I'm trying to create a file inside a Django project on Amazon ElasticBeanstalk WebServer Environment. However it gives me a Permission Denied error.
Here is the error.
Traceback (most recent call last):
File "/opt/python/current/app/foo/boo.py", line 25, in create_file
input_file = open(input_filename, "w")
IOError: [Errno 13] Permission denied: 'testing.txt'
Thanks in advance!
If you want to create file on ElasticBeanstalk, you can, but you shouldn't, you have to use the amazon S3 service for that, with boto3.
But if it's just for a test you can add permisson with the .ebextensions file :
.ebextensions/instance.config
container_commands:
# Permisson on deploy command
0.0.0.files.chmod.ondeck:
command: "chmod u+xwr -R /opt/python/ondeck/app"
# Permisson on run dir
0.0.1.files.chmod.run:
command: "chmod u+xwr -R /opt/python/current/app"
I suggest you to create a folder in your app just for that. Than you can XX_permissions.config in your .ebextensions folder.
container_commands:
01_change_my_folder_permissions:
command: "mkdir -p /opt/python/current/app/my_folder; chmod 777 -R /opt/python/current/app/my_folder"
The command create the folder if doesn't exists and set the permissions. Just verify that your instance got the right permissions connecting directly using the ssh. Run the eb ssh [name-of-your-env] and check if the permission are ok:
ls -l /opt/python/current/app/
You should see your folder with a permission like drwxrwxrwx in the list.
Related
I have a Laravel app running on ubuntu 22.0.4. Inside one of my controllers I try to run a python script using shell_exec():
$output = shell_exec("python3 /home/ubuntu/test.py 2>&1");
Log::debug($output);
But the script is not executed and inside my log file I get:
"python3: can't open file '/home/ubuntu/test.py': [Errno 13] Permission denied"
I have set the permission for test.py to 777, and I have tried:
sudo chown ubuntu:www-data test.py
and also,
sudo chown ubuntu:ubuntu test.py
But still the same error. I have other projects running on ubuntu 20.0.4 with the same Laravel structure and logic in which I can execute the same python script (test.py) without any problem. But, for this specific case which I am using ubuntu 22.0.4, I am facing this problem. Also, same as other projects, I used pip3 to install python3.
part of my python script is as below
panda_dataframe.to_csv("myfile.csv")
The code is working fine in my Dev System.
I have deployed it in EC2 - Ubuntu. The above statement return Server Error (500)
I have also tried with
panda_dataframe.to_csv("/usr/share/myfile.csv")
But the same error.
Error.log has the below error.
PermissionError: [Errno 13] Permission denied: '/usr/share/myfile.csv'
I have tried with setting the below permisions
sudo setfacl -m u:www-data:rw /var/www/sitefolder/myfile.csv
sudo setfacl -m g:www-data:rw /var/www/sitefolder/myfile.csv
Guide me what is the permission I have to assign to write the dataframe into a csv file
Your working directory is /usr/share, and saving/deleting/copy/move actions in /user directory requires sudo privileges. so first check you user directory by executing echo $HOME. say the result is /home/amir. now save you data frame as:
panda_dataframe.to_csv("/home/amir/myfile.csv")
I am trying to run the following command in docker-composer, to start project with django-admin:
docker-compose run app sh -c "django-admin startproject app ."
This produces the error:
Traceback (most recent call last):
File "/usr/local/bin/django-admin", line 10, in <module>
sys.exit(execute_from_command_line())
File "/usr/local/lib/python3.7/site-packages/django/core/management/__init__.py", line 381, in execute_from_command_line
utility.execute()
File "/usr/local/lib/python3.7/site-packages/django/core/management/__init__.py", line 375, in execute
self.fetch_command(subcommand).run_from_argv(self.argv)
File "/usr/local/lib/python3.7/site-packages/django/core/management/base.py", line 323, in run_from_argv
self.execute(*args, **cmd_options)
File "/usr/local/lib/python3.7/site-packages/django/core/management/base.py", line 364, in execute
output = self.handle(*args, **options)
File "/usr/local/lib/python3.7/site-packages/django/core/management/commands/startproject.py", line 20, in handle
super().handle('project', project_name, target, **options)
File "/usr/local/lib/python3.7/site-packages/django/core/management/templates.py", line 155, in handle
with open(new_path, 'w', encoding='utf-8') as new_file:
PermissionError: [Errno 13] Permission denied: '/manage.py'
The Dockerfile is as follows:
FROM python:3.7-alpine
MAINTAINER anubrij chandra
ENV PYTHONUNBUFFERED 1
COPY ./requirements.txt /requirements.txt
RUN pip install -r /requirements.txt
RUN mkdir /app
COPY ./app /app
RUN adduser -D dockuser
USER dockuser
My docker-compose.yml:
version: "3"
services:
app:
build:
context: .
ports:
- "8000:8000"
volumes:
- ./app:/app
command: >
sh -c "python manage.py runserver 0.0.0.0:8000"
I applied the solution suggested in this Stack Overflow thread, but it didn't work.
I'm using Ubuntu 18.04.
ubuntu 21.04
I got here searching for PermissionError: [Errno 13] Permission denied: so i'll just leave this here.
note: the below answer doesn't work for multi user systems ... see this answer instead for another possible solution
If you want to set it and forget it for 1 user, your own user ... here's what I have on my dev machine.
I didn't own the unix socket, so I chowned it. ( this got it working straight away )
sudo chown $(whoami):$(whoami) /var/run/docker.sock
Another, more permanent solution for your dev environment, is to modify the user ownership of the unix socket creation. This will give your user the ownership, so it'll stick between restarts:
sudo nano /etc/systemd/system/sockets.target.wants/docker.socket
docker.socket:
[Unit]
Description=Docker Socket for the API
[Socket]
ListenStream=/var/run/docker.sock
SocketMode=0660
SocketUser=YOUR_USERNAME_HERE
SocketGroup=docker
[Install]
WantedBy=sockets.target
Again another less hacky solution: https://stackoverflow.com/a/70124863/2026508
In your dockerfile, you are pointing to a new user dockuser.
RUN adduser -D dockuser
USER dockuser
Hence your container will start with user dockuser which does not seem to have proper permissions to run /manage.py.
You can either
remove the above mentioned lines where you create and point to
dockuser.
OR
provide appropriate permissions to user dockuser using chown and chmod commands in your dockerfile for /manage.py file.
I have answered such similar question here.
I had the same issue and solved it by adding my user to the docker group:
$ sudo usermod -aG docker $(whoami)
add this to your Dockerfile after RUN adduser -D dockuser:
RUN chown dockuser:dockuser -R /app/
and why you COPYthe files if you already mount them ?
if you want to keep the mount , you need to add rw persmission on the folder on the HOST system not on the Container
If you're on mac this might work for you.
After 4 days of troubleshooting this error (and other strange errors) I found out that I needed to fix dockers permissions in my file system. To do this go to:
System Preferences -> Security & Privacy -> Privacy tab -> Full Disk Access (on the left, somewhere in the list) -> Click on the + -> Docker application
Terribly frustrating problem to debug, hope it helps.
The Dockerfile that I was using was in the shared directory of my virtual machine (VirtualBox). Therefore, my issue was related to the default permission of this directory (UID=root, GID=vboxdf). I had to change it to my current user to properly run my container.
See https://superuser.com/a/640028/1655184 for a description on how to change the owner.
For me it was a WSL2 / Docker-Desktop setup issue on Windows.
What was missing was to explicitly enable the WSL distro: Docker Desktp Settings > Resources > WSL Integration > enable your distro
Then re-open WSL shell.
Before I could not even do docker run hello-world but also had a very similar error message as the OP when running docker-compose.
adding path to app like '/home/user/app:/app' in docker-compose instead of just '.:/app' resolved my problem
For ubuntu, just add sudo to your command and run as root to get the permissions.
sudo docker-compose run app sh -c "django-admin startproject app ."
I have a small service written in Python 3 which uses pysftp:
with pysftp.Connection(
host=host,
username=connection_data["user"],
port=connection_data["port"], log=log_file, cnopts=cnopts
) as srv:
…
and when I run it (python3 pythonprog.py) I get the following error:
PermissionError: [Errno 13] Permission denied: '/mydisk/folder/logs/pysftp-20181127-231208.log'
Obviously, I don't get this error if I run it with sudo python3 pythonprog.py.
I checked the permissions for this folder:
ls -l
drwxrwxrwx+ 2 myuser myuser 4096 Nov 27 22:38 logs
I also changed ACL with setfacl. Basically, whatever I do the error is still there. How can I grant this permission?
The service is running as someone -- that someone needs permission to write to that file or folder. This is not a code problem, its a permission problem. sudo is not the solution to running the code. I'm taking it that it is running as you? Can you write to that file/folder?
I am running the following command from my home directory:
python -m CGIHTTPServer
This runs the server, but when I try to access a script in the cgi-bin directory I get:
Traceback (most recent call last):
File "/usr/lib/python2.7/CGIHTTPServer.py", line 251, in run_cgi
os.execve(scriptfile, args, env)
OSError: [Errno 13] Permission denied
Running as root does not make a difference. The files seem to have all the right permissions:
student#bandersnatch:~$ ls -lhR
.:
total 12K
drwxr-xr-x 2 student student 4.0K Jun 13 18:38 cgi-bin
drwxr--r-- 2 student student 4.0K Jun 10 2004 kalpy
-rwxrwxrwx 1 student student 2.0K Jun 13 12:37 test.html
./cgi-bin:
total 8.0K
-rwxr-xr-x 1 student student 31 Jun 13 18:38 test.py
Edit: The content of test.py is:
#!/usr/bin/python
print "test"
The shebang is valid:
~$ which python
/usr/bin/python
Are you, by any chance, running the process as root?
If you use the source, you will see in CGIHTTPServer.py, just before calling execve:
try:
os.setuid(nobody)
except os.error:
pass
That is, it will run the CGI script as nobody, if it is able to change the UID, that is if it is root. If it is not root, this call will most likely fail, and pass on.
So my guess is that you are running the server as root, so the script is run as nobody, but this user doesn't have access to the script. Which is expected, as you say that it is in your home dir.
Two solutions that I can think of:
The recommended: do not run the server as root!
The workaround: copy the script to a directory where nobody can read it (/tmp for example).
Personally, unless there's some reason I'm unaware of, I'd recommend using subprocess.Popen instead of os.execve. I have run into Errno 13 before, trying to start a .app with Popen(['open execName.app']). I had to use Popen(['execName.app/Contents/MacOS/execName', 'arg1', 'arg2'...]) instead. Don't know if that helps, but give it a shot.
I ran into the same problem from ubuntu Linux.
Followed the solution by "Mike", with modification.
Instead doing chmod of the "/usr" which has several folders, change the permissions of the folder containing executable file that was denied. (you can check that server would run fine when loading a static html file in the same location, and shows error only when script is run).
cd /pathto/folder/with/deniedscript
sudo chmod -R 755 ./
Now the script has permission, so should run fine.
Note that -R gives the permission to all files in this folder(and subfolders if any).
When running on Windows the files run right out of the command prompts.
For Linux and Windows users that's not the case!
I get the following error:
Traceback (most recent call last): File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/http/server.py", line 1158, in run_cgi os.execve(scriptfile, args, env) PermissionError: [Errno 13] Permission denied:
You'll need to the following to resolve these issues:
For Linux Users:
1) Ensure shebang is adjusted for Python 3 running on Linux and Mac OSX systems:
#!/usr/bin/env python3
2) Since the original executable files were written on windows they'll have hidden '\r' in the files that must be removed. Here are three possible ways:
a) In terminal command line type: tr -d ‘\r’ < input file name > output file name (just rename the output file a new name --> erase old file --> then rechange output filename back to original)
b) In terminal command line type: cat inputfile | col -b > outputfile (just rename the output file a new name --> erase old file --> then rechange output filename back to original)
c) Download dos2unix, then type in terminal command line: dos2unix input file name
3) Make file executable:
In terminal command line type:
a) chmod 755 filename
or
b) chmod +x filename
or
chmod a+x filename
For Mac OSX users it's almost the same:
Repeat step 1) from Linux
Repeat step 2) from Linux
For step 3 things change:
Based on the apache.org wiki page: https://wiki.apache.org/httpd/13PermissionDenied
It says that you have to make every executable from file location traversing all the away up to the /Users root directory.
You'll have to do the following.
3) In terminal command line:
a) type command: `cd /Users`
b) type command: `sudo chmod -R 755`
Now you can run your server .py file via:
sudo webserver.py
and the input file via normal:
python3 inputfile.py
Now you should be all good to go with no more permission errors! You can make necessary adjustments to shebang and command line if running python 2.