问题描述
下面是一些软件的信息
Django的1.8.1
的Apache2
Fedora的21
Django 1.8.1Apache2Fedora 21
error_log中输出
error_log output
mod_wsgi (pid=8272): Target WSGI script '/var/www/anime/anime/wsgi.py' cannot be loaded as Python module.
mod_wsgi (pid=8272): Exception occurred processing WSGI script '/var/www/anime/anime/wsgi.py'.
Traceback (most recent call last):
File "/usr/lib64/python3.4/logging/config.py", line 557, in configure
handler = self.configure_handler(handlers[name])
File "/usr/lib64/python3.4/logging/config.py", line 725, in configure_handler
result = factory(**kwargs)
File "/usr/lib64/python3.4/logging/__init__.py", line 999, in __init__
StreamHandler.__init__(self, self._open())
File "/usr/lib64/python3.4/logging/__init__.py", line 1023, in _open
return open(self.baseFilename, self.mode, encoding=self.encoding)
PermissionError: [Errno 13] Permission denied: '/var/www/anime/log/info.log'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/var/www/anime/anime/wsgi.py", line 16, in <module>
application = get_wsgi_application()
File "/opt/virtualenvs/django_project/lib64/python3.4/site-packages/django/core/wsgi.py", line 14, in get_wsgi_application
django.setup()
File "/opt/virtualenvs/django_project/lib64/python3.4/site-packages/django/__init__.py", line 17, in setup
configure_logging(settings.LOGGING_CONFIG, settings.LOGGING)
File "/opt/virtualenvs/django_project/lib64/python3.4/site-packages/django/utils/log.py", line 86, in configure_logging
logging_config_func(logging_settings)
File "/usr/lib64/python3.4/logging/config.py", line 789, in dictConfig
dictConfigClass(config).configure()
File "/usr/lib64/python3.4/logging/config.py", line 565, in configure
'%r: %s' % (name, e))
ValueError: Unable to configure handler 'file': [Errno 13] Permission denied: '/var/www/anime/log/info.log'
下面是该文件的权限掩码
Here is the permission mask on the file
drwxrwxrwx. 2 apache apache 21 May 28 15:22 .
drwxr-xr-x. 6 apache apache 90 May 28 14:53 ..
-rwxrwxrwx. 1 apache apache 0 May 28 15:22 info.log
我已经搜查SOF在所有可能的解决方案,其中没有工作。因此,我怀疑它是与SELinux的设置?如果是,可有人告诉我,这标志我需要设置为true?
I have already searched SOF on all the possible solutions and none of them works. Therefore I suspect that it has something to do with SELinux setting? If it is, can someone tell me which flag do i need to set to true?
推荐答案
在SELinux的阅读后,我想通了这个权限错误的解决方案。我希望这将有助于在RHEL Linux的生产服务器上部署时,谁也遇到过类似的情况了别人。
After reading up on SELinux, I have figured out the solution for this permission error. And I hope that it will help the others who have encountered similar situation when deploying on production server under RHEL linux.
基本上运行命令ls -Z显示以下
Basically running the command ls -Z shows the following
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 log
文件夹被标记为httpd_sys_content_t不允许的httpd有写访问的文件夹。因此,我们需要这个标签更改为httpd_sys_rw_content_t
the folder is labelled with httpd_sys_content_t which does not allow httpd to have write access the the folder. Therefore we need to change this label to httpd_sys_rw_content_t
首先,我们需要一个条目添加到fcontext通知SELinux的什么是文件的默认标签,将要创建的,这个文件夹中。
Firstly, we need to add an entry to the fcontext to inform SELinux what is the default label for files, that will be created, in this folder.
sudo semanage fcontext -a -t httpd_sys_rw_content_t "/path/to/directory(/.*)?"
这将增加fcontext文件中的条目(/etc/selinux/targeted/contexts/files/file_contexts.local)
This will add an entry to the fcontext file (/etc/selinux/targeted/contexts/files/file_contexts.local)
接下来,我们需要使用的restorecon更新的文件的所有标签的文件夹中。
Next we need to update all the labels of the files in the folder using restorecon.
sudo restorecon -R -v /path/to/directory
而现在相关的Django的日志记录的权限错误将消失在httpd的error_log =)
And now the permission error related to the django logging will be gone from the httpd error_log =)
这篇关于使用生产服务器上的Django记录阿帕奇WSGI权限错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!