Le 22/10/2017 à 21:37, Gordon Messmer a écrit : > > Yes, I use the following httpd configuration file: > > WSGIProcessGroup sync > WSGIPassAuthorization On > > WSGIDaemonProcess sync user=apache group=apache processes=2 threads=25 > python-path=/usr/local/lib/sync-1.5/syncserver/local/lib/python2.7/site-packages/ > > WSGIScriptAlias /sync1.5 /usr/local/lib/sync-1.5/syncserver/syncserver.wsgi > <Directory "/usr/local/lib/sync-1.5"> > Require all granted > </Directory> And this is more or less what I have, but no luck. Allow me to retrace my steps from the beginning. Not the whole thing, but first things first, one step at a time. I switched SELinux to permissive mode. I figured I would deal with eventual alerts once everything is up and running. I installed dependencies: make, gcc, gcc-c++, python-devel and python-virtualenv. Even if this is a sandbox server where I can happily break stuff, I didn't want to build third-party stuff as root on my machine, so I created a special user. Here's what I did, step by step. The user is called 'syncserver', its home directory is /opt/syncserver, which also happens to be the downloaded source from Github. As to the stuff from /etc/skel, that's my custom .bashrc and other things I usually add to a new user profile, with a custom PS1 and my custom command aliases. # useradd -c "Firefox Sync" -d /opt/syncserver syncserver # passwd syncserver # cd opt # rm -rf syncserver # git clone https://github.com/mozilla-services/syncserver # cp -v /etc/skel/.bash* syncserver/ « /etc/skel/.bash_logout » -> « syncserver/.bash_logout » « /etc/skel/.bash_profile » -> « syncserver/.bash_profile » « /etc/skel/.bashrc » -> « syncserver/.bashrc » # chown -R syncserver:syncserver syncserver/ # find syncserver/ -type d -exec chmod 0775 {} \; # find syncserver/ -type f -exec chmod 0664 {} \; # chmod 0750 syncserver/ Note: I figured if a process like 'apache' has to access this stuff later, I can always add the corresponding system user to the 'syncserver' group with a 'usermod -a -G syncserver apache'. Not 100 % sure about that though. Then I opened a new session as user 'syncserver' and built everything. $ make build (2 minutes) I ran the tests: $ make test (10 minutes, everything OK) For a first test, I edited /opt/syncserver/syncserver.ini. I wanted to keep the default configuration as much as possible, so I provided my server's IP address for 'host' and 'public_url'. --8<----------------------------------------------------------- [server:main] use = egg:gunicorn host = 163.172.220.174 port = 5000 workers = 1 timeout = 30 [app:main] use = egg:syncserver [syncserver] # This must be edited to point to the public URL of your server, # i.e. the URL as seen by Firefox. public_url = http://163.172.220.174:5000/ --8<----------------------------------------------------------- I tested this on two sandbox client desktops I have in my office. I opened about:config, edited identity.sync.tokenserver.uri and provided my custom sync server: http://163.172.220.174:5000/token/1.0/sync/1.5 I connected Firefox Sync on both clients, and bookmarks synchronized nicely, with a little lag, but everything seemed to run fine. Any comments so far? As far as I can see, you created a /usr/local/lib/sync-1.5/ directory and built this stuff there. As root or as a different user? Any custom permissions there? Unfortunately the documentation doesn't say anything about permissions. Cheers & more later, Niki -- Microlinux - Solutions informatiques durables 7, place de l'église - 30730 Montpezat Web : http://www.microlinux.fr Mail : info at microlinux.fr Tél. : 04 66 63 10 32