Django Logging error - django

I am using the default logger in Django in models.py like this.
import logging
logging.basicConfig(filename='models.log',level=logging.INFO)
logging.info('Staring execution. Models for db tables')
It is working in the Django server and logs are getting written. When the app is being deployed on Apache, I get a 500 Internal Server error and cannot even load the home page.
The OS is RHEL7. I have changed the file permission of "models.log" to read-write". Still I face the issue. In apache conf file, I have granted permissions as well.

It's problem related with SELinux. If You run locally, then You have full rights to write to log file.
If You run server with apache, then apache must have full rights to write to file.
To check it, login as apache sudo su - apache and try to access to log file.
Solution is simple: put log file in /var/log folder. Or create /var/log/myapp folder and give it full access chmod 777 /var/log/myapp.
import logging
logging.basicConfig(filename='/var/log/myapp/models.log',level=logging.INFO)
logging.info('Staring execution. Models for db tables')

The process needs execute (not only read) access on the directory and parent directories. The best way would be to log in as the user the process is running and try to create the file manually. My guess is you will get a permission error. Create the directories and grant relevant permissions for the directories.

Related

Nginx permissions

I deployed the server with Ubuntu 18, Django, Gunicorn, Nginx
And I ran into this problem:
everything works great but,
When I upload large pictures files in Django, Nginx gives 403 Error Forbidden.
I updated the permissions to the folder with static files on 755. It works!
But when I upload other files, the rights do not work.
I added the user root and user www-data to the folder owner’s group, but nothing has changed.
I understand that Nginx has no permissions, but how can I implement the inheritance permissions of new files from the parent folder
or will you suggest another solution?
You need to add FILE_UPLOAD_PERMISSIONS=0o644 variable to you settings.py file.
This is the numeric mode (i.e. 0o644) to newly uploaded files to.
For more information, please read this doc.
Try use this
chown -R www-data:www-data 'your project folder'

Apache Superset [Errno 13] Permission denied: '/usr/local/lib/python3.5/site-packages/superset/app'

I use Apache Superset for data exploration. I followed the installation instructions and had no problems using the app.
However, after I installed the community maintained docker image I tried to upload a CSV file for visualization and got the following error:
([Errno 13] Permission denied: '/usr/local/lib/python3.5/site-packages/superset/app')
I use sqlite as DB backend, and mounted the DB volume as suggested.
Other users had the same problem with different setup and configurations. The issues they opened (#4576, #4287) have not been resolved yet.
The problem does not seem to be related to DB access permissions as evident by the different DB backend and configurations the users are using.
Solution
Add the following lines to your superset_config.py file, rebuild and run your docker image:
import os
BASE_DIR = os.path.abspath(os.path.dirname(__file__))
# The file upload folder, when using models with files
UPLOAD_FOLDER = BASE_DIR + '/app/static/uploads/'
# The image upload folder, when using models with images
IMG_UPLOAD_FOLDER = BASE_DIR + '/app/static/uploads/'
You can also change the path to wherever you want to save the uploaded files and images in your docker image.
Cause of the problem:
Superset is trying to upload the CSV file to the path shown in the error message. The path is owned by the root user, and Superset does not have right permission to it.
To fix this, you need to change the path where Superset uploads the CSV files. This can easily be done by setting a couple of configurations as shown above.
This should also solve the problem when uploading a photo to use in a Superset user profile.
This error like said above is related to folder permissions mostly.
You can get this to run by executing with root permissions.
For example in my case I got this error after running superset runserver -d -p8080.
Use the command sudo superset runserver -d -p8080 instead and you will be able to upload your csv files.
Note: The other flags and port number specified can be changed according to your needs.
Also Note: This permission error arises only if you installed superset with root privileges i.e instead of pip install superset you probably used sudo pip install superset

Can we read file from mount drives in django apache

I am writing one function to get file size in django application.
Django application we are running through apache server.
File is located in some other location. We are getting that file through mounted path.
Code is as follows,
import os
filePath = '/mnt/file.html'
size = flaot(os.stat(filePath))
If I run django server through runserver command then it is working fine.
If I run djnago server through apache then it will not work.
If the file is in the same location then it will work through both way(with apache and without apache)Ex. filePath = '/home' OR '/root' OR any location from same machine
What will the another way to get the file size from mounted path through django-apache
Please Help.
Thanks In Advance.
This has to do with directory/file permissions and/or privileges of the user that the process uses.
When you run the Django server, it runs under your username, and most probably your user has access to the places that hold your files; but when it runs behind Apache, it runs as Apache or www-data users, which doesn't have access to those places.
Solution: Either you change the directory permissions, add the Apache users to the group of users allowed to access this directory(s), or make the Apache user the owner of this directory(s), choose whichever that suits you!
Apache probably is running under a user that lacks permission to access /mnt.
For example, on Ubuntu apache runs under www-data. In order to confirm this, try to give read/execute permission on the /mnt folder to the user running apache or execute runserver under the same user running apache and see if you get the same error.
If you don't know which user is running apache, try:
ps aux | grep apache
If the apache server executable is not named apache or apache2 (for example, in some linux distros it is named httpd) then replace apache with the executable name in the above command.
Lets say the user running apache is www-data:
su - www-data -c "cat /mnt/file.html"
If the issue is related to permissions, you should see an error message telling you what is the problem.

django mkdir permission in apache

I have a django app containing a model with a file upload field. the upload field takes the targeted file and uploads a copy to either an existing directory in the media root or, if the directory hasn't been created, it creates the directory and drops the file inside of it.
The app works beautifully in dev, utilizing the built-in django server, but when I move it to a production server (my OSX machine running an apache2 instance with mod_wsgi) I get "[Error 13] Permission denied" thrown from the mkdir function in django's storage.py whenever I try to upload a file. I strongly suspect there is permission syntax that needs to be added to my apache httpd.conf. I don't know why else the django server has no trouble with the code but apache gags. Does anyone know?
Permissions issues are described in mod_wsgi documentation at:
http://code.google.com/p/modwsgi/wiki/ApplicationIssues#Access_Rights_Of_Apache_User
I guess sometimes an error message is exactly what it says it is. In this case "[Error 13] Permission denied" was being thrown because apache didn't have write access to the directories the django app was attempting to upload to. I simply navigated to the the directories I set as file upload directories, and gave write permissions on them systemwide. This probably wasn't the most secure solution, but it was the most practical as, it works and I don't know how to explicitly set write permissions for apache2 without just opening the directory systemwide.
Also, I didn't post the question at serverfault because I didn't know whether it was a django config issue or an apache issue.

Proper way to set permissions with django and apache2?

I'm using django with wsgi on apache2
I was trying to acess a css file in my site/static/css folder and since the permission was 644, the css file could not be accessed by apache2.
So I chmod 645 on the site/static/css folder and everything was fine. However, I am worried that granting execution rights to everyone to anything in the css folder could cause security problems. What is the correct way to tackle this problem, perhaps a way to grant certain permissions using the httpd.conf file?
Thanks!
You can use chown to cause the files to be owned by the same group as apache (www-data?) and then set the permission on the group instead everyone.