There may be another Apache module which is dragging in the SSL libraries. Is PHP module enabled?
What modules are linked in the 'mods-enabled' directory? Graham > On 14 Jun 2018, at 10:54 am, Rajeev Jain <[email protected]> wrote: > > It is probably better to have run: > > mod_wsgi-express module-config > > That should give you a LoadModule line for loading the mod_wsgi.so file from > the place it is installed, as well as a LoadFile which loads the correct > Python shared library for Anaconda, so the system Python library isn't picked > up by mistake. Add the output of that into wsgi.load in place of what you > have. > > Done. > > Some logs to verify done correctly: > mod_wsgi-express module-config > LoadModule wsgi_module > "/home/rajeev/anaconda3/lib/python3.6/site-packages/mod_wsgi/server/mod_wsgi-py36.cpython-36m-x86_64-linux-gnu.so" > WSGIPythonHome "/home/rajeev/anaconda3" > > cat wsgi.load > LoadModule wsgi_module > "/home/rajeev/anaconda3/lib/python3.6/site-packages/mod_wsgi/server/mod_wsgi-py36.cpython-36m-x86_64-linux-gnu.so" > > Instead of WSGIPythonHome and WSGIPythonPath here, have: > > WSGIRestrictEmbedded On > > That will turn off embedded mode and if configuration is wrong and > application is not delegated to daemon mode processes correctly, you will get > a 500 error to tell you you have an issue. > > > Done. > >> /etc/apache2/sites-available$ cat FlaskApp.conf >> <VirtualHost *:83> >> ServerName flaskapp.com <http://flaskapp.com/> >> >> WSGIDaemonProcess flaskapp.com <http://flaskapp.com/> >> python-path=/home/rajeev/anaconda3 > > This is not correct. Use: > > WSGIDaemonProcess flaskapp.com <http://flaskapp.com/> > python-home=/home/rajeev/anaconda3 > >> WSGIProcessGroup %{GLOBAL} > > The problem with the daemon process configuration wasn't noticeable because > you are using the wrong value for WSGIProcessGroup. You were telling it to > use embedded mode instead. > >> >> WSGIScriptAlias / /var/www/FlaskApp/flaskapp.wsgi > > I would suggest removing the WSGIProcessGroup above and change this to: > > WSGIScriptAlias / /var/www/FlaskApp/flaskapp.wsgi > process-group=flaskapp.com <http://flaskapp.com/> application-group=%{GLOBAL} > > This is ensuring daemon process group is used, and also the main interpreter > context. > >> <Directory /var/www/FlaskApp/FlaskApp/> > > This path is incorrect. Should be: > > <Directory /var/www/FlaskApp> > > Better still use: > > <Directory /var/www/FlaskApp> > <Files flaskapp.wsgi> > Require all granted > </Files> > </Directory> > > since you have your project source code under the same directory. > > That you don't get forbidden at the moment suggests for some reason the > overall Apache configuration has been weakened in some way such that anything > on the whole file system can be served up if mapped, which isn't really a > good idea. > > /etc/apache2/sites-available$ cat FlaskApp.conf > <VirtualHost *:83> > ServerName flaskapp.com <http://flaskapp.com/> > > WSGIDaemonProcess flaskapp.com <http://flaskapp.com/> > python-home=/home/rajeev/anaconda3 > > WSGIScriptAlias / /var/www/FlaskApp/flaskapp.wsgi > process-group=flaskapp.com <http://flaskapp.com/> application-group=%{GLOBAL} > > <Directory /var/www/FlaskApp> > <Files flaskapp.wsgi> > Require all granted > </Files> > </Directory> > > Alias /static /var/www/FlaskApp/FlaskApp/static > <Directory /var/www/FlaskApp/FlaskApp/static/> > Order allow,deny > Allow from all > </Directory> > > ErrorLog ${APACHE_LOG_DIR}/error.log > LogLevel warn > CustomLog ${APACHE_LOG_DIR}/access.log combined > </VirtualHost> > > > When using Anaconda Python, you cannot used mod_ssl in Apache. This is > because Anaconda Python ships its own SSL libraries which aren't compatible, > and by having mod_ssl loaded, the system SSL libraries will get loaded first, > resulting in any use of SSL in Python to fail. > > If not using SSL in Apache, disable mod_ss > > l. If you are using it, the only way to do it is to use mod_wsgi-express to > create a distinct instance and have the main Apache proxy to it. > > I disabled the SSL > /etc/apache2/sites-available$ sudo a2dismod ssl > Module ssl disabled. > To activate the new configuration, you need to run: > service apache2 restart > > After all that is addressed, we will see if any issues with permissions. That > is, whether the Apache user can actually read everything in your home > directory. > > > A few observations: > > 1) I made the above changes. After rebooting the Ubuntu and logging in it > reported "System program problem detected" > 2) On the Ubuntu: > curl -sH 'Host: flaskapp.com <http://flaskapp.com/>' localhost:83|grep title > <title>500 Internal Server Error</title> > > tail -l /var/log/apache2/error.log > [Wed Jun 13 17:50:04.857839 2018] [wsgi:error] [pid 2177] [remote > 127.0.0.1:60208] from flask import Flask > [Wed Jun 13 17:50:04.857844 2018] [wsgi:error] [pid 2177] [remote > 127.0.0.1:60208] File > "/home/rajeev/anaconda3/lib/python3.6/site-packages/flask/__init__.py", line > 21, in <module> > [Wed Jun 13 17:50:04.857847 2018] [wsgi:error] [pid 2177] [remote > 127.0.0.1:60208] from .app import Flask, Request, Response > [Wed Jun 13 17:50:04.857852 2018] [wsgi:error] [pid 2177] [remote > 127.0.0.1:60208] File > "/home/rajeev/anaconda3/lib/python3.6/site-packages/flask/app.py", line 25, > in <module> > [Wed Jun 13 17:50:04.857854 2018] [wsgi:error] [pid 2177] [remote > 127.0.0.1:60208] from . import cli, json > [Wed Jun 13 17:50:04.857859 2018] [wsgi:error] [pid 2177] [remote > 127.0.0.1:60208] File > "/home/rajeev/anaconda3/lib/python3.6/site-packages/flask/cli.py", line 18, > in <module> > [Wed Jun 13 17:50:04.857862 2018] [wsgi:error] [pid 2177] [remote > 127.0.0.1:60208] import ssl > [Wed Jun 13 17:50:04.857866 2018] [wsgi:error] [pid 2177] [remote > 127.0.0.1:60208] File "/home/rajeev/anaconda3/lib/python3.6/ssl.py", line > 101, in <module> > [Wed Jun 13 17:50:04.857869 2018] [wsgi:error] [pid 2177] [remote > 127.0.0.1:60208] import _ssl # if we can't import it, let the > error propagate > [Wed Jun 13 17:50:04.857884 2018] [wsgi:error] [pid 2177] [remote > 127.0.0.1:60208] ImportError: > /home/rajeev/anaconda3/lib/python3.6/lib-dynload/_ssl.cpython-36m-x86_64-linux-gnu.so: > undefined symbol: SSLv2_method > > > I verified ssl was disabled: > > sudo a2dismod ssl > [sudo] password for rajeev: > Module ssl already disabled > > I'm concerned what change is generating that "System program problem > detected" and why its still complaining about SSL sysmbol even though we > disabled the mod_ssl. > > Suggestions, next steps? We should be close...just a configuration issue, yes? > > --Rajeev > > > -- > You received this message because you are subscribed to the Google Groups > "modwsgi" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] > <mailto:[email protected]>. > To post to this group, send email to [email protected] > <mailto:[email protected]>. > Visit this group at https://groups.google.com/group/modwsgi > <https://groups.google.com/group/modwsgi>. > For more options, visit https://groups.google.com/d/optout > <https://groups.google.com/d/optout>. -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/modwsgi. For more options, visit https://groups.google.com/d/optout.
