I wrestled with SELinux, Apache, and TurboGears today and finally got
the packageDB TurboGears instance running[1]_. If you're interested,
the pieces are running behind Apache on test3. You can access it via
ssh tunnel. On your machine::
ssh -L 8888:test3:80 bastion
Then browse to
http://localhost:8888/pkgdb/
The TuurboGears code resides on test3 in /var/www/repo/fedora-packagedb
and has several parts:
pkgdb.conf: The httpd conf file to Proxy requests to the pkgdb directory
to the TurboGears Server. It also contains a custom 503 error handler
that calls our autostart cgi.
tg-autostart.cgi: When the turbogears server isn't running already, this
script gets invoked to start it up. I was not able to get this to run
with FC-5's apache but more tweaking now that I have it working on FC-6
might create something that works.
http.avc: This file has the AVC messages that deny the autostart.cgi.
Running `audit2allow -M httpd -i http.avc; semodule -i httpd.pp` should
get SELinux setup to allow this.
pkgdb/dev.cfg: I had to set:
server.socket_port=8080
server.socket_host="localhost"
in order for TurboGears to work under FC-6.
Hope this helps if you're planning to deploy a TurboGears app on an
infrastructure box. dgilmore, c4chris: if you get up to speed on kid
templates or python programming, this should be set to dive into. (I'll
get back to work on importing the data now.)
-Toshio
[1]_ : Note that the PackageDB app isn't written yet, this is just a
heads up that I've gotten all the pieces for a TurboGears application to
start up.