I'm new to WSGI, but I have a lot of experience with CGI/Python using
suexec on RHEL/CentOS 6.8, Apache 2.2. In the past, I've use suexec so
that each of my students can run their code as their own UID. I'm hoping
to replicate that behavior with WSGI.
I followed the tutorial and directions by Graham Dumpleton
Things went wrong when I got to this page on the WSGI Daemon
My Python script is Graham's example, no fancy framework code (though I'd
like to have that someday).
I put the following directives into a file (wsgi-test.conf) in
/etc/httpd/conf.d/ and restarted Apache:
# cat wsgi-test.conf
WSGIScriptAlias /myapp /home/anderson/public_html/myapp.wsgi
# This works, app runs as Apache.
# This works, but still runs as Apache
#WSGIDaemonProcess myapp user=anderson
# adding this to either daemon process results in a error 503: Service
As the comments say, if I omit the ProcessGroup directive, the script runs
correctly, but runs as Apache (uid=48), which is to be expected. Here's the
relevant part of the documentation:
To delegate a particular WSGI application to run in a named set of daemon
> processes, the WSGIProcessGroup directive should be specified in
> appropriate context for that application. If WSGIProcessGroup is not used,
> the application will be run within the standard Apache child processes.
Okay, if I add in the WSGIProcessGroup directive, I get the 503 error. The
[Wed Sep 21 17:11:24 2016] [error] [client 220.127.116.11] (13)Permission
denied: mod_wsgi (pid=27897): Unable to connect to WSGI daemon process
'myapp' on '/etc/httpd/logs/wsgi.26136.4.1.sock' after multiple attempts.
Here's the file it's complaining about:
# ls -l /etc/httpd/logs/wsgi.26136.4.1.sock
srwx------. 1 apache root 0 Sep 21 16:56 /etc/httpd/logs/wsgi.26136.4.1.sock
Note that Apache is started as root, which I believe is necessary for the
switching of uid:
# ps -ef | grep httpd
root 26136 1 0 16:31 ? 00:00:00 /usr/sbin/httpd
apache 27889 26136 0 16:56 ? 00:00:00 /usr/sbin/httpd
apache 27890 26136 0 16:56 ? 00:00:00 /usr/sbin/httpd
apache 27891 26136 0 16:56 ? 00:00:00 /usr/sbin/httpd
I noticed in the documentation that examples of WSGIProcessGroup often
specify a virtual host name, but I don't have to create a virtual host, do
At this point, I'm out of ideas. I'd appreciate any help.
Scott D. Anderson
You received this message because you are subscribed to the Google Groups
To unsubscribe from this group and stop receiving emails from it, send an email
To post to this group, send email to firstname.lastname@example.org.
Visit this group at https://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.