Hi,
I have tried to understand the prior problems -- sorry, I can't figure it
out from the priors. I'm a newbie to mod_wsgi and Apache trying to create a
python server. I'm self-taught but totally stuck... thanks guys, at a dead
end. It is something I am clueless about.
---------------------------------------
*** This is the guts of the config.d file:
Listen 80
<VirtualHost *:80>
DocumentRoot "/var/www/jsss/html"
ServerName localhost:80
WSGIDaemonProcess jsss processes=1 threads=1 display-name=%{GROUP}
user=apache group=apache
WSGIProcessGroup jsss
WSGIScriptAlias / /var/www/jsss/jsss.wsgi
<Directory /var/www/jsss/>
Options All
Require all granted
</Directory>
</VirtualHost>
---------------------------------------------------------------
*** This is my main program, a single line, called from Apache, jsss_wsgi:
from jsss_flask_rest import app as application
---------------------------------------------------------------
*** this is the jsss_flask_rest program called from the single line
jsss_wsgi:
from flask import Flask, request
from flask_restful import Resource, Api
import subprocess
import sys
import base64
import os
import getpass
app = Flask(__name__)
api = Api(app)
class jsss(Resource):
def get(self):
f = open("/var/www/jsss/openme","r+") <<<--- dies right here
username = getpass.getuser()
stdout_data = username
return {"output>": stdout_data}
api.add_resource(jsss, '/jsss')
if __name__ == '__main__':
app.run
---------------------------------------------------------------
*** these are the permissions I set up for the test "openme" file. The
apache should have read access to root.
-rwxrwxrwx. 1 apache apache 4 Apr 26 20:35 openme
---------------------------------------------------------------
*** error from apache:
File "/usr/lib64/python3.6/site-packages/jsss_flask_rest.py", line 17, in
get
[Sun Apr 26 22:01:31.063590 2020] [wsgi:error] [pid 14886:tid
140318833870592] [remote ::1:37856] f =
open("/var/www/jsss/openme","r+")
[Sun Apr 26 22:01:31.063592 2020] [wsgi:error] [pid 14886:tid
140318833870592] [remote ::1:37856] PermissionError: [Errno 13] Permission
denied: '/var/www/jsss/openme'
-----------------------------------------------------------
*** error from Linux:
22:01:34 setroubleshootd: SELinux is preventing /usr/sbin/httpd from write
access on the file openme.
***** Plugin httpd_write_content (92.2 confidence) suggests
***************
If you want to allow httpd to have write access on the openme file
Then you need to change the label on 'openme'
Do
# semanage fcontext -a -t httpd_sys_rw_content_t 'openme'
# restorecon -v 'openme'
***** Plugin catchall_boolean (7.83 confidence) suggests
******************
If you want to allow httpd to unified
Then you must tell SELinux about this by enabling the 'httpd_unified'
boolean.
Do
setsebool -P httpd_unified 1
***** Plugin catchall (1.41 confidence) suggests
**************************
If you believe that httpd should be allowed write access on the openme file
by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'httpd' --raw | audit2allow -M my-httpd
# semodule -X 300 -i my-httpd.pp
--
You received this message because you are subscribed to the Google Groups
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/modwsgi/902c645a-05ca-4dc3-9f0c-51786ea3a668%40googlegroups.com.
