Honestly I have no idea, I just remembered that someone had issue with capabilities, but that was triggered by reload. I suggested to check that topic since something similar might happen with tyrant mode. I'm sure that Roberto will have better understanding of this.
2014-03-31 20:41 GMT+02:00 Jason Swindle <[email protected]>: > Howdy, > > I had to do: > > # setcap cap_net_bind_service=+ep /usr/local/bin/uwsgi > > But now it works! Thanks you! This either is a bug, or something that > we need to update the docs on. What say you Roberto De Ioris and Łukasz > Mierzwa? > > Thanks!, > Jason Swindle, > > > From: Łukasz Mierzwa <[email protected]> > Reply-To: uWSGI developers and users list <[email protected]> > Date: Monday, March 31, 2014 at 1:29 PM > To: uWSGI developers and users list <[email protected]> > Subject: Re: [uWSGI] HTTP Port 80 for Vassal help.... > > is this in any way related to > http://lists.unbit.it/pipermail/uwsgi/2014-March/007134.html ?? > > > 2014-03-31 20:21 GMT+02:00 Jason Swindle <[email protected]>: > >> Howdy all!, >> >> I am having one heck of a time making an vassal in tyrant emperor mode >> using net_bind_service bind to port 80. I keep getting "bind(): Permission >> denied [core/socket.c line 759]” no matter what I try. Below is my uWSGI >> config and vassal config. Thanks! >> >> Jason Swindle >> >> *:: uWSGI ::* >> >> uwsgi: >> ## die-on-term inverts the meanings of SIGTERM and SIGQUIT to uWSGI >> die-on-term: True >> >> ## The User ID >> uid: uwsgi >> >> ## The Group ID >> gid: www-data >> >> ## The emperor will look for applications here >> emperor: /opt/app/*/*.yaml >> >> ## Setting POSIX Capabilities to emperor. >> cap: net_bind_service,setgid,setuid >> >> ## Secure multi-user hosting >> emperor-tyrant: True >> >> *:: Vassal ::* >> >> uwsgi: >> ## Strict mode; Unknown options will trigger a fatal error. >> strict: True >> >> ## The base directory >> chdir: /opt/app/icanhaz >> >> ## When enabled, only uWSGI internal messages and errors are logged. >> disable-logging: True >> >> ## Offloading redis logging to a dedicated thread >> threaded-logger: True >> >> ## What UID to use >> uid: %n >> >> ## What GID to use >> gid: www-data >> >> ## minimum number of processes >> cheaper: 0 >> >> ## Maximum number of processes; maybe replaced with "%k". >> processes: %k >> >> ## The socket for WSGI (use the full path to be safe) >> http: :80 >> >> ## This socket can be used with uwsgitop or a monitoring agent. >> stats: :1717 >> >> ## wsgi file >> wsgi-file: %n.py >> >> ## Calling the app >> callable: app >> >> ## App's pid >> pidfile: %d%n.pid >> >> ## Enable threads >> enable-threads: True >> >> ## Run each worker in prethreaded mode with the specified number of >> threads per worker. >> threads: 2 >> >> ## Run in single interpreter mode >> single-interpreter: True >> >> ## Max request before re-cycling a processes >> max-requests: 150 >> >> ## Set the maximum time (in seconds) a worker can take to >> reload/shutdown. >> reload-mercy: 2 >> >> ## Not sure what this does...I think it does the same as >> reload-mercy. Cannot find docs on this. >> worker-reload-mercy: 31 >> >> ## Load application only in the workers >> lazy-apps: True >> >> ## Better locking >> thunder-lock: True >> >> ## Touch to reload application without touching uWSGI >> touch-chain-reload: %d%n.%e >> >> _______________________________________________ >> uWSGI mailing list >> [email protected] >> http://lists.unbit.it/cgi-bin/mailman/listinfo/uwsgi >> >> > > > -- > Łukasz Mierzwa > > _______________________________________________ > uWSGI mailing list > [email protected] > http://lists.unbit.it/cgi-bin/mailman/listinfo/uwsgi > > -- Łukasz Mierzwa
_______________________________________________ uWSGI mailing list [email protected] http://lists.unbit.it/cgi-bin/mailman/listinfo/uwsgi
