On Wed, Oct 18, 2017 at 7:14 PM, Jiri B <ji...@devio.us> wrote: > On Wed, Oct 18, 2017 at 06:55:32PM +0530, Ajitabh Pandey wrote: > > On Wed, Oct 18, 2017 at 1:43 PM, Jiri B <ji...@devio.us> wrote: > > > > > On Wed, Oct 18, 2017 at 01:40:06PM +0530, Ajitabh Pandey wrote: > > > > > > Can httpd access the socket? What are permissions? > > > > Here are the perms - > > > > srwxr-xr-x 1 root daemon 0 Oct 18 13:35 hello.sock > > And voila, they are wrong. How would httpd daemon be able > to write there? > > See what slowcgi, a fastcgi->cgi daemon says about socket: > > slowcgi opens a socket at /var/www/run/slowcgi.sock, owned by www:www, > with permissions 0660. It will then chroot(8) to /var/www and drop > privileges to user "www". > > See? >
Yes, I see that. Thank you very much. I will try and figure out on how do I make uwsgi create socket with specific ownership and permissions. I would hate to chroot the uwsgi because that would mean to copy python libraries in /var/www :-) Thanks again for inputs here. -- Ajitabh Pandey http://ajitabhpandey.info/