Permission denied - nginx and uwsgi socket
I think you just need to change your socket file to 666(664 is ok with www-data), or remove it and run uwsgi server again.
In my uwsgi.ini:
chmod-socket = 664
uid = www-data
gid = www-data
Could not start uwsgi process
The key is:
error removing unix socket, unlink(): Permission denied [core/socket.c line 198]
You (very probably) previously run a uwsgi instance as root creating the unix socket file with root permissions.
Now your instance (running instead as www) is not able to re-bind() that socket as it is not able to unlink it (no permissions)
Just remove the socket file and retry.
Cant get permissions right to run uWSGI Emperor
Did a couple things to make this work:
sudo chown -R ccadmin:www-data /home/ccadmin/
sudo chmod -R 774 /home/ccadmin/
Now the emperor has access to the uwsgi binary and all is good!
I am curious if the above is a security problem, though, not knowing much about linux.
Nginx+uWsgi+Django 'Permission denied while connecting to upstream' (socket)
If your nginx server can't access uWSGI socket, try to fulfill following steps:
don't put your socked in home directory of any user in your system, especially root! Some of unix operating systems are blocking by default access to home directory for anyone except owner of that directory and root. Adding nginx user to private group of that user (for most of systems, each user has it's own, main group) can help with that, but it will almost never work for root.
check on what user and group your nginx server (or any other http server that you're using) runs. Sometimes is
www-data
, sometimesnginx
, sometimes something other. When creating socket, make sure that username will match username on which uWSGI server runs and group name match group on uWSGI runs (or you can swap it).Check that your socket's permissions are at least 660. There is no need to give permissions to it for anyone, so don't do that.
Check that both your nginx and uWSGI have permission to access directory on which socket is put, and all parent directories.
Good place for your socket's file is /var/run
directory (for some systems it is /run
or both). It is most often mounted as ramdisk (tmpfs) and it is write'able for anyone in system, so every user can create sockets here (and access them). If it's for some reason not accessible in your system, you can also try /tmp
directory.
If you're also serving static files directly from nginx from your home directory, consider adding nginx to your personal group, so it will have read access to your home directory and static files.
Can only run uwsgi with root
Ok, after the later edit i checked the directories and the socket directory didnt exist (anymore); i think it had to do with the original apt-get install versus my later pip install... still have the issue with the python plugin but will check if it's necessary for nginx or if it will work without it... 8 hours of work over a reset, d'oh ;)
@bearrito:
In the end I put the socket in the tmp directory to avoid rights issues:
<uwsgi>
<uid>www-data</uid>
<gid>www-data</gid>
<plugin>python</plugin>
<socket>/tmp/li.socket</socket>
<chmod-socket>666</chmod-socket>
<chdir>/srv/www/li</chdir>
<pythonpath>/srv/www/li</pythonpath>
<virtualenv>/srv/www/li/venv</virtualenv>
<module>li</module>
<wsgi-file>/srv/www/li/li.py</wsgi-file>
<callable>app</callable>
<master/>
<processes>2</processes>
<pidfile>/tmp/li.pid</pidfile>
<harakiri>120</harakiri>
<reload-mercy>8</reload-mercy>
<cpu-affinity>1</cpu-affinity>
<stats>/tmp/stats.socket</stats>
<max-requests>2000</max-requests>
<limit-as>2048</limit-as>
<reload-on-as>2048</reload-on-as>
<reload-on-rss>1024</reload-on-rss>
<no-orphans/>
<vacuum/>
</uwsgi>
I hope this helps!
Related Topics
What Is File Hole and How Can It Be Used
Print Kernel's Page Table Entries
Magento Apache Configuration (App/Etc/Local.Xml Accessible Warning)
Rename Multiple Directories Matching Pattern
How to Run Elasticsearch 2.1.1 as Root User in Linux MAChine
How to Set Up My Linux X Terminal So That Emacs Has Access to 256 Colors
Count Files and Directories Using Shell Script
Mapping Physical Addresses to Virtual Address Linux
What Are the Possible List of Linux Bash Shell Injection Commands
Newbie on Debian and Trying to Make Java 7 the Default Java Version Used
How to Trace Per-File Io Operations in Linux
Shifting from Windows to *Nix Programming Platform
How to Prefill Command Line Input
Arm Linux Atags VS Device Tree
Search Ms Word Files in a Directory for Specific Content in Linux
Changing the PHPmyadmin Default Url
Linux Mail < File.Log Has Content-Type: Application/Octet-Stream (A Noname Attachment in Gmail)