Willem D'Haeseleer Willem D'Haeseleer - 6 days ago 5
Apache Configuration Question

Trying to set up flask with mod_wsgi

I'm trying to set up flask with

mod_wsgi
but I keep getting following error

(13)Permission denied: access to / denied (filesystem path '/home/ec2-user/myapp') because search permissions are missing on a component of the path


test is a valid route in the flask app.

This is my
myapp.conf
file in the
/etc/httpd/conf.d
folder

WSGIRestrictStdout Off
<VirtualHost *>
ServerName somewhere.compute-1.amazonaws.com

WSGIDaemonProcess flaskapp user=ec2-user group=ec2-user threads=5
WSGIScriptAlias / /home/ec2-user/myapp/myapp.wsgi

<Directory /home/ec2-user/myapp>
WSGIProcessGroup flaskapp
WSGIApplicationGroup %{GLOBAL}
Order deny,allow
Allow from all
</Directory>
LogLevel notice
</VirtualHost>


This is
Apache/2.2.26
with
python 2.6.8


I am not using virtualenv.

When i start apache i see this as notice in the error_log

[Mon Feb 10 14:33:00 2014] [notice] Apache/2.2.26 (Unix) DAV/2 mod_wsgi/3.2 Python/2.6.8 configured -- resuming normal operations


This is my
myapp.wsgi
file

from flask import Flask
application = Flask(__name__)

@application.route("/")
def hello():
return "Hello World!"

if __name__ == "__main__":
application.run(host='0.0.0.0', port=80)


running just
python myapp.wsgi
works fine

The error seems to tell me i should change some permissions on some folder, but I have no idea what folder.

Answer

You should check out the Apache docs for 13PermissionDenied and make sure that you set the correct permissions for your folder.

chmod 755 /home/ec2-user/myapp/

You can also:

cd /home/ec2-user/
ls -la 

Which will output every file and the owner:group and permissions for each user group of your folder. Look for anything out of the ordinary.

From the WSGIDaemonProcess docs:

user=name | user=#uid.rst

Defines the UNIX user name or numeric user uid of the user that the daemon processes should be run as. If this option is not supplied the daemon processes will be run as the same user that Apache would run child processes and as defined by the User directive.

Note that this option is ignored if Apache wasn’t started as the root user, in which case no matter what the settings, the daemon processes will be run as the user that Apache was started as.

If you're running your user as apache it will not be running as ec2-user and the apache user must have access to all subdirectories and the containing folder /home/ec2-user/.

You could move to /var/www/, chown to user apache and run from there so you don't have to move the permissions of the ec2-users home directory.

Comments