David Lutterkort wrote:
Hi,
intrigued (for lack of a better word) by the state of the review of mod_passenger (BZ 470696) I spent a little time reviving Jeroen's spec file and bringing it up to date for passenger 2.2.15. Updated spec and a probably braindead mod_passenger.conf attached (sadly, the passenger SRPM seems to have vanished from Jeroen's site).
It has merely moved:
http://mirror.nl.ergo-project.org/repositories/ and
http://koji.ergo-project.org/koji/packageinfo?packageID=1
As I see it, there's three issues with the spec right now:
* the stance of upstream on using a stock boost. I think if we ever want to have passenger in Fedora, somebody with the spare time will need to browbeat^W handhold upstream to send their patches upstream
It will actually need to be someone willing to hold hands upstream as well as capable to poke around the boost stack.
To me, the former isn't necessarily the problem but my knowledge of boost is lacking.
* the scripts installed into /usr/bin (passenger-status etc.) are broken since they expect to be executed from the gemdir. We need to add wrapper scripts similar to what 'gem install' to /usr/bin
I think I shipped some patch(es) for this.
* passenger is horribly broken with SELinux. I tried following the instructions from the Passenger manual[1] and somebody's SELinux policy[2] to no avail; passenger can not create its socket with that. Some of the instructions in [1] sound odd, like doing 'chcon -R httpd_sys_content_t' on the gemdir
I've had a conversation about this before, and it'll take some cycles to come up with a sane /var/lib/passenger/ type of security context, some policy to allow httpd_t to do something or the other, and so forth.
The very ugly version of a custom policy that I use now is attached.
-- Jeroen