I'm running django on Digital Ocean with gunicorn and nginx. Gunicorn for serving the django and nginx for static files.
Upon uploading a file via website, I cant save to a folder in /home directory. I get [Errno 13] Permission denied.
Please, how do I make the web server to be able have read write access to any arbitrary folder anywhere under /home?
This all depends on the user that your application is running as.
If you check ps aux | grep gunicorn which user the Gunicorn server is running your app as then you can change the chmod or chown permissions accordingly.
ls -lash will show you which user current only owns the folder and what permissions are on the folder you are trying to write to:
4.0K drwxrwx--- 4 username username 4.0K Dec 9 14:11 uploads
You can then use this to check for any issues.
Some docs on changing ownership and permissions
http://linux.die.net/man/1/chmod
http://linux.die.net/man/1/chown
I would advise being very careful to what locations on your disk you give access for the web server to read/write from. This can have massive security implications.
Well, I worked on this issue for more than a week and finally was able to FIGURE IT OUT.
Please follow links from digital ocean , but they did not pinpoint important issues one which includes
no live upstreams while connecting to upstream
*4 connect() to unix:/myproject.sock failed (13: Permission denied) while connecting to upstream
gunicorn OSError: [Errno 1] Operation not permitted
*1 connect() to unix:/tmp/myproject.sock failed (2: No such file or directory)
etc.
These issues are basically permission issue for connection between Nginx and Gunicorn.
To make things simple, I recommend to give same nginx permission to every file/project/python program you create.
To solve all the issue follow this approach:
First thing is :
Log in to the system as a root user
Create /home/nginx directory.
After doing this, follow as per the website until Create an Upstart Script.
Run chown -R nginx:nginx /home/nginx
For upstart script, do the following change in the last line :
exec gunicorn --workers 3 --bind unix:myproject.sock -u nginx -g nginx wsgi
DONT ADD -m permission as it messes up the socket. From the documentation of Gunicorn, when -m is default, python will figure out the best permission
Start the upstart script
Now just go to /etc/nginx/nginx.conf file.
Go to the server module and append:
location / {
include proxy_params;
proxy_pass http<>:<>//unix:/home/nginx/myproject.sock;
}
REMOVE <>
Do not follow the digitalocean aricle from here on
Now restart nginx server and you are good to go.
Change the owner of /home
See actual owner $ ls -l /
f1 f2 f3 f4 f5 f6 f6 f8 f9 f10
- rwx r-x r-x 1 root root 209 Mar 30 17:41 /home
https://www.garron.me/en/go2linux/ls-file-permissions.html
f2 Owner permissions over the file or directory
f3 Group permissions over the file or directory
f4 Everybody else permissions over the file or directory
f6 The user that owns the file or directory
Change folder owner recursively sudo chown -R ubuntu /home/ substitute ubuntu with a non-root user.
Good practices
Use a subdirectory home/ubuntu as server directory, ubuntu folder have ubuntu user as owner.
Set user-owner permissions to all. Your group and other users to read-only sudo chmod -R 744 /home/ubuntu/
I changed the ownership of the file which is containing my images
chown -R www-data: /myproject/media/mainsite/images
Change the path accordingly and also restart server. In my case its apache2 so
sudo service apache2 restart
In my case it was something very simple that was generating a similar error, I just had to check the user who controlled Gunicorn and the user who controlled NGINX, they had different permissions.
Related
I've got a nodejs server that is being managed to pm2, but it is running as a different user (www-data, via su). I need to start a second server run as my own user id, but when I try to start it, I get an access error as ~/.pm2 is owned by www-data, not myself. I tried using the --log option to pm2, but that doesn't let me set the global pm2 directory, just the log file.
How can I specify a different directory for pm2 to use?
The short answer is to set a different home directory for pm2...
$ export PM2_HOME=/your/pm2/home
$ <your pm2 commands>
Of course, whatever directory you wish to put the .pm2 directory into will have to be writable by the user as which you are invoking pm2.
The long answer would be to shut down the running server run by www-data and remove the ~/.pm2 directory from your home directory.
Then, when you start the pm2 process as the www-data user do it like this
$ su -c "PM2_HOME=/path/writable/by/www-data/user <pm2 commands>" www-data
Now, the existing pm2 server should be running as www-data with its runtime files in whatever directory you set up for the www-data user.
Which means you can now use your own home directory (by default) when you run any pm2 commands as you, without having to configure any PM2_HOME variable.
I am working on a server running ubuntu 18.04. This digital ocean tutorial on django deployment(https://www.digitalocean.com/community/tutorials/how-to-set-up-django-with-postgres-nginx-and-gunicorn-on-ubuntu-18-04) is telling me to do the following:
"We’re now finished configuring our Django application. We can back out of our virtual environment by typing:
(env): deactivate" I am familiar with virtual environments, I did this. Now for the part I am not at all familiar with:
"Start by creating and opening a systemd socket file for Gunicorn with sudo privileges:
sudo nano /etc/systemd/system/gunicorn.socket
"
First, since I just deactivated my env, I am now at justin#ubuntu-s-1vcpu-1gb-nyc3-01:~$. If I ls I only see the project folder I created which holds the virtualenv, the python project, manage.py and the static directory. Nowhere can I find this
/etc/systemd/system/
directory and the command they are telling me to use cannot create directories, only files. So I am very confused, any help would be greatly appreciated.
/etc doesn't live inside ~. Try ls /etc to see what's already in that directory. If you need to create that directory, you can do so wih sudo mkdir -p /etc/systemd/system/ (the -p flag is to make sure that, in case systemd is also not present under etc, it will get created).
UPDATE** The screenshot is within atom, but when I navigate to the directory using the file explorer, and right click, the option to rename or create a new folder are restricted and I cannot click on them.
I just finished setting up the LAMP stack on my fresh UBUNTU 18.04 installation. I have everything working, the default /var/www/html/index.html page from Apache2 is being served on localhost, no port forwarding or any unique domain name, i just wanna run this on my network from my computer for now.
If there is a simple way to create multiple websites and easily choose which folder to serve than that's fine, but I want to serve just one website for now.
When I go to my /var/www/html folder and try to edit the index.html file it says permission denied. What do I need to do in order to work inside this directory for the remaining time that I am building the website. I am signed in as the root user on my system.
Also, if I do change permissions to allow me to work in this directory, what does it mean for people trying to access my server if it was available to the public. (RIGHT NOW JUST ON LOCALHOST).
Lemme know if you need more info or explanation thanks!
sudo chown -R $USER:$USER /var/www
this works, it changes the owner to my user instead of root user. I still don't understand because my user already had sudo rights and all those permissions. It was the user I created during the ubuntu18.04 setup, so there shouldn't be an issue, or idk.
File ownership issues can be fixed at the command line by typing:
sudo chmod 777 /var/www/html -R
One caveat from
turnkeyLinux.com:
Changing file permissions is a trade off
(often increasing security reduces user-friendliness and/or
usability). For security 'best practice' only the folders that require
write access by the webserver should be owned by the webserver.
If your webserver has write access everywhere and your server
is compromised it makes it easier to hack your WordPress install) but
for ease of use giving the webserver ownership should resolve all your
issues...
This article on Understanding File Permissions was great, too.
This will help you.
sudo chgrp -R www-data /var/www/html
sudo gpasswd -a username www-data
sudo chmod -R 777 /var/www/html
The permission error is occurring because the folder does not have the rights and rights are reserved with different user. (you can inspect this by doing ls -l folderName)
The solution for your problem can be handled in different ways following are the few :
WAY1:
Find out who is running apache by running the command apachectl
-S
Locate the user name (say www-data)
Change the ownership of your folder as chown -R www-data:www-data /var/www/html (this will allow only your apache
to play with files)
Run the following command ln -s /var/www/html /home/username/html (this will create a soft link for your folder,
where you can edit/delete/read which will reflect on your apache)
WAY2:
goto /var/www/
sudo chown -R www-data:${USER} html
(Now both apache and your loged-in user will have rights to play with file).
If you are not root or you don't have a permission on some things(folder,files..), know that your actions are limited.
Take folder as example:
first of all verify permissions of your folder
==>ls -ld linkto/folder
and after give it a permissions it need or type the command bellow to add all permissions
==>sudo chmod -R 777 /var/www/html
verify permissions of your folder again if it is correct then try to copy again
Just write
And give read and write rights to the folder ( not user )
Try the following the command
For Read and Write:
sudo chmod -R a+rw /var/www
For Read, Write and Execute:
sudo chmod -R a+rwx /var/www
Edit the file as root. Or better yet fix your permissions so you don’t have to worry.
MySQL and PHP was working fine with my MAMP for a very long time, so I really don't know what happened. Now every time when I try to log into my Apache from the terminal I get:
httpd: Could not reliably determine the server's fully qualified domain name, using MacBook.local for ServerName (13)Permission denied: make_sock: could not bind to address [::]:80 (13)Permission denied: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down Unable to open logs
(I didn't include the actual name for the server)
I'm using a OS X system with Apache 2.2 and I don't think I properly configured my server. How do I fix this and get back on track? I did delete some of the member access and moved my htdoc files so that I could start over with my files. I believe that is where it turned against me.
It sounds like a permissions issue. Go to your terminal and have your MAMP status dialog open.
First issue:
sudo apachectl -k stop
then
sudo apachectl -k start
what you're doing is you're using sudo to get root permissions. See if that helps.
Rename the file envvars located in /Applications/MAMP/Library/bin into _envvars It worked for me. You may need to restart.
Just installed Typo3 Version 6, Government package on Linux Mint 14. Installed latest version of PHP & MYSQL. Compiled PHP with:
./configure --with-apxs2=/usr/local/apache2/bin/apxs --with-mysql --with-openssl --with-zlib --enable-soap --enable-hash --with-pcre-regex --with-curl --with-gd --with-mysqlih-mysql --with-openssl --with-zlib --enable-soap
make
make install
Typo3 installer gives the following error:
There is no connection to the database!
(Username: typo3, Host: localhost, Using Password: YES)
Go to Step 1 and enter a valid username and password!
The username and password that I entered are correct. I am able to connect to mysql using these credentials with
phpMyAdmin web interface
mysql -u typo3 -p typo3db
Did Google search and found some people had this problem and the cause was one of the three things:
underscore in DB name - as up can see by my db name, it doesn't apply to my case
config not allowing persistent connections to mysql - doesn't apply to my case,since I am currently allowing persistent connections.
permissions of typo3 files - suggested fix was set all files to 755 or 777 (way to permissive in my opinion), but I tried this to rule out permission issue. Didn't resolve the issue in my case.
I enabled general logging for mysql. When I enter username and password for mysql user in the typo3 installer, it immediately gives the error that it can't connect, but mysql logs show no login attempt. Conversely, when I login with phpMyAdmin it does show the success and when I type in a wrong password on purpose, the log shows it is being denied.
This all implies to me that no connection from Typo3 to mysql is being initiated, but I don't now why.
Any thoughts on what the issue could be or what I should check next?
I had a similar issue, but found I had to use the server IP address and not localhost. Odd that localhost has always worked in the past without issue.
I had the exact same problem.
Fixed it by enabling required modules in PHP.
They are listed in the INSTALL.txt file in the root TYPO3 folder.
- fileinfo
- filter
- GD2
- JSON
- mysqli
- openssl
- pcre
- session
- SOAP
- SPL
- standard
- xml
- zlib
I believe the crucial module in this case was mysqli.
My solution is this:
The file access rights to /var/lib/mysql must be set in this manner:
[root#localhost phpmyadmin]# cd /var/lib
[root#localhost lib]# chmod 755 mysql
[root#localhost lib]# ls -ld mysql
drwxr-xr-x 16 mysql mysql 4096 Dez 16 20:14 mysql/
The mysql user and mysql group must be set also in all files and folders under /var/lib/mysql.
After this change I could login to the TYPO3 database using the Install Tool.
I had the same symptom with typo3 4.6, its installer didn't connect. I traced this down to this callstack:
class.ux_t3lib_db.php / sql_pconnect / handler_init
The handler_init function has this code:
if (!$cfgArray['config']['database']) {
// Configuration is incomplete
return;
}
The database property was empty. I had to set it in the localconf.php with this line $typo_db = "mydatabasename";
I also created my database with this name in MySQL.
marc_s,
Did you check your files permissions ?
For TYPO3 I use these command from TYPO3 installation folder :
find . -type d ! -name .svn -exec chmod 755 {} \; && find . -type f ! -name .svn -exec chmod 644 {} \;
chmod -R g+wX fileadmin typo3temp typo3conf uploads
You can also this a article :
http://dmitry-dulepov.com/article/migrating-typo3-installation-to-a-different-server.html
I hope this information will help.