【问题标题】:Can't write to a file that I own and is marked as writeable?无法写入我拥有并标记为可写的文件?
【发布时间】:2015-11-27 17:03:54
【问题描述】:

我正在开发 Debian Jessie。作为用户opuser,我创建了一个文件并拥有它:

opuser@mymachine: $ ls -lash /webapps/myapp/run/gunicorn.sock
0 srwxrwxrwx 1 opuser webapps 0 Sep  1 18:50 /webapps/myapp/run/gunicorn.sock

现在如果我尝试打开文件进行写入:

opuser@mymachine: $ vi /webapps/myapp/run/gunicorn.sock

vi 在底部显示错误:"~/run/gunicorn.sock" [Permission Denied]

为什么我拥有的文件不能打开写入,而且文件权限显示它是全局可写的?

更新:

该文件是通过运行 gunicorn 创建的,我调试它的原因是 gunicorn 用户也无法写入:

gunicorn openprescribing.wsgi:application --name myapp_prod --workers 3 --bind=unix:/webapps/webapps/run/gunicorn.sock --user opuser --group webapps --log-level=debug

这是完整的错误:

[2015-09-01 11:18:36 +0000] [9439] [DEBUG] Current configuration:
  proxy_protocol: False
  worker_connections: 1000
  statsd_host: None
  max_requests_jitter: 0
  post_fork: <function post_fork at 0x7efebefd2230>
  pythonpath: None
  enable_stdio_inheritance: False
  worker_class: sync
  ssl_version: 3
  suppress_ragged_eofs: True
  syslog: False
  syslog_facility: user
  when_ready: <function when_ready at 0x7efebefc6ed8>
  pre_fork: <function pre_fork at 0x7efebefd20c8>
  cert_reqs: 0
  preload_app: False
  keepalive: 2
  accesslog: None
  group: 999
  graceful_timeout: 30
  do_handshake_on_connect: False
  spew: False
  workers: 3
  proc_name: myapp_prod
  sendfile: True
  pidfile: None
  umask: 0
  on_reload: <function on_reload at 0x7efebefc6d70>
  pre_exec: <function pre_exec at 0x7efebefd27d0>
  worker_tmp_dir: None
  post_worker_init: <function post_worker_init at 0x7efebefd2398>
  limit_request_fields: 100
  on_exit: <function on_exit at 0x7efebefd2e60>
  config: None
  secure_scheme_headers: {'X-FORWARDED-PROTOCOL': 'ssl', 'X-FORWARDED-PROTO': 'https', 'X-FORWARDED-SSL': 'on'}
  proxy_allow_ips: ['127.0.0.1']
  pre_request: <function pre_request at 0x7efebefd2938>
  post_request: <function post_request at 0x7efebefd2a28>
  user: 999
  forwarded_allow_ips: ['127.0.0.1']
  worker_int: <function worker_int at 0x7efebefd2500>
  threads: 1
  max_requests: 0
  limit_request_line: 4094
  access_log_format: %(h)s %(l)s %(u)s %(t)s "%(r)s" %(s)s %(b)s "%(f)s" "%(a)s"
  certfile: None
  worker_exit: <function worker_exit at 0x7efebefd2b90>
  chdir: /webapps/myapp/myapp
  paste: None
  default_proc_name: myapp.wsgi:application
  errorlog: -
  loglevel: debug
  logconfig: None
  syslog_addr: udp://localhost:514
  syslog_prefix: None
  daemon: False
  ciphers: TLSv1
  on_starting: <function on_starting at 0x7efebefc6c08>
  worker_abort: <function worker_abort at 0x7efebefd2668>
  bind: ['unix:/webapps/myapp/run/gunicorn.sock']
  raw_env: []
  reload: False
  check_config: False
  limit_request_field_size: 8190
  nworkers_changed: <function nworkers_changed at 0x7efebefd2cf8>
  timeout: 30
  ca_certs: None
  django_settings: None
  tmp_upload_dir: None
  keyfile: None
  backlog: 2048
  logger_class: gunicorn.glogging.Logger
  statsd_prefix:
[2015-09-01 11:18:36 +0000] [9439] [INFO] Starting gunicorn 19.3.0
Traceback (most recent call last):
  File "/home/anna/.virtualenvs/myapp/bin/gunicorn", line 11, in <module>
    sys.exit(run())
  File "/home/anna/.virtualenvs/myapp/local/lib/python2.7/site-packages/gunicorn/app/wsgiapp.py", line 74, in run
    WSGIApplication("%(prog)s [OPTIONS] [APP_MODULE]").run()
  File "/home/anna/.virtualenvs/myapp/local/lib/python2.7/site-packages/gunicorn/app/base.py", line 189, in run
    super(Application, self).run()
  File "/home/anna/.virtualenvs/myapp/local/lib/python2.7/site-packages/gunicorn/app/base.py", line 72, in run
    Arbiter(self).run()
  File "/home/anna/.virtualenvs/myapp/local/lib/python2.7/site-packages/gunicorn/arbiter.py", line 171, in run
    self.start()
  File "/home/anna/.virtualenvs/myapp/local/lib/python2.7/site-packages/gunicorn/arbiter.py", line 130, in start
    self.LISTENERS = create_sockets(self.cfg, self.log)
  File "/home/anna/.virtualenvs/myapp/local/lib/python2.7/site-packages/gunicorn/sock.py", line 211, in create_sockets
    sock = sock_type(addr, conf, log)
  File "/home/anna/.virtualenvs/myapp/local/lib/python2.7/site-packages/gunicorn/sock.py", line 104, in __init__
    os.remove(addr)
OSError: [Errno 13] Permission denied: '/webapps/myapp/run/gunicorn.sock'

【问题讨论】:

  • 你知道你有两条不同的路径吗?
  • 对不起,这只是一个错字!已编辑。
  • 而用户的主目录真的是/webapps/myapp?
  • @arkascha 是 - $ eval echo ~$opuser 产生 /webapps/myapp
  • @Richard:gunicorn.sock 是一个套接字是否正常?谁创造了它?

标签: linux debian file-permissions


【解决方案1】:

您的文件类型是套接字。它被读取一次/写入一次。不确定您是否可以使用常规文本编辑器打开它。

【讨论】:

  • 谢谢,这就解释了为什么我无法在 vi 中打开它。我正在尝试的原因是 gunicorn 用户也无法写入它 - 请参阅更新的问题。知道如何调试 gunicorn 的情况吗?
【解决方案2】:

您尝试打开的节点是一个套接字。更准确地说是一个 unix 域套接字(权限标志中的 s 表示这一点)。套接字不是open(2)ed 正常方式(这就是vi(1) 失败的原因。)它们必须通过socket(PF_UNIX, ...) 系统调用(参见unix(7))获取,然后bind(2)ed 到正确的路径中文件系统(这就是使它们出现在文件系统层次结构中的原因)。

一旦你有一个这样的套接字工作,你必须connect(2)它到另一个套接字(或accept(2),因为它已经绑定到一个文件系统节点)以允许从一个套接字到另一个套接字的通信流.

有关套接字 API 编程(和 UNIX 域套接字)的介绍,请阅读著名的 R.W.Stevens 书Unix 网络编程,第 1 卷:套接字网络 API(第 3 版)

【讨论】:

    猜你喜欢
    • 2021-06-21
    • 1970-01-01
    • 2018-02-22
    • 1970-01-01
    • 1970-01-01
    • 2018-02-26
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多