I do have some denials:
type=AVC msg=audit(1381778542.305:75739): avc: denied { sys_resource }
for pid=13788 comm="PassengerWatchd" capability=24
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
type=SYSCALL msg=audit(1381778542.305:75739): arch=c000003e syscall=1
success=no exit=-13 a0=4 a1=7f0b4ddc1000 a2=6 a3=ffffffff items=0
ppid=13787 pid=13788 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=(none) ses=642 comm="PassengerWatchd"
exe="/usr/lib/ruby/gems/1.8/gems/passenger-4.0.5/agents/PassengerWatchdog"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1381778542.336:75740): avc: denied { write } for
pid=13791 comm="PassengerHelper" path="[eventfd]" dev=anon_inodefs ino=3786
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:anon_inodefs_t:s0 tclass=file
type=SYSCALL msg=audit(1381778542.336:75740): arch=c000003e syscall=1
success=no exit=-13 a0=a a1=7fff0bd86340 a2=8 a3=7fff0bd860c0 items=0
ppid=13788 pid=13791 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=(none) ses=642 comm="PassengerHelper"
exe="/usr/lib/ruby/gems/1.8/gems/passenger-4.0.5/agents/PassengerHelperAgent"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1381778542.373:75741): avc: denied { sys_resource }
for pid=13809 comm="PassengerWatchd" capability=24
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
type=SYSCALL msg=audit(1381778542.373:75741): arch=c000003e syscall=1
success=no exit=-13 a0=4 a1=7f38d1293000 a2=6 a3=ffffffff items=0
ppid=13807 pid=13809 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=(none) ses=642 comm="PassengerWatchd"
exe="/usr/lib/ruby/gems/1.8/gems/passenger-4.0.5/agents/PassengerWatchdog"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1381778542.710:75742): avc: denied { write } for
pid=13812 comm="PassengerHelper" path="[eventfd]" dev=anon_inodefs ino=3786
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=system_u:object_r:anon_inodefs_t:s0 tclass=file
type=SYSCALL msg=audit(1381778542.710:75742): arch=c000003e syscall=1
success=no exit=-13 a0=a a1=7fff1c2adaf0 a2=8 a3=7fff1c2ad870 items=0
ppid=13809 pid=13812 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=(none) ses=642 comm="PassengerHelper"
exe="/usr/lib/ruby/gems/1.8/gems/passenger-4.0.5/agents/PassengerHelperAgent"
subj=unconfined_u:system_r:httpd_t:s0 key=(null)
type=AVC msg=audit(1381778542.746:75743): avc: denied { sys_resource }
for pid=13864 comm="PassengerWatchd" capability=24
scontext=unconfined_u:system_r:httpd_t:s0
tcontext=unconfined_u:system_r:httpd_t:s0 tclass=capability
And some problems in the apache logs (ssl_error_log):
[Mon Oct 14 15:22:22 2013] [warn] RSA server certificate is a CA
certificate (BasicConstraints: CA == TRUE !?)
[Mon Oct 14 15:22:22 2013] [warn] RSA server certificate is a CA
certificate (BasicConstraints: CA == TRUE !?)
[Mon Oct 14 15:22:22 2013] [warn] RSA server certificate is a CA
certificate (BasicConstraints: CA == TRUE !?)
[Tue Oct 15 11:25:48 2013] [error] [client 10.16.135.50] File does not
exist: /var/www/html/api
[Tue Oct 15 11:27:24 2013] [error] [client 10.16.135.50] File does not
exist: /var/www/html/api
[Tue Oct 15 11:36:38 2013] [error] [client 10.16.135.50] File does not
exist: /var/www/html/api
[Tue Oct 15 11:37:12 2013] [error] [client 10.16.135.50] File does not
exist: /var/www/html/api
And also error.log:
[Mon Oct 14 15:22:22 2013] [notice] SELinux policy enabled; httpd running
as context unconfined_u:system_r:httpd_t:s0
[Mon Oct 14 15:22:22 2013] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[ 2013-10-14 15:22:22.3060 13788/7f0b4ddaf720 agents/Watchdog/Main.cpp:440
]: Options: { 'analytics_log_user' => 'nobody', 'default_group' =>
'nobody', 'default_python' => 'python', 'default_ruby' => 'ruby',
'default_user' => 'nobody', 'log_level' => '0', 'max_instances_per_app' =>
'0', 'max_pool_size' => '6', 'passenger_root' =>
'/usr/lib/ruby/gems/1.8/gems/passenger-4.0.5', 'pool_idle_time' => '300',
'temp_dir' => '/tmp', 'union_station_gateway_address' =>
'gateway.unionstationapp.com', 'union_station_gateway_port' => '443',
'user_switching' => 'true', 'web_server_pid' => '13787', 'web_server_type'
=> 'apache', 'web_server_worker_gid' => '48', 'web_server_worker_uid' =>
'48' }
[ 2013-10-14 15:22:22.3169 13791/7f90730e8720
agents/HelperAgent/Main.cpp:555 ]: PassengerHelperAgent online, listening
at unix:/tmp/passenger.1.0.13787/generation-0/request
[ 2013-10-14 15:22:22.3223 13788/7f0b4ddaf720 agents/Watchdog/Main.cpp:564
]: All Phusion Passenger agents started!
[ 2013-10-14 15:22:22.3258 13796/7fdc6d9077e0
agents/LoggingAgent/Main.cpp:271 ]: PassengerLoggingAgent online, listening
at unix:/tmp/passenger.1.0.13787/generation-0/logging
[Mon Oct 14 15:22:22 2013] [notice] Digest: generating secret for digest
authentication …
[Mon Oct 14 15:22:22 2013] [notice] Digest: done
[ 2013-10-14 15:22:22.3742 13809/7f38d1281720 agents/Watchdog/Main.cpp:440
]: Options: { 'analytics_log_user' => 'nobody', 'default_group' =>
'nobody', 'default_python' => 'python', 'default_ruby' => 'ruby',
'default_user' => 'nobody', 'log_level' => '0', 'max_instances_per_app' =>
'0', 'max_pool_size' => '6', 'passenger_root' =>
'/usr/lib/ruby/gems/1.8/gems/passenger-4.0.5', 'pool_idle_time' => '300',
'temp_dir' => '/tmp', 'union_station_gateway_address' =>
'gateway.unionstationapp.com', 'union_station_gateway_port' => '443',
'user_switching' => 'true', 'web_server_pid' => '13807', 'web_server_type'
=> 'apache', 'web_server_worker_gid' => '48', 'web_server_worker_uid' =>
'48' }
[ 2013-10-14 15:22:22.3803 13812/7ff1b511f720
agents/HelperAgent/Main.cpp:555 ]: PassengerHelperAgent online, listening
at unix:/tmp/passenger.1.0.13807/generation-0/request
[ 2013-10-14 15:22:22.3853 13809/7f38d1281720 agents/Watchdog/Main.cpp:564
]: All Phusion Passenger agents started!
[ 2013-10-14 15:22:22.3938 13821/7f0b7650b7e0
agents/LoggingAgent/Main.cpp:271 ]: PassengerLoggingAgent online, listening
at unix:/tmp/passenger.1.0.13807/generation-0/logging
[Mon Oct 14 15:22:22 2013] [notice] Apache/2.2.15 (Unix) DAV/2
Phusion_Passenger/4.0.5 mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured –
resuming normal operations
[Mon Oct 14 15:22:22 2013] [notice] SIGHUP received. Attempting to restart
[Mon Oct 14 15:22:22 2013] [notice] Digest: generating secret for digest
authentication …
[Mon Oct 14 15:22:22 2013] [notice] Digest: done
[ 2013-10-14 15:22:22.7478 13864/7fa138788720 agents/Watchdog/Main.cpp:440
]: Options: { 'analytics_log_user' => 'nobody', 'default_group' =>
'nobody', 'default_python' => 'python', 'default_ruby' => 'ruby',
'default_user' => 'nobody', 'log_level' => '0', 'max_instances_per_app' =>
'0', 'max_pool_size' => '6', 'passenger_root' =>
'/usr/lib/ruby/gems/1.8/gems/passenger-4.0.5', 'pool_idle_time' => '300',
'temp_dir' => '/tmp', 'union_station_gateway_address' =>
'gateway.unionstationapp.com', 'union_station_gateway_port' => '443',
'user_switching' => 'true', 'web_server_pid' => '13807', 'web_server_type'
=> 'apache', 'web_server_worker_gid' => '48', 'web_server_worker_uid' =>
'48' }
[ 2013-10-14 15:22:22.7553 13869/7f2198ab2720
agents/HelperAgent/Main.cpp:555 ]: PassengerHelperAgent online, listening
at unix:/tmp/passenger.1.0.13807/generation-1/request
[ 2013-10-14 15:22:22.7605 13864/7fa138788720 agents/Watchdog/Main.cpp:564
]: All Phusion Passenger agents started!
[ 2013-10-14 15:22:22.7668 13874/7f0dbde317e0
agents/LoggingAgent/Main.cpp:271 ]: PassengerLoggingAgent online, listening
at unix:/tmp/passenger.1.0.13807/generation-1/logging
[Mon Oct 14 15:22:22 2013] [notice] Apache/2.2.15 (Unix) DAV/2
Phusion_Passenger/4.0.5 mod_ssl/2.2.15 OpenSSL/1.0.0-fips configured –
resuming normal operations
[ 2013-10-14 15:22:52.3553 13806/7f0b4ddaf720 agents/Watchdog/Main.cpp:324
]: Some Phusion Passenger agent processes did not exit in time, forcefully
shutting down all.
[ 2013-10-14 15:22:52.7302 13863/7f38d1281720 agents/Watchdog/Main.cpp:324
]: Some Phusion Passenger agent processes did not exit in time, forcefully
shutting down all.
/etc/httpd/logs/error_log (END)
This whole setup doesn't look too promising…
– Greg