNTH/agents.s/core
But my question is about user context changing while request handling.
How can I check user, that tried to access /var/passenger/passenger.nbTSLay/agents.s/core ?
Is that in request user context or in webapp user context?
This information can help understand error:
[ 2016-05-23 09:00:01.0215 5204/7faf5a130780 apa/Hooks.cpp:703 ]: Unexpected error in mod_passenger: Cannot connect to the Passenger core at unix:/tmp/passenger.dDecNTH/agents.s/core
Backtrace:
in 'Passenger::FileDescriptor Hooks::connectToCore()' (Hooks.cpp:306)
in 'int Hooks::handleRequest(request_rec*)' (Hooks.cpp:574)
вторник, 24 мая 2016 г., 0:27:05 UTC+3 пользователь Daniel Knoppel написал:
Daniel Knoppel
May 24, 2016, 7:36:33 AM5/24/16
to Phusion Passenger Discussions
As I tried to explain before, the error you keep pasting is about (2) ---> (3)
(1) Apache processes + (2) Passenger integration module ---> (3) Passenger core processes ---> (4) Your webapp instance processes
> ps -aux | grep -I "Passenger\|apache"
root 10028 0.0 0.0 100604 4220 ? Ss 13:29 0:00 /usr/sbin/apache2 -k start <-- (1) + (2)
nobody 10029 0.0 0.0 446756 4944 ? Ssl 13:29 0:00 Passenger watchdog <-- (3)
nobody 10032 0.2 0.1 1689564 9864 ? Sl 13:29 0:00 Passenger core <-- (3)
nobody 10040 0.0 0.1 455184 7324 ? Sl 13:29 0:00 Passenger ust-router <-- (3)
www-data 10053 0.0 0.0 100668 3552 ? S 13:29 0:00 /usr/sbin/apache2 -k start <-- (1) + (2)
www-data 10054 0.0 0.0 100628 2564 ? S 13:29 0:00 /usr/sbin/apache2 -k start <-- (1) + (2)
www-data 10055 0.0 0.0 100628 2564 ? S 13:29 0:00 /usr/sbin/apache2 -k start <-- (1) + (2)
www-data 10059 0.0 0.0 100628 2564 ? S 13:29 0:00 /usr/sbin/apache2 -k start <-- (1) + (2)
www-data 10063 0.0 0.0 100628 2564 ? S 13:29 0:00 /usr/sbin/apache2 -k start <-- (1) + (2)
www-data 10080 0.0 0.0 100628 2564 ? S 13:29 0:00 /usr/sbin/apache2 -k start <-- (1) + (2)
nobody 10073 1.1 1.2 180312 72576 ? Sl 13:29 0:01 Passenger AppPreloader: /home/onix/apps/test <--- (4)
nobody 10090 0.0 1.2 315016 72692 ? Sl 13:29 0:00 Passenger RubyApp: /home/onix/apps/test (development) <--- (4)
nobody 10097 0.0 1.1 315112 69036 ? Sl 13:29 0:00 Passenger RubyApp: /home/onix/apps/test (development) <--- (4)
nobody 10104 0.0 1.1 315208 69004 ? Sl 13:29 0:00 Passenger RubyApp: /home/onix/apps/test (development) <--- (4)
nobody 10111 0.0 1.1 315304 69076 ? Sl 13:29 0:00 Passenger RubyApp: /home/onix/apps/test (development) <--- (4)
nobody 10118 0.0 1.1 315400 68984 ? Sl 13:29 0:00 Passenger RubyApp: /home/onix/apps/test (development) <--- (4)
- Daniel
Денис Мазилов
May 26, 2016, 8:04:25 AM5/26/16
to Phusion Passenger Discussions
I solved my issue! Thanks for help.
But I have another question:
I need to process each request to server in user (client) context according to kerberos auth in auth_kerb apache module (via GSSAPI).
How can i do this?
All requests are processed now in www-data user context (user switching is on, www-data is owner of my app folder). I check this with `echo $USER` in my ruby controller.
вторник, 24 мая 2016 г., 14:36:33 UTC+3 пользователь Daniel Knoppel написал:
But I have another question:
I need to process each request to server in user (client) context according to kerberos auth in auth_kerb apache module (via GSSAPI).
How can i do this?
All requests are processed now in www-data user context (user switching is on, www-data is owner of my app folder). I check this with `echo $USER` in my ruby controller.
вторник, 24 мая 2016 г., 14:36:33 UTC+3 пользователь Daniel Knoppel написал:
Daniel Knoppel
May 26, 2016, 8:23:56 AM5/26/16
to Phusion Passenger Discussions
Maybe you can post your solution so others may be helped too?
I don't have any experience with kerberos_auth.
- Daniel
Денис Мазилов
May 26, 2016, 8:43:31 AM5/26/16
to Phusion Passenger Discussions
My solution:
1) Apache user - www-data (/etc/apache2/envvars)4) Astra Linux specific - www-data user has Linux (CAP_SETGID, CAP_SETUID) and PARSEC (PARSEC_CAP_PRIV_SOCK, PARSEC_CAP_SETMAC) priviledges. This priviledges can be set via `usercaps` command.
5) Directories /var/www, /var/passenger are owned by www-data
четверг, 26 мая 2016 г., 15:23:56 UTC+3 пользователь Daniel Knoppel написал:
Reply all
Reply to author
Forward
0 new messages