CODEWITHSUNDEEP
pythonapachecentosmod-wsgiwsgi
Fedor
Fedor

Reputation: 1444

mod_wsgi forbidden error on CentOS 5.7

I know that this question was asked millions of times, but i already spent many hours trying to configure Apache and mod_wsgi on CentOS 5.7, which it new to me. Never faced this kind of problem on Debian (Ubuntu).

I've created wsgi.conf in /etc/httpd/conf.d/ directory, containting the following lines:

LoadModule wsgi_module modules/mod_wsgi.so
WSGIPythonHome /var/xxx/env

/var/xxx/env contains virtual environment for the project.

Then I've added the following lines into /etc/httpd/conf.d/ssl.conf (yes, I need it for https, but i also tried to put it into normal virtual host).

WSGIScriptAlias /suburl /var/xxx/yyy/hello.wsgi
<Location /suburl>
  Order deny,allow
  Allow from all
</Location>

hello.wsgi contains

def application(environ, start_response):
       status = '200 OK'
       output = 'Hello World!'
       response_headers = [('Content-type', 'text/plain'),
              ('Content-Length', str(len(output)))]
       start_response(status, response_headers)
       return [output]

Here is the output of ls -l /var/xxx/

 total 16
 drwxr-xr-x 5 apache apache 4096 Feb  9 05:14 env
 drwxr-xr-x 7 apache apache 4096 Feb  9 05:41 yyy

and output of ls -l /var/xxx/yyy/

total ...
...
-rwxr-xr-x 1 apache apache  238 Feb  9 05:19 hello.wsgi
...

ps -Af | grep httpd shows 

 root      8872     1  0 07:06 ?        00:00:00 /usr/sbin/httpd
 apache    8874  8872  0 07:06 ?        00:00:00 /usr/sbin/httpd
 apache    8875  8872  0 07:06 ?        00:00:00 /usr/sbin/httpd
 apache    8876  8872  0 07:06 ?        00:00:00 /usr/sbin/httpd
 apache    8877  8872  0 07:06 ?        00:00:00 /usr/sbin/httpd
 apache    8878  8872  0 07:06 ?        00:00:00 /usr/sbin/httpd
 apache    8879  8872  0 07:06 ?        00:00:00 /usr/sbin/httpd
 apache    8880  8872  0 07:06 ?        00:00:00 /usr/sbin/httpd
 apache    8881  8872  0 07:06 ?        00:00:00 /usr/sbin/httpd
 fedor    10609  4716  0 07:16 pts/1    00:00:00 grep httpd

/var/log/httpd/ssl_error_log is full of lines like the following

[Thu Feb 09 07:06:47 2012] [error] [client 127.0.0.1] (13)Permission denied: access to /suburl denied

BUT it start Apache by calling sudo /usr/sbin/httpd hello.wsgi starts working, even though ps -Af | grep httpd shows very similar lines:

root     11442     1  3 07:21 ?        00:00:00 /usr/sbin/httpd
apache   11443 11442  0 07:21 ?        00:00:00 /usr/sbin/httpd
apache   11444 11442  0 07:21 ?        00:00:00 /usr/sbin/httpd
apache   11445 11442  0 07:21 ?        00:00:00 /usr/sbin/httpd
apache   11446 11442  0 07:21 ?        00:00:00 /usr/sbin/httpd
apache   11447 11442  0 07:21 ?        00:00:00 /usr/sbin/httpd
apache   11448 11442  0 07:21 ?        00:00:00 /usr/sbin/httpd
apache   11449 11442  0 07:21 ?        00:00:00 /usr/sbin/httpd
apache   11450 11442  0 07:21 ?        00:00:00 /usr/sbin/httpd
fedor    11453  4716  0 07:21 pts/1    00:00:00 grep httpd

Any ideas what may cause the problem and what else do i have to check?

Upvotes: 1

Views: 653

Answers (1)

Ignacio Vazquez-Abrams
Ignacio Vazquez-Abrams

Reputation: 799082

Set the appropriate SELinux file context on the files and directories. See the httpd_selinux(8) man page for details.

Upvotes: 2

Related Questions