SELinux permissions with nginx
53 views
Skip to first unread message
Stephen Boissiere
Mar 3, 2015, 11:47:22 AM3/3/15
to gito...@googlegroups.com
Hi all, having just followed the CE installer walkthrough and got a site up and running, I thought I'd share a couple of pain points for other who might be hitting the same obstacles. Problems aside, the installer has obviously taken a lot of work and I'm immensely grateful that it exists at all.
I was using a fresh install of CentOS 6.6 with all updates applied, and the gitorious 3.2.0 installer.
First, I learned the hard way that they mean it when they say CentOS 6.x! CentOS 7 is a pretty big change from 6 (systemd, mariadb) and the installer will need a lot of tweaking to work with it I'd guess.
As others have mentioned on this group: don't be behind a firewall! I had to open up http, https and git (9418) to get the installer to run to the end.
I had to install 'libselinux-python' by hand, based on an error I got. That is:
yum install libselinux-python
Not all of the installed services start after a reboot, but using:
gitoriousctl start
makes them start. I don't know why they aren't starting by themselves yet, but it is lower priority for me right now. I'll update if I figure it out.
Finally, after everything was running I was getting "502 Bad Gateway" from nginx, although going to port 3000 showed the rails app was working. I double checked the permissions on \var\www\gitorious\app\public and the user which nginx was running as.
For me, it seemed to be down to SELinux and the problem was solved with the advice from @Kurt here:
http://stackoverflow.com/questions/22586166/why-does-nginx-return-a-403-even-though-all-permissions-are-set-properly
Hope this helps somebody else.
Steve
I was using a fresh install of CentOS 6.6 with all updates applied, and the gitorious 3.2.0 installer.
First, I learned the hard way that they mean it when they say CentOS 6.x! CentOS 7 is a pretty big change from 6 (systemd, mariadb) and the installer will need a lot of tweaking to work with it I'd guess.
As others have mentioned on this group: don't be behind a firewall! I had to open up http, https and git (9418) to get the installer to run to the end.
I had to install 'libselinux-python' by hand, based on an error I got. That is:
yum install libselinux-python
Not all of the installed services start after a reboot, but using:
gitoriousctl start
makes them start. I don't know why they aren't starting by themselves yet, but it is lower priority for me right now. I'll update if I figure it out.
Finally, after everything was running I was getting "502 Bad Gateway" from nginx, although going to port 3000 showed the rails app was working. I double checked the permissions on \var\www\gitorious\app\public and the user which nginx was running as.
For me, it seemed to be down to SELinux and the problem was solved with the advice from @Kurt here:
http://stackoverflow.com/questions/22586166/why-does-nginx-return-a-403-even-though-all-permissions-are-set-properly
Hope this helps somebody else.
Steve
Reply all
Reply to author
Forward
0 new messages