Your message dated Wed, 10 Feb 2021 12:53:14 +0000
with message-id <[email protected]>
and subject line Bug#982434: fixed in uwsgi 2.0.19.1-6
has caused the Debian Bug report #982434,
regarding uwsgi-emperor: Permissions on systemd runtime directory
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
982434: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982434
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: uwsgi-emperor
Version: 2.0.19.1-5
Severity: normal
X-Debbugs-Cc: [email protected]
Dear Maintainer,
it's great that a systemd service file was introduced as a result of #969372.
But when I tried to use it, I encountered a problem with permissions on
systemd runtime directory. The runtime directory /run/uwsgi is created
by the systemd with owner root:root and standard permission 0755. On the
other hand the emperor runs as www-data:www-data and so its vassals can't
create sockets in the runtime directory.
I managed to fix it by overriding the systemd service with
[Service]
Group=www-data
RuntimeDirectoryMode=0775
added to /etc/systemd/system/uwsgi-emperor.service.d/override.conf
but I'm not sure if this is the best way. This workaround works even for
tyrant mode with all vassals having the group www-data.
I suggest the systemd service file should be modified in way that will
allow vassals to create their sockets in emperor's runtime directory.
Vlastimil
-- System Information:
Debian Release: bullseye/sid
APT prefers testing
APT policy: (500, 'testing'), (90, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.8.0-2-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages uwsgi-emperor depends on:
ii uwsgi-core 2.0.19.1-5
uwsgi-emperor recommends no packages.
uwsgi-emperor suggests no packages.
-- Configuration Files:
/etc/uwsgi-emperor/emperor.ini changed:
[uwsgi]
master = true
workers = 2
no-orphans = true
log-date = true
uid = www-data
gid = www-data
emperor = /etc/uwsgi-emperor/vassals
emperor-tyrant = true
cap = setgid,setuid
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: uwsgi
Source-Version: 2.0.19.1-6
Done: Jonas Smedegaard <[email protected]>
We believe that the bug you reported is fixed in the latest version of
uwsgi, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jonas Smedegaard <[email protected]> (supplier of updated uwsgi package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 10 Feb 2021 10:15:46 +0100
Source: uwsgi
Architecture: source
Version: 2.0.19.1-6
Distribution: unstable
Urgency: medium
Maintainer: uWSGI packaging team <[email protected]>
Changed-By: Jonas Smedegaard <[email protected]>
Closes: 982434
Changes:
uwsgi (2.0.19.1-6) unstable; urgency=medium
.
* fix permissions of runtime dir in uwsgi-emperor;
closes: bug#982434, thanks to Vlastimil Zíma
Checksums-Sha1:
c566b89e176814ce16f89cb6989fc2c728ba10e7 7030 uwsgi_2.0.19.1-6.dsc
21333aaec628aeec159287a2c1c4b1442223a104 71692 uwsgi_2.0.19.1-6.debian.tar.xz
4004d622038fcd9eddf4b33ba171d48bb9dcdba4 36978 uwsgi_2.0.19.1-6_amd64.buildinfo
Checksums-Sha256:
e14e91b6e0c0b0e16237dcd954af160f24d641aba6ac89fe559a48c3b696e568 7030
uwsgi_2.0.19.1-6.dsc
5ba232ea44e31fc97bd48356a5ee631504533ad3ae30ffb762bdafa97e4b4a62 71692
uwsgi_2.0.19.1-6.debian.tar.xz
9bbb8c9fbee7747383f67afeaf705b1a6e33b2d988f26d787ccb1e784df954b1 36978
uwsgi_2.0.19.1-6_amd64.buildinfo
Files:
c5569f67cf17322908457d49e5cb0698 7030 httpd optional uwsgi_2.0.19.1-6.dsc
94f3ed59152130d143133d143057fcf2 71692 httpd optional
uwsgi_2.0.19.1-6.debian.tar.xz
5cc7eaaaa0c024438360f551f0a5a23c 36978 httpd optional
uwsgi_2.0.19.1-6_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmAj0ecACgkQLHwxRsGg
ASEZdBAAk3iH7hm3YlrZx3Kw8aDTXs1/He0QSKFj4x9hHQyiqDOgfu6/Qzx5zUXT
f2qDswKyzAzQ8BMlvJHUU1Ye0OdsJxmEmlJhwkC365t6b3ArY2Ir9nzGsvhtzuH/
V9W7N4echAdFcBMShm6V2xn5kvOhYV64zvo/ZZIEueF+lvtz8yBsOvSBJUT2a6pc
+rlTiRvY7U7xWQ0XcnooBoSSJj0lyfWi0LBXfqYzgryZp5YQ6U87q6EYaSMm3c++
GciA0eXI+hdtVkEO8sMu/832cIZT39yrze+qOMNlNlS00TJ8n+j7EbNq4s9sJTDb
zIfN/hO2/j/6MslJUcbRYrBtxlX3+eqLymlmJbl19sVk+HY+LPBh2UlpW93qe6/d
+qQ6c9s/Y5S8Af/ldCSEc5dDAAPejilvr1HLduRetqR9YTdXL+h5ICtTiX4lNxGU
GT1BVvYRHu9FmgHAmQi0/ZigYKbe0RLExOjURA27EKUgReP/CUg0jw03XuoigfYB
p2TsAX2SmRhjaDF0dmz1wF9lzQMTk/zgsRiImpYFVzYYchHvBnE192bgidJuYJsG
ywUFPvvuJa6GSd0ma8a6diyG6WAatsCfTROKoqLgVonoc1v9U1/xkBnAJan+UCvy
K9/oHh4va7b544eS481ydxqlKvAunGZs+Mk/8uFjcn3sCk8w/+k=
=KnQ7
-----END PGP SIGNATURE-----
--- End Message ---
