Updates for rvm-rpm usage, selinux and other fixes

files/after_install

@@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+# rvm after_install hook to provide selinux support
+# This script will make sure the correct selinux contexts are set on ruby
+# files after each ruby version install.
+
+# WARNING - As of 2012-02-08, there is a bug in current versions
+# of rvm (now 1.10.2) such that it cannot find this after_install hook
+# See rvm issues #744 and #745 on github for more information
+
+if [ $EUID -ne 0 ]; then
+  # Don't try to mess with selinux if we are not root
+  exit
+fi
+
+if [ ! \( -x /usr/sbin/semanage -a -x /sbin/restorecon \) ]; then
+  echo "SELinux executables missing, rvm after_install hook failed"
+  exit 1
+fi
+
+# Set up rvm file context patterns if they are not already present
+# This will handle installs in either /usr/local/rvm or /usr/lib/rvm
+semanage fcontext -l | /bin/grep -q rvm || {
+  semanage fcontext -a -t bin_t '/usr/(local|lib)/rvm/wrappers(/.*)?'
+  semanage fcontext -a -t bin_t '/usr/(local|lib)/rvm/rubies/ruby-.*/bin(/.*)?'
+  semanage fcontext -a -t lib_t '/usr/(local|lib)/rvm/rubies/ruby-.*/lib(/.*)?'
+  semanage fcontext -a -t lib_t '/usr/(local|lib)/rvm/gems(/.*)?'
+  semanage fcontext -a -t passenger_exec_t '/usr/(local|lib)/rvm/gems/ruby-.*/gems/passenger-.*/agents/(apache2/)?Passenger.*'
+}
+
+# Run restorecon on the rvm hierarchy to fix the contexts
+restorecon -R $rvm_path

lib/facter/rvm_installed.rb

@@ -1,7 +1,23 @@
-Facter.add("rvm_installed") do
-  rvm_binary = "/usr/local/rvm/bin/rvm"
+Facter.add(:rvm_installed) do
+  setcode do
+    result = 'false'
+    if File.exist?('/usr/local/rvm/bin/rvm') or File.exist?('/usr/bin/rvm')
+      result = 'true'
+    end
+    result
+  end
+end
 
+Facter.add(:rvm_binary) do
+  confine :rvm_installed => :true
   setcode do
-    File.exists? rvm_binary
+    result = ''
+    [ '/usr/local/rvm/bin/rvm', '/usr/bin/rvm' ].each do |binfile|
+      if File.exist?(binfile)
+        result = binfile
+        break
+      end
+    end
+    result
   end
 end

lib/puppet/provider/rvm_gem/gem.rb

@@ -5,7 +5,7 @@
 Puppet::Type.type(:rvm_gem).provide(:gem) do
   desc "Ruby Gem support using RVM."
 
-  commands :rvmcmd => "/usr/local/rvm/bin/rvm"
+  commands :rvmcmd => Facter.value(:rvm_binary)
 
 
   def ruby_version

lib/puppet/provider/rvm_gemset/gemset.rb

@@ -2,7 +2,7 @@
 Puppet::Type.type(:rvm_gemset).provide(:gemset) do
   desc "RVM gemset support."
 
-  commands :rvmcmd => "/usr/local/rvm/bin/rvm"
+  commands :rvmcmd => Facter.value(:rvm_binary)
 
   def ruby_version
     resource[:ruby_version]

lib/puppet/provider/rvm_system_ruby/rvm_system_ruby.rb

@@ -1,7 +1,7 @@
 Puppet::Type.type(:rvm_system_ruby).provide(:rvm) do
   desc "Ruby RVM support."
 
-  commands :rvmcmd => "/usr/local/rvm/bin/rvm"
+  commands :rvmcmd => Facter.value(:rvm_binary)
 
   def create
     rvmcmd "install", resource[:name]

manifests/dependencies.pp

@@ -1,4 +1,13 @@
 class rvm::dependencies {
+  # Precreate the rvm group, otherwise the git installer fails to create it
+  # as a system group
+  if ! defined(Group['rvm']) {
+    group { 'rvm':
+      ensure => present,
+      system => true,
+    }
+  }
+
   case $operatingsystem {
     Ubuntu,Debian: { require rvm::dependencies::ubuntu }
     CentOS,RedHat: { require rvm::dependencies::centos }

manifests/dependencies/centos.pp

@@ -6,7 +6,7 @@
   if ! defined(Package['make'])            { package { 'make':            ensure => installed } }
   if ! defined(Package['gettext-devel'])   { package { 'gettext-devel':   ensure => installed } }
   if ! defined(Package['expat-devel'])     { package { 'expat-devel':     ensure => installed } }
-  if ! defined(Package['curl-devel'])      { package { 'curl-devel':      ensure => installed } }
+  if ! defined(Package['libcurl-devel'])   { package { 'libcurl-devel':   ensure => installed } }
   if ! defined(Package['zlib-devel'])      { package { 'zlib-devel':      ensure => installed } }
   if ! defined(Package['openssl-devel'])   { package { 'openssl-devel':   ensure => installed } }
   if ! defined(Package['perl'])            { package { 'perl':            ensure => installed } }
@@ -15,7 +15,6 @@
   if ! defined(Package['gettext-devel'])   { package { 'gettext-devel':   ensure => installed } }
   if ! defined(Package['wget'])            { package { 'wget':            ensure => installed } }
   if ! defined(Package['bzip2'])           { package { 'bzip2':           ensure => installed } }
-  if ! defined(Package['sendmail'])        { package { 'sendmail':        ensure => installed } }
   if ! defined(Package['mailx'])           { package { 'mailx':           ensure => installed } }
   if ! defined(Package['libxml2'])         { package { 'libxml2':         ensure => installed } }
   if ! defined(Package['libxml2-devel'])   { package { 'libxml2-devel':   ensure => installed } }
@@ -24,4 +23,12 @@
   if ! defined(Package['readline-devel'])  { package { 'readline-devel':  ensure => installed } }
   if ! defined(Package['patch'])           { package { 'patch':           ensure => installed } }
   if ! defined(Package['git'])             { package { 'git':             ensure => installed } }
+  if ! defined(Package['libyaml-devel'])   { package { 'libyaml-devel':   ensure => installed } }
+
+  if $selinux == 'true' {
+    # Make sure we have semanage and restorecon commands
+    if ! defined(Package['policycoreutils-python']) {
+      package { 'policycoreutils-python': ensure => present }
+    }
+  }
 }

manifests/init.pp

@@ -1,10 +1,18 @@
-class rvm($version='latest', $install_rvm=true) {
+class rvm(
+  $version = 'latest',
+  $install_rvm = true,
+  $use_pkg = false,
+  $rstage = 'rvm-install'
+) {
   stage { 'rvm-install': before => Stage['main'] }
 
   if $install_rvm {
     class {
-      'rvm::dependencies': stage => 'rvm-install';
-      'rvm::system':       stage => 'rvm-install', version => $version;
+      'rvm::dependencies': stage => $rstage;
+      'rvm::system':
+        stage   => $rstage,
+        version => $version,
+        use_pkg => $use_pkg;
     }
   }
 }

manifests/passenger/apache.pp

@@ -1,7 +1,6 @@
 class rvm::passenger::apache(
   $ruby_version,
   $version,
-  $rvm_prefix = '/usr/local/',
   $mininstances = '1',
   $maxpoolsize = '6',
   $poolidletime = '300',
@@ -23,36 +22,31 @@
   # TODO: How can we get the gempath automatically using the ruby version
   # Can we read the output of a command into a variable?
   # e.g. $gempath = `usr/local/rvm/bin/rvm ${ruby_version} exec rvm gemdir`
-  $gempath = "${rvm_prefix}rvm/gems/${ruby_version}/gems"
-  $binpath = "${rvm_prefix}rvm/bin/"
+  $gempath = "${rvm::system::rvmpath}/gems/${ruby_version}/gems"
 
   case $operatingsystem {
     Ubuntu: {
       class { 'rvm::passenger::apache::ubuntu::post':
         ruby_version       => $ruby_version,
         version            => $version,
-        rvm_prefix         => $rvm_prefix,
         mininstances       => $mininstances,
         maxpoolsize        => $maxpoolsize,
         poolidletime       => $poolidletime,
         maxinstancesperapp => $maxinstancesperapp,
         spawnmethod        => $spawnmethod,
         gempath            => $gempath,
-        binpath            => $binpath;
       }
     }
     CentOS,RedHat: {
       class { 'rvm::passenger::apache::centos::post':
         ruby_version       => $ruby_version,
         version            => $version,
-        rvm_prefix         => $rvm_prefix,
         mininstances       => $mininstances,
         maxpoolsize        => $maxpoolsize,
         poolidletime       => $poolidletime,
         maxinstancesperapp => $maxinstancesperapp,
         spawnmethod        => $spawnmethod,
         gempath            => $gempath,
-        binpath            => $binpath;
       }
     }
   }

manifests/passenger/apache/centos/post.pp

@@ -1,27 +1,37 @@
 class rvm::passenger::apache::centos::post(
   $ruby_version,
   $version,
-  $rvm_prefix = '/usr/local/',
   $mininstances = '1',
   $maxpoolsize = '6',
   $poolidletime = '300',
   $maxinstancesperapp = '0',
   $spawnmethod = 'smart-lv2',
-  $gempath,
-  $binpath
+  $rvmpath = $rvm::system::rvmpath,
+  $gempath
 ) {
-  exec {
-    'passenger-install-apache2-module':
-      command   => "${rvm::passenger::apache::binpath}rvm ${rvm::passenger::apache::ruby_version} exec passenger-install-apache2-module -a",
-      creates   => "${rvm::passenger::apache::gempath}/passenger-${rvm::passenger::apache::version}/ext/apache2/mod_passenger.so",
-      logoutput => 'on_failure',
-      require   => [Rvm_gem['passenger'], Package['httpd','httpd-devel','mod_ssl']];
+
+  exec { 'passenger-install-apache2-module':
+    command   => "$rvm_binary $ruby_version exec passenger-install-apache2-module -a",
+    creates   => "${gempath}/passenger-${version}/ext/apache2/mod_passenger.so",
+    logoutput => 'on_failure',
+    require   => [Rvm_gem['passenger'], Package['httpd','httpd-devel','mod_ssl']];
+  }
+
+  if $selinux == 'true' {
+    exec { 'passenger-contexts':
+      command     => "/sbin/restorecon -R $rvmpath",
+      refreshonly => true,
+      subscribe   => Exec['passenger-install-apache2-module'],
+      before      => File['/etc/httpd/conf.d/passenger.conf'],
+    }
+  }
+
+  file { '/etc/httpd/conf.d/passenger.conf':
+    content => template('rvm/passenger-apache-centos.conf.erb'),
+    require => Exec['passenger-install-apache2-module'];
   }
 
-  file {
-    '/etc/httpd/conf.d/passenger.conf':
-      ensure  => file,
-      content => template('rvm/passenger-apache-centos.conf.erb'),
-      require => Exec['passenger-install-apache2-module'];
+  if defined(Service['httpd']) {
+    File['/etc/httpd/conf.d/passenger.conf'] ~> Service['httpd']
   }
 }

manifests/passenger/apache/centos/pre.pp

@@ -3,4 +3,12 @@
   if ! defined(Package['httpd'])       { package { 'httpd':       ensure => installed } }
   if ! defined(Package['httpd-devel']) { package { 'httpd-devel': ensure => installed } }
   if ! defined(Package['mod_ssl'])     { package { 'mod_ssl':     ensure => installed } }
+
+  # Using this temp directory makes passenger work better with selinux
+  file { '/var/run/passenger':
+    ensure => directory,
+    owner  => root,
+    group  => 0,
+    mode   => 0755,
+  }
 }

manifests/passenger/apache/ubuntu/post.pp

@@ -1,19 +1,18 @@
 class rvm::passenger::apache::ubuntu::post(
   $ruby_version,
   $version,
-  $rvm_prefix = '/usr/local/',
   $mininstances = '1',
   $maxpoolsize = '6',
   $poolidletime = '300',
   $maxinstancesperapp = '0',
   $spawnmethod = 'smart-lv2',
-  $gempath,
-  $binpath
+  $rvmpath = $rvm::system::rvmpath,
+  $gempath
 ) {
 
   exec {
     'passenger-install-apache2-module':
-      command   => "${binpath}rvm ${ruby_version} exec passenger-install-apache2-module -a",
+      command   => "$rvm_binary ${ruby_version} exec passenger-install-apache2-module -a",
       creates   => "${gempath}/passenger-${version}/ext/apache2/mod_passenger.so",
       logoutput => 'on_failure',
       require   => [Rvm_gem['passenger'], Package['apache2', 'build-essential', 'apache2-prefork-dev',

manifests/passenger/gem.pp

@@ -1,7 +1,8 @@
 class rvm::passenger::gem($ruby_version, $version) {
   rvm_gem {
     "passenger":
-      ensure => $version,
+      ensure       => $version,
       ruby_version => $ruby_version,
+      require      => Rvm_system_ruby["${ruby_version}"],
   }
 }

manifests/system.pp

@@ -1,13 +1,38 @@
-class rvm::system($version='latest') {
-  exec { 'system-rvm':
-    path    => '/usr/bin:/usr/sbin:/bin',
-    command => "bash -c '/usr/bin/curl -s https://raw.github.com/wayneeseguin/rvm/master/binscripts/rvm-installer -o /tmp/rvm-installer ;
-                chmod +x /tmp/rvm-installer ;
-                rvm_bin_path=/usr/local/rvm/bin rvm_man_path=/usr/local/rvm/man /tmp/rvm-installer --version ${version} ;
-                rm /tmp/rvm-installer'",
-    creates => '/usr/local/rvm/bin/rvm',
-    require => [
-      Class['rvm::dependencies'],
-    ],
+class rvm::system($version = 'latest', $use_pkg = false) {
+  # If you set $use_pkg to true, then this module expects that you have made
+  # an rvm-ruby package available in some repository
+  # One source for this package is https://github.com/mdkent/rvm-rpm
+  if ($use_pkg) {
+    $rvmpath = '/usr/lib/rvm'
+    package { 'rvm-ruby':
+      ensure  => $version,
+      require => Class['rvm::dependencies'],
+    }
+  }
+  else {
+    $rvmpath = '/usr/local/rvm'
+    exec { 'system-rvm':
+      path    => '/usr/bin:/usr/sbin:/bin',
+      command => "bash -c '/usr/bin/curl -s https://raw.github.com/wayneeseguin/rvm/master/binscripts/rvm-installer -o /tmp/rvm-installer ;
+                  chmod +x /tmp/rvm-installer ;
+                  rvm_path=${rvmpath} /tmp/rvm-installer --version ${version} ;
+                  rm /tmp/rvm-installer'",
+      creates => "${rvmpath}/bin/rvm",
+      require => Class['rvm::dependencies'],
+    }
+  }
+
+  # Install the rvm hook to set selinux file contexts if needed
+  if $selinux == 'true' {
+    file { "$rvmpath/hooks/after_install":
+      source  => 'puppet:///modules/rvm/after_install',
+      owner   => root,
+      group   => 'rvm',
+      mode    => 0755,
+      require => $use_pkg ? {
+        true  => Package['rvm-ruby'],
+        false => Exec['system-rvm'],
+      },
+    }
   }
 }

manifests/system_user.pp

@@ -7,18 +7,12 @@
 
   if ! defined(User[$username]) {
     user { $username:
-      ensure => present;
-    }
-  }
-
-  if ! defined(Group[$group]) {
-    group { $group:
-      ensure => present;
+      ensure => present,
     }
   }
 
   exec { "/usr/sbin/usermod -a -G $group $username":
     unless  => "/bin/cat /etc/group | grep $group | grep $username",
-    require => [User[$username], Group[$group]];
+    require => [User[$username], Group[$group]],
   }
 }

templates/passenger-apache-centos.conf.erb

@@ -2,10 +2,11 @@ LoadModule passenger_module <%= gempath %>/passenger-<%= version %>/ext/apache2/
 
 <IfModule passenger_module>
   PassengerRoot <%= gempath %>/passenger-<%= version %>
-  PassengerRuby <%= rvm_prefix %>rvm/wrappers/<%= ruby_version %>/ruby
+  PassengerRuby <%= rvmpath %>/wrappers/<%= ruby_version %>/ruby
   PassengerMaxPoolSize <%= maxpoolsize %>
   PassengerPoolIdleTime <%= poolidletime %>
   PassengerMinInstances <%= mininstances %>
   PassengerMaxInstancesPerApp <%= maxinstancesperapp %>
   PassengerSpawnMethod <%= spawnmethod %>
+  PassengerTempDir /var/run/passenger
 </IfModule>

templates/passenger-apache.conf.erb

@@ -1,6 +1,6 @@
 <IfModule passenger_module>
   PassengerRoot <%= gempath %>/passenger-<%= version %>
-  PassengerRuby <%= rvm_prefix %>rvm/wrappers/<%= ruby_version %>/ruby
+  PassengerRuby <%= rvmpath %>/wrappers/<%= ruby_version %>/ruby
   PassengerMaxPoolSize <%= maxpoolsize %>
   PassengerPoolIdleTime <%= poolidletime %>
   PassengerMinInstances <%= mininstances %>