I have a django app containing a model with a file upload field. the upload field takes the targeted file and uploads a copy to either an existing directory in the media root or, if the directory hasn't been created, it creates the directory and drops the file inside of it.
The app works beautifully in dev, utilizing the built-in django server, but when I move it to a production server (my OSX machine running an apache2 instance with mod_wsgi) I get "[Error 13] Permission denied" thrown from the mkdir function in django's storage.py whenever I try to upload a file. I strongly suspect there is permission syntax that needs to be added to my apache httpd.conf. I don't know why else the django server has no trouble with the code but apache gags. Does anyone know?
Permissions issues are described in mod_wsgi documentation at:
http://code.google.com/p/modwsgi/wiki/ApplicationIssues#Access_Rights_Of_Apache_User
I guess sometimes an error message is exactly what it says it is. In this case "[Error 13] Permission denied" was being thrown because apache didn't have write access to the directories the django app was attempting to upload to. I simply navigated to the the directories I set as file upload directories, and gave write permissions on them systemwide. This probably wasn't the most secure solution, but it was the most practical as, it works and I don't know how to explicitly set write permissions for apache2 without just opening the directory systemwide.
Also, I didn't post the question at serverfault because I didn't know whether it was a django config issue or an apache issue.
Related
I deployed the server with Ubuntu 18, Django, Gunicorn, Nginx
And I ran into this problem:
everything works great but,
When I upload large pictures files in Django, Nginx gives 403 Error Forbidden.
I updated the permissions to the folder with static files on 755. It works!
But when I upload other files, the rights do not work.
I added the user root and user www-data to the folder owner’s group, but nothing has changed.
I understand that Nginx has no permissions, but how can I implement the inheritance permissions of new files from the parent folder
or will you suggest another solution?
You need to add FILE_UPLOAD_PERMISSIONS=0o644 variable to you settings.py file.
This is the numeric mode (i.e. 0o644) to newly uploaded files to.
For more information, please read this doc.
Try use this
chown -R www-data:www-data 'your project folder'
I use Apache Superset for data exploration. I followed the installation instructions and had no problems using the app.
However, after I installed the community maintained docker image I tried to upload a CSV file for visualization and got the following error:
([Errno 13] Permission denied: '/usr/local/lib/python3.5/site-packages/superset/app')
I use sqlite as DB backend, and mounted the DB volume as suggested.
Other users had the same problem with different setup and configurations. The issues they opened (#4576, #4287) have not been resolved yet.
The problem does not seem to be related to DB access permissions as evident by the different DB backend and configurations the users are using.
Solution
Add the following lines to your superset_config.py file, rebuild and run your docker image:
import os
BASE_DIR = os.path.abspath(os.path.dirname(__file__))
# The file upload folder, when using models with files
UPLOAD_FOLDER = BASE_DIR + '/app/static/uploads/'
# The image upload folder, when using models with images
IMG_UPLOAD_FOLDER = BASE_DIR + '/app/static/uploads/'
You can also change the path to wherever you want to save the uploaded files and images in your docker image.
Cause of the problem:
Superset is trying to upload the CSV file to the path shown in the error message. The path is owned by the root user, and Superset does not have right permission to it.
To fix this, you need to change the path where Superset uploads the CSV files. This can easily be done by setting a couple of configurations as shown above.
This should also solve the problem when uploading a photo to use in a Superset user profile.
This error like said above is related to folder permissions mostly.
You can get this to run by executing with root permissions.
For example in my case I got this error after running superset runserver -d -p8080.
Use the command sudo superset runserver -d -p8080 instead and you will be able to upload your csv files.
Note: The other flags and port number specified can be changed according to your needs.
Also Note: This permission error arises only if you installed superset with root privileges i.e instead of pip install superset you probably used sudo pip install superset
I am using the default logger in Django in models.py like this.
import logging
logging.basicConfig(filename='models.log',level=logging.INFO)
logging.info('Staring execution. Models for db tables')
It is working in the Django server and logs are getting written. When the app is being deployed on Apache, I get a 500 Internal Server error and cannot even load the home page.
The OS is RHEL7. I have changed the file permission of "models.log" to read-write". Still I face the issue. In apache conf file, I have granted permissions as well.
It's problem related with SELinux. If You run locally, then You have full rights to write to log file.
If You run server with apache, then apache must have full rights to write to file.
To check it, login as apache sudo su - apache and try to access to log file.
Solution is simple: put log file in /var/log folder. Or create /var/log/myapp folder and give it full access chmod 777 /var/log/myapp.
import logging
logging.basicConfig(filename='/var/log/myapp/models.log',level=logging.INFO)
logging.info('Staring execution. Models for db tables')
The process needs execute (not only read) access on the directory and parent directories. The best way would be to log in as the user the process is running and try to create the file manually. My guess is you will get a permission error. Create the directories and grant relevant permissions for the directories.
I'm using django with wsgi on apache2
I was trying to acess a css file in my site/static/css folder and since the permission was 644, the css file could not be accessed by apache2.
So I chmod 645 on the site/static/css folder and everything was fine. However, I am worried that granting execution rights to everyone to anything in the css folder could cause security problems. What is the correct way to tackle this problem, perhaps a way to grant certain permissions using the httpd.conf file?
Thanks!
You can use chown to cause the files to be owned by the same group as apache (www-data?) and then set the permission on the group instead everyone.
I'm trying to implement django-filebrowser into my latest app. I have grappelli installed also. The urls work fine for getting into filebrowser /admin/filebrowser/browse is what I have it set at.
The problem I am having is when it comes to trying to either add a folder or upload a file.
New Folder:
When I'm adding a folder an error is thrown stating:
Please correct the following errors.
Permission denied.
Now the permissions for the folder are fine. I don't understand why it won't allow me to upload files here.
drwxr-xr-x 2 naytive naytive 4096 Jan 18 08:32 uploads/
Upload File:
Normally when uploading a file, the filebrowser upload screen appears with a timer to upload success, however when I try to upload a file it just refreshes the page with url ending
?_save=Upload
It is getting to the point where I will just remove the module because it isn't doing as it is set up to be.
Any ideas?
EDIT: I think the uploading files side of things is caused by the original file permissions also. If we fix this error then perhaps the upload will work too.
If you use it on a server with apache, then you must give apache right to write in this folder (chown).
I had something similar. I gave permission to www-data user to the folder i wanted to upload to and it worked.