[Django]-Permission Denied when writing log file


You need to fix permissions with the chmod command, like this: chmod 775 /home/shwetanka/logs/mysite/mysite.log.

Take a look at the owner of the file with ls -l /home/shwetanka/logs/mysite/mysite.log and make it writable to uwsgi. If the file isn’t owned by uwsgi, you’ll have to use the chown command.

Take a look at the username under which your service is running with ps aux | grep 'uwsgi'.

If the security isn’t so important to you at the moment, use chmod 777 /home/shwetanka/logs/mysite/mysite.log and that’s it. But that’s not the way how this is done.

The safest way to do this would be to check the owner and the group of the file and then change them if necessary and adjust the permissions accordingly.

Let’s give an example.

If I have a file in /home/shwetanka/logs/mysite/mysite.log and the command ls -l /home/shwetanka/logs/mysite/mysite.log gives the following output:

-rw-rw-r-- 1 shwetanka shwetanka 1089 Aug 26 18:15 /home/shwetanka/logs/mysite/mysite.log

it means that the owner of the file is shwetanka and the group is also shwetanka. Now let’s read the rwx bits. First group is related to the file owner, so rw- means that the file is readable and writable by the owner, readable and writeable by the group and readable by the others. You must make sure that the owner of the file is the service that’s trying to write something to it or that the file belongs to group of the service or you’ll get a permission denied error.

Now if I have a username uwsgi that’s used by the USWGI service and want the above file to be writable by that service, I have to change the owner of the file, like this:

chown uwsgi /home/shwetanka/logs/mysite/mysite.log. Since the write bit for the owner (the first rwx group) is already set to 1, that file will now be writable by the UWSGI service. For any further questions, please leave a comment.



Alternatively you can set umask option for uwsgi (http://uwsgi-docs.readthedocs.org/en/latest/Options.html#umask).

I had the same situation, I was running uwsgi via www-data and I used buildout. So this fix in my case looked like this:

recipe = buildout.recipe.uwsgi
xml-socket = /tmp/uwsgi.sock
xml-master = True
xml-chmod-socket = 666
xml-umask = 0002
xml-workers = 3
xml-env = ...
xml-wsgi-file = ...

After this log file permissions became 664, so group members of www-data group can also write into it.


Leave a comment