Apache2 - WSGI file not found Issue - apache2

I run bash script file through python code. The script is located /home/myscript.sh. The script convert html to pdf and print. If I run the python program in development mode it works fine but if I run in WSGI production mode it give me error "File not found" to print. But if I give access 7777 to home directory it works fine. And I need to do this access step every time whenever machine restarted. Also it not good solution.
I search a lot and change apache2.conf file
<Directory /home/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
But still there is problem. Please help me. I used Apache 2.4.9 version. Advance thanks
Update
In /etc/apache2/apache2.conf file
"User ${APACHE_RUN_USER}" and "Group ${APACHE_RUN_GROUP}"
And in envvars it sets like
export APACHE_RUN_USER=www-data
export APACHE_RUN_GROUP=www-data
Still problem exist.

If issue is with directory
Example /home
Move the file from /home to /var/www
sudo chown www-data:www-data /var/www/filename
or
sudo chown www-data:www-data /var/www/filename
If the issue with USB port
Example
ttyUSB0
,
ttyACM0
,
ttyACM1
Write script to change the owner
#!/bin/bash
sudo chown www-data:www-data /dev/ttyACM0
Call this script from your code using subprocess.call
But allow the user www-data to run this file as sudo with out password
sudo visudo
and add the below line in the last
www-data ALL = (ALL) NOPASSWD : /var/www/filename
or
www-data ALL = (ALL) NOPASSWD : ALL

Related

File permissions issues. sudo chown -R daemon:daemon /your-path-to-wordpress

In order to get WordPress updates and other functions of WP-ADMIN to work, I ran the following command to "fix" file persmissions.
sudo chown -R daemon:daemon /your-path-to-wordpress
This worked for the admin functionality, but now I am unable upload any files via ftp with user "bitnami". I can connect but not do anything else. How do I fix this to allow both WordPress admin updates to function and keep FTP access?

Apache 2 Forbidden Access to mounted directory via sshfs

I have following problem:
I would like to give an access for my Apache to index.html which exists on my Virtual Machine created by Vagrant. Directory is mounted by SSHFS with -o allow_other option.
Used tools and versions are:
System: Linux Ubuntu 15.04
Apache: 2.4.12
Mount via SSHFS with -o allow_other
Mount process is correct because directory and file are visible in my system. I can open/modify/etc them.
But when I try to open this file via Apache then I receive
Forbidden
You don't have permission to access / on this server.
Apache/2.4.12 (Ubuntu) Server at xxx.yyy.com Port 443
Configuration for Apache:
<Directory /var/www/interscape-frontend>
Options FollowSymLinks
Order allow,deny
Allow from all
Require all granted
</Directory>
DocumentRoot /var/www/interscape-frontend
Is it possible? If yes then how? :)
Thanks in advance!
What are the permissions on the folder/files? Who owns them?
If you cd /var/www and ls -al what words come up? See an example below.
-rw-rw-r--+ 1 (owner) (group) 277 Mar 16 00:31 build.xml
The left-most stuff is owner / group / all permissions. Following that, the owner and group are indicated. If apache isn't the owner (www-data usually), a part of the group listed, or the file does not permit all to have rw or rwx, then you may encounter the problem you've described.
You can change the owner and group with the following commands, respectively:
sudo chown -R (user) /path/to/directory
sudo chown -R (user):(group) /path/to/directory
Where the -R flag indicates to do it recursively (to all sub-directories).
Also, as per the apache 2.4 upgrade guide you can remove the following from your *.conf:
Order allow,deny
Allow from all
As they only apply to apache 2.2 and under.

How to get rid off - sudo: /usr/lib/sudo/sudoers.so must be only be writable by owner sudo: fatal error, unable to load plugins

I am trying to configure apache2 with cgi (python). For that, I have to change permissions of some folders and files but I am getting sudo fatal errors every time I try to change permission of a file or a Folder.
For Example:
1
j#ubuntu:/etc/apache2$ ls
apache2.conf envvars magic mods-enabled sites-available
conf.d httpd.conf mods-available ports.conf sites-enabled
j#ubuntu:/etc/apache2$ sudo chmod 777 httpd.conf
sudo: /usr/lib/sudo/sudoers.so must be only be writable by owner
sudo: fatal error, unable to load plugins
...................................................................................
2
j#ubuntu:/usr/lib/cgi-bin$ sudo /etc/init.d/apache2 restart
sudo: /usr/lib/sudo/sudoers.so must be only be writable by owner
sudo: fatal error, unable to load plugins
...................................................................................
3
j#ubuntu:/usr/lib$ sudo chmod -R 777 /usr/lib/cgi-bin
sudo: /usr/lib/sudo/sudoers.so must be only be writable by owner
sudo: fatal error, unable to load plugins
...................................................................................
Note:
j#ubuntu:/etc/apache2$ ls -l /usr/lib/sudo/sudoers.so
-rwxrwxrwx 1 root root 177452 Jan 31 2012 /usr/lib/sudo/sudoers.so
Any help would be highly appreciated !
If you have docker installed on your host, you can leverage its permission vulnerabilities on volumes to solve this issue.
Run
docker run -it -v /usr/lib/sudo:/tmp ubuntu:xenial
Once inside the container, being the root user there, you can:
cd /tmp
chown root sudoers.so or chmod 644 sudoers.so depending on the exact issue
It's not a really clean solution but it solves the issue.
You have to login to root shell to resolve this sudoers.so permission issue. If you have root account login, directly login to root shell otherwise search something like "How do I boot into a root shell" or "Drop to root shell prompt". If you use Ubuntu you can follow this link https://askubuntu.com/questions/92556/how-do-i-boot-into-a-root-shell.
Once you are in root shell change the permission of the file /usr/lib/sudo/sudoers.so to
#chmod 644 /usr/lib/sudo/sudoers.so
for OSX, there is diskutil command to repair disk permissions:
diskutil resetUserPermissions / `id -u`
it will take a while :( ... you might first try to open script editor, create new script and execute:
do shell script "chown -R root /usr/local/libexec/sudo/sudoers.so" with administrator privileges
if that does not work, the repairpermission should do the trick.
Please try to login as a root user and change the file permission for the directory as
chmod 700 /usr/lib/sudo/sudoers.so then it will solve your problem.
It worked for me!
Try this:
pkexec chmod go-w /usr/lib/sudo/sudoers.so

Is There Any Location Specific in Apache2

I'm using Apache2 running on Ubuntu-12.04 machine and I run my files through apache2 pointing to my folder in the local file system like
$ cd etc/apache2/
$ vi sites-enabled/000-default
And I change the location pointing to my folders in
DocumentRoot /home/user/foo/
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /home/user/foo/>
What is the default location of Apache2 web root where if I would just copy my files the Apache server would pick it. For running hundreds of files through Apache2 each and every time I keep doing the above steps of changing the location manually. Is there any other best way of doing it.
It would be great if anyone could help me out.
If do an ls -l inside /etc/apache2/sites-enabled/ you'll see that 000-default is a symlink to /etc/apache2/sites-available/. The idea being that you create site definition files in sites-enabled, then symlink to them from sites-available... making it very simple to enable and disable sites as needed.
In fact, Ubuntu provides the a2ensite command to enable sites, and a2dissite to disable sites. This means all you have to do is create the vhost file in sites-available, then run a2ensite to enable it.
Take a look at https://help.ubuntu.com/12.04/serverguide/httpd.html for more details.

DatabaseError unable to open database file

My sqlite db file is this: unable to open database file i chowned all folders until my dbfile to root. but i am still getting this error. but i remember that while creating my django project on server, i created a superuser, and now if i do ls -l i see that the user is that superuser. how is it possible to tell apache that this superuser should have that right to write/read the db file? or how to solve the problem, i am not apache/linux guru..
Execute chown www-data:www-data directory on the directory you want apache to be able to write to.
You should be able to just leave the file as owned by the super user and just change the group so that apache can read/write it as well.
Change the group for the sqlite file and the containing directory. Try this:
cd <directory with sqlite file>
sudo chgrp www-data . <sqlitefile>
You can find write group and www user and change permissions.
Say: cat /etc/passwd - for find right user, It may be apache or http or www.
And say to terminal: cat /etc/group -for find right group.
In my system group=apache, user = apache.

Resources