[英]Getting chown(): Operation not permitted while running uwsgi from ini file
I am trying to run nginx and uwsgi.我正在尝试运行 nginx 和 uwsgi。 When I try to run uwsgi with below command in my proj virtual environment with proj user I get an error.
当我尝试使用 proj 用户在我的 proj 虚拟环境中使用以下命令运行 uwsgi 时,出现错误。 When I run uwsgi, I see the
proj.sock
is created in /run/uwsgi/proj.sock
I changed the /run/uwsgi
permissions to drwxrwxrwx
to see if the problem is permission related.当我运行 uwsgi 时,我看到在
proj.sock
中创建了/run/uwsgi/proj.sock
我将/run/uwsgi
drwxrwxrwx
权限更改为drwxrwxrwx
以查看问题是否与权限相关。 But problem still appears.但是问题还是出现了。 I also checked the
/etc/passwd
and there is no uwsgi user.我还检查了
/etc/passwd
并且没有 uwsgi 用户。
The directory info for /run/uwsgi
is : /run/uwsgi
的目录信息是:
drwxrwxrwx 2 root root 60 Jul 16 10:53 uwsgi
When I try to change ownership of sock file with proj user to proj:nginx in proj virtual nvironment I get the error below.当我尝试将 proj 用户的 sock 文件的所有权更改为 proj 虚拟环境中的 proj:nginx 时,出现以下错误。
chown: changing ownership of ‘/run/uwsgi/proj.sock’: Operation not permitted
When I check /run/uwsgi/proj.sock
file it is proj:proj
but it should be changed to proj:nginx
.当我检查
/run/uwsgi/proj.sock
文件时,它是proj:proj
但它应该更改为proj:nginx
。 This operation can be done manually with root.这个操作可以用root手动完成。 But it cannot be done with proj user.
但不能用 proj 用户完成。
Run below command:运行以下命令:
uwsgi --ini /etc/uwsgi/sites/proj.ini
Error :错误 :
[uWSGI] getting INI configuration from /etc/uwsgi/sites/proj.ini<br>
*** Starting uWSGI 2.0.15 (64bit) on [Mon Jul 16 10:53:02 2018] ***<br>
compiled with version: 4.8.5 20150623 (Red Hat 4.8.5-28) on 13 July 2018 17:12:50<br>
os: Linux-3.10.0-862.6.3.el7.x86_64 #1 SMP Tue Jun 26 16:32:21 UTC 2018<br>
nodename: localhost.localdomain<br>
machine: x86_64<br>
clock source: unix<br>
detected number of CPU cores: 2<br>
current working directory: /home/proj<br>
detected binary path: /home/proj/Env/proj/bin/uwsgi<br>
!!! no internal routing support, rebuild with pcre support !!!<br>
chdir() to /home/proj/work/proj<br>
your processes number limit is 4096<br>
your memory page size is 4096 bytes<br>
detected max file descriptor number: 1024<br>
lock engine: pthread robust mutexes<br>
thunder lock: disabled (you can enable it with --thunder-lock)<br>
chown(): Operation not permitted [core/utils.c line 2623]<br>
VACUUM WARNING: unix socket /run/uwsgi/proj.sock changed inode. Skip removal
My proj.ini
file for uwsgi ini configuration is :我用于
proj.ini
ini 配置的proj.ini
文件是:
[uwsgi]
py-autoreload = 2
project = proj
username = proj
base = /home/%(username)
chdir = %(base)/%(project)
home = %(base)/Env/%(project)
module = %(project).wsgi:application
master = true
processes = %k
uid = %(username)
socket = /run/uwsgi/%(project).sock
chown-socket = %(username):nginx
chmod-socket = 666
vacuum = true
#logto = /var/log/uwsgi/%(project).log
A user can only set the group of a file to a group he is in. In this case your user proj
is not in the nginx
group, so it is not allowed to make that change.用户只能将文件的组设置为他所在的组。在这种情况下,您的用户
proj
不在nginx
组中,因此不允许进行更改。 If you add the user to the nginx
group (and relogin) then it should work.如果您将用户添加到
nginx
组(并重新登录),那么它应该可以工作。
Also, setting the directory permissions to 777
allows any user to create and delete files in that directory, and 666
for the socket allows any user to access it.此外,将目录权限设置为
777
允许任何用户在该目录中创建和删除文件,而套接字的666
允许任何用户访问它。 You probably don't want that.你可能不想那样。 More reasonable would be to have
/run/uwsgi
owned by root:nginx with mode 770
, and chmod-socket = 660
in your project ini.更合理的做法是让
/run/uwsgi
由 root:nginx 拥有,模式为770
,并且chmod-socket = 660
在您的项目中。
I solved the problem.我解决了这个问题。 The socket files were in
/run/uwsgi
directory.套接字文件位于
/run/uwsgi
目录中。
I gave the related project user right to write read execute on this folder.我赋予相关项目用户在此文件夹上写入读取执行的权限。
setfacl -m u:projuser:rwx /run/uwsgi/
As suggested by "ivbtar", I just removed following lines from uwsgi.ini file and it started working,正如“ivbtar”所建议的,我刚刚从 uwsgi.ini 文件中删除了以下几行,然后它就开始工作了,
chown-socket = %(username):nginx
chmod-socket = 666
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.