Redmine

I'd strongly recommend using passenger if you are using apache. Passenger is a mod_rails of sorts, with good performance, quite easy to configure, and you can do whatever SSL configuration you'd like in Apache, the passenger-served redmine behind it won't care.

I am trying out passenger right now and really like it.

There seems to be one issue though. When i go to upload a file in redmine i receive an error page. upon checking my error log i find this bit of code

Errno::EACCES (Permission denied - /opt/app/redmine-0.9.3/files/100329145028_putty.log):
app/models/attachment.rb:79:in `initialize'
app/models/attachment.rb:79:in `open'
app/models/attachment.rb:79:in `before_save'
app/controllers/application_controller.rb:240:in `attach_files'
app/controllers/application_controller.rb:237:in `each_value'
app/controllers/application_controller.rb:237:in `attach_files'
app/controllers/projects_controller.rb:270:in `add_file'
passenger (2.2.11) lib/phusion_passenger/rack/request_handler.rb:92:in `process_request'
passenger (2.2.11) lib/phusion_passenger/abstract_request_handler.rb:207:in `main_loop'
passenger (2.2.11) lib/phusion_passenger/railz/application_spawner.rb:418:in `start_request_handler'
passenger (2.2.11) lib/phusion_passenger/railz/application_spawner.rb:358:in `handle_spawn_application'
passenger (2.2.11) lib/phusion_passenger/utils.rb:184:in `safe_fork'
passenger (2.2.11) lib/phusion_passenger/railz/application_spawner.rb:354:in `handle_spawn_application'
passenger (2.2.11) lib/phusion_passenger/abstract_server.rb:352:in `__send__'
passenger (2.2.11) lib/phusion_passenger/abstract_server.rb:352:in `main_loop'
passenger (2.2.11) lib/phusion_passenger/abstract_server.rb:196:in `start_synchronously'
passenger (2.2.11) lib/phusion_passenger/abstract_server.rb:163:in `start'
passenger (2.2.11) lib/phusion_passenger/railz/application_spawner.rb:213:in `start'
passenger (2.2.11) lib/phusion_passenger/spawn_manager.rb:262:in `spawn_rails_application'
passenger (2.2.11) lib/phusion_passenger/abstract_server_collection.rb:126:in `lookup_or_add'
passenger (2.2.11) lib/phusion_passenger/spawn_manager.rb:256:in `spawn_rails_application'
passenger (2.2.11) lib/phusion_passenger/abstract_server_collection.rb:80:in `synchronize'
passenger (2.2.11) lib/phusion_passenger/abstract_server_collection.rb:79:in `synchronize'
passenger (2.2.11) lib/phusion_passenger/spawn_manager.rb:255:in `spawn_rails_application'
passenger (2.2.11) lib/phusion_passenger/spawn_manager.rb:154:in `spawn_application'
passenger (2.2.11) lib/phusion_passenger/spawn_manager.rb:287:in `handle_spawn_application'
passenger (2.2.11) lib/phusion_passenger/abstract_server.rb:352:in `__send__'
passenger (2.2.11) lib/phusion_passenger/abstract_server.rb:352:in `main_loop'
passenger (2.2.11) lib/phusion_passenger/abstract_server.rb:196:in `start_synchronously'

When i google the error message i find that it is a permissions issue, but i have not been able to locate the folder that has the permission issue. can anyone point me in the right direction?

The user redmine runs as needs write access to several directories and everything under it: PASSENGER_DIR/files, PASSENGER_DIR/tmp, PASSENGER_DIR/log and PASSENGER_DIR/public/plugin_assets. In your case, the PASSENGER_DIR seems to be /opt/app/redmine-0.9.3. Please be aware that passenger might run redmine as the same user as apache is run under, or some other user depending on configuration (see http://modrails.com/documentation/Users%20guide%20Apache.html#user_switching for more info). Opening a random redmine page and running ps aux | grep -i passenger on the server might give you some more clues.

Thanks for the help.

I did not realize that passenger runs as nobody by default. after changing the file permissions in my redmine directory using the command:

chown -R nobody:nobody files log tmp public/plugin_assets vendor

I was able to upload word, pdf, and jpg images. I did find that text files and bmp files are no longer able to load. Under fastcgi i was able to upload these files. it gives me the following error in redmine:

1 file(s) could not be saved.

I have looked in the production log and find that the process was completed without any errors in the log. I tried to google this error and only found an article about a person trying to modify their redmine code to save it to a database instead of the file folder.

2 more questions know come up.

1. Is it okay for passenger to run as nobody or is this a big security whole?
2. Does redmine/passenger only allow certain file types and it is not just stating this in the error message?

Thanks again for all the help. I am always nervous about posting on forums seems many times it turns into a bash session. I find the redmine help forum always very helpful and knowledgeable.

There is no inherent risk with running passenger as nobody and give access to the folders as you did, but there might be a risk because nobody might be the default other programs default to. I'd suggest either making a new user for redmine and passenger, or make it run as the same user as apache is (mitigated security there too, but it affects "only" the webserver stack).

Regarding the filetypes you can upload: no filtering, so the problem is somewhere else, but I can't tell you where without any better error message than what you have, sorry.

After i got SSL setup everything started working properlly.

Thank you Felix!

As usual your advice worked :)

And as always, I'm glad it works :-) Have fun with redmine.