> To: galaxy-dev@lists.galaxyproject.org
> From: federico.zambelli@gmail.com
> Date: Tue, 3 Nov 2015 17:19:59 +0100
> Subject: Re: [galaxy-dev] FW: Galaxy on Centos via Apache - connection refused
>
> Il 03/11/15 11:53, Makis Ladoukakis ha scritto:
>
> >
> > Nothing seems to work on my server. Is Galaxy even compatible with
> > CentOS? Is there something else that I am missing?
> >
>
> Hello, I'm running a production Galaxy Server on CentOS and I can assure
> you it is perfectly feasible. But I'm using NGINX as a web server so I'm
> not able to help you with Apache configuration, sorry. Did you try to
> use NGINX instead of Apache in order to see if the problem is Apache
> related or system related?
>
> Best,
> Federico Z.
>
>
> >
> >
> > ------------------------------------------------------------------------
> > From: David.Trudgian@UTSouthwestern.edu
> > To: makis4ever@hotmail.com; jcsanchez2@gmail.com
> > CC: galaxy-dev@lists.bx.psu.edu
> > Date: Fri, 23 Oct 2015 17:30:51 +0000
> > Subject: RE: [galaxy-dev] FW: Galaxy on Centos via Apache - connection
> > refused
> >
> > SELinux policies are very strict on CentOS by default. Apache isn’t
> > allowed to access files outside of its standard directories, nor access
> > network resources. Your local Galaxy apps server is a network resource –
> > even though it’s local.
> >
> > If you want to keep SELinux on then use audit2allow to see what policies
> > will enable access:
> >
> > cat /var/log/audit/audit.log | audit2allow –v
> >
> > Then you can use setsebool (temporary) and setsebool –P (permanent) to
> > enable.
> >
> > --
> > David Trudgian Ph.D.
> > Computational Scientist, BioHPC
> > UT Southwestern Medical Center
> > Dallas, TX 75390-9039
> > Tel: (214) 648-4833
> >
> > *From:*galaxy-dev [mailto:galaxy-dev-bounces@lists.galaxyproject.org]
> > *On Behalf Of *Makis Ladoukakis
> > *Sent:* Friday, October 23, 2015 10:30 AM
> > *To:* Juan Carlos <jcsanchez2@gmail.com>
> > *Cc:* galaxy-dev@lists.bx.psu.edu
> > *Subject:* Re: [galaxy-dev] FW: Galaxy on Centos via Apache - connection
> > refused
> >
> > Hello,
> >
> > That didn't work. The apache restart failed with the following error:
> >
> > SELinux is preventing /usr/sbin/httpd from name_bind access on the
> > tcp_socket port 8081.
> >
> > Any idea why?
> >
> > Kind regards,
> > Makis
> >
> > ------------------------------------------------------------------------
> >
> > Subject: Re: [galaxy-dev] FW: Galaxy on Centos via Apache - connection
> > refused
> > From: jcsanchez2@gmail.com <mailto:jcsanchez2@gmail.com>
> > Date: Tue, 20 Oct 2015 22:25:00 +1030
> > CC: galaxy-dev@lists.bx.psu.edu <mailto:galaxy-dev@lists.bx.psu.edu>
> > To: makis4ever@hotmail.com <mailto:makis4ever@hotmail.com>
> >
> > Hi,
> >
> > If you have a line in your Apache conf like
> >
> > "Listen 80"
> >
> > change to
> >
> > "Listen 8081"
> >
> >
> > On 20 Oct 2015, at 21:00, Makis Ladoukakis <makis4ever@hotmail.com
> > <mailto:makis4ever@hotmail.com>> wrote:
> >
> > Hello,
> >
> > I am sorry but I have really no experience with setting up the
> > Apache web server so I am not really sure how to do that. Can you
> > please help me out with it? My apache configuration file is in
> > /etc/httpd/conf/ directory and there are no directories such as
> > /sites-available/ or /sites-enabled/ (as I would find in an ubuntu
> > installation).
> >
> > What I did already (after some advice from the server admin) is open
> > up the 8081 port like that:
> >
> > firewall-cmd --permanent --add-port=8081/tcp
> >
> > firewall-cmd --reload
> >
> >
> > and then I got another error:
> >
> > [cgi:error] [pid 29603] [client 115.230.124.164:4559] script not
> > found or unable to stat: /var/www/cgi-bin/common
> >
> > [autoindex:error] [pid 29716] [client 218.76.28.36:4468] AH01276:
> > Cannot serve directory /var/www/html/: No matching DirectoryIndex
> > (index.html,index.php) found, and server-generated directory index
> > forbidden by Options directive
> >
> >
> > which I tried to solve by adding welcome.html as a recognizable
> > filename in the apache configuration:
> >
> > <IfModule dir_module>
> > DirectoryIndex index.html welcome.html
> > </IfModule>
> >
> >
> > but nothing worked and now the error_log shows the following:
> >
> > [Tue Oct 20 13:15:23.719295 2015] [mpm_prefork:notice] [pid 29598]
> > AH00170: caught SIGWINCH, shutting down gracefully
> > [Tue Oct 20 13:15:24.810684 2015] [core:notice] [pid 46896] SELinux
> > policy enabled; httpd running as context system_u:system_r:httpd_t:s0
> > [Tue Oct 20 13:15:24.811647 2015] [suexec:notice] [pid 46896]
> > AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
> > [Tue Oct 20 13:15:24.846399 2015] [so:warn] [pid 46896] AH01574:
> > module wsgi_module is already loaded, skipping
> > [Tue Oct 20 13:15:24.847316 2015] [auth_digest:notice] [pid 46896]
> > AH01757: generating secret for digest authentication ...
> > [Tue Oct 20 13:15:24.848294 2015] [lbmethod_heartbeat:notice] [pid
> > 46896] AH02282: No slotmem from mod_heartmonitor
> > [Tue Oct 20 13:15:24.870033 2015] [mpm_prefork:notice] [pid 46896]
> > AH00163: Apache/2.4.6 (CentOS) PHP/5.4.16 mod_wsgi/3.4 Python/2.7.5
> > configured -- resuming normal operations
> > [Tue Oct 20 13:15:24.870075 2015] [core:notice] [pid 46896] AH00094:
> > Command line: '/usr/sbin/httpd -D FOREGROUND'
> >
> > And the webpage that galaxy is supposed to appear is still blank.
> >
> > Any ideas?
> >
> > Thank you,
> > Makis
> >
> > ------------------------------------------------------------------------
> >
> > Date: Tue, 20 Oct 2015 11:01:44 +1030
> > Subject: Re: [galaxy-dev] FW: Galaxy on Centos via Apache -
> > connection refused
> > From: jcsanchez2@gmail.com <mailto:jcsanchez2@gmail.com>
> > To: makis4ever@hotmail.com <mailto:makis4ever@hotmail.com>
> > CC: galaxy-dev@lists.bx.psu.edu <mailto:galaxy-dev@lists.bx.psu.edu>
> >
> > hi,
> >
> > Maybe sounds silly, but have you tried to put the apache
> > configuration in a virtual host within the sites-enable site?
> >
> > cheers
> >
> > jc
> >
> > On Tue, Oct 20, 2015 at 12:36 AM, Makis Ladoukakis
> > <makis4ever@hotmail.com <mailto:makis4ever@hotmail.com>> wrote:
> >
> > Forwading to this list too. I am not sure if they are two
> > separate lists.
> >
> > Makis
> >
> > ------------------------------------------------------------------------
> >
> > From: makis4ever@hotmail.com <mailto:makis4ever@hotmail.com>
> > To: galaxy-dev@lists.galaxyproject.org
> > <mailto:galaxy-dev@lists.galaxyproject.org>
> > Date: Mon, 19 Oct 2015 17:04:13 +0300
> > Subject: [galaxy-dev] Galaxy on Centos via Apache - connection
> > refused
> >
> > Dear all,
> >
> > I've been trying to set up a Galaxy instance on my CentOS server
> > but even when I manage to run the simplest configuration
> > correctly I can't seem to get it right on my browser as the
> > connection is refused.
> >
> > I have changed the host to 0.0.0.0, the port to 8081 and made
> > the appropriate changes in Apache configuration file:
> >
> > RewriteEngine on
> > RewriteRule ^/galaxy_test(.*) http://localhost:8081$1 [P]
> > RewriteRule ^/galaxy_test$ /galaxy_test/ [R]
> > RewriteRule ^/galaxy_test/static/style/(.*)
> > /home/galaxy_test/galaxy/static/june_2007_style/blue/$1 [L]
> > RewriteRule ^/galaxy_test/static/scripts/(.*)
> > /home/galaxy_test/galaxy/static/scripts/packed/$1 [L]
> > RewriteRule ^/galaxy_test/static/(.*)
> > /home/galaxy_test/galaxy/static/$1 [L]
> > RewriteRule ^/galaxy_test/favicon.ico
> > /home/galaxy_test/galaxy/static/favicon.ico [L]
> > RewriteRule ^/galaxy_test/robots.txt
> > /home/galaxy_test/galaxy/static/robots.txt [L]
> >
> > So when I tried to run it the first time I got the "temporarily
> > out of service" error on my browser and the following error in
> > apache log:
> >
> > [Mon Oct 19 05:56:45.308714 2015] [proxy:error] [pid 18505]
> > (13)Permission denied: AH00957: HTTP: attempt to connect to
> > 127.0.0.1:8081 <http://127.0.0.1:8081> (*) failed
> > [Mon Oct 19 05:56:45.308774 2015] [proxy_http:error] [pid 18505]
> > [client 185.25.151.159:39629 <http://185.25.151.159:39629>]
> > AH01114: HTTP: failed to make connection to backend: localhost
> >
> > Searching the internet I found the following solution:
> >
> > /usr/sbin/setsebool httpd_can_network_connect 1
> > /usr/sbin/setsebool -P httpd_can_network_connect 1
> >
> >
> > but when I restarted my galaxy my browser would now show just a
> > blank page and the error log of apache was:
> >
> > [Mon Oct 19 15:29:09.425120 2015] [proxy:error] [pid 29699]
> > (111)Connection refused: AH00957: HTTP: attempt to connect to
> > 127.0.0.1:8081 <http://127.0.0.1:8081> (*) failed
> > [Mon Oct 19 15:29:09.425167 2015] [proxy_http:error] [pid 29699]
> > [client 147.102.86.121:51865 <http://147.102.86.121:51865>]
> > AH01114: HTTP: failed to make connection to backend: localhost
> >
> >
> > Has anyone encountered that?
> >
> > Kind regards,
> > Makis
> >
> >
> >
> >
> >
> >
> > P.S. In case that helps the output of iptables -L is the following:
> > Chain INPUT (policy ACCEPT)
> > target prot opt source destination
> > ACCEPT all -- anywhere anywhere
> > ctstate RELATED,ESTABLISHED
> > ACCEPT all -- anywhere anywhere
> > INPUT_direct all -- anywhere anywhere
> > INPUT_ZONES_SOURCE all -- anywhere anywhere
> > INPUT_ZONES all -- anywhere anywhere
> > ACCEPT icmp -- anywhere anywhere
> > REJECT all -- anywhere anywhere
> > reject-with icmp-host-prohibited
> >
> > Chain FORWARD (policy ACCEPT)
> > target prot opt source destination
> > ACCEPT all -- anywhere anywhere
> > ctstate RELATED,ESTABLISHED
> > ACCEPT all -- anywhere anywhere
> > FORWARD_direct all -- anywhere anywhere
> > FORWARD_IN_ZONES_SOURCE all -- anywhere anywhere
> > FORWARD_IN_ZONES all -- anywhere anywhere
> > FORWARD_OUT_ZONES_SOURCE all -- anywhere anywhere
> > FORWARD_OUT_ZONES all -- anywhere anywhere
> > ACCEPT icmp -- anywhere anywhere
> > REJECT all -- anywhere anywhere
> > reject-with icmp-host-prohibited
> >
> > Chain OUTPUT (policy ACCEPT)
> > target prot opt source destination
> > OUTPUT_direct all -- anywhere anywhere
> >
> > Chain FORWARD_IN_ZONES (1 references)
> > target prot opt source destination
> > FWDI_public all -- anywhere anywhere
> > [goto]
> > FWDI_public all -- anywhere anywhere
> > [goto]
> >
> > Chain FORWARD_IN_ZONES_SOURCE (1 references)
> > target prot opt source destination
> >
> > Chain FORWARD_OUT_ZONES (1 references)
> > target prot opt source destination
> > FWDO_public all -- anywhere anywhere
> > [goto]
> > FWDO_public all -- anywhere anywhere
> > [goto]
> >
> > Chain FORWARD_OUT_ZONES_SOURCE (1 references)
> > target prot opt source destination
> >
> > Chain FORWARD_direct (1 references)
> > target prot opt source destination
> >
> > Chain FWDI_public (2 references)
> > target prot opt source destination
> > FWDI_public_log all -- anywhere anywhere
> > FWDI_public_deny all -- anywhere anywhere
> > FWDI_public_allow all -- anywhere anywhere
> >
> > Chain FWDI_public_allow (1 references)
> > target prot opt source destination
> >
> > Chain FWDI_public_deny (1 references)
> > target prot opt source destination
> >
> > Chain FWDI_public_log (1 references)
> > target prot opt source destination
> >
> > Chain FWDO_public (2 references)
> > target prot opt source destination
> > FWDO_public_log all -- anywhere anywhere
> > FWDO_public_deny all -- anywhere anywhere
> > FWDO_public_allow all -- anywhere anywhere
> >
> > Chain FWDO_public_allow (1 references)
> > target prot opt source destination
> >
> > Chain FWDO_public_deny (1 references)
> > target prot opt source destination
> >
> > Chain FWDO_public_log (1 references)
> > target prot opt source destination
> >
> > Chain INPUT_ZONES (1 references)
> > target prot opt source destination
> > IN_public all -- anywhere anywhere [goto]
> > IN_public all -- anywhere anywhere [goto]
> >
> > Chain INPUT_ZONES_SOURCE (1 references)
> > target prot opt source destination
> >
> > Chain INPUT_direct (1 references)
> > target prot opt source destination
> >
> > Chain IN_public (2 references)
> > target prot opt source destination
> > IN_public_log all -- anywhere anywhere
> > IN_public_deny all -- anywhere anywhere
> > IN_public_allow all -- anywhere anywhere
> >
> > Chain IN_public_allow (1 references)
> > target prot opt source destination
> > ACCEPT tcp -- anywhere anywhere
> > tcp dpt:http ctstate NEW
> > ACCEPT tcp -- anywhere anywhere
> > tcp dpt:ssh ctstate NEW
> > ACCEPT tcp -- anywhere anywhere
> > tcp dpt:https ctstate NEW
> >
> > Chain IN_public_deny (1 references)
> > target prot opt source destination
> >
> > Chain IN_public_log (1 references)
> > target prot opt source destination
> >
> > Chain OUTPUT_direct (1 references)
> > target prot opt source destination
> >
> >
> >
> > ___________________________________________________________
> > Please keep all replies on the list by using "reply all" in your
> > mail client. To manage your subscriptions to this and other
> > Galaxy lists, please use the interface at:
> > https://lists.galaxyproject.org/ To search Galaxy mailing lists
> > use the unified search at:
> > http://galaxyproject.org/search/mailinglists/
> >
> >
> > ___________________________________________________________
> > Please keep all replies on the list by using "reply all"
> > in your mail client. To manage your subscriptions to this
> > and other Galaxy lists, please use the interface at:
> > https://lists.galaxyproject.org/
> >
> > To search Galaxy mailing lists use the unified search at:
> > http://galaxyproject.org/search/mailinglists/
> >
> >
> > ------------------------------------------------------------------------
> >
> > UTSouthwestern
> >
> > Medical Center
> >
> > The future of medicine, today.
> >
> >
> >
> > ___________________________________________________________
> > Please keep all replies on the list by using "reply all"
> > in your mail client. To manage your subscriptions to this
> > and other Galaxy lists, please use the interface at:
> > https://lists.galaxyproject.org/
> >
> > To search Galaxy mailing lists use the unified search at:
> > http://galaxyproject.org/search/mailinglists/
> >
>
> ___________________________________________________________
> Please keep all replies on the list by using "reply all"
> in your mail client. To manage your subscriptions to this
> and other Galaxy lists, please use the interface at:
> https://lists.galaxyproject.org/
>
> To search Galaxy mailing lists use the unified search at:
> http://galaxyproject.org/search/mailinglists/