Here is some software information
Django 1.8.1 Apache2 Fedora 21
error_log output
mod_wsgi (pid=8272): Target WSGI script '/var/www/anime/anime/wsgi.py' cannot be loaded as Python module.
mod_wsgi (pid=8272): Exception occurred processing WSGI script '/var/www/anime/anime/wsgi.py'.
Traceback (most recent call last):
File "/usr/lib64/python3.4/logging/config.py", line 557, in configure
handler = self.configure_handler(handlers[name])
File "/usr/lib64/python3.4/logging/config.py", line 725, in configure_handler
result = factory(**kwargs)
File "/usr/lib64/python3.4/logging/__init__.py", line 999, in __init__
StreamHandler.__init__(self, self._open())
File "/usr/lib64/python3.4/logging/__init__.py", line 1023, in _open
return open(self.baseFilename, self.mode, encoding=self.encoding)
PermissionError: [Errno 13] Permission denied: '/var/www/anime/log/info.log'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/var/www/anime/anime/wsgi.py", line 16, in <module>
application = get_wsgi_application()
File "/opt/virtualenvs/django_project/lib64/python3.4/site-packages/django/core/wsgi.py", line 14, in get_wsgi_application
django.setup()
File "/opt/virtualenvs/django_project/lib64/python3.4/site-packages/django/__init__.py", line 17, in setup
configure_logging(settings.LOGGING_CONFIG, settings.LOGGING)
File "/opt/virtualenvs/django_project/lib64/python3.4/site-packages/django/utils/log.py", line 86, in configure_logging
logging_config_func(logging_settings)
File "/usr/lib64/python3.4/logging/config.py", line 789, in dictConfig
dictConfigClass(config).configure()
File "/usr/lib64/python3.4/logging/config.py", line 565, in configure
'%r: %s' % (name, e))
ValueError: Unable to configure handler 'file': [Errno 13] Permission denied: '/var/www/anime/log/info.log'
Here is the permission mask on the file
drwxrwxrwx. 2 apache apache 21 May 28 15:22 .
drwxr-xr-x. 6 apache apache 90 May 28 14:53 ..
-rwxrwxrwx. 1 apache apache 0 May 28 15:22 info.log
I have already searched SOF on all the possible solutions and none of them works. Therefore I suspect that it has something to do with SELinux setting? If it is, can someone tell me which flag do i need to set to true?
After reading up on SELinux, I have figured out the solution for this permission error. And I hope that it will help the others who have encountered similar situation when deploying on production server under RHEL linux.
Basically running the command ls -Z shows the following
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 log
the folder is labelled with httpd_sys_content_t which does not allow httpd to have write access the the folder. Therefore we need to change this label to httpd_sys_rw_content_t
Firstly, we need to add an entry to the fcontext to inform SELinux what is the default label for files, that will be created, in this folder.
sudo semanage fcontext -a -t httpd_sys_rw_content_t "/path/to/directory(/.*)?"
This will add an entry to the fcontext file (/etc/selinux/targeted/contexts/files/file_contexts.local)
Next we need to update all the labels of the files in the folder using restorecon.
sudo restorecon -R -v /path/to/directory
And now the permission error related to the django logging will be gone from the httpd error_log =)
来源:https://stackoverflow.com/questions/30500435/apache-wsgi-permission-error-using-django-logging-on-production-server