search

ysbaddaden / prax

Rack proxy server for development
http://ysbaddaden.github.io/prax/
Other
475 stars 49 forks source link

server.key: Permission denied error on install #101

Closed abaird closed 9 years ago

abaird commented 9 years ago

Summary: Installing prax without sudo gives server.key: Permission denied error. Installing prax with sudo doesn't result in a clean install and fails to render the rails start page when I navigate to my app at http://market_place_api.dev.

I'm trying to install prax on my newly upgraded Mint 17 system. When I follow the directions on the README (not using sudo prax install) I get the following stack (it does ask me for my password when installing):

abaird@mint-desktop /opt/prax $ ./bin/prax install
Installing NSSwitch extension (to resolve .dev domains)
gcc -Wall -fPIC -c -o nss_prax.o nss_prax.c -O2
gcc -shared -o libnss_prax.so.2 nss_prax.o -Wl,-soname,libnss_prax.so.2 -O2
ln -sf /opt/prax/ext/libnss_prax.so.2 /lib
Adding "prax" to the hosts line of /etc/nsswitch.conf
Installing Prax firewall rule
update-rc.d: warning: default stop runlevel arguments (0 1 6) do not match prax Default-Stop values (1)
Adding system startup for /etc/init.d/prax ...
/etc/rc0.d/K20prax -> ../init.d/prax
/etc/rc1.d/K20prax -> ../init.d/prax
/etc/rc6.d/K20prax -> ../init.d/prax
/etc/rc2.d/S20prax -> ../init.d/prax
/etc/rc3.d/S20prax -> ../init.d/prax
/etc/rc4.d/S20prax -> ../init.d/prax
/etc/rc5.d/S20prax -> ../init.d/prax
Creating ~/.prax directory
Symlinking prax into /usr/local/bin
Generating SSL key and certificate
server.key: Permission denied
139988955223712:error:0200100D:system library:fopen:Permission denied:bss_file.c:398:fopen('server.key','w')
139988955223712:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
Error opening Private Key server.key
140642321282720:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('server.key','r')
140642321282720:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
unable to load Private Key
server.csr: No such file or directory

I tried troubleshooting this by running chmod 777 on the most likely server.key but I still get the same error installing. Here is some more output that may be useful:

abaird@mint-desktop /opt/prax $ locate server.key
/home/abaird/.rvm/src/ruby-2.0.0-p353/test/net/imap/server.key
/home/abaird/.rvm/src/ruby-2.0.0-p576/test/net/imap/server.key
/home/abaird/.rvm/src/ruby-2.1.2/test/net/imap/server.key
/home/abaird/.rvm/src/ruby-2.1.3/test/net/imap/server.key
abaird@mint-desktop /opt/prax $ ls -al ~/.rvm/src/ruby-2.1.3/test/net/imap/server.key
-rw-r--r-- 1 abaird abaird 887 Oct  2  2009 /home/abaird/.rvm/src/ruby-2.1.3/test/net/imap/server.key

If I change to running sudo prax install then, despite seeming to get a somewhat clean install, when I goto my app in my browser I don't see the app. Here is the log of my attempt:

abaird@mint-desktop /opt/prax $ cd /opt/prax/ && sudo ./bin/prax install
Installing NSSwitch extension (to resolve .dev domains)
make: `libnss_prax.so.2' is up to date.
ln -sf /opt/prax/ext/libnss_prax.so.2 /lib
Adding "prax" to the hosts line of /etc/nsswitch.conf
Installing Prax firewall rule
update-rc.d: warning: default stop runlevel arguments (0 1 6) do not match prax Default-Stop values (1)
 Adding system startup for /etc/init.d/prax ...
   /etc/rc0.d/K20prax -> ../init.d/prax
   /etc/rc1.d/K20prax -> ../init.d/prax
   /etc/rc6.d/K20prax -> ../init.d/prax
   /etc/rc2.d/S20prax -> ../init.d/prax
   /etc/rc3.d/S20prax -> ../init.d/prax
   /etc/rc4.d/S20prax -> ../init.d/prax
   /etc/rc5.d/S20prax -> ../init.d/prax
Creating ~/.prax directory
Symlinking prax into /usr/local/bin
Generating SSL key and certificate
Generating RSA private key, 2048 bit long modulus
.....+++
........+++
e is 65537 (0x10001)
No value provided for Subject Attribute C, skipped
No value provided for Subject Attribute ST, skipped
No value provided for Subject Attribute L, skipped
No value provided for Subject Attribute OU, skipped
Signature ok
subject=/O=Prax Dev Cert/CN=localhost
Getting Private key
Starting prax server
/opt/prax/libexec/prax-start: line 17: exec: ruby: not found
abaird@mint-desktop /opt/prax $ cd ~/workspace/market_place_api/
abaird@mint-desktop ~/workspace/market_place_api $ prax start
Starting prax in the background.
abaird@mint-desktop ~/workspace/market_place_api $ prax link
ln -s '/home/abaird/workspace/market_place_api' '/home/abaird/.prax/market_place_api'
ln: failed to create symbolic link ‘/home/abaird/.prax/market_place_api’: Permission denied
abaird@mint-desktop ~/workspace/market_place_api $ PRAX_DEBUG=1 prax start --foreground
I, [2014-10-25T11:42:27.839834 #11378]  INFO -- : Prax is ready to receive connections on :20559.
E, [2014-10-25T11:43:08.996137 #11378] ERROR -- : Prax::NoSuchApp: Prax::NoSuchApp
  /opt/prax/lib/prax/application.rb:16:in `initialize'
  /opt/prax/lib/prax/spawner.rb:49:in `new'
  /opt/prax/lib/prax/spawner.rb:49:in `spawn'
  /opt/prax/lib/prax/spawner.rb:23:in `block in get'
  /opt/prax/lib/prax/spawner.rb:17:in `synchronize'
  /opt/prax/lib/prax/spawner.rb:17:in `get'
  /opt/prax/lib/prax/handler.rb:53:in `app'
  (erb):3:in `render_to_string'
  /home/abaird/.rvm/rubies/ruby-2.1.3/lib/ruby/2.1.0/erb.rb:850:in `eval'
  /home/abaird/.rvm/rubies/ruby-2.1.3/lib/ruby/2.1.0/erb.rb:850:in `result'
  /opt/prax/lib/prax/render.rb:24:in `render_to_string'
  /opt/prax/lib/prax/render.rb:9:in `render'
  /opt/prax/lib/prax/handler.rb:31:in `rescue in handle'
  /opt/prax/lib/prax/handler.rb:38:in `handle'
  /opt/prax/lib/prax.rb:20:in `perform'
  /opt/prax/lib/prax/microworker.rb:84:in `block in work'
  /opt/prax/lib/prax/microworker.rb:77:in `each'
  /opt/prax/lib/prax/microworker.rb:77:in `work'
  /opt/prax/lib/prax/microworker.rb:63:in `block in spawn'
I, [2014-10-25T11:43:08.996373 #11378]  INFO -- : Respawning failed worker

When I run rails s from my directory I can see localhost:3000 just fine:

abaird@mint-desktop ~/workspace/market_place_api $ rails s
=> Booting WEBrick
=> Rails 4.1.6 application starting in development on http://0.0.0.0:3000
=> Run `rails server -h` for more startup options
=> Notice: server is listening on all interfaces (0.0.0.0). Consider using 127.0.0.1 (--binding option)
=> Ctrl-C to shutdown server
[2014-10-25 11:44:53] INFO  WEBrick 1.3.1
[2014-10-25 11:44:53] INFO  ruby 2.1.3 (2014-09-19) [x86_64-linux]
[2014-10-25 11:44:53] INFO  WEBrick::HTTPServer#start: pid=11505 port=3000

Started GET "/" for 127.0.0.1 at 2014-10-25 11:45:42 -0500
Processing by Rails::WelcomeController#index as HTML
  Rendered /home/abaird/.rvm/gems/ruby-2.1.3/gems/railties-4.1.6/lib/rails/templates/rails/welcome/index.html.erb (1.3ms)
Completed 200 OK in 13ms (Views: 5.3ms | ActiveRecord: 0.0ms)

So, I'm wondering what is the right way to install? It seems like I shouldn't really need sudo to install, but I can't figure out how to get around the server.key permissions issue. Here's some information about my environment: Running on Mint 17, Ruby 2.1.3 installed via RVM, Rails 4.1.6. 

abaird@mint-desktop /opt/prax $ ruby -v
ruby 2.1.3p242 (2014-09-19 revision 47630) [x86_64-linux]
abaird@mint-desktop /opt/prax $ rvm info
ruby-2.1.3:
  system:
    uname:       "Linux mint-desktop 3.13.0-37-generic #64-Ubuntu SMP Mon Sep 22 21:28:38 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux"
    system:      "mint/17/x86_64"
    bash:        "/bin/bash => GNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu)"
    zsh:         " => not installed"
  rvm:
    version:      "rvm 1.25.33 (stable) by Wayne E. Seguin <wayneeseguin@gmail.com>, Michal Papis <mpapis@gmail.com> [https://rvm.io/]"
    updated:      "5 days 13 hours 42 minutes 57 seconds ago"
    path:         "/home/abaird/.rvm"
  ruby:
    interpreter:  "ruby"
    version:      "2.1.3p242"
    date:         "2014-09-19"
    platform:     "x86_64-linux"
    patchlevel:   "2014-09-19 revision 47630"
    full_version: "ruby 2.1.3p242 (2014-09-19 revision 47630) [x86_64-linux]"
  homes:
    gem:          "/home/abaird/.rvm/gems/ruby-2.1.3"
    ruby:         "/home/abaird/.rvm/rubies/ruby-2.1.3"
  binaries:
    ruby:         "/home/abaird/.rvm/rubies/ruby-2.1.3/bin/ruby"
    irb:          "/home/abaird/.rvm/rubies/ruby-2.1.3/bin/irb"
    gem:          "/home/abaird/.rvm/rubies/ruby-2.1.3/bin/gem"
    rake:         "/home/abaird/.rvm/gems/ruby-2.1.3/bin/rake"
  environment:
    PATH:         "/home/abaird/.rvm/gems/ruby-2.1.3/bin:/home/abaird/.rvm/gems/ruby-2.1.3@global/bin:/home/abaird/.rvm/rubies/ruby-2.1.3/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/home/abaird/.rvm/bin:/home/abaird/.rvm/bin:/home/abaird/.rvm/bin"
    GEM_HOME:     "/home/abaird/.rvm/gems/ruby-2.1.3"
    GEM_PATH:     "/home/abaird/.rvm/gems/ruby-2.1.3:/home/abaird/.rvm/gems/ruby-2.1.3@global"
    MY_RUBY_HOME: "/home/abaird/.rvm/rubies/ruby-2.1.3"
    IRBRC:        "/home/abaird/.rvm/rubies/ruby-2.1.3/.irbrc"
    RUBYOPT:      ""
    gemset:       ""
ysbaddaden commented 9 years ago

Hello, I'm sorry you're having so much problem installing Prax, but thanks for the very detailed report!

It's advised to run the prax install command, and I should remove the manual install from README to point to the actual script. We need sudo to install the libnss extension into /lib, to install the prax sysvinit script into /etc/init.d, to run update-rc.d to enable the sysvinit script (that messes with iptables) and symlink to /usr/local/bin. This should be handled by libexec/prax-install when required, so you don't need to run sudo prax install.

Of course, you shouldn't have a permission error when dealing with the SSL keys. There must be a problem in the script.

I'm noticing a Prax::NoSuchApp error, which means that Prax is unable to find an application, which is expected, because it failed to link the application (because ~/.prax is certainly root:root):

$ prax link
ln -s '/home/abaird/workspace/market_place_api' '/home/abaird/.prax/market_place_api'
ln: failed to create symbolic link ‘/home/abaird/.prax/market_place_api’: Permission denied

I'd advise to uninstall with root permissions: sudo prax uninstall and removing ~/.prax, then reinstall with bin/prax install after tweaking libexec/prax-install to not generate the SSL key, so the script will proceed correctly (you can generate them later if you need SSL). You are also encouraged to configure Prax so it knows about RVM: https://github.com/ysbaddaden/prax/wiki/Ruby-Version-Managers

michaelachrisco commented 9 years ago

I am getting a very similar error in Ubuntu 14.04

$ cd /opt/prax/ && ./bin/prax install
Installing NSSwitch extension (to resolve .dev domains)
make: `libnss_prax.so.2' is up to date.
ln -sf /opt/prax/ext/libnss_prax.so.2 /lib
Adding "prax" to the hosts line of /etc/nsswitch.conf
Installing Prax firewall rule
update-rc.d: warning: default stop runlevel arguments (0 1 6) do not match prax Default-Stop values (1)
 System start/stop links for /etc/init.d/prax already exist.
Creating ~/.prax directory
Symlinking prax into /usr/local/bin
Generating SSL key and certificate
server.key: Permission denied
139981235656352:error:0200100D:system library:fopen:Permission denied:bss_file.c:398:fopen('server.key','w')
139981235656352:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
Error opening Private Key server.key
140120227698336:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('server.key','r')
140120227698336:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
unable to load Private Key
server.csr: No such file or directory
ysbaddaden commented 9 years ago

You clearly don't have permissions to write into the ssl/ directory. That should be fixed in 0b49eca61f064166103edd3d5899f8769432d9d0 (current master).